|
Authored by: Anonymous on Wednesday, January 16 2013 @ 10:36 PM EST |
Research done by researchers and scientists mostly for public funds, paid for
through taxes - either directly or through tax-exempt foundations - can (should)
not be walled in by a private corporation charging tolls for access.
Maybe the unauthorized party wasn't Schwartz...?[ Reply to This | Parent | # ]
|
|
Authored by: cjk fossman on Wednesday, January 16 2013 @ 10:57 PM EST |
I do not think you understand the issues at stake here.
I do not thing you understand the technology.
I do not think you understand that a creative and determined prosecutor could
find a way to charge you with a crime for posting on this blog.
For some specifics:
Spoofing a MAC address is no evidence of ill intent, nor does it prove that the
person doing the spoofing "understands" that his access is
unauthorized. There can be legitimate reasons for spoofing a MAC.
Case in point: in order to access the Internet through a non-Linux-friendly
cable service provider (not charter. Who does that leave?) I had to spoof the
MAC of a NIC. Does that mean I should serve 35 years in prison? Does it mean I
"understood" that the access was unauthorized? It does not, for the
owner of the NIC paid for Internet access via the cable provider.
It is true that other users of JSTOR were unable to access the JSTOR documents
for several days. Was this worth 35 years in prison for Mr. Swartz? Really?
Unauthorized access is you hijacking my password and using it to drain my bank
account. Unauthorized access is you cracking into my server and stealing my
clients' vital information. Unauthorized access is you installing a PHP script
on my website and turning it into a spam delivery service. Unauthorized access
is you injecting software into my PC enabling you to shut down my Uranium
processing plant.
Unauthorized access is NOT downloading files that you have a right to download,
even if the unintended side effect of your doing so is inconvenience to other
users.
Putting a laptop in an unlocked room where others routinely store things is not
unauthorized access, either.
[ Reply to This | Parent | # ]
|
|
Authored by: Anonymous on Wednesday, January 16 2013 @ 11:05 PM EST |
In the late 1980's early 1990's, I worked for a government department.
Everything was M$-NT except for my little corner of Linux and Solaris.
The government at some point, sold all mapping data to the "base map"
to a commercial entity. And supposedly, all of us within the government would
need a license to be able to view data that we were the originator for.
I think most of the images were jpeg. But, even then, a person could install a
daemon on a network, which would copy ALL files of some type to disk, regardless
of whether the file was intended for "this" address or not.
But it was trivially easy to copy this data one supposedly had to have a license
for. And if I had an inclination to do so, nobody in my building would have had
a clue I was doing so.
Schwartz could have easily had a PC with two NICs, and have the second NIC
assume "random" MAC addresses to request papers. The first NIC could
have then copied all packets associated with PDF (or whatever).
If a person wants to copy a lot of articles in a short period of time, you need
to generate requests. But if a person has a longer timescale, it is entirely
possible to just have a daemon sniffing the networks, and copying what is of
interest.
If a person has access to a closet full of networking gear, this would have been
easy around 1990. Have things changed since then, I haven't a clue. I have no
interest in doing these kind of things, I do recognize when it is possible. And
I have had no need to look into how lately.
[ Reply to This | Parent | # ]
|
|
Authored by: Anonymous on Thursday, January 17 2013 @ 03:20 AM EST |
From what I have read here, it seems that Aaron Swartz was well aware that
JSTOR/MIT did not want him to continue doing what he was doing.
The 35 years in jug and/or the $1m fine maximum possibilities, not actual
imposed sentences (he hadn't even been tried yet).
He seems to have written extensively about his history of depression, which is
sad, but hardly JSTOR/MIT's fault.
His death is very sad but suicide is hardly a reasonable (or forseeable)
reaction to the situation that he found himself in.
Mac
[ Reply to This | Parent | # ]
|
|
Authored by: Anonymous on Thursday, January 17 2013 @ 05:40 AM EST |
MIT did shut off Swartz's access to JSTOR multiple times. Swartz
hacked around
these attempts to cut off his access in a manner which leaves
absolutely no
doubt that he understood that his access was
unauthorized.
Was Aaron aware of why his access was cut off? From
what I understand, JSTOR had no bandwidth/quota limits in place at the time. It
would seem reasonable that if one's connection to a wifi network is terminated,
it is owing to limitations of the wifi network, not because there has
been an unannounced change in policy at the site one is visiting.
And
what do you do when you lose a wifi connection? You try again. This is a not
uncommon, recurring scene wherever wifi networks see heavy use (earlier that
same year Steve Jobs had to plead for attendees of WWDC to shut off their
connections during his iPhone 4 demo). Unless Aaron was presented with a login
screen explaining the reason for the failed connection, I see nothing nefarious
with his making repeated attempts.
Likewise after realizing that the
wifi connection was not going to work out, it is entirely reasonable to bypass
that bottleneck and hook up directly to a wired connection (I do this at home
when I have problems with my laptop connection).
Did Aaron violate some MIT
regulations or policy? It is not clear to me that he did, but if so then it
would seem a fairly minor university matter -- not a federal crime to be
prosecuted like a bank robbery or an act of international espionage. At the time
MIT guests were being granted unlimited access to the JSTOR archives and the
steps Aaron took to facilitate that access were not that different from what any
systems analyst would follow in resolving such technical obstacles in any
similar situation.[ Reply to This | Parent | # ]
|
|
Authored by: Anonymous on Thursday, January 17 2013 @ 01:22 PM EST |
Let's be clear. The injured party, JSTOR, asked the prosecution to drop the
case. They settled with Mr. Swartz out of court, in exchange for getting the
hard drives back. If ignoring this out-of-court settlement isn't overzealous
prosecution, what is?[ Reply to This | Parent | # ]
|
|
|
|
|