1. 7
    Jamming XKeyScore privacy security blog.erratasec.com
    kyle avatar via kyle 4 years ago | cached | 6 comments

Questions regarding the efficacy of jamming XKeyScore this way aside, it’s an interesting look at analysing input validation.

  1.  

  2. 3
    jasonwryan avatar jasonwryan 4 years ago | link

    While the sentiment is understandable, this sort of thing is no longer (sadly) considered to be legitimate civil disobedience, it is more likely to be considered a volation of the Computer Fraud and Abuse Act. Caveat haxxor

    1. 3
      tedu avatar tedu 4 years ago | link

      That seems unlikely. Sending an email to yourself (even with a fake from address) wouldn’t count as unauthorized access.

      This does sound like a good way to have yourself put on the “xkeyscore jammers” list, though.

      1. 2
        jasonwryan avatar jasonwryan 4 years ago | link

        The issue with the the Act has been its liberal interpretation; this could be seen as a DDOS-type “attack” or a deliberate attempt to impede the work of the agency. Either way, my point is that it is the way this law has been applied (the Swartz case is a good example) that is the concern.

      2. 3
        sdiehl avatar sdiehl 4 years ago | link

        Isn’t legitimate civil disobedience kind of a contradiction in terms? Intentionally violating an unjust law ( like CFAA ) is kind of the point.

        1. 3
          jasonwryan avatar jasonwryan 4 years ago | link

          Yes, you are right. I was really trying to highlight the absurd penalties in place for this type of hacktivism, relative to actual harms.

      3. 2
        journeysquid avatar journeysquid 4 years ago | link

        “Thanks for the bug report. Fixed.”