Slashdot Mirror

← Back to Stories (view on slashdot.org)

Feds Admit Error In McDanel Security Case

Posted by simoniker on from the not-quite-on-the-money dept.

prostoalex writes "US federal prosecutors have admitted that an error was made in prosecuting Bret McDanel under the Computer Fraud and Abuse Act. McDanel discovered a security vulnerability on his former employer's server, and seeing that little efforts were put into repairing it, sent out e-mails to the customers of Tornado Development Inc. After the prosecution revised the court materials, they admitted there was no proof that McDanel intended to impair the system's integrity."

11 of 211 comments (clear)

  1. Cold comfort by Jonathunder · · Score: 5, Insightful

    Little consolation, after serving 16 months in prison, to be told that the prosecution was a mistake.

    But this is a country which has hundreds of people locked up, with currently no prospect of seeing their day in court, or even a lawyer.

    1. Re:Cold comfort by GreyPoopon · · Score: 3, Insightful
      Little consolation, after serving 16 months in prison, to be told that the prosecution was a mistake.

      Actually, it could be tremendous opportunity. Let's examine the possible outcomes. Disclaimer: IANAL.

      1. If the conviction is successfully appealed, he can then have his record expunged, so he no longer has to answer "yes" to the job application question "Have you ever been convicted of a felony?" That's a real multipler for success when seeking jobs in the future.
      2. Now that the federal government is "backing" his story of not intending to cause problems with the servers, he may be seen in a more amicable light by potential employers.
      3. I believe he now has amunition for lawsuits against both his former employer and the federal government.
      Having said all of that, I believe the feds should hang their heads in shame for being overzealous and making the mistake in the first place, but should be commended for admitting the mistake. That's a step up for our government.
      --

      GreyPoopon
      --
      Why is it I can write insightful comments but can't come up with a clever signature?

    2. Re:Cold comfort by Rick+the+Red · · Score: 1, Insightful

      Yeah, 16 months of anal rape might just make the Judge think twice the next time this subject comes up. But I think the prosecutors should also have to go to jail for 16 months, since it was their mistake.

      --
      If all this should have a reason, we would be the last to know.
    3. Re:Cold comfort by rifter · · Score: 4, Insightful

      The only thing about all of those linked stories is... they aren't American citizens being held in Guantanamo. However you feel about their detention in Cuba (of all places!), it really has no relevance to the post about due process. Non-American citizens have no inherant rights to a speedy (or any) trial in America.

      Actually they do, but currently the government is bending the law. Firstly, this country was founded on the principle that all men are equal and endowed by their creator with certain inalienable rights. People in other countries do not have a different creator.

      Historically, non-citizens in this country have enjoyed, in addition to rights granted by international law, many of the rights granted to US citizens. There have been cases where international law has been bent before, such as the refusal of states to notify the consulate of the country of origin of aliens sentenced to die as required by international law and as requested by the federal government, but there have never been abuses on the current scale.

      In addition, the "combatants" at guantanimo bay have not been clasified under any legal term because no matter how they were classified their current treatment violates their rights under US and international laws. If they are criminals they get a trial; if they are prisoners of war they get freed at the end of the war, etc.

      Also, there are people at Guantanimo bay who are technically citizens of the United States or a western democracy such as the UK or Australia. They are not getting the treatment usually afforded such citizens.

      On top of all of this, when our citizens get into trouble abroad there are often treaties in place which guarantee their rights, and outcry when those rights ae violated. Likewise when people from other countries get into trouble here. Such outcry often ends in some kind of compromise and these treaties are supposed to be enforced. They are not being enforced here and neither is there any compromise.

      Then there are the people who were rounded up and detained within the US. Most were non-citizens, but some were citizens. In these cases none of the normal due-process was followed (access to a lawyer, specific charges, etc etc) and neither have many of these people been released. As far as anyone can tell, there have been people imprisoned with no access to lawyers, no charges, no evidence, and no trial for over 2 years now. Numbers have ranged from hundreds to thousands because the administration is not admitting a lot and hoping people will just forget about the whole thing.

      The whole process is unamerican, antidemocratic, and is the doctrine of our very enemies; it needs to be stopped.

    4. Re:Cold comfort by Best+ID+Ever! · · Score: 2, Insightful

      Non-American citizens have no inherant rights to a speedy (or any) trial in America.

      They should if we're the ones detaining them, and we truly believe our laws are just. Deport them or charge them, but holding them indefinitely is wrong.

      "We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness. "

  2. do something that makes the suits look bad... by spitefulcrow · · Score: 2, Insightful

    and get thrown in jail? At least they admitted their error on this one. If someone pointed a flaw out in a system I was ultimately responsible for, I'd have him fix it and give him a bonus or something.

    --
    Sorry, my karma just ran over your dogma.
  3. Wrong use of the laws by chrispyman · · Score: 2, Insightful

    If I'm not mistaken, the intention of these laws was to lock up the so-called "script kiddies" and such who maliciously broke into and destroyed/exploited computer systems. This guy just published a vulnerability to the company's users, and while it may have damaged their reputation, they certainly didn't have much to begin with after not fixing that flaw.

  4. not trade secrets? by fireteller2 · · Score: 1, Insightful

    Boy this sure is a scary precedent. The obvious effect regardless of the end result is that lawyers will tell their clients not to expose security holes. Good for the government for admitting the mistake, but I do believe the damage is done.

    What I want to know is if I expose a weakness in someone else's code, how is it that I'm the one 'impairing the functioning' of the code? I didn't put the security flaw in there. However, I can see a bit of an argument that you are communicating trade secrets, why is that not the case the government took.

    I guess well be seeing fewer fixes to insecure applications from now on.

    fire

  5. Win the battle, lose the war by divide+overflow · · Score: 3, Insightful

    This seems like another example of what I would call a Pyrrhic victory. As long as the system can throw someone in jail for 16 months for doing something both legal and defensible then I see little reason to celebrate our freedoms.

  6. For those that didn't RTFA by ekephart · · Score: 2, Insightful

    The 16 months that he served constitutes the entire term of his sentence.

    "During his trial, prosecutors argued McDanel intentionally caused damage to Tornado's computer server by overloading it with too many messages and impaired the system's security by exposing its vulnerability to the public. A judge found him guilty of unauthorized access and sentenced him to 16 months in federal prison."

    It's sad that there is not better review of cases in this country. Federal prosecuters should be held to the highest standards. (cough, ashcroft) This is why my friends that many (myself included) do not agree with the current implementation of the death penalty.

    --
    sig
  7. Re:Been there done that by chgros · · Score: 2, Insightful

    Um, just because it's public record doesn't mean it's online.
    You have heard of paper, haven't you?

    A link doesn't have to be online. It could be a reference number, a place/date/whatever, or something of this kind.