Slashdot Mirror
McOwen Case Settled
ewilts writes: "Back in July, you ran a story about David McOwen, a computer adminstrator at DeKalb Technical College in Georgia, who was being charged for installing SETI software on school computers. This case has now been settled. See also the EFF press release
on McOwen's web site." Update: 01/18 16:11 GMT by M : It was software from distributed.net, not SETI.
Although he got off relatively light, the precident set here is that sysadmins can no longer choose to install software at will. As a sysadmin for a large media congolmerate, I find it more and more difficult to simply administer my systems because all the suits want to know every move I make three weeks in advance. This decision simply adds an element of criminality to an already bad situation.
There... I said it.
It's a pretty steep fine for installing a non-malicious piece of software.
It's not mentioned in the article, but it seems to me that the $2,100 figure was determined by picking an amount "just a little more than what he would have made had he won".
--
E_NOSIG
He didn't own the computers... they weren't his property. He had no right to install anything on those PC's that wasn't related to work. He got off easy.
Going to McOwen's site causes Gator to try and install on my machine (winNT running IE). Gator is well known slimewar/spyware. avoid it like the plague.
This generally looks like a reasonable settlement. The monetary damages are a bit dissapointing, though. Remember to ask permission (and get that permission in writing) when you make large, questionable, changes to the systems you are responsible for.
This story has been convered in a recent Slashback article: here.
For all the people whining about electronic freedom and such:
It's not his network to run his own software!
It's one thing to run a small program, or even play Quake on your lunch hour, but to make a change that could cost a bundle on bandwidth, that's not a Good Thing (tm).
I'm not afraid of falling, it's the sudden stop at the end that frightens me.
I recall that when this was reported some time ago SETI@Home was not the software installed. Apparently, it's too much to ask that the people posting stories actually read said stories and understand them. Here's a hint: stop being a chimp.
Jesus, folks, Our government needs a head dunking. 30 years for a benign program on a few machines, (I live near there, it isn't a large campus) as opposed to 6-10 for MURDER? Hot damn, he didn't kill anybody....let's just be really glad he got off "light"
Sent from your iPad.
Mike & Tim. You need to talk to one another on an hourly basis. You guys are the biggest offenders of repeat articles. This was covered in the slashback yesterday...
Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
coulda sworn I saw this already
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
It seems michael doesn't read Slashbacks... this was posted yesterday: Slashback: Games, Goats, Galileo
He should have fought this one to the end. This case now sets a precidence for other suits of its kind. He may have gotten off "easy" (so to say) but in the long run he has done a great deal of damage to progress of getting "reasonable" law into the digital realm. Normal laws are impossible to enforce onto the computer world. Perhaps they should start suits against all the students that download any type of software "not authorized on state computers". Perhaps University students in Georgia should be billed for the bandwidth they consume downloading Mp3's on the "States" network. Perhaps if you check your personal e-mail on a state computer you should be arrested. Sounds ludicrous but then again look at the stupidity the state of Georgia now has legal precedence on!
Being a native Georgian (southwest Georgian for that matter...Albany - a REAL backwater), and a comparatively savvy technogeek, I am filled with horror. These idiot lawyers are going to do everything they can to make a name for themselves in whatever context they consider important, intelligence be damned. Of course, if in doing so, they drag the name of Georgia back into the yeehaw days (Gawrsh, Goober, that there computey-thang shor is makin' them nekkid wimmens look purty an' all. Gimme a chaw.), they don't care.
Georgia is full of intelligent, growing technologists - startups, academics, and all-around geeks. These barristers' motives are pure old-fashioned power plays, making a name for themselves and wielding power over those who don't respect them. Please don't consider all of us Georgians hicks; we geeks live in a meritocracy separate from these backwater jackasses we elect or appoint to office.
What'dya mean there's no BLINK tag!?
Update - January 17, 2002 Georgia V McOwen Case closed!
= 39&threadid=593069
Electronic Frontier Foundation Media Release
For Immediate Release: January 17, 2002
Contact:
Lee Tien
Senior Staff Attorney
Electronic Frontier Foundation
tien@eff.org
+1 415 436-9333 x102 (office), +1 510 290-7131 (cell)
David Joyner
Attorney
Kenney & Solomon
CDJoyner66@aol.com
+1 770 564-1600
Distributed Computing Prosecution Ends with Whimper Not Bang
Georgia Man's Ordeal Ends
San Francisco - David McOwen can finally see the light at
the end of the tunnel. After about two years of facing the
prospect of years in prison and more than $400,000 in fines
and restitution, the former DeKalb Technical College systems
administrator has accepted an offer by the state of Georgia
that will bring his legal nightmare to an end.
Since February 2000, McOwen has been the target of a
"computer trespass" investigation and then prosecution. His
crime? In 1998, he installed a distributed-computing client
(like the SETI@home screensaver) on the college's PCs in
order to participate in a distributed decryption contest. In
early 2000, the school administrators threatened McOwen with
criminal charges and called in the Georgia Bureau of
Investigation. The threat of more than $400,000 in liability
was based solely on the use of the school computers, valued
at 59 cents per second.
Under the terms of the deal, announced today, McOwen will
receive one year of probation for each criminal count, to
run concurrently, make restitution of $2100, and perform 80
hours of community service unrelated to computers or
technology. McOwen will have no felony or misdemeanor record
under Georgia's First Offender Act.
"David never should have been prosecuted in the first place,
but we're glad that the state decided to stop," said Senior
Staff Attorney Lee Tien of the Electronic Frontier
Foundation (EFF). "This is a very good result for David. He
very likely could have won if the case had gone to trial,
but trials cost money and you never know what will happen."
Tien explained that much of the case against McOwen turned
on whether he had fair notice that installing the
Distributed.net client software was prohibited. Under the
Georgia computer trespass statute, criminal liability may
only be imposed if the person uses the computer or network
with knowledge that the use is unauthorized. "From what I
can tell, the state would have had a hard time proving
beyond a reasonable doubt that David knew he wasn't
authorized to install the software," Tien said. "I can't
help but feel that this was a face-saving deal for the
state."
"The state's claim of up to $815,000 for computer time seems
to fit an old pattern that we've seen before," Tien said. In
one of the first cases championed by EFF, a man faced years
in prison for obtaining and publishing an internal BellSouth
document initially valued at almost $80,000. The case was
dropped after evidence was introduced that it was publicly
available for $13.
The issue raised by McOwen's prosecution isn't an isolated
one, Tien added. Distributed computing is an important
scientific tool that can harness the spare cycles of
numerous personal computers into the virtual equivalent of a
supercomputer. The SETI@home screensaver, for instance,
allows computer users all over the world to aid in the
search for extraterrestrial intelligence. Last year,
however, the Tennessee Valley Authority banned the SETI@home
program from its computers, declaring it a risk to computer
security.
While McOwen's legal problems appear over, they've taken a
serious toll. He resigned from his job at DeKalb soon after
the school threatened him. And he was fired from his next
job at Cingular Wireless last August because of the bad
publicity surrounding the case.
EFF wishes to praise and give special thanks to David
Joyner, McOwen's attorney at Kenney & Solomon, for all of
his hard work. Thanks are also owed to McOwen's supporters
at FreeMcOwen.com and MachineThoughts.com for publicizing
the case and raising money for his legal fund.
Legal defense fund for the McOwen case:
http://forums.anandtech.com/messageview.cfm?catid
About EFF:
The Electronic Frontier Foundation is the leading civil
liberties organization working to protect rights in the
digital world. Founded in 1990, EFF actively encourages and
challenges industry and government to support free
expression, privacy, and openness in the information
society. EFF is a member-supported organization and
maintains one of the most-linked-to websites in the world at
http://www.eff.org/
#include sig.h
And when all is said and done of the Enron fiasco, a few people will spend a few years in a country club prison, like Michael Milken, the junk bond king who left retirment accounts in ruins while he put hundreds of millions out of reach, in his wife's name.
A feeling of having made the same mistake before: Deja Foobar
Now, of course, he gets off light from the government.. but jeeze, think of the internet traffic charges he's gonna rake up from being slashdotted. YOU MEAN HEARTLESS PEOPLE! Have you no decency? Give the man a break.
I haven't seen any comments from the SETI project - what do they make of all this? Are they afraid to lose a lot of computing power from afraid sysadmins now? What about other distributed computing projects?
http://www.mcowen.com/davidres.htm[www.mcowen.com]
Refers to himself in third personDavid is a Telecommunications, Computers and Electronics experienced Engineer specializing in Hardware design, Testing, software configuration and Computer Instruction.
Check out his Hobbies/Interests:
Husband and wife team mobile Disc-Jockey/MC Entertainers since 1975.
Go DJ!
A lot of people seem to be under the impression that the client he was running was SETI@home and was therefore innoculous.
Well, he was running some distrubuted.net-type decryption client where he would have WON MONEY had he been the one to find a key.
Not so humanitarian and innoculous now, is it?
Years in prison and a $400,000 fine are extremely way beyond reason, but I can see how this was a crime as he stole company resources for personal gain.
The $2100 fine does seem reasonable as I think he would have won $2000.
Also note that in nearly every jurisdiction there are tons of other laws that could apply, and thus the rapist would get a similarly large number of counts.
California for example says that sodomy (defined as anal penetration) with someone unwilling or underage (2 counts if they are both unwilling *and* underage) is a seperate crime. There are other, similar, laws that make various differentiations between very similar acts, so usually a rapist can still end up with 10+ counts and probably well over 30 years
This is typical of many law enforcment efforts. If they want to save face, even though they know they screwed up, they get you to cop to a lesser plea.
You have seen this in the recent ebook case, as well as in your typical negotiations with other infractions, such as traffic tickets.
You also see the compulsion to save face in death row (and other) cases, where many prosecutors outright refuse to allow DNA testing that might prove a man innocent. It is like pulling teeth to get the tests done. Even though it is often a matter of life and death.
"Saving Face" is obviously more important, even though it makes them look foolish.
"It is a greater offense to steal men's labor, than their clothes"
There are to many CowboyModerators out there (no pun intended to CowboyNeal) who just shoot from the hip. I think that one major reason for this is the fact that many users think the mod system is broken.
I've always been opposed to the notions of "it was better before", "I miss the good old times" and so forth. But now finaly I am too getting there. I've been reading /. since 1998 and will probably continue, but I'm becoming more and more dissapointed.
I miss the time when you could yourself mark you post Offtopic by inserting an "(OT)" mark in the subject and the users mods understood that "Ok, it's marked offtopic" and let it be. If some users were interested they continued the thread, now what is wrong with that!? That was a perfectway to have spin-off discussions. I mean if you are discussing Transmetas Crusoe it's easy to start speaking of other processors and suddendly you are talking Z80-assembly!! What the hell is wrong with that!?
I hope this pos gets through and it will be interesting to see the moderations that will be done on this comment. Let me tell you that I'm NOT holding my breath... I'm starting to care less and less and kindof feeling a Golum-like transformation going on towards... dare I say it... trolling...
Propz to all downmodded Offtopicers...
$HOME is where the
-- silver_p
How come they never use the laws about Recieving stolen goods against the wives of multimilionaire fraudsters when they get all the money transfered into their accounts?
Wow! I'm sitting on a friggin' gold mine. Who in their right mind would ever pay upwards of $35 for ONE MINUTE of time on a PC?? You can buy a good system that's paid for itself in just one hour of time!! Lets see, going by the usual inflated legal dollers, this 1.5Ghz P4 I've been burning in for the last two weeks has just wasted $713,000. boggle.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
the project he was running was rc5.
the damn link in the article says rc5.
80 hours and $2100 for unused computer cycles is uncalled for. These judges and lawyers dont understand computers. in legal speak, i cant imagine what the prosecution was saying.
now poor david dnetc will be in an orange vest on the side of the highway picking up trash with joe shmoe robber and drunken steve who beat up a guy at a bar. good luck.
xavii aka bob
It frustrates the hell out of me to think that instead of a case like this, that could serve to temper a law with rediculous penalties for a broad range of actions, making it to court, get settled for a meager sum and leaves a fellow with a criminal record and gives companies that much more leverage in treating employees like criminals.
There should be criminal penalties for criminal activity. Using corporate computers to smuggle out trade secrets? Yeah, I can see why someone should spend time in jail for that, but should someone doing something as relativley innocous as installing SETI on a few machines face a 30 year in jail penalty for doing so?
I can totally understand why the defendant chose to settle. Trials cost money and you don't always win the good fight, but it is sad to see a chance for bonehead laws like these to face some challenge.
Perhaps it's a precedent for telling sys admins to stick to their jobs and keep the best interests of their employers in mind when installing software. This isn't about "sys admins choosing" it's about the appropriate use of someone else's property.
When I discovered that a developer had installed SETI on my co's production ecommerce servers ("but I nice'd it!") I had the loser fired -- after disabling the software. Am I against SETI? No (nor am I "for" it; I don't care). But the purpose of our servers, bandwidth, etc., is not racking up points in the SETI project.
Now, we have other servers that are intended for fun and exploration. But our production servers?
-- @rjamestaylor on Ello
It was not part of this guy's job to donate CPU time on behalf of his campus. Granted any calls to the processor would have halted the software he installed immediately, but consider an analogy.
Your car is under warranty at a given auto dealer. As such when it has problems the mechanic there fixes it. Even if this mechanic could instantly return you car when you walk outside to go somewhere, would you want him keeping a copy of the key and using it without your permission for personal use. Even if that personal use involved bettering society (taking meals to elderly folks or providing a taxi service for kids of working parents)?
sig
Splash right in the middle of www.mcowen.com is:
Prayers to those that have lost there lives on September 11, 2001
Uhh hello, perhaps that should read "their"??! Can people not take 1 minute to think about what they publish/proofread it?
<Cut to courtroom somewhere in the USA>
Defendant: "...and then I installed the application on all the computers."
Prosecutor: "You did this, fully aware that it was vulnerable and subject to attacks, which may paralyze the company email system, compromise data, or worse?"
Defendant: "Yes."
Gallery: *GASP*
Prosecutor: "And what was this application?"
Defendant: "MS Outlook."
The prosecutor, appearing struck, glances at a shadowy figure in the gallery who bears some resemblance to John Ashcroft in a trenchcoat and fedora, the figure quickly draws a finger across his throat and the prosecutor recomposes himself.
Prosecutor: "Your honor, the prosecution humbly requests all charges be dropped and that the defendant be released!"
A feeling of having made the same mistake before: Deja Foobar
What bothers me is this guy could have faced more jail time than some rapist and murderers, If they didn't like what he did all they had to do was fire him. This seems like the work of a blood sucking lawyer. He should erased all the computers and installed linux, that would would have sent them into a bender.
Isn't it time we realize that more lawsuits are coming soon. This is how we grow a profession as a society. For example, do you think Doctors aren't sued most of the time? A lot of the quirks medical professionals have to go through are to prevent legal action against them. I can already hear the "but they deal with lives" arguement, but it's a developed profession. I think we could all learn to chill on how many lawsuits we file. Be prepared for system administration to turn into a bunch of red tape saying exactly what we are allowed to do and how we are to do it. This is a good thing in some ways. It means our field is maturing even more.
:-)
I'll shut up now.
This space intentionally left blank.
I think the government was right in its case against this man.
The software was unathorized non-work(or school) related software installed on machines HE DID NOT OWN. Syadmins can't just install anything they want on computers they don't own regardless of 'who did hurt?'
In the end, of course, at a state institution it is the state paying for it, since if the average student spends even 5 hrs browsing the internet a week we are talking $177 a week, and that adds up to most state school's tuition for the year. And with so many students costing the state a large amount of money on bandwidth, why make such a fuss over one person, even if he is not a student?
I don't know of any company whose machines' well being depend upon installing and running SETI@home. Things like this don't fall under the heading of administrative tasks - this is stealing resources. If this guy had the OK to run the software on machines, fine. But it sounds like he didn't.
There's no difference betweem running SETI@home on machines and running, say, a quake server. What if I, as a sysadmin, decided to install a quake server on ever machine that I worked on? You can bet my bosses would be upset.
It may have been a benign piece of software as far for an operating system, but for an ass backward state there are probably those that think proof of life elsewher means proof of no God.
Disqualifier: When threatened with jail time and that ridiculous fine as McOwen originally was, I probably would have capitulated and accepted the settlement myself. But still, I'd like to think I would have fought it.
Here's why:
This is the sort of case that the EFF salivates over. They (over-zealous law enforcement) want to take away his job, drain his savings, and throw him in jail. And for what? For wanting to help the scientific community? In the eyes of many people, McOwen is a martyr.
Therefore, Don't settle. Make them put him on trial. Let their fascist tactics stand exposed.This could have been a precendent-making case.
Naturally, of course, they would've had to win. But what case would have stood a better chance?
Don't you see? The state BULLIED them into a bargain. If this would have gone to court, they WOULD have WON. Now, they have set their precedent, and they will be able to bully other people. The college could have just fired the guy, but he did nothing wrong in the first place. He is running the systems, he is entitled to make changes, as long as they do not affect production. Unless, there is a strict change control process in place. At the most, this is misappropiation of resources, and possibly insubordination. Get ready people, next time you piss your boss off, you may just be sent to jail, instead of fired... d_e
I couldn't tell from the various websites, but if DTC is state/federal-funded, then that's another issue.
/. either, but... well...
If you work for a state/federal-funded institute, you are prohibited from using any of the work equipment for "personal" use. And, especially, you are forbidden from using any work equipment to make money (personally, that is).
For example, the baristas at the espresso bar of the (state-funded) institution where I work are not allowed to accept tips because, technically, they are state employees. Technically, I shouldn't even be posting to
So, if DTC is publicly funded, then it sounds like McOwen fell afoul of those laws too.
-- D.
I installed RC5 clients a few years ago on several HPUX workstations at the company I was working at (left 2 years ago). Those workstations were basically retired before I left. Now 2 years later I am getting the email logs again, I guess they fired the machines back up for some reason.
Should I be scared?
So this means that before i install anything, good or bad, that i must *explain* each and *every* piece of code, and clear it with the people that entrust me with their network and am paid to be the expert on, and responsible for its upkeeep? What if i install VNC, antivirual update, research software for a better network, prety much anything they decide they dont like that day.. i goto jail? Seems to me our ablity to even do our jobs has just been limited drastically. Sure, wholesale personal use is wrong, but the way it sounds now im libel if managemnts mind changes tomrrow on anything.....
---- Booth was a patriot ----
I wonder if he's thought about ratting on his former employers to BSA and M$ suggesting that they should audit the college for any unlicensed M$ software.
Community service seems like the ideal way to punish most non-violent offenders. It's a hassle and enough time that if you don't like it you'll really think twice about repeating your actions. If you do find you like it, the court may have generated a more useful member of the community. Either way, the community at large benifits. Putting this in terms closer to most of us, is it more helpful to fine MS or require them to contribute (in some guarenteed non-evil way) to the Open Source community. I think there is some merit in that.
Production systems are controlled environments - last thing you need is some unaudited, unexpected and unauthorised changes messing them up.
...or opening up a security hole.
Every piece of software installed present a potential threat. Did it come from a reliable source? Does it have security flaws? Obviously, there has a be a reasonable balance between maintaining security and giving users the flexibility they need to do their jobs. I get very irritated when a company won't let me install software I need -- or just want! -- on my desktop at work.
This balance tips increasingly in favor of security as if installation is (1) on a server, (2) on a production server, (3) on a lot of machines. Maintaining that balance is a sysadmin's job. And this guy was definitely not doing his job.
All that said, aren't criminal charges just a little out of line? He should just have been professionally reprimanded, or maybe fired. But a lawsuit?
I don't think that in any way the guy should have had a huge fine or gone to jail over this. It's a firing offense, nothing more. He was wrong, I would have fired him. That would have been the end of it...
Contrary to popular belief, coding is not all free blow-jobs and beer. Those things cost MONEY!
It is legal and/or considered an ethical practice for a prosecutor's office grossly overcharge someone with the intention of forcing them to plea to a lesser charge? I thought prosecutorial ethics requires you only charge what you're morally certain you can prove in court???
...because there's no such word (and if there was, it would mean "tending to provide or cause innoculation").
The word you are looking for is innocuous.
Here's a good question... why do off-topic posts get moderated negatively and end up in the bottom with all the goatse.cx and Natalie p0rtman posts? let's say I have something intelligent to say about beowulf clusters that spawns from a thread about the McOwen case (could very well happen). Nope, sorry, -1 Offtopic! Your opinion isn't worth anything if it's not about the article specifically!
What I'm suggesting (because I know now that Jamie is probably reading this) is to go with a multi-dimensional moderation system instead of the current flat moderation system. Maybe use color coding along with the numeric system. If I write an intelligent off topic post I get mod'ed as +2, red. Those who don't want to read offtopic posts can then set to squelch all red posts and only read the green (default) posts. Anyway, just a suggestion.
There is no reasonable defense against an idiot with an agenda
:wq
Here it is plain and simple. THEFT of network resources, I wouldnt have stopped anything short of a public stoning on this. He had NO authority to do so, and was consuming resources that are limited and billed for. His motives were even iffy, was it to rake in the prize $$$ ? Was it to be helpfull to the project at the expense of the university ?
I am as much in managment as development or administration any more. I am and always will be a company man, that probably one of the reasons I still have a Job in the Dot_Bust world. This is assinine, if a university employee, or contrator was taking a power tap off their grid to power the red cross say 4 blocks away its still theft no matter the motives. It wasnt his resources to allocate, and it wasnt within his authority to do so, the fact he plead quilty shows he knew. Maybe he was stupid and didnt see it this way at the time but hindisght is 20/20.
I have succefully prosecuted against this type of theft in the past, yeah Im a hacker and I have roots, Most people simply didnt think they would get caught. And then tried to say well we didnt see we were harming anyone, we had one employee at a previous company who was the owners son, doing things JUST like this, Guess what after I got done anting he was No Longer an EMPLOYEE, the brass dosent like the THOUGHT of anything costing them money that isnt directly tied to their core business, I cant blame em, what if it was your network a peon administrators assistant installed this crap on without asking ?
Sig went tro...aahemmm.....fishing........
If said house keeper is rifling through the papers on my desk in the study which she was explicitly to stay out of, then it wouldn't be unreasonable for her actions to be considered at least trespassing.
Yes, that is unreasonable. It is also absurd.
By giving that person a housekey you have granted them access to your premesis. By definition they cannot be tresspassing.
Violating your privacy, yes. If you locked the drawer and didn't give them a key (they picked the lock, or scrounged the key from another drawer and opened it), then you might have a case for unauthorized access to whatever materials were locked up (breaking into a client's safe isn't legal). However, if you left those papers in an unlocked state, then you'll have to come up with some law other than tresspass or breaking-and-entering to prosecute them on. If there isn't one, and there may not be, then you still have the recourse of firing the offendor and suing for damages (if any).
This case is nothing short of rediculous, and a primary example of one of the most fatal flaws in American justice: the fact that a person can be financially coerced into pleading guilty to something they did not do simply because the financial cost and potential risk of standing by their innocence is too great and their unjust accuser happens to hold all of the (financial and power) cards.
America isn't going to be destroyed by bin laden and his idiot followers, but by lawyers, and governments, like this one. Indeed, if anything such acts of terror breath new life into decaying regimes, delaying the disunity and ultimate demise of a society whose legislative, judicial, and executive systems are so riddled with injustice and corruption that no significant social contract remains. Such a society is ripe for destruction from within, regardless of how draconian the secret police (FBI et al) may become, and this is but one of a myrid of symptoms to that affect.
I was once asked the question as to whether I would prefer to live during the rise or decline of a civilization. I niavely answered that I would prefer the decline, because then I could enjoy the fruits of previous generations' labors while leading a decadent life of my own, without regard to the future. Now that I am in a position to actually observe the dysfunction and decline of my own culture, particularly of the democracy which makes it possible, I have discovered two truths: (1) decadence has nothing whatsoever to do with decline, contrary to popular puritan myth, but corruption and injustice are directly related and (2) decline isn't inevitable, but it is inevitable if the people are too lazy, or too distracted, to be vigilant and root out the injustice and corruption which is its primary cause.
The Future of Human Evolution: Autonomy
>>Although he got off relatively light, the precident set here is that sysadmins can no longer choose to install software at will.
You say a precedent has been set? They settled. The courts didn't render a verdict, so there really wasn't a precident set by the legal system.
:o)
Rape is rarely reported, and even more rarely prosecuted in this country. The actual time served for convicted rapists is astonishingly short. Why you may ask? Well, all those really dangerous marijuana users have mandatory minimum sentences thanks to the federal war on drugs. All others get their sentences shortened/let out early because the prisons just won't hold that many people.
"No, no, no. Don't tug on that. You never know what it might be attached to."
He still has to pay a couple thousand dollars, do 80 hours of community service and be on probation for 8 years. Sounds like the CRC vs. guy with the really good math web site to me. So said Senior Staff Attorney Lee Tien of the Electronic Frontier Foundation (EFF), "This is a very good result for David. He very likely could have won if the case had gone to trial, but trials cost money and you never know what will happen." The system works, really freakin well... not.
--Xantho
you posted this before and then i couldnt find it - i agree
Ave Molech Setting
Doesn't sound like he really got off, 8 years probabtion, 2000 in restitution and 80 hours of cummunity service?!?!?!?!? Granted it is less then the full sentance but this is far from getting off or being found innoccent. Whats the deal with this administrator? What a freaking assmaster.
Since when is okay to NOT allow system administrators to administrate their own software on the systems. They are system administrators. Installing software should be their own right, and the point of the fscking job!
Zodiac Survey
Let's hope they prosecute corporations that make pop-up ads. They cause my computer to execute code without my authorization, and they are definitely for corporate gain. Same thing for anything that uses my CPU in a way I don't want it to.
(It's different when my browser downloads a page I asked it to).
Ed Barbar, President and General Manager, Furnit USA
Where are all the people from the debate on making all government-funded software open source? Why aren't they in this debate howling because he was let off easy? After all, if state money means "the people" own everything you do, he was stealing from "the people" with this--especially since he wasn't going to share the money if he won.
I thought you downloaded a file from SETI and mucked about with it for 20 something hours and then sent your findings back to SETI.
How much bandwidth could that possibly take up?
Further, there's money to be had? I thought I was just helping out.
I have got to start reading the FAQs.
Oh and as for the topic:
I'd be POed too if someone was running crap on my systems. But I'd likely just have him remove it and force him to buy me an expensive lunch. Many of my business disputes are settled with the purchase of an expensive lunch.
This
Wow! I wasn't aware that people took this sort of thing so seriously. Back when I was a student at Providence College, I had distributed.net running on about 50 of their computers in the computer labs. I was able to complete a huge amount of blocks that way - now I feel lucky that I didn't get caught!
SecurtyFocus
Financial Motive Alleged
Willard says that McOwen was singled out for prosecution partly because he had ignored his supervisor's warnings. "In this case, Mr. McOwen was expressively prohibited by his superiors from downloading these programs and was informed on many occasions by his supervisors to stop downloading programs," said Willard. "They were aware that he was doing it and he had gone in and cleaned it up on numerous occasions." Joyner insists McOwen received no such warning.
Prosecutors also claim that McOwen had a financial motive for volunteering the school's machines. McOwen was a top producer on distributed.net for "Team AnandTech," a group sponsored by a hardware forum site which is still the second ranking contributor to the RC5 research project. A $1,000 prize goes to the individual contributor who recovers the RC5 encryption key. "McOwen placed a program on computers, that in his estimation would benefit him personally, including computers that has sensitive student financial and identity information without authorization," says Willard. "There is concern about the program itself compromising or providing the basis to compromise sensitive personal or financial information, there is the matter of Mr. McOwen's unauthorized activities on this computer, and finally there is the point that there was misappropriation of state property."
He was warned several times, and the software had repeatedly been uninstalled. This isn't the only article I've read that discussed this fact. I may not agree with the charge or the penalty, but he should have been fired for ignoring his supervisors continued requests.
but decided against it. When I was working for the university we ghosted machines and we thought hmmm we could put SETI on all of them as they went out! Give the university a little credit, let it run in the bankground, and most of these machines went to individuals who would not come near to using all the speed of a 500 MHZ machine. However, we thought for a moment and said "Do we really want to risk it?" The obvious answer was no and that idea was filed away in the cylindrical file cabinet. Its good to use good judgement. He's lucky to not be doing time.
HT
Hi,
I'm writing in response to your sig. I may be interested in a trade, if you're up for it.
What do you think?
Gotta remember to delete the client off the colleges main student drive image... went on 2100 machines ;-)
Ok, so being that I actually went to this school to learn C programming (making deans list a couple times), perhaps I should lighten up on my perspective of the usefulness of the EFF.
Meaning this hits close to home for me. But the EFF is still a small organization and, like the ACLU, has little choice but to be very selective about taking on cases that are inherently helpful to promoting the EFF and their fund raising efforts.
But I Still Think and Believe that there are more fundamental issues in regards to the Electronic Frontier as it applies to our freedoms, that really should be and need to be addressed.
As the article seems to say, McOwen should never have been charged in the first place. This should be a good enough indication that there are more fundamental issues in need of addressing.
we ran several Tribes servers on student machines after hours. We cleared this with the boss first, although he didnt want us installing SETI on all of the student computers;(
Comment removed based on user account deletion
is not that his employer took action.
I think we can all agree for the most part that, in a way, he should have known better.
The scary part is that for something as minor as this, they tried to get him on 9 felony counts, facing 120 years in prison and something like a million bucks in fines/restitution.
hawk
It seems like the key issue here is that when a sysadmin gets too "chummy" with his or her network, and treats it like his own backyard, sooner or later there will be negative consequences. And if you get dragged into court, and try to prove that what you did wasn't that really all that bad because your workplace had a lax culture when it comes to security enforcement, and besides that no tangible damage was done, it doesn't seem to work because the law bans "unauthorized access" but doesn't hold the "authorizing party" to any real standard of accountability. This makes false or grossly exaggerated accusations very difficult to defend against.
It's a collision between the culture of the courts and the culture of being a sysadmin. I think a few states have better laws (i.e., the "victim" has to meet a higher standard to show how the unauthorized acts caused harm), but I'm not sure which ones.
Since it's unlikely McOwen will ever easily obtain another IT position, I think it's reasonable and prudent to make the names of his accusers available so that any employer might think twice before bring poison like that into their workplaces. Of course, they'll probably all comfortably retire with pensions from the State of Georgia, then die. Hopefully soon.
CEE5210S The signal SIGHUP was received.
at my high school they do this and nobody cares. its running stuff like that all the time. and we cant even play games on the computer lab computers, not even shockwave ones
I hate to be so anal, but why is there no link to the EFF Website for the press release copy? Does this mean EFF has not heard of the Web yet? LOL.
Someone might say the problem is EFF doesn't want to get 'SlashDotted'. Ok then, why don't the SlashDot *editors* provide a SlashDot checksum client and EDITORIALLY publish a checksum for Web pages that might otherwise be overwhelmed, that we might persuade ourselves that 'mirrored' copy is AUTHENTIC (and STAYS that way)?
What is most disturbing about this case is the utter lack of any moral compass on the part of the prosecutors in this case. You have a sysadmin who installed software which burned spare cycles and inadvertently raised the phone bill. It's a mistake, accidents happen, to go after him because he didn't have explicit permission is a disgrace. These immature imbeciles can't get over their pique at seeing the costs incurred and go after him like he's some kind of uber hacker. This is the guy THEY hired to run their network. In a situation like this you learn a lesson, you don't rehire the guy, you don't give him a reference then you move on.
When you look at what they inflicted on McOwen and what they TRIED to inflict on him, I want to lock the prosecutors and their co-conspirators up for what is in my opinion a criminal conspiracy to contrive to convict an innocent man. This is a real bonfire of the vanities. You have career prosecutors who were prepared to destroy a life over this, and others supporting that to cover their ass and deny any responsibility.
How these miserable excuses for human beings can sleep at night I don't know. Just one of these prosecutors or middle managers is a thousand times more dangerous than a roomfull of McOwens.
They should have hung him found out what countery his ancestors came from and bombed that countries red cross centers in the name of war against terrorism.
How Ashcroft allowed this guy to get away qithout first linking him to the Al Queda is beyond me. Doesn't the FBI know that the Taliban can hide secret messages in distributed computing clients and unlease plots of terrorism like sabatogeing university cpu cycles and and stealing a few kbs of bandwidth
I no longer feel safe with these computer terrorists abusing university resources.
CPU lifespan is reduced by higher operating temperatures. It is entirely plausable that the distributed.net client app would cause the CPU to consume more power than the OS's idle loop. More power = higher temperature.
While the cost of the reduced lifespan isn't noticeable in the average slashdoter's PC (due to frequent replacement) univserities have a tendency to keep old equipment around. It is plausable that the slight increase in temperature would result in a slight (not nessesarily noticable) increase in equipment failure.
Even if you dispute the possibility of a temperature induced lifespam reduction, the increase in power consumption directly translates to a higher electric bill.
CPU's use a non-trivial amount of power. Lets assume that the "typical CPU" used for this client uses 20 watts when quiescent and 25 watts when busy.
5 watts for one hour = 0.005 kwh/h; Electricity costs 0.15 USD/kwh; 8760 hours in a year
0.05 * 0.15 * 8760 = $6.57 additional electricity per year.
Now, assume a "normally" loaded machine is busy 5%. This is generous if the machines are strictly interactive terminals. $6.57 * 0.95 = $6.24 per machine.
How many machines were running these clients? 500? 1000? $2100 might not cover the electric bill.
You do know that, while most of what you said was protected by the first amendment, plenty was not.
/. has no problem with you using them as a place to break the law but others may think differently. I'm sure when the FBI looks in on you, they will catch you doing worse things.
The point where you actually are telling people to commit crimes, and likely take human life, is where you stepped outside the law.
Obviously
Telling people to commit hate crimes, and burn down homes is basically wrong, but even better it's not protected by the first amendment.
''But, although the rights of free speech and assembly are fundamental, they are not in their nature absolute. Their exercise is subject to restriction, if the particular restriction proposed is required in order to protect the State from destruction or from serious injury, political, economic or moral.''
More?
''The question in every case is whether the words used are used in such circumstances and are of such a nature as to create a clear and present danger that they will bring about the substantive evils that Congress has a right to prevent. It is a question of proximity and degree.'' --Justice Holmes
''[W]e think it necessary to add to what has been said in Schenck v. United States . . . only that the First Amendment while prohibiting legislation against free speech as such cannot have been, and obviously was not, intended to give immunity for every possible use of language. We venture to believe that neither Hamilton nor Madison, nor any other competent person then or later, ever supposed that to make criminal the counseling of a murder within the jurisdiction of Congress would be an unconstitutional interference with free speech.'' --Justice Holmes
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.
It's the peaceably part you broke.