Oregon Supreme Court Declines To Hear Schwartz Case

merlyn writes "The Oregon Supreme Court declined to hear my case, leaving standing the unfavorable decision of the Oregon Appeals Court as the final authority on this eight-year-long case, well known to many sysadmin and Perl hacker alike. Details at my fors-announce posting." If you're not sure what that means, you probably want to read at least this site which offers a straightforwardly partisan look at the complicated case of Intel vs. Schwartz as well as Schwartz's own page; it's a strange world where programmers and sysadmins can be convicted for seemingly innocent activities.

Schwartz used bad judgement, nothing more.

[Schwarzchild]

IIRC from one of his web sites he pretty much describes all of the events that led up to his being arrested. He is honest about the fact that his contract at Intel's Supercomputer division was about to expire and he was trying to find a reason for them to continue to keep him employed and he decided to use their weak computer security as a reason for them to continue to use him as a contractor. Unfortunately, he wasn't an admin and he didn't get permission to crack the passwords. So when the admin found out that Schwartz was running Crack he informed the security guys at Intel.

Also IIRC it seemed like Intel management wanted to handle it differently than Intel Security which called up the Sheriffs office, I think, to have Randal arrested.

IMHO he only used really bad judgement and is obviously not a cracker bent on maliciousness.

I think it's too bad that the courts came down as hard as they did on him. At least he's not still in prison.

Re:and since when is...

> ...cracking password an innocent activity?

Well the answer to that is when the cracking is not being done to secure access to the systems in question.

Having a key to a safe shouldn't be a problem. Opening the safe and removing contents is a problem.

I have been in very much the same situation as this in the UK. Although I was not running crack myself a friend of mine was, and was using my account to do so. His interest in doing so was mere curiosity to see what percentage of passwords could be cracked.

At no time were any of these cracked accounts used for anything and as far as I can tell from the reports neither did Randal.

This point was what resulted in my case being dismissed.

Cracking passwords is a potentialy suspisious activity and Randal was bloody stupid for doing it on company machines but until the accounts are used this should not be a crime.

Re:Innocent Activites?!

[sinnergy]

Well, that's certainly one way to look at it, isn't it. However, things aren't that simple. You and I both know that. Anyone who has had the opportunity to hear his side of the story in person knows it goes a little deeper than that. I had the privelage of hearing him speak at Ic0n hear in Cleveland earlier in the year and again at Phreaknic in Nashville.

Yeah, he isn't completely blameless and he doesn't claim to be. However, he's being railroaded on some serious charges. If you know the laws he was tried under you know how vague and broad in scope they could be. Under those laws and a liberal interpretation, I would be unable to effectively do my own job.

So, in short, let's look at both side of the story here. I encourage anyone who will dismiss Schwartz right off the bat to hear his side of the case.

He's a pretty nice guy, to boot. A hacker's hacker, if you will.

Re:Oh Please

[Matts]

Randal tried to tell Intel execs to change their passwords to be more secure. They didn't, and said it was a non issue.

Randal was merely proving his point, when he found out the vice president's password was "pre$ident", and many other insecure passwords.