Hacker News new | ask | show | jobs
by s73ver 3245 days ago
"It's a crime of computer / network intrusion. Not a crime of property law (you can't own a record in a database as property, and therefor I can not steal your property)."

This is quite wrong; it's still considered a crime of stealing from the bank. The law does not care if you used a computer to do it instead of using dynamite to break into the safe, nor should it.

"Another way to put this is that you are using the contract in a manner how it was defined by the author."

No. If you are using an undisclosed exploit, then that is not true in the least. If you are using something that is not equally known to both parties, and equally disclosed, then it is fraud. No amount of, "you should have known better" or "you should have done your research" will help you. Take the recent case of the hack involving Etherium. It exploited something in the "smart contracts" which very few people knew existed, and, judging by the actions of the team in charge, clearly was not meant to be there. But beyond that, if the contract were to be disputed in court, one thing that would become very clear is that no rational person would be expected to believe that was the intention of both signing parties. And thus, it would be decided that the contract was fraudulent.

"If everything is decentralized and open to anyone, whose computer network are you intruding/disturbing?"

So if I forget to lock my door, then my house should be free game for everyone?
1 comments
daddyo 3244 days ago
> This is quite wrong; it's still considered a crime of stealing from the bank.

The law cares. Like I said, in many jurisdictions this was only recently amended with special clauses -- clarifying the distinction between physical and virtual goods. In some jurisdictions theft requires fraudulently taking a physical tangible good: virtual goods can not be stolen (but you can still be charged with computer intrusion). Remember also the debate about downloading a cam movie vs. stealing property of movie studios.

> If you are using something that is not equally known to both parties, and equally disclosed, then it is fraud.

But the contract is out there for both parties and their lawyers to have a look at it, before agreeing to it. If Google indexes my /admin directory because I made a typo error in our crawling contract (robots.txt), who is ultimately to blame? Judging by my actions and panic, the directory was clearly meant to be excluded. If we end up with the "smell test" in court for smart crypto contracts, we should just go back to "dumb" paper contracts and signatures.

> So if I forget to lock my door, then my house should be free game for everyone?

Non-sequitur. If you publish an article on Wikipedia then it is free game for everyone to visit it, edit it, and you can not retro-actively say: you are not supposed to be here.

link