| > Why is that so hard to grasp for technical crowds? Because laws concerning actual theft are objectively defined, and are logically consistent with themselves and other laws. Laws about 'hacking', where the crime is simply a message, not a physical action, are extremely subjective. It revolves around intent more than the action. For example: If a user goes to the website of theirbank.com and the root page is a list with all the credit card numbers of all the clients. Is he committing a crime? He used computers to get information that he shouldn't be allowed to see. Most people would say: no, he only wanted to visit the website. If I see that the bank's API has no security, am I committing a crime? If I use SQL injection to see all the users data, am I committing a crime? Most people would say that it depends on intent, but intent is extremely subjective, and IMO a pretty bad way to define laws. |