RB2: When is a hack a hack?

An interview with IT lawyer Erhan Karabardak...
26 Feb 2010 » Risky Business Extra

In this podcast we chat to a solicitor who specialises in IT. His name is Erhan Karabardak and he's with the firm Cooper Mills in Melbourne.

Erhan mostly specialises in technology-related stuff, and I wanted to get his thoughts on this so-called hacking scandal engulfing the corridors of power in New South Wales.

Last week a couple of journalists from the Sydney Morning Herald were given a handy tip -- if they pointed their browsers to nswtransportblueprint.com.au they would find a bunch of documents there that shouldn't have been released yet -- namely, the State Government's transport blueprint.

They went to the site, sure enough the documents were there, they wrote up the story and it ran on page one of last Saturday's Sydney Morning Herald.

The comical twist in all of this is the minister then went out and accused the journalists of hacking into the system to obtain the documents. This is especially funny given the journalists in question are known for being technologically challenged and possessing a fondness for fountain pens.

I thought it would be interesting to discuss this with a solicitor like Erhan. Although the documents were left on a webserver, could it be argued that the journalists had been doing something wrong by accessing them? When is a hack a hack? What if you had to guess a complicated URL through some sort of brute-force attack?

Well as you'll hear, unless you actually have some sort of access control on your data -- like a password, you're up the proverbial creek. I interviewed Erhan yesterday.