But not lock-picking. Why are you trying so hard to label this hacking?
Earlier you argued by fear, that a badly configured server could send private data, and therefore editing URLs is hacking. Hell, I've seen servers with private data in the root dir. This is disconcerting, and bad for the company, but not hacking if you view the documents.
Similarly, incrementing as number, turning a page, clicking next, those are the expected, default, uses. They don't magically become a cyber attack simply because your software does exactly what you told it to.
Why are you unwilling to separate questions of legality long enough to make it clear that anyone in the world who can place one number after another could have done exactly the same?
Someone who unintentionally released private documents but thought they were hacked wouldn't have any incentive to change, or idea how. But if we were honest with them, they would.
Earlier you argued by fear, that a badly configured server could send private data, and therefore editing URLs is hacking. Hell, I've seen servers with private data in the root dir. This is disconcerting, and bad for the company, but not hacking if you view the documents.
Similarly, incrementing as number, turning a page, clicking next, those are the expected, default, uses. They don't magically become a cyber attack simply because your software does exactly what you told it to.
Why are you unwilling to separate questions of legality long enough to make it clear that anyone in the world who can place one number after another could have done exactly the same?
Someone who unintentionally released private documents but thought they were hacked wouldn't have any incentive to change, or idea how. But if we were honest with them, they would.