| ▲ | digitaltrees 9 hours ago |
| Its not a hack to copy and paste text that is part of the document data. The incompetence of the people responsible to comply with the law doesnt mean its reasonable to label something a hack. Please change the title. |
|
| ▲ | caminante 17 minutes ago | parent | next [-] |
| >Please change the title. HN discourages editorializing headlines. While I wouldn't call it a "hack," common usage even here on HN isn't limited to "to gain illegal access to (a computer network, system, etc.)" [0] [0] https://www.merriam-webster.com/dictionary/hack |
|
| ▲ | weird-eye-issue 9 hours ago | parent | prev | next [-] |
| If I open your laptop and guess your password then that counts as hacking you in both legal and security terms You don't need to do some sophisticated thing for it to be considered hacking |
| |
| ▲ | DrJokepu 8 hours ago | parent | next [-] | | I’m not an attorney or anything, but the relevant federal statute is explicitly about unauthorized access of computer systems (18 USC 1030). Opening someone else’s laptop and guessing the password would absolutely fall under that definition, but I think it’s very much questionable if poking around a document that you have legitimately obtained would do so. | |
| ▲ | koolala 9 hours ago | parent | prev | next [-] | | If you were blind would a screen reader read the documents? Thats not a hack. | | |
| ▲ | an0malous 8 hours ago | parent [-] | | If your intent was to circumvent the redactions it would be | | |
| ▲ | digitaltrees 2 hours ago | parent [-] | | Placing a black box on the text isn’t a redaction any more than placing a sticky note would be. No reasonable person can expect a sticky note to permanently prevent readers from seeing text and no reasonable person can expect a black overlay box in pdf to prevent reading text because this is literally a fundamental feature of pdfs as a layer format file |
|
| |
| ▲ | TOMDM 9 hours ago | parent | prev | next [-] | | If someone sends me a document with text in it that they meant to remove but didn't and then I read that text, I haven't hacked anything they're just incompetent. Hacking is unauthorised use of a system. Reading a document that was not adequately redacted can hardly be considered hacking. | | |
| ▲ | jeffparsons 9 hours ago | parent | next [-] | | Or in case some folks find the addition of a computer confusing here, if someone sends you a physical letter and they've used correction tape or a black marker to obscure some parts of the letter, and you scratch away the correction tape or hold the letter up to a light source to read what's underneath, have you committed a crime? I'm not a lawyer, so I don't know what the law has to say about this. But I do have at least a small handful of brain cells to rub together, so I know what the law _should_ say about this. | | |
| ▲ | TOMDM 8 hours ago | parent | next [-] | | Precisely. If someone wants me to sign a contract on acceptable use of resources (like an agreement not to reverse engineer their software) they send me then that's another thing. Absent that excluding other default protections like copyright, what I do with it should fall under the assumption of "basically anything". | |
| ▲ | prophesi 6 hours ago | parent | prev [-] | | If this were prior to 2021, I would say the CFAA could be violated so long as the property owner's _intentions_ were for that information to only be accessible to certain users. But I think the CFAA has been sufficiently reduced in scope after Van Buren v United States [0] [0] https://en.wikipedia.org/wiki/Van_Buren_v._United_States |
| |
| ▲ | left-struck 3 hours ago | parent | prev [-] | | Hacking is not just authorised use of a system. Hacking and hacking techniques can apply to systems you fully own or systems which you are authorised to hack.
Hacking is using something in a way that the designer didn’t anticipate or intend on. | | |
| ▲ | digitaltrees 2 hours ago | parent [-] | | Adobe designed pdf to behave this way. Placing layers over text doesn’t remove the text from the file. They have a specific redaction feature for that purpose. |
|
| |
| ▲ | digitaltrees 2 hours ago | parent | prev | next [-] | | You guessing my password is not the same as a know and expected behavior of a program. Adobe has a specific feature to redact. PDF is a format known to have layers. Lawyers are trained on day one not to make this mistake. (I am a recovering lawyer). This is either incompetence or deliberate disclosure. | |
| ▲ | reed1234 5 hours ago | parent | prev | next [-] | | But copying and pasting text of publicly released documents is not illegal. Accessing someone’s computer is illegal.
While maybe it could fall under the umbrella of hacking in some general way, articles, and especially titles, should be more precise. | | |
| ▲ | immibis 4 hours ago | parent [-] | | That actually is illegal in some circumstances, for example if the document is protected by copyright. |
| |
| ▲ | dullcrisp 9 hours ago | parent | prev [-] | | I guess but if you write something down real small and I squint at it is that still hacking? |
|
|
| ▲ | left-struck 3 hours ago | parent | prev | next [-] |
| Hacking is any use of a technology in a way that it wasn’t intended. The redaction is so stupid as to almost appear intentional, so maybe you’re right, this isn’t hacking because maybe the information was intended to be discovered. |
|
| ▲ | divbzero 9 hours ago | parent | prev | next [-] |
| Yes, this is the digital equivalent of sticking a blank Post-it over text and calling it “redacted”. Mind-boggling that the same mistake has been made over and over again. |
|
| ▲ | eviks 8 hours ago | parent | prev | next [-] |
| Also had this first thought, but then a hack could just be a way around a limit/lack of authorization, doesn't have to be unknown/sophisticated, so copy of black boxes fits |
| |
| ▲ | fc417fc802 8 hours ago | parent [-] | | > limit/lack of authorization By serving up the PDF file I am being authorized to receive, view, process, etc etc the entire contents. Not just some limited subset. If I wasn't authorized to receive some portion of the file then that needed to be withheld to begin with. That's entirely different from gaining unauthorized entry to a system and copying out files that were never publicly available to begin with. To put it simply, I am not responsible for the other party's incompetence. | | |
| ▲ | pipo234 5 hours ago | parent | next [-] | | For starts, wouldn't it be kind of ironic to set up limits and authorization in a context that is about making some content available to the public? I'd say any technical or legal restrictions or possible means to enforce DRM ought to be disabled or absent from the media format used when disseminating content that must be disclosed. Censorship (of necessary) should purge the data entirely,ie: replace by ### | |
| ▲ | eviks 8 hours ago | parent | prev [-] | | That's not true, you can mistakenly receive data you're not authorized to have (might even be criminal to have!) > That's entirely different from gaining unauthorized entry to a system and copying out files that were never publicly available to begin with. That's not the sum total of hacks, if you have publicly accessible password-protected PDF and guess the password as 1234, that's a hack. Copy& paste of black boxes is similarly a hack around content protection > To put it simply, I am not responsible for the other party's incompetence. To put it even simpler, this conversation is not about you and your responsibility, but about the different meanings of the word "hack " | | |
| ▲ | fc417fc802 7 hours ago | parent [-] | | > you can mistakenly receive data you're not authorized to have (might even be criminal to have!) Not the layman, at least to the best of my knowledge. Yes, certain licensed professionals can be subject to legal obligations in very specific situations. But in general, if you screw up and mail something to me (electronic or otherwise) then that is on you. I am not responsible for your actions. > if you have publicly accessible password-protected PDF and guess the password as 1234, that's a hack Sure, I'll agree that the software to break the DRM qualifies as a hack (in the technical work sense). It also might (or might not) rise to the level of "lack of legal authorization". I don't think it should, but the state of laws surrounding DRM make it clear that one probably wouldn't go in my favor. However that isn't what (I understood) us to be talking about - ie legal authorization as it relates to black box redaction and similar fatally flawed approaches that leave the plain text data directly accessible (and thus my access plainly facilitated by the sender, if inadvertently). > this conversation is not about ... You are the only one using the term "hack" here. Please note that I had responded to your "limit/lack of authorization" phrasing. Nothing more. That said, while we're on the topic I'll note the ambiguity of the term "hack" in this context. Illegal access versus clever but otherwise mundane bit of code (no laws violated). You seem to be failing to clearly differentiate. | | |
| ▲ | eviks 6 hours ago | parent [-] | | > Not the layman, at least to the best of my knowledge. Are you not aware of content that is criminal to possess? Like CP is the most common example. > I am not responsible for your actions. I've already addressed this confusion of yours - this is NOT about your responsibility for someone else's actions, but about your own actions and whether they constitute a "hack". > You are the only one using the term "hack" here. Please note that I had responded to your "limit/lack of authorization" phrasing. Nothing more. Please open a dictionary for the word hack to understand this conversation! And note the word "authorization" in the definition. > However that isn't what (I understood) us to be talking about - ie legal authorization Understandably you're confused, the legal limit is your own making, authorization is way broader than that. > I'll note the ambiguity of the term "hack" in this context Exactly!!! Keep looking into the definition to resolve the ambiguity! > You seem to be failing to clearly differentiate No, your differentiation is wrong | | |
| ▲ | fc417fc802 6 hours ago | parent [-] | | You realize we just went from (the legal equivalent of) "I accidentally mailed you my tax return" to "I accidentally mailed you a bomb". Like yeah, it remains illegal to retain possession of said bomb irrespective of the fact that someone intentionally sent it. That is ... not at all surprising? Beyond that you're clearly just trolling at this point, going to great lengths to manufacture an argument about a term that I never used to begin with. "Lack of authorization" has a clear legal meaning whereas "hack" does not. | | |
| ▲ | eviks 6 hours ago | parent | next [-] | | > That is ... not at all surprising? For the 3rd time, this conversation is not about YOU and not about what surprises you! > "Lack of authorization" has a clear legal meaning whereas "hack" does not. No, you've made up this limit to some "legal meaning" (also wrong here, large variety there as well but wouldn't want to endulge you further). Again, open up a dictionary on "hack", then follow the definition of "authorization" from there, if you only find "legal" in there, get a better dictionary, journalists / commenters are usually not lawyers, so they wouldn't accept your artificial legal limits on meaning! | |
| ▲ | user_7832 4 hours ago | parent | prev [-] | | > Beyond that you're clearly just trolling at this point I think this is the greatest proof of the simultaneous validity of two different arguments. Disclaimer, I'm assuming (I think fairly) that you're in good faith. The funny thing is, to me, the other commenter's arguments are quite clear/obvious to me and make sense. Not that your points are wrong - but... I'm 99% sure the other person isn't trolling in the slightest. Y'all are just talking across each other. | | |
| ▲ | fc417fc802 4 hours ago | parent [-] | | > Y'all are just talking across each other. Initially, perhaps. However note that my attempts to clarify exactly that are repeatedly followed by misconstruing my position. It's not so much that we disagree as that the supposed disagreement is about things I never said. The repeated failure to respond to what was actually said coupled with the combative tone is pretty much the definition of trolling. Of course that term does assume intent to an extent - if he's just having a bad day I'm not sure that technically qualifies. The end result is the same though. BTW if you feel I've missed some insightful point of his do please elaborate. |
|
|
|
|
|
|
|
|
| ▲ | themafia 2 hours ago | parent | prev | next [-] |
| It's being "undone with the lamest hack known to mankind." Still technically a hack. |
| |
| ▲ | digitaltrees 2 hours ago | parent [-] | | It’s not a hack. It’s known, expected behavior of the program. Adobe has a specific feature to redact. Color filled boxes is not it. |
|
|
| ▲ | reed1234 5 hours ago | parent | prev | next [-] |
| And the title should briefly describe the “hack” as well |
|
| ▲ | wahnfrieden 9 hours ago | parent | prev [-] |
| Not the only thing hack means now, or the most common usage anymore. See "life hack" - it means unexpected technique. |
| |
| ▲ | digitaltrees 2 hours ago | parent | next [-] | | But this isn’t an unexpected technique it’s literally the core design of the pdf format. It’s a layered format that preserves the layers on any machine. Adobe has a redaction feature to overcome the default behavior that each layer can be accessed even if there is a top layer in front. | |
| ▲ | valleyer 7 hours ago | parent | prev [-] | | It's also the meaning used in the title of this very Web site. |
|
