Dan, of Dan’s Data, has a rather interesting little anecdote embedded in a much longer piece about malware, past and present:
(To be clear: Sircam is a worm that spreads by embedding itself in arbitrary files on the infected computer’s hard drive and then emailing the result to a new victim. It’s obviously possible to strip out the worm and read the file it used.)
I’m a sucker for the murky concepts of responsibility and intent when a complex system misfires. Is there anything on the books about acting on information you shouldn’t have that you got by accident? Can you forge a usable defense out of someone else’s horrible computer security practices? I don’t suppose there’s anything especially clear in precedent or law in this area yet.