There's red faces at the office of the Data Protection Commissioner this morning after a blogger lifted an upcoming official report off its website and published it early. As a result, data from the Data Protection Commissioner's Annual Report was published on a local blog on Wednesday a day before its official release on …
Hacker he aint
All he did was change the URL and get access to the report before it was officially released. Not hacking per se.
Fire the help
If they are serious about such things they should fire the hired help and get professionals to handle such things.
Re: Hacker he aint
It is hacking per se, but in the proper sense of the word. Unfortunately the media has tarnished the image of the hacker by calling crackers hackers.
Nice one Damien!
From examiner.ie -> Asked yesterday at the official launch of the 2007 report if he was embarrassed by the latest incident, Mr Hawkes replied: "Not exceptionally."
Gotta love that! Nice find Damien!
for broad definitions of "hack"
From what I've been hearing, the "hacker" just tried difference values of DocID in the url http://www.dataprotection.ie/viewdoc.asp?DocID=721 on the assumption that it would be uploaded some time prior to it's "release".
It's about as exciting as a journo leaking an embargoed press release.
changing URLs - so what?
If you change the number in the URL on TPB's pages (eg from 201 to 501 I think), you can directly access the page of pawrn torrents, even though there's no direct link from the menu.
It's hardly hacking, cracking or anything remotely technical.
the page of pawrn torrents
>If you change the number in the URL on TPB's pages (eg from 201 to 501 I think), you can directly access the page of pawrn torrents, even though there's no direct link from the menu.
no, that's your home page being brought up.
May Still Be "Hacking"
I wouldn't be so smug yet if I was the blogger. Courts tend to be confused about what constitutes hacking and there's been cases before where surfers have been taken to court simply by modifying URLs. Take the case of the guy done for "hacking" because he did a a directory traversal;
The argument has been that if it's not officially linked then accessing it constitutes illegal access.
Just what was needed
now the report gets loads of attention. It's worth a glance particularly the top ten privacy issues.
Extract from foreword:
"Have we not succumbed to terror and submitted to extremism when we lose the liberty to live our lives without constant intrusion by the State in the name of security? When I consider the security measures introduced in this jurisdiction, it is sometimes difficult to avoid the conclusion that Ireland must be facing some of the starkest criminal and terrorist threats across Europe."
Couldn't agree more.
Is one too
Sure that's a hack. A real one, at that, not the silly stuff that's illegal and whatnot. It's simple, it's elegant and it does something that it wasn't supposed to do without harming anyone. Hack. Dixit.
Yes, it's a hack
A hack doesn't have to be massively complex - the best ones aren't.
Robert'); DROP TABLE Students;--
a hack is a hack
as many have already said this is a hack, not a very hard one, but still a hack.
however i would consider this as illegal as entering an unlocked house, or "stealing" wifi from an open router.
this does not however excuse the victim from their responsibility to protect their own stuff.
the blogger should get a slap on the wrist, and the chief should be fired for failing to enact better policies...
Don't boost the bloggers ego or his head will explode.
It was hardly a major security breach when it was being published the next day and doesn't warrant the publicity, nor the blogger getting interviewed on Irish Morning News Radio.
Some Irish Government / Irish Regulator sites are so badly indexed you have to do this kind of guessing all the time as web pages point to a document that is older version than the printed one they have posted you.
Definitely not innovative or unusual.
If you can be convicted...
for typing .. <enter> three times on your browser's address bar, then *this* must be hacking, cracking, or SKidding of the first order. Try that in the UK and your feet wouldn't touch the ground.
Internet laws In Ireland
Internet laws In Ireland.are you kidding! These are almost non existant, with a few loop holes (Yes, i have read the so called cyber laws).....oddly these will not be changed yet
I was reading an artical earlier today and one part has some what stuck in my head "Ireland is the Technology hub of Europe" ......that can't be right!! our cyber law's are full of more holes than swiss cheese....I recenty took a trip to a meeting hot spot for some of Irelands "hottest" hackers (i have never heard the term "hot" in the same context as script kiddies or hackers) anyway... these people gave me their opinions on Irish cyber law ... and in their own respective words " it dosnt exist... planning cyber attacks in ireland is to easy " ...... still I wouldn't be worried they're knowledge is somewhat not based on malicious attacks ... but more on security for their own systems ....