[justanother]

I knew an ex-employee back in the day (not me I swear) who created a dialup/ISDN provisioning profile called 'Ringing' in the modem rack controller module (not the Radius server, that would be too obvious), such that a glance at the modem rack status page showed everyone who was connected, and one that was 'Ringing', just like any other incoming call that hadn't been picked up yet. It went completely undetected, yielding 128Kbit ISDN service for well over a year.

Obviously I do not advise this, especially now that the CFAA has been interpreted to include things like changing URL parameters and flicking boogers on the carpet.

[nadermx]

You got a reference on the CFAA? On the contrary, I found that it was probably not a problem to change a URL parameter

"We also note that in order to be guilty of accessing “without authorization, or in excess of authorization” under New Jersey law, the Government needed to prove that Auernheimer or Spitler circumvented a code-or password-based barrier to access. See State v. Riley, 988 A.2d 1252, 1267 (N.J. Super. Ct.Law Div.2009). Although we need not resolve whether Auernheimer’s conduct involved such a breach, no evidence was advanced at trial that the account slurper ever breached any password gate or other code-based barrier. The account slurper simply accessed the publicly facing portion of the login screen and scraped information that AT&T unintentionally published."

https://law.justia.com/cases/federal/appellate-courts/ca3/13...

[justanother]

Exactly correct. Nonetheless, a prosecution was indeed brought, and the opinion you're citing is an appeal. Without the EFF's financial support, weev would not be a free man.

[3abiton]

That's one way to go. Yolo on a prank.

[KennyBlanken]

There is a massive difference between scraping unintentionally published information on a public website and cloaking your account to subvert your employer revoking access to its systems and continuing to access them when you know you're not allowed to be.

[falserum]

> cloaking your account

This seems like a bit of strech for “cloaking”. (Like wearing vaguely similar colored t-shirt as employees do)

> continuing to access them when you know you're not allowed to

This part is rock solid.

[lupire]

What happens if you put on a police costume and go policing?

Intentionally deceovit about your identity, in order to obtain access to a something of value that you are forbidden to access, is a clear crime, as it should be.

[i_am_jl]

Being deceptive about your identity during the commission of a crime is illegal?

If I dress up as a Best Buy employee and drag a television out of a loading dock and into the bed of a truck, that's definitely illegal, but I don't think it's any more illegal than if I did it in jeans and a T-shirt.

[fragmede]

Impersonating a police officer is its own charge though, so while impersonating a best buy employee isn't going to get an extra charge applied, impersonating a cop, is.

[jonathanlydall]

Reminds me a little of sneaking into a Warcraft II LAN game of 2 of my brothers by calling myself “Computer” when they were playing a co-op game against computers.

[foobiekr]

I spent months passively waiting for a former employer to evict me from Slack. It was genuinely bizarre, almost a year later I still had full access to a ton of internal channels.

They are friends, but this was not them being friendly, it was just because slack account management integration with Google Office is a dumpster fire.

[paradox460]

I've got one up on this. I kept my insurance from a past company for nearly 2 years after I got laid off. Would have rather they cancelled it, as it caused a massive headache around the time my son was born

[mooreds]

Did you notify them and ask to have it cancelled?

[vanc_cefepime]

What’s the story about cfaa and boogers? My google-fu is failing me and can’t find a reference on it.

[jonny_eh]

Simple exaggeration.