1. 7

Questions regarding the efficacy of jamming XKeyScore this way aside, it’s an interesting look at analysing input validation.


  2. 3

    While the sentiment is understandable, this sort of thing is no longer (sadly) considered to be legitimate civil disobedience, it is more likely to be considered a volation of the Computer Fraud and Abuse Act. Caveat haxxor

    1. 3

      That seems unlikely. Sending an email to yourself (even with a fake from address) wouldn’t count as unauthorized access.

      This does sound like a good way to have yourself put on the “xkeyscore jammers” list, though.

      1. 2

        The issue with the the Act has been its liberal interpretation; this could be seen as a DDOS-type “attack” or a deliberate attempt to impede the work of the agency. Either way, my point is that it is the way this law has been applied (the Swartz case is a good example) that is the concern.

      2. 3

        Isn’t legitimate civil disobedience kind of a contradiction in terms? Intentionally violating an unjust law ( like CFAA ) is kind of the point.

        1. 3

          Yes, you are right. I was really trying to highlight the absurd penalties in place for this type of hacktivism, relative to actual harms.

      3. 2

        “Thanks for the bug report. Fixed.”