decoration decoration
Stories

GROKLAW
When you want to know more...
decoration
For layout only
Home
Archives
Site Map
Search
About Groklaw
Awards
Legal Research
Timelines
ApplevSamsung
ApplevSamsung p.2
ArchiveExplorer
Autozone
Bilski
Cases
Cast: Lawyers
Comes v. MS
Contracts/Documents
Courts
DRM
Gordon v MS
GPL
Grokdoc
HTML How To
IPI v RH
IV v. Google
Legal Docs
Lodsys
MS Litigations
MSvB&N
News Picks
Novell v. MS
Novell-MS Deal
ODF/OOXML
OOXML Appeals
OraclevGoogle
Patents
ProjectMonterey
Psystar
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v IBM
SCO v Novell
SCO:Soup2Nuts
SCOsource
Sean Daly
Software Patents
Switch to Linux
Transcripts
Unix Books

Gear

Groklaw Gear

Click here to send an email to the editor of this weblog.


You won't find me on Facebook


Donate

Donate Paypal


No Legal Advice

The information on Groklaw is not intended to constitute legal advice. While Mark is a lawyer and he has asked other lawyers and law students to contribute articles, all of these articles are offered to help educate, not to provide specific legal advice. They are not your lawyers.

Here's Groklaw's comments policy.


What's New

STORIES
No new stories

COMMENTS last 48 hrs
No new comments


Sponsors

Hosting:
hosted by ibiblio

On servers donated to ibiblio by AMD.

Webmaster
unauthorized access | 559 comments | Create New Account
Comments belong to whoever posts them. Please notify us of inappropriate comments.
unauthorized access
Authored by: Anonymous on Wednesday, January 16 2013 @ 10:36 PM EST
Research done by researchers and scientists mostly for public funds, paid for
through taxes - either directly or through tax-exempt foundations - can (should)
not be walled in by a private corporation charging tolls for access.

Maybe the unauthorized party wasn't Schwartz...?

[ Reply to This | Parent | # ]

MIT's Role as Described in Aaron Swartz's October Motion to Suppress ~pj
Authored by: cjk fossman on Wednesday, January 16 2013 @ 10:57 PM EST
I do not think you understand the issues at stake here.

I do not thing you understand the technology.

I do not think you understand that a creative and determined prosecutor could
find a way to charge you with a crime for posting on this blog.

For some specifics:

Spoofing a MAC address is no evidence of ill intent, nor does it prove that the
person doing the spoofing "understands" that his access is
unauthorized. There can be legitimate reasons for spoofing a MAC.

Case in point: in order to access the Internet through a non-Linux-friendly
cable service provider (not charter. Who does that leave?) I had to spoof the
MAC of a NIC. Does that mean I should serve 35 years in prison? Does it mean I
"understood" that the access was unauthorized? It does not, for the
owner of the NIC paid for Internet access via the cable provider.

It is true that other users of JSTOR were unable to access the JSTOR documents
for several days. Was this worth 35 years in prison for Mr. Swartz? Really?

Unauthorized access is you hijacking my password and using it to drain my bank
account. Unauthorized access is you cracking into my server and stealing my
clients' vital information. Unauthorized access is you installing a PHP script
on my website and turning it into a spam delivery service. Unauthorized access
is you injecting software into my PC enabling you to shut down my Uranium
processing plant.

Unauthorized access is NOT downloading files that you have a right to download,
even if the unintended side effect of your doing so is inconvenience to other
users.

Putting a laptop in an unlocked room where others routinely store things is not
unauthorized access, either.


[ Reply to This | Parent | # ]

MIT's Role as Described in Aaron Swartz's October Motion to Suppress ~pj
Authored by: Anonymous on Wednesday, January 16 2013 @ 11:05 PM EST
In the late 1980's early 1990's, I worked for a government department.
Everything was M$-NT except for my little corner of Linux and Solaris.

The government at some point, sold all mapping data to the "base map"
to a commercial entity. And supposedly, all of us within the government would
need a license to be able to view data that we were the originator for.

I think most of the images were jpeg. But, even then, a person could install a
daemon on a network, which would copy ALL files of some type to disk, regardless
of whether the file was intended for "this" address or not.

But it was trivially easy to copy this data one supposedly had to have a license
for. And if I had an inclination to do so, nobody in my building would have had
a clue I was doing so.

Schwartz could have easily had a PC with two NICs, and have the second NIC
assume "random" MAC addresses to request papers. The first NIC could
have then copied all packets associated with PDF (or whatever).

If a person wants to copy a lot of articles in a short period of time, you need
to generate requests. But if a person has a longer timescale, it is entirely
possible to just have a daemon sniffing the networks, and copying what is of
interest.

If a person has access to a closet full of networking gear, this would have been
easy around 1990. Have things changed since then, I haven't a clue. I have no
interest in doing these kind of things, I do recognize when it is possible. And
I have had no need to look into how lately.

[ Reply to This | Parent | # ]

MIT's Role as Described in Aaron Swartz's October Motion to Suppress ~pj
Authored by: Anonymous on Thursday, January 17 2013 @ 03:20 AM EST
From what I have read here, it seems that Aaron Swartz was well aware that
JSTOR/MIT did not want him to continue doing what he was doing.

The 35 years in jug and/or the $1m fine maximum possibilities, not actual
imposed sentences (he hadn't even been tried yet).

He seems to have written extensively about his history of depression, which is
sad, but hardly JSTOR/MIT's fault.

His death is very sad but suicide is hardly a reasonable (or forseeable)
reaction to the situation that he found himself in.

Mac


[ Reply to This | Parent | # ]

MIT's Role as Described in Aaron Swartz's October Motion to Suppress ~pj
Authored by: Anonymous on Thursday, January 17 2013 @ 05:40 AM EST
MIT did shut off Swartz's access to JSTOR multiple times. Swartz hacked around these attempts to cut off his access in a manner which leaves absolutely no doubt that he understood that his access was unauthorized.
Was Aaron aware of why his access was cut off? From what I understand, JSTOR had no bandwidth/quota limits in place at the time. It would seem reasonable that if one's connection to a wifi network is terminated, it is owing to limitations of the wifi network, not because there has been an unannounced change in policy at the site one is visiting.

And what do you do when you lose a wifi connection? You try again. This is a not uncommon, recurring scene wherever wifi networks see heavy use (earlier that same year Steve Jobs had to plead for attendees of WWDC to shut off their connections during his iPhone 4 demo). Unless Aaron was presented with a login screen explaining the reason for the failed connection, I see nothing nefarious with his making repeated attempts.

Likewise after realizing that the wifi connection was not going to work out, it is entirely reasonable to bypass that bottleneck and hook up directly to a wired connection (I do this at home when I have problems with my laptop connection). Did Aaron violate some MIT regulations or policy? It is not clear to me that he did, but if so then it would seem a fairly minor university matter -- not a federal crime to be prosecuted like a bank robbery or an act of international espionage. At the time MIT guests were being granted unlimited access to the JSTOR archives and the steps Aaron took to facilitate that access were not that different from what any systems analyst would follow in resolving such technical obstacles in any similar situation.

[ Reply to This | Parent | # ]

MIT's Role as Described in Aaron Swartz's October Motion to Suppress ~pj
Authored by: Anonymous on Thursday, January 17 2013 @ 01:22 PM EST
Let's be clear. The injured party, JSTOR, asked the prosecution to drop the
case. They settled with Mr. Swartz out of court, in exchange for getting the
hard drives back. If ignoring this out-of-court settlement isn't overzealous
prosecution, what is?

[ Reply to This | Parent | # ]

Groklaw © Copyright 2003-2013 Pamela Jones.
All trademarks and copyrights on this page are owned by their respective owners.
Comments are owned by the individual posters.

PJ's articles are licensed under a Creative Commons License. ( Details )