Lack of adequate notice is used as an excuse to
do things that notice would normally have prohibited or warned against.
Examples include unprosecutable entry via normally unused services, password
guessing through an interface not providing notice, and Web server attacks
which bypass any notice provided on the home page.
Complexity: Notice is
trivially demonstrated to be given or not given depending on the method
entry. The most effective overall protection from this sort of exploit
would be the change of laws regarding certain classes of attacks.
fc@red.a.net