← Back to context

Comment by eviks

9 hours ago

Also had this first thought, but then a hack could just be a way around a limit/lack of authorization, doesn't have to be unknown/sophisticated, so copy of black boxes fits

9 comments

eviks

Reply
fc417fc802  8 hours ago

> limit/lack of authorization

By serving up the PDF file I am being authorized to receive, view, process, etc etc the entire contents. Not just some limited subset. If I wasn't authorized to receive some portion of the file then that needed to be withheld to begin with.

That's entirely different from gaining unauthorized entry to a system and copying out files that were never publicly available to begin with.

To put it simply, I am not responsible for the other party's incompetence.

  • pipo234  5 hours ago

    For starts, wouldn't it be kind of ironic to set up limits and authorization in a context that is about making some content available to the public?

    I'd say any technical or legal restrictions or possible means to enforce DRM ought to be disabled or absent from the media format used when disseminating content that must be disclosed.

    Censorship (of necessary) should purge the data entirely,ie: replace by ###

  • eviks  8 hours ago

    That's not true, you can mistakenly receive data you're not authorized to have (might even be criminal to have!)

    > That's entirely different from gaining unauthorized entry to a system and copying out files that were never publicly available to begin with.

    That's not the sum total of hacks, if you have publicly accessible password-protected PDF and guess the password as 1234, that's a hack. Copy& paste of black boxes is similarly a hack around content protection

    > To put it simply, I am not responsible for the other party's incompetence.

    To put it even simpler, this conversation is not about you and your responsibility, but about the different meanings of the word "hack "

    • fc417fc802  7 hours ago

      > you can mistakenly receive data you're not authorized to have (might even be criminal to have!)

      Not the layman, at least to the best of my knowledge.

      Yes, certain licensed professionals can be subject to legal obligations in very specific situations. But in general, if you screw up and mail something to me (electronic or otherwise) then that is on you. I am not responsible for your actions.

      > if you have publicly accessible password-protected PDF and guess the password as 1234, that's a hack

      Sure, I'll agree that the software to break the DRM qualifies as a hack (in the technical work sense). It also might (or might not) rise to the level of "lack of legal authorization". I don't think it should, but the state of laws surrounding DRM make it clear that one probably wouldn't go in my favor.

      However that isn't what (I understood) us to be talking about - ie legal authorization as it relates to black box redaction and similar fatally flawed approaches that leave the plain text data directly accessible (and thus my access plainly facilitated by the sender, if inadvertently).

      > this conversation is not about ...

      You are the only one using the term "hack" here. Please note that I had responded to your "limit/lack of authorization" phrasing. Nothing more.

      That said, while we're on the topic I'll note the ambiguity of the term "hack" in this context. Illegal access versus clever but otherwise mundane bit of code (no laws violated). You seem to be failing to clearly differentiate.

      5 replies →