decoration decoration
Stories

GROKLAW
When you want to know more...
decoration
For layout only
Home
Archives
Site Map
Search
About Groklaw
Awards
Legal Research
Timelines
ApplevSamsung
ApplevSamsung p.2
ArchiveExplorer
Autozone
Bilski
Cases
Cast: Lawyers
Comes v. MS
Contracts/Documents
Courts
DRM
Gordon v MS
GPL
Grokdoc
HTML How To
IPI v RH
IV v. Google
Legal Docs
Lodsys
MS Litigations
MSvB&N
News Picks
Novell v. MS
Novell-MS Deal
ODF/OOXML
OOXML Appeals
OraclevGoogle
Patents
ProjectMonterey
Psystar
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v IBM
SCO v Novell
SCO:Soup2Nuts
SCOsource
Sean Daly
Software Patents
Switch to Linux
Transcripts
Unix Books

Gear

Groklaw Gear

Click here to send an email to the editor of this weblog.


You won't find me on Facebook


Donate

Donate Paypal


No Legal Advice

The information on Groklaw is not intended to constitute legal advice. While Mark is a lawyer and he has asked other lawyers and law students to contribute articles, all of these articles are offered to help educate, not to provide specific legal advice. They are not your lawyers.

Here's Groklaw's comments policy.


What's New

STORIES
No new stories

COMMENTS last 48 hrs
No new comments


Sponsors

Hosting:
hosted by ibiblio

On servers donated to ibiblio by AMD.

Webmaster
House Judiciary Hearing on Investigating and Prosecuting Cyber Threats: CFAA Vido. | 65 comments | Create New Account
Comments belong to whoever posts them. Please notify us of inappropriate comments.
Corrections Thread
Authored by: swmech on Wednesday, March 13 2013 @ 02:50 PM EDT
Please summarize in the Title box error->correction or
s/error/correction/

---
"A little gentleness goes only a short way. Ladle it out generously, and often,
when you can." (Walter Slovotsky)

[ Reply to This | # ]

Off Topic Threads
Authored by: swmech on Wednesday, March 13 2013 @ 02:56 PM EDT
Any on-topic posts under this heading will result in PJ
sending Ankylosaurus over to thwack you with his tail.

---
"A little gentleness goes only a short way. Ladle it out generously, and often,
when you can." (Walter Slovotsky)

[ Reply to This | # ]

News Picks Threads
Authored by: swmech on Wednesday, March 13 2013 @ 03:03 PM EDT
Please type the title of the News Picks article in the Title
box of your comment, and include the link to the article in
HTML Formatted mode for the convenience of the readers after
the article has scrolled off the News Picks sidebar.

---
"A little gentleness goes only a short way. Ladle it out generously, and often,
when you can." (Walter Slovotsky)

[ Reply to This | # ]

Comes transcripts here
Authored by: swmech on Wednesday, March 13 2013 @ 03:07 PM EDT
Please post your transcriptions of Comes exhibits here with full HTML markup but posted in Plain Old Text mode so PJ can copy and paste it.

See the Comes Tracking Page to find and claim PDF files that still need to be transcribed.

---
"A little gentleness goes only a short way. Ladle it out generously, and often, when you can." (Walter Slovotsky)

[ Reply to This | # ]

House Judiciary Hearing on Investigating and Prosecuting Cyber Threats: CFAA Vido.
Authored by: Anonymous on Wednesday, March 13 2013 @ 03:28 PM EDT
Note: The hearing doesn't start until the 16 minute mark on the linked video.

[ Reply to This | # ]

Thanks for the link to EFF
Authored by: artp on Wednesday, March 13 2013 @ 03:33 PM EDT

I really liked the fact that I could add text to the message being sent to my representative and both senators.

This is part of what I added.

A boilerplate letter follows concerning the CFAA. Let me tell you that since I first started computing in 1974, I would have been liable under the CFAA thousands of times, and my employers would have been greatly handicapped if I had not been able to break encryption, reverse engineer protocols, devise alternate methods of operation, and generally make a shambles of a lot of poorly designed software and hardware in order to MAKE IT WORK! Much of this was not authorized by my employer, and could not have been in many cases because they weren't tech-savvy enough to know what to ask for.

This law makes a very poor assumption that is also very dangerous: that tech companies know what they are doing. In some cases they do. In many others, the pressure to ship and collect money overrides the need of engineers to make it work right. This law enshrines poor design and bad management decisions and criminalizes any attempt to route around them.

I have seen a lot of bad decisions made in laws concerning tech. If you would like some help from a practitioner in the field, I am willing to provide whatever perspective I can. I have worked for Iowa-based companies and Fortune 100 companies. I have been employed as a Data Center Manager, a consultant, a system administrator in large scale systems, a project manager and a computing FDA Validation Manager. I was invited to be on a 9 person worldwide team within [*company*] to set operational standards for the UNIX (Internet technology) operating system. I brought the first production use of UNIX online in [*company*] worldwide.

Vitae available on request.

My contact information followed.

If we don't offer them help to figure out the tech, then we will continue to get bad laws. I have no idea if any of them will take me up on it, or how much weight my viewpoint might carry against other resources they might consult, but what have I got to lose?

---
Userfriendly on WGA server outage:
When you're chained to an oar you don't think you should go down when the galley sinks ?

[ Reply to This | # ]

Hacking
Authored by: Anonymous on Wednesday, March 13 2013 @ 03:55 PM EDT
Hacking is altering the hardware or software of a device to enable it to perform
a function it could not do before the change. Hacking often involves a hacksaw
and a soldering iron. From Make: Magazine - "If you can't open it, you
don't own it"

Hacking is taking control of a device that you own to perform your purposes.
There is nothing sinister about hacking, unless you are Sony, or Apple.

-- Alma

[ Reply to This | # ]

House Judiciary Hearing on Investigating and Prosecuting Cyber Threats: CFAA
Authored by: Anonymous on Wednesday, March 13 2013 @ 04:30 PM EDT
Something that I have never seen in any laws are examples of
how the law should be applied. Perhaps that would focus the
intent of the law instead of letting half-baked procesutors
make up a bunch of half-baked charges that may or may not
make sense to the reasonable man.

[ Reply to This | # ]

The law is that you can't have a picnic on my lawn without my permission
Authored by: Anonymous on Wednesday, March 13 2013 @ 05:21 PM EDT
"The law is that you can't have a picnic on my lawn without my
permission" Not quite that simple, which makes it an interesting case.
Can't depends on the jurisdiction. In some US states, if I haven't posted the
lawn with no trespassing signs, haven't fenced it, and haven't improved it, you
may be able to have a picnic there. In a right to roam jurisdiction in Europe
you may have a right to have a picnic on my lawn.

If your lawn is unfenced, unposted, wide open (and it isn't clear how much is
your lawn and how much is in a public right of way), then there is a situation
very similar to your visiting a public website (and, say, traversing it by
typing in the names of likely pages or directories the url bar of a web
browser). If your lawn is fenced and posted, that's a lot like an exposed ssh
service with an issue message behind it that warns unauthorized users - and
access to that issue message by brute forcing usernames and passwords.

The analogy of picnic on the lawn or kicking in your door and having a picnic in
your living room sounds with what constitutes unauthorized access sounds like a
potentially fruitful one.

[ Reply to This | # ]

Clean slate -- dirty hands
Authored by: BJ on Wednesday, March 13 2013 @ 06:14 PM EDT

Hi, I'm Fred K.
Opening up my neighbor's vacuum cleaner landed me in jail.
We both didn't realize it contained a processor.
This sucks.


bjd


[ Reply to This | # ]

  • OMG! - Authored by: Anonymous on Wednesday, March 13 2013 @ 08:00 PM EDT
  • Clean slate -- dirty hands - Authored by: PJ on Wednesday, March 13 2013 @ 08:30 PM EDT
House Judiciary Hearing on Investigating and Prosecuting Cyber Threats: CFAA - ~pj Updated
Authored by: Anonymous on Thursday, March 14 2013 @ 02:15 PM EDT
I don't believe that 'without authorization' or 'exceeds
authorization' are unclear at all. Using just a slight bit
of common sense anyone over the age of five should be able
to figure it out. They mean going someplace you're not
invited or free to go, taking or using something that is not
yours without the permission of the owner.

Using your property analogy you seem to be saying that if I
leave the door to my house unlocked, then anybody is free to
come and go as the please. Or worse, if I happen to burn the
popcorn and open the door to air out the inside, then I'm
actually inviting the public to come into my house.

Just because you find an open door, or an unlocked one, does
not mean you have permission to be there. Even in places
like a mall or grocery store, there are public areas as well
as private ones. You're free to shop, but not to go in the
managers office, even if his door is unlocked.

As far as the difference between just looking and taking, if
someone were to enter my home, unknowingly, they would have
access to things like bank statements, credit card
statements and possibly my drivers license and social
security number. Even if I caught them, I'd have no way of
knowing if they copied that information for later
exploitation.

The same is true for accessing a computer, true there are
tools that can tell you if and when somebody has accessed
the data, but now you're putting the burden on the owner to
not only have a door, close the door, lock the door, but to
have continuous surveillance on every square inch of the
property in case someone 'unauthorized' breaks in, so you
can prove they looked at confidential information.

That's the reverse of how it should work. It's my data, if I
want you to see it or make a copy of it, I will put it in a
public location where all are free to access it. If I want
to keep it private I will put it behind a door, a locked
door, in most cases. Anyone savvy enough to use tools to get
around, over, under or through the door (or locks) is also
intelligent enough to know that it's wrong, and that they
are not 'authorized' to be there. If they were authorized,
they would not need the tools to get there.

Just like I should not be required to put up razor wire,
watch towers and guard dogs to let people know that they are
not free to enter my home, I should not need to invest
several thousand to several million to put a bunker around
my data.

[ Reply to This | # ]

"Because if you put every computer tinkerer in jail,"
Authored by: 351-4V on Friday, March 15 2013 @ 10:03 AM EDT
You'll have a large number of skilled computer technicians to perform your
bidding.

These laws have been intentionally written to allow and enable exactly
this kind of prosecutorial misconduct. They target a person known to be skilled
in the art of computer hacking, charge them with as many "crimes" as they
possibly can and then offer the accused a plea deal whereby the accused must
"cooperate" in the future by performing services at the request of the
government.

The people that are engaging in the misconduct don't for a second
care about any long repercussions of their actions. All they care about is
having a body capable of performing the dirty deeds that they have in mind
today.

[ Reply to This | # ]

Groklaw © Copyright 2003-2013 Pamela Jones.
All trademarks and copyrights on this page are owned by their respective owners.
Comments are owned by the individual posters.

PJ's articles are licensed under a Creative Commons License. ( Details )