alt Hacker NewsI don't know the details of the case, but what they worded there is a textbook unauthorized intrusion and a naïve teenager "the door was open" defense.
Mind you there can be nuances, but that quote is like saying "I took their stuff, but it was poking out of their pocket."
Replies
No, it's more like "the door was open" in the context of a storefront. A public website carries an implicit invitation to visit, otherwise web browsing would be illegal.
Or it could be completely innocent like they asked for a list of all adafruit designs, and flux.ai sent back a list of all designs including some private ones, because their filtering is broken.
Or in your pocket analogy , flux dropped their wallet on the ground and walked away, adafruit picked it up and yelled "hey bro you dropped this"
It is bit grey area. You are evaluating something. Do some basic checks. Actually end up seeing something you should not. You stop and tell them to fix it. They then silence you.
Now it is bit questionable should you check things like this during evaluation or not. Strict legal reading probably not. With reasonable customer relations you thank them and put it on top of the priority list. Unless they clearly enumerated everything they got their hands on or tried to run more real scans.
I think people have a heightened reaction to threats based on the CFAA for "the door was open" circumstances because that law is so widely known for being used in threats against folks who were trying to ethically report things and in overly-aggressive prosecutions.
Of course, we don't yet know the specifics of this particular case, but I'm willing to lean towards the people receiving legal letters threatening CFAA action until there's more information.