>which puts the liability on the person that does the unauthorized access
Which is almost always the person finding the bug. Most services include language that limit your ability to find vulnerabilities in their systems as part of being allowed to access their service. If you find the vulnerability without ever accessing the service you might have an out, but that also means you have to sell the exploit with less ability to convince the buyer that it is something significant.
which puts the liability on the person that does the unauthorized access
not about else and especially not for merely browsing or using or buying a legal good from a dark net market
as I wrote
>which puts the liability on the person that does the unauthorized access
Which is almost always the person finding the bug. Most services include language that limit your ability to find vulnerabilities in their systems as part of being allowed to access their service. If you find the vulnerability without ever accessing the service you might have an out, but that also means you have to sell the exploit with less ability to convince the buyer that it is something significant.
Accessory?
Relies on intent of the seller, who would need to be found via a valid subpoena that needs to pass a threshold of cause
who would then argue they also sold it to security researchers, journalists and assumed everyone was or didnt discriminate or have any intent at all
4 replies →