Comment by TZubiri
2 hours ago
I don't know the details of the case, but what they worded there is a textbook unauthorized intrusion and a naïve teenager "the door was open" defense.
Mind you there can be nuances, but that quote is like saying "I took their stuff, but it was poking out of their pocket."
I think people have a heightened reaction to threats based on the CFAA for "the door was open" circumstances because that law is so widely known for being used in threats against folks who were trying to ethically report things and in overly-aggressive prosecutions.
Of course, we don't yet know the specifics of this particular case, but I'm willing to lean towards the people receiving legal letters threatening CFAA action until there's more information.
No, it's more like "the door was open" in the context of a storefront. A public website carries an implicit invitation to visit, otherwise web browsing would be illegal.
It is bit grey area. You are evaluating something. Do some basic checks. Actually end up seeing something you should not. You stop and tell them to fix it. They then silence you.
Now it is bit questionable should you check things like this during evaluation or not. Strict legal reading probably not. With reasonable customer relations you thank them and put it on top of the priority list. Unless they clearly enumerated everything they got their hands on or tried to run more real scans.