well, not quite – but it seems that way. I’m down here on a training course – big things happening with the “Building Schools for the Future” program, and we need to get ready for it in work.
Not exactly quiet on the personal front either – it’s been an incredibly interesting few weeks, as the BCSE’s big project winds up. It’s also been a little frustrating to see that David Anderson’s little hate blog has kicked up a gear.
It seemed a rather odd coincidence that he started posting musings on the future of the BCSE at the same time that we were having (quite heated, in some cases) discussions about that exact subject…
No we know, of course, that he had been poking around for security holes and was reading our private discussions.
In his post on June 28th he explains the method: “Here’s Ian Lowe talking to BCSE member Chris Hylands, writing in a website discussion on the 13th of June – a website discussion that he didn’t realise was being indexed by Google”
Google indexing that site (not the BCSE website incidentally) is actually a result of a security hole in the TikiWiki forum software – You have to provide a username and password if you use the forums properly and navigate through them, however if you know the page number yopu are after, you can construct a special URL that will get you past the security (and in fact, if you are super sneaky, you can just keep guessing post numbers until you find interesting ones…) One thing is absolutely certain though – you don’t do this by accident.
Anderson has previous, of course. Despite his rampant denials, he attempted to hack the BCSE site a few months ago. When we wrote a cease and desist letter to him, he claimed that we were threatening him, and insisted that he was not hacking…
well, what now? still not hacking?
If you see someone walking along a street, trying every door handle, that person is a criminal. And under the Computer Misuse Act, if you access a system knowing that you should not have access to it, you are committing an offence.
It’s enough to take your breath away really – he’s posted four entries in the past few weeks, trying to claim the moral high ground, and seems to miss the irony that he is proudly trumpeting on his blog information that he has gained by hacking!!
David Anderson thinks he has posted some sort of water tight case demonstrating how evil we all are… and all he is really showing is just what depths he will sink to.
I have sought legal advice, and the opinion of the lawyer is that he has committed an offence here – he has admitted accessing information that he knows was not intended for him: just as surely as if he had walked into an accidentally unlocked office and rifled through the filing cabinets.
So, what do we do? well, nothing to be honest.
The simple fact is – he’s not worth it. It would cost money to pursue him, and more importantly it would take time and effort that is simply better spent elsewhere.
and with that in mind, I’m off for my dinner – I hear this hotel has an absolutely fantastic restaurant.