Hacker News new | past | comments | ask | show | jobs | submit login

I'm responding to the zero-sum nature of your comment above, about how the company harboring the vulnerability should be the one penalized for security incidents. And all I'm saying is, there's no reason why we can't penalize both: companies, when they're negligent, and people who exploit that negligence.

Also: we both know there's more to the story with Auernheimer than simply sending material to journalists.

Once again, we probably agree that Auernheumer doesn't belong in prison over this particular incident. He was overcharged and oversentenced. But I find the exact philosophy that drives you to that conclusion challenging, which is why I called it out.




> Also: we both know there's more to the story with Auernheimer than simply sending material to journalists.

Uhh, excuse me? They discussed what could have been done maliciously with the data, and then DIDN'T DO ANY OF THOSE THINGS. I honestly don't know what else you're alluding to.

To answer your main point:

I figured it out yesterday. I believe that sending packets over the internet, of any kind, with any content, is protected speech.

We're allowed to say what we want. It's the responsibility of a listener to determine how they respond.

This is how the world works, and it should be how the internet works, too.


That's not the way the world works. You have protected speech, but you can't rely on that protection when you use it to defraud someone.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: