I think (assume) he wasn't questioning the link between what they did with illegality/immorality, just that "hacking" implies something a little more technical.

Aye. The difference between taking a laptop left on a train and breaking into a house to take one. No less theft in either case, but one takes (a little at least) more effort than the other and is less dependent on carelessness on the part of the victim.

Take a laptop left on the train isn't a very good analogy. The train is essentially a public space (for anyone holding a ticket, at least) and people have a right to be there.

Getting in to PIN-less voicemail boxes is like walking down a street and checking which doors are unlocked, and then assuming a lack of security means the owner is permitting you to take whatever you can find inside.

I think his point was not it didn't rise to the legal definition of hacking (of course it did), but whether it rose to the Hacker News definition of newsworthy hacking (hardly).

Not a great analogy. Nothing was taken.

It would be more accurate to say that you left your curtains open, and someone took a picture of the inside of your house through the windows.

Maybe an invasion of privacy, but not theft.

This is totally besides the point. He was simply responding to the notion that the ease of the act mitigated the severity.

> It would be more accurate to say that you left your curtains open, and someone took a picture of the inside of your house through the windows.

And if I was naked at the time, and if they then sold those pictures of me, I'm fairly certain it would be a crime.

I didn't say it was legal, I just said it was a bad analogy.

If you setup a directory /admin on your webserver, and forget to password protect it, and someone accesses it, you can't really call it hacking.

That's still a bad analogy, and you've used it way too many times in this thread.

Whether or not accessing anything on a webserver is illegal depends partly on your intentions while doing so. That's a basic function of most court trials--to discern your intentions. For example, see the differences between the various degrees of murder, and the way such trials often hinge on "preconceived intent."

If my intention in accessing "/admin" was to access your server without your authorization to access some protected piece of information, damage computers, or defraud you, that may indeed be a crime. See http://www.law.cornell.edu/uscode/18/1030.html . It doesn't matter whether it was password protected or not. If I went there by accident, however, it probably was not a crime, although depending on what I accessed I may wind up having to go to court to prove that my intentions were benign.

You absolutely can call it hacking, and people have been prosecuted for things like that. How much simpler can I say it? The difficulty of an attack has nothing whatsoever to do with the severity of the resulting offense. Difficulty is just one measure that can be used to establish your purposefulness in exploiting unauthorized access.

> The difficulty of an attack has nothing whatsoever to do with the severity of the resulting offense.

My point which you gloss over is in the definition of "attack".

Whether browsing to a publicly accessible url with no security is an attack or not, is a very grey area.

No, it's not a grey area. The "public accessibility" of a URL may serve as evidence that you had no criminal intent (because you didn't have to "jimmy the lock" to get in), but if you then do things with that access, you're criminally liable.

Voicemails were deleted from the missing girl's phone.

One - they could have been evidence (apparently killers often leave sympathetic messages to try and deflect attention), and two - it made the parents and the police think she was still alive when she was in fact already dead.

According to the NYT article, they actually did delete messages from the cell phone (to make room for more).

> Not a great analogy. Nothing was taken.

In at least one case, voicemails were deleted from a murder victim's inbox.

Only if it uses violence or the threat thereof; otherwise, it's theft.