← Back to context

Comment by fc417fc802

8 hours ago

> limit/lack of authorization

By serving up the PDF file I am being authorized to receive, view, process, etc etc the entire contents. Not just some limited subset. If I wasn't authorized to receive some portion of the file then that needed to be withheld to begin with.

That's entirely different from gaining unauthorized entry to a system and copying out files that were never publicly available to begin with.

To put it simply, I am not responsible for the other party's incompetence.

8 comments

fc417fc802

Reply
pipo234  5 hours ago

For starts, wouldn't it be kind of ironic to set up limits and authorization in a context that is about making some content available to the public?

I'd say any technical or legal restrictions or possible means to enforce DRM ought to be disabled or absent from the media format used when disseminating content that must be disclosed.

Censorship (of necessary) should purge the data entirely,ie: replace by ###

eviks  8 hours ago

That's not true, you can mistakenly receive data you're not authorized to have (might even be criminal to have!)

> That's entirely different from gaining unauthorized entry to a system and copying out files that were never publicly available to begin with.

That's not the sum total of hacks, if you have publicly accessible password-protected PDF and guess the password as 1234, that's a hack. Copy& paste of black boxes is similarly a hack around content protection

> To put it simply, I am not responsible for the other party's incompetence.

To put it even simpler, this conversation is not about you and your responsibility, but about the different meanings of the word "hack "

  • fc417fc802  7 hours ago

    > you can mistakenly receive data you're not authorized to have (might even be criminal to have!)

    Not the layman, at least to the best of my knowledge.

    Yes, certain licensed professionals can be subject to legal obligations in very specific situations. But in general, if you screw up and mail something to me (electronic or otherwise) then that is on you. I am not responsible for your actions.

    > if you have publicly accessible password-protected PDF and guess the password as 1234, that's a hack

    Sure, I'll agree that the software to break the DRM qualifies as a hack (in the technical work sense). It also might (or might not) rise to the level of "lack of legal authorization". I don't think it should, but the state of laws surrounding DRM make it clear that one probably wouldn't go in my favor.

    However that isn't what (I understood) us to be talking about - ie legal authorization as it relates to black box redaction and similar fatally flawed approaches that leave the plain text data directly accessible (and thus my access plainly facilitated by the sender, if inadvertently).

    > this conversation is not about ...

    You are the only one using the term "hack" here. Please note that I had responded to your "limit/lack of authorization" phrasing. Nothing more.

    That said, while we're on the topic I'll note the ambiguity of the term "hack" in this context. Illegal access versus clever but otherwise mundane bit of code (no laws violated). You seem to be failing to clearly differentiate.

    • eviks  7 hours ago

      > Not the layman, at least to the best of my knowledge.

      Are you not aware of content that is criminal to possess? Like CP is the most common example.

      > I am not responsible for your actions.

      I've already addressed this confusion of yours - this is NOT about your responsibility for someone else's actions, but about your own actions and whether they constitute a "hack".

      > You are the only one using the term "hack" here. Please note that I had responded to your "limit/lack of authorization" phrasing. Nothing more.

      Please open a dictionary for the word hack to understand this conversation! And note the word "authorization" in the definition.

      > However that isn't what (I understood) us to be talking about - ie legal authorization

      Understandably you're confused, the legal limit is your own making, authorization is way broader than that.

      > I'll note the ambiguity of the term "hack" in this context

      Exactly!!! Keep looking into the definition to resolve the ambiguity!

      > You seem to be failing to clearly differentiate

      No, your differentiation is wrong

      4 replies →