[loup-vaillant]

Note: the nature of the reported vulnerability was such that the teenager didn't even have to access the servers to do it —only change a value that was sent by his own browser.

If that was tantamount to not-breaking & entering, it means the it is okay to legally forbid step by step debugging on your own computer. That it may not be legal to inspect code from another company, even if it runs on your computer. That whatever the code decides (here, the price of the ticket), must be observed by the rest of the system (here, the price sent in the HTTP request wasn't the price decided by the web page).

The consequences of such thinking are chilling. If this is the kind of cyberpunk we're heading to, I'll seriously consider becoming a Runner.

[qb45]

On the Internet there is also the problem of remote attackers. Even if you preemptively jail all people in your jurisdiction, your system still isn't safe. It doesn't make any sense at all to call sending some malicious data to your server "breaking in" when anybody and his dog can do it from the comfort of their chair on the other side of the planet.

[etatoby]

it means that it is okay to legally forbid step by step debugging on your own computer. That it may not be legal to inspect code from another company, even if it runs on your computer. That whatever the code decides, must be observed by the rest of the system

I don't know about Hungary, but in the US the DMCA has exactly these provisions.