Perl's Chip Salzenberg Sued, Home Raided

Chip Salzenberg writes "In April of this year, Health Market Science of King of Prussia, PA, told police that they feared I was misappropriating trade secrets. That very afternoon, police raided my house with a search warrant to seize every computer in the house, paper files, CDs, and DVDs... even my wireless router and cable modem!" Chip was the pumpking for perl's 5.004 release. Keep reading for his description of his current legal troubles, and for a shortcut into what he says prompted his former company's actions, read his letter warning about abuse of open proxies.

Chip continues: "The key evidence in the search warrant was so ridiculous as to be surreal: CVS logs indicating that I downloaded more than I uploaded, and that I sometimes accessed the company network from home. Apparently, for company management, the police, and a judge, working at home through a gateway the company set up for that very purpose, and refraining from editing every source file for every code change, is a sign of nefarious behavior.

My behavior in accessing the company network was entirely within my job description and in no way involved misappropriation of anything. For the more than two years that I worked at HMS, I used ssh and CVS to access company files with my laptop both from work and home, with management knowledge and approval.

What would lead management to such a sudden action? Days beforehand, I had made an internal report of unethical and apparently illegal behavior by the company: Use of open proxies for web harvesting to avoid blockage by web site operators. HMS apparently decided that working with me to address their use of open proxies was not an option.

Health Market Science is a large corporation with, compared to me, effectively infinite resources. My legal bills have topped $40K already over just two months. If HMS succeeds in tarring me with their false accusations, what's to stop your employer or client from doing the same to you, should your relationship sour?

Friends have set up GeeksUnite.net, an informational web site and Legal Defense Fund. The site includes the search warrant, my letter about open proxy abuse, and court documents.

Please contribute to my Defense Fund to fight this attack on the normal and legal work practices of millions of tech workers. Every little bit counts! If every person who visits the site contributes only ten dollars, that will make a huge difference. Only through community effort can we protect ourselves."

SS

ED

I'm the pimpking for our product!

[Radres]

WTF is a pumpking?

Re:I'm the pimpking for our product!

[cranos]

I'm guessing something like a release manager.

Re:I'm the pimpking for our product!

[ReverendHoss]

The person in charge of maintaining the Perl code used to have (still has?) a stuffed pumpkin they used to pass around. Project manager is a good parallel.

Re:I'm the pimpking for our product!

[ratajik]

Evidently, it's a pumkin head puking out a bunch of seeds: http://www.bewitchingways.com/images/pumpking.jpg

At least according to Google...

Re:I'm the pimpking for our product!

The superior officer of a Squash Squire?

Re:I'm the pimpking for our product!

[ivoras]

I see that the glorious art of asking the google first is nearly abandoned.
Here's the first hit: http://www.perl.com/doc/manual/html/Porting/pumpki n.html#Why_is_it_called_the_patch_pumpk.

Re:I'm the pimpking for our product!

[cratermoon]

Gosh, I could google it faster than slashdot will let me finish a post: http://catb.org/~esr/jargon/html/P/pumpking.html

Re:I'm the pimpking for our product!

LOL. Bet those seeds would make a mess of a tape drive.......

Re:I'm the pimpking for our product!

[blamanj]

In a company I used to work for, we had a stuffed bear that we used to synchronize large changes I you were going to do massive cvs checkin you had to go get the bear.

Re:I'm the pimpking for our product!

[Elwood+P+Dowd]

That is fucking hilarious.

Re:I'm the pimpking for our product!

[EnderWiggnz]

bah... the company that i'm working at has 5 engineers on a linux server with an IDE drive. if you rebuild the world, you yell "generating all packages", so everyone knows that disk IO is fubar'd for the next 10 minutes.

Re:I'm the pimpking for our product!

[Stankatz]

He probably assumed it was a spelling error. Remember, this is Slashdot; the "editors" don't actually edit anything.

Re:I'm the pimpking for our product!

[aminorex]

Perhaps that's why you have no social life.

Re:I'm the pimpking for our product!

[Hecatonchires]

Our finance department has afrog and an eeyore donkey. The frog is the f*ck up frog. When you f*ck up, you get the frog. The donkey says 'stop whining'. Picture an Ahnuld voice when saying that.

Uh...

If his version of events is true, then wouldn't there exist whistleblower protection laws he can seek refuge under?

Re:Uh...

[n0-0p]

Laws do exist, but the simple reality is that most whistle blowers still get screwed and are never able to work in their respective industry again. That's probably why he tried to resolve the problem internally first, although creating a paper trail exposing misconduct can scare management just as bad.

Re:Uh...

[jbolden]

The state of Pennsylvania has a whistleblower protection law for employees of public companies. Judges have tried to extend it to some extent to companies that recieve their revenue from government. That wouldn't apply in this case at all. The law explicitly does not protect Chip.

Re:Uh...

[Suicyco]

If you read the warrant, they just basically wanted their company property back because they were terminating him (from the sound if it). He has checked out stuff from CVS on his personal laptop which he was refusing to return. The company wanted to, rightfully so, remove from him any and all company source code.

No big deal really, I mean he did have company secrets at his home on his computers. They have a right to make sure the data is safe.

Re:Uh...

[soulhuntre]

See, there you go again... another person bringing facts into things.

You need to be screaming "big brother" and "intellectual property is bad for hax0rs!".

Re:Uh...

[EMN13]

Uhm... What kind of mumbo jumbo is that? Of course they don't have the right to seize your stuff just because they want their property back! It is, after all, a personal laptop... On the other hand, Chip doesn't have a right to keep the source - however, if there is a difference of opinion in that matter; that's for civil courts; not some sort of surreal grab what you can with police support action. This judge is apparantly not very well informed when it comes to technical issues.

It's really dubious that they're even allowed to fire him on such short notice; so this action definitely stinky... it's as if they're taking whatever actions they can to legally fire him on the spot and sink his ship as soon as possible.

That's unethical. It's also pretty unethical to not talk with him first. That's just pretty human-to-human standard, to first talk about any differences you may have.

It's possible they're intentionally keeping the legal situation as complex as possible to prevent him from having a chance. If they're really worried about the claimed source code leak, that makes no sense. Whatever the case; that too is fairly unethical.

So pretty much whatever the background is of their allegations - it's obvious they couldn't have any real evidence (a hypothetical source code leak which they're not sure exists is certainly not traceable to a particular user as all users get the same CVS code), and it's obvious they're generally being assholes just to make it hard for him to win the case - instead of focussing on their business; which they should be.

--Eamon

Re:Uh...

[Evil+Adrian]

It's really dubious that they're even allowed to fire him on such short notice; so this action definitely stinky... it's as if they're taking whatever actions they can to legally fire him on the spot and sink his ship as soon as possible.

Pennsylvania allows employers to fire at will. Don't need a reason. It's not dubious -- if you don't want someone working for you, fire 'em. If they're causing problems, fire 'em. I don't see how that's dubious. If you're the boss, you decide what happens at your company.

Re:Uh...

[Mycroft_VIII]

There are some cases where employees cannot be fired at will, even in at will states.
IANAL, but dismissing an employee for threatening to tell the authorities about illeagle acts in the company MAY violate whistleblower protection laws and others.
However I can't get at many of the docs on that site cause some idiot put them into pdf's instead of something reasonable. And I've quit wasting time on pdf's. Those on that site cause the acrobat plug-in for FF to bring my comp to crawl and effectively locks FF up till it's done. Not to mention pdf's take what is a 5k text document and turn it into multi megabyte piece of useless crap in some idiotic attempt to make a computer into book.

Mycroft

Re:Uh...

[Sajarak]

By that logic, it's within their rights to demolish his house as well, just in case he had hard copies hidden away somewhere.

Re:Uh...

[Soruk]

Why should that be a problem? I have my browser configured to open PDFs into gv.

Slowdown? What slowdown?

Re:Uh...

[Hal_Porter]

My Firefox comes to a grinding halt on pdf docs. Or it least it has started to recently. Quicktime too.

Just use the Open In IE extension to open them there. Or ditch Firefox for CrazyBrowser or similar.Then you can have a browser with tabs and pop up blocking but that actually manages to handle pdf and video.

Re:Uh...

[Sj0]

You couldn't just leave this as a story about a behemoth crushing the little guy like a grape, could you? :P

Re:Uh...

[Mycroft_VIII]

Even if adobe's plug in didn't do stupid things, PDF's are stupid (imho) idea with a poor implentation that I don't want to support.
A computer is different kind of medium than a book, just because they can both use text and pictures doesn't make them interchangeable. And creating a format that bloats text and pics to huge sizes in a braindamaged attempt to make a computer into a book is like fixing up a car to make galloping noises and crap on the road and require reigns to drive and cost 150% of normal.
It's a waste of bandwith and serves no real purpose other than to put $$$ in adobe's coffers.

Mycroft

Re:Uh...

[Mycroft_VIII]

It's not FF, it's the adobe plug-in that has issues with pdf's and takes up 99.9% of the cpu and locks up the browser.
It does the same in IE and I would be suprised to se it do that in any other browser adobe makes a plug in for.

Mycroft

Re:Uh...

ditch Firefox for CrazyBrowser or similar.Then you can have a browser with tabs and pop up blocking but that actually manages to handle pdf and video.

Of course, you lose things like the ability to handle PNG transparency and many web standards, including some that the IE rendering engine still doesn't support after nearly ten years as standards. (I'm referring to CSS1 here.)

I don't know about you, but I find the inability to visit many standards-compliant websites much more inconvenient than merely setting Firefox to launch an external copy of Adobe Reader when I click on a PDF link, which is what I've done and works perfectly. (I've never had any problem viewing video in Firefox, so you're spreading FUD there, by the way.)

Re:Uh...

[tricorn]

What, you'd rather have a bunch of GIFs packed up in a tar file or something? A PDF is a perfectly reasonable way of distributing pictures of pieces of paper, which is what these are. When I click on a PDF link, Safari downloads it and opens it in Preview, which takes about .5 seconds. The only time I have any problems is when people scan in documents in Adobe's version 6 or later format. In that case, I have to manually open it in Acrobat Reader 6 (Reader 6 and 7 are horribly bloated, and take several seconds to start up - fortunately, being a Mac, it doesn't close the application when I close the last window).

As a virtual printer format, it is not that inefficient. HTML generators are often much more inefficient (and aren't intended for the same type of thing - an invariant format, with invariant fonts, so we can all talk about "the 3rd line of the 5th page" - for simply distributing content, HTML makes more sense, except everyone tries to make HTML be invariant).

If you want to rail against a format, rail against idiots who put up .doc files (especially when the content is plain text), or use HTML in their e-mail!

Re:Uh...

[Mycroft_VIII]

PDF tries to be 'make a computer a book' format, and it's as proprietary as .doc except that it's a bit less obfuscated.
And most of the time it's used the same way online, to bloat text an order or three of magnitude in size.
Though I do agree html shouldn't be invariant, that completely defeats the purpose of html imho.
Using a pdf to bundle images together is the closest thing I've seen to a rational use for it, but that is not it's main use and some manage to even screw doing that up.
The fact that people use it to bundle images of text is just insane when it's a few pages. How about using some ocr software and running a spell check? You get a few k rather than a few megs and don't wast bandwith or need to use a booklike format to bundle the docs.
I understand in a few rare cases actual images of a document are what's needed, but I contend that a format designed for just that sort of thing would be a better idea.
And maybe YOU can download a multi-megabyte file in .5 seconds with adobe's brain-dead software. But that's not the case for everyone.
In fact that's (I suspect) the real problem. If the document isn't fully downloaded adobe sits there insisting it hog the cpu in a very multi-tasking unfriendly way. On slower connection this means if you hit a pdf link that goes to a file more than your .5 second in download time your browser is hosed and your computer brought to a crawl. This is braindead programming.
Frankly I've rarely seen anything that wouldn't have been easier to read and comprehend in eigther html or text. When 99% of the time a format makes viewing the content less intuitive and more difficult the odds are it's broken, eighter conceptually (as in trying to make a computer a book) or funtionally (as in bloats things way up in size or makes them hard to navigate/read). There is a tiny chance that it's just missused 99% of the time, but in that case it's not being targetted to it's proper audience.
As an aside I consider any software that doesn't stop running when I close it out to be broken, you seem to call this fourtunate because this break cancels out adobe's load bloat?!? If everything I ran did that I'd soon have all my memory(ram and virtual) taken up by programs I've supposedly closed.
Since Mac's aren't known for huge memory leaks or needing to re-boot more often than win95 I suspect a missunderstanding here somewhere.

Mycroft

Re:Uh...

[tricorn]

You close a Mac application explicitly. It doesn't just "go away" when you close the last window, as Windows applications almost always do. This means I can access menu items for that application without having to keep a window hanging around. A few applications where multiple windows wouldn't make sense close automatically when you close the (only) window, such as System Preferences. What this all means is that I can leave Acrobat Reader running (but idle) and not have to deal with slow startup.

Note that I'm not opening the PDF in a web browser page, I'm opening it in another application. The .5 seconds I was talking about was startup time for Apple's Preview viewer program (displays image files, postscript files and PDFs). While I'm downloading it (in the web browser, not in Acrobat - even with a plug-in, Acrobat isn't the thing doing the downloading), I'm not hung up at all. Perhaps you should get a better web browser or operating system!

As for these particular PDF files, I'm not sure what you're complaining about. They ARE images of pieces of paper, and they AREN'T all that big. The sizes are 146K, 175K, 267K and 312K. Compare that to around 100K for the front page of Slashdot.

If I take a small (20 bytes) text file and print it to a PDF, I get about a 5K file. However, almost all of that is header and font information. If I add 10 characters, the file size of the PDF grows by 10 characters. It grows by a bit more for a new paragraph or page. I agree with you that a raw text file is much better than a PDF if all you want is the text. However, if I've laid out a newsletter with flowed columns, images, different fonts and sizes and headlines and such, and I want to send it to you, what would you suggest? In a PDF, you can search the text, the layout is preserved, and the paging is preserved. There ARE uses for that sort of thing, there's a reason books aren't presented to you as long scrolls that you roll down continuously. A good layout makes things easier to read.

Re:Uh...

[Mycroft_VIII]

As far as the slowdowns to outright lockups I've seen that fairly consistantly in windows and linux over the last few years (using any adobe plug-in to browser, the straight viewer has had odd sluggishness on both platforms as well), if it's not so on Mac (I'll take your word for it) I would suggest it's case of third rate porting.
As far as what format to send dtp type documents in, almost any other works better imho. And the sort of layout you describe is for eventual paper production, not online information.
EVERY pdf I've ever dealt with was braindamaged somehow and usually no way to fix it. Like most websites these days.
Pdf is simply "here's MY layout, which foolishly imitates a book, and your stuck with it" most of the time anyway. Authors needless lock out all sorts of changes including c&p so I can't even copy it to notepad to change the idiot font.
If you want me to read it then put it in a format I can read or at least make readable.
I don't know about those sizes you list, but a few of those I gave MUCH more time (5 minutes or more on one) to download when slashdots front page (71k as I type this) took only a couple seconds.
Considering my browser is unusable and the rest of my computer sluggish (an amd3550+ with a gig of ram on a good socket 939 mb, a simple document reader shouldn't even be noticed, let alone drag everything to a crawl), I think 5 min is more than fair.
Like I said what's wrong with at least offering an ocr conversion? it'd be less than 100k for all the doc's most likely and MUCH more readable.
To be fair half of my loathing of pdf stems from adobe's brain dead programming (or porting as the case may be) and belief that it's o.k. to lock out the end user from viewing docs how he want's to and wrapping the whole mess in a bad emulation of a book with a craptacular interface.

I sorta thought the not closeing when closed issue was miss-communications. I'm used to closing the master window also closing the program in windows and linux. If you don't want to close a program but get it out of your way just minimize it or move it to another desktop or even iconize it. This way you've always got a clear indicator that it's running still (in theory at least, YMMV). I would hope Mac's provide some way to intuitively know when a program is or isn't still running after you close it's main window.

Mycroft

Re:Uh...

[tricorn]

With a PDF that isn't simply a screen image (as these are) you can cut & paste the text, the images, etc. (unless the person who created it set the bits telling it not to - which is plain obnoxious and stupid, I grant you). I don't know why downloading a 250K file would take 5 minutes when a 70K file takes a few seconds.

The Mac has "the dock" to show active applications (the dock can also have closed applications and documents and folders as you wish, but open applications are always on it). There's a little arrow next to active ones, and I can right-click on the icon to bring up a menu (including Quit and a list of windows). Remember, a Mac program has the menu bar at the top, not in each window, so I can switch to an open program without any windows and still do something. It doesn't make sense in the Windows context.

Pressing Command-TAB brings up a list of active applications. It's sort of the same as the Windows Alt-TAB, except it only shows one entry per application, not per window. So, I can have 25 windows open in Safari, each with 20 tabs, and only have one entry show up in Command-TAB. I can, however, bring individual windows in an application forward without bringing all of them (unlike in previous versions of Mac OS). This makes much more sense to me than to remember to minimize a window when I'm done with it rather than close it because it is the last open window (and now I have a window with stale content in it - I could, on the other hand, force myself to remember to open a new blank window, minimize that, then close the old window - but that is an awful lot of work just to keep the damned application from closing).

Mac programs just don't have a "master window", for the most part. While it wouldn't be a real problem to have Safari close when I close the last window (it takes less than a second for Safari to start up), it would be annoying to have to always go click the icon in the dock to re-open it whenever I want to close the current window and open a fresh one and it happens to be the last open window. It would also be annoying that I have to have an open window just to be able to access the menu bar.

Re:Uh...

[Mycroft_VIII]

I think I've opened all of three pdf's you could cut and past from, and quite a few you couldn't print from.
Adobe's own reader has a broken and kludged UI that won't remember all the settings in many version and has bad defaults. Excuse me, but WHY should it suddenly STOP in midscroll while I'm reading just to make me click somewhere else in a menu or some other extranouse action to get to the next page, that's idiotic, yet the default. And most of the time if you can change it it's still off next time you load a pdf. PDF tries to hard to make a computer act like a book, which is like trying to make a horse act like cat. STUPID.
As far as /.'s homepage loading faster (per KB) it's possible the sight was a bit /.'d, doesn't matter how it happened, the truth is adobe's reader munches every spare cpu cycle it can if it's waiting for the rest of the document, and quite frequently has 'sluggish' moments even when it's got the whole doc.
Quite simple PDF's are rarely suitable for use on a computer, usually lock you out of doing anything else with the default reader, based on the concept of making the computer a book (stupid), and the base reader is a broken kludge.
The fact is there are better formats for the various uses pdf is used for (unless deliberately pissing off users is intended), even the idiotic computer as book useage.

Well Apple does work hard at being distinct from the wintell world, fourtunately they do insist on still being user friendly.
However I will point out that 'last window open' makes it sound like most apps have multiple equivallent windows, they don't generly. If you have two top-level windows for a program open you usually have two instances of that program running. There is rarely any room for confusion between closing out a child window and the whole program itself.
It actually sounds like it could be confusing to have more than one window of a program open and it NOT be obvious which one is the program main window and which are secondary windows.
But then these sorts of things are largely a matter of what your used to, if all you've ever done is Mac then I would expect windows to be confusing, same going from linux to mac or windows to bsd and so on.

Mycroft

Re:Uh...

[tricorn]

Well, if you don't like Adobe's program, use a free alternative. The format is well documented and there are other readers available. I've had to live in a world where everyone tries to send me .doc files, so a PDF world is VASTLY superior. I agree that for many purposes, HTML (or a similar markup scheme) is better (although not HTML as the world has seen fit to use it in most web pages, that's just perverted).

What I don't understand is your railing against "book format". Perhaps you just have a lousy monitor, operating system and PDF reader, and have only looked at PDFs produced by morons. Almost all the time I haven't been able to cut&paste is because it is a scanned image, not text. I already agreed that having the capability to inhibit printing or cut&paste is obnoxious - with Preview, if I can print the PDF, I can print it to another PDF which doesn't have a cut&paste restriction.

There's only one instance of Safari, Terminal, Mail, Appleworks, TextEdit, Preview, no matter how many windows I have open in each. To an extent, I agree that "one window = one instance of a program running" has an elegance, but in practice I find I really prefer to be able to switch to Safari, then press Cmnd-N to open a new window, than to have to go find the icon on the desktop or in a start menu or in the applications folder in order to create a "new instance". If I'm in Terminal, there's no "main window". I hit Cmnd-N to open a new terminal window, and it doesn't matter if I already have one open or not (if Terminal is running). In fact, I can think of very few applications with a "main window" - Mail is close, but even there I can open up a SECOND instance of the "main window".

Re:Uh...

When papyrus and parchment first appeared, their inventors did make them into scrolls. That must have seemed the most natural way to read. We use bound folio books because they're easier to manufacture and repair, not because we think page boundaries are meaningful in the text.

As for preserving layout, that's only useful if the layout matches the size and shape of my monitor and the health of my eyesight, which never happens. I always have to choose between having to scroll four times per "page" or teeny-weeny eyestrain-o-vision with margins wasting huge spaces. Sometimes some damn artiste uses columns, and I have to scroll up, right, and down six times just to see two screenfuls of text. A good layout is one I can adjust (like my browser), because unlike dead trees I can't just move my display as needed.

Re:Uh...

[mink]

Don't they need to be developing a bypass or something to knock someones house down?

Am I missing something?

[winkydink]

You accuse the company, in writing, of illegal and immoral acts, yet you don't resign? What did you think they were going to do, make you an SVP?

Re:Am I missing something?

[danikar]

Maybe he is waiting for them to fire him so he can collect his unemployment =)

Re:Am I missing something?

[dolphinling]

For the more than two years that I worked at HMS,...

That's in the past tense, so I'd expect he was already gone from the company when this happened.

Re:Am I missing something?

[winkydink]

Read the timeline on the website. It sure doesn't look that way.

Re:Am I missing something?

[mcc]

What did you think they were going to do, make you an SVP?

If it were me? Well, there would be a wide number of possible responses I could expect from the employer, but producing false information to police and courts to produce illegitimate legal action and have my private property unreasonably seized-- property which I may or may not ever see again once it disappears into the "evidence" system-- is not one of them.

Anyway if he had resigned how would it have helped him one iota? He'd still be facing a frivolous and expensive lawsuit and have all his stuff jacked.

Re:Am I missing something?

[IthnkImParanoid]

IANAL, and I know this varies by state, but this kind of retribution and harassment for filing a complaint may be very illegal, and the company may have opened themselves up to liability for it. I know reporters of sexual harassment or discrimination are protected from retribution, and it would be interesting to know what protection a whistleblower for unethical behavior has under state and federal laws.

Regardless, no one deserves this treatment for stating their beliefs the company is doing something wrong.

Re:Am I missing something?

[dolphinling]

Eeeh.. Slashdotted. What's it say?

Re:Am I missing something?

[caryw]

Yes but how is it that a judge or magistrate (I'm sure under intense pressure from the police department) will issue a search warrant without hard evidence of any illegal activity? Strongarm tactics like this are what is wrong with our judicial system today.

This is your tax dollars at work!
--
Fairfax Underground: Fairfax County and Northern Virginia message board

Re:Am I missing something?

[winkydink]

It's a lot easier to prove the company is acting maliciously against you if you:

1) Quit
2) Write your accusatory letter

order is important here.

Doubly true if you have to sign something styating you are retaining no confidential information when you leave.

Re:Am I missing something?

[lpret]

There are so many better ways to be a whistleblower and be protected from retaliation. However, before you attack a company (even rightfully so) lawyer up and make sure you have all your ducks in a row so that this type of retaliation doesn't occur. Or use an anonymous source such as ethicspoint.com. While this may seem a coward's path, it in fact can save your job.

There is still hope for the legal system. Title VII, the FLSA, and I believe all state laws have anti-retaliation language that protects you. Go to your local attorney general's office and see what you can do.

However, as others have said, if you do all of the above and management still does nothing -- get out! The best that can happen is you get a small blurb in the WSJ and worst case is that you'll be forever branded a snitch.

Re:Am I missing something?

When a company breaks laws due to commands by management, you don't report it to the same people who blessed the practice in the first place!
Accumulate evidence, assist law enforcement with an undercover investigation, and blow the whole place apart.

Re:Am I missing something?

[Bryansix]

You do not get unemployment when you are fired. I worked in HR for a while and I denied many people unemployment claims who were fired.

Re:Am I missing something?

[SirSlud]

The problem is that some people just want to see the right thing done, rather than just walking away from illegal or unethical behaviour.

I know, it sickens me too.

Re:Am I missing something?

[toddbu]

Strongarm tactics like this are what is wrong with our judicial system today.

Actually, what's wrong with our judicial system today is that not enough people take interest in it. How many people take the time to do the research on judges before going to vote? Since most judicial races are non-partisan, it can be difficult to tell if a judge shares your political leanings. So people vote for judges (and legislators for that matter) because they recognize the name from a sign that they saw on the way to the polls.

If you don't like the system then work to change it. Find tech-friendly judges and then run around town putting up their signs on election day.

Re:Am I missing something?

[waveclaw]

Anyway if he had resigned how would it have helped him one iota? He'd still be facing a frivolous and expensive lawsuit and have all his stuff jacked.

Well, aside from the wrongfull lawsuit, if he had resigned under threat he could have applied for unemployment benifits and get his employer embroiled in arbiration (a free and apparently abritrary by some standards method of dispute resolution.) Not only would that help tie up the company and give backing to his (potential) counter-suit, but he might make some money to help with the bills.

<PARANOIA>
Finally, if I were a high-profile FOSS developer, I'd invest in a wireless adapter and a decent SOHO SAN box. Put that baby inside a wall with a UPS. It's impressive what you can do with a drywall knife, some 12 gauge homegrade wire, and a decent amount of drywall patch. Let them raid all his stuff, his data would have had remained 'safe' and all his HD's clean (save any cache/tmp/~ files.) Hell, get paranoid and setup the SAN to re-encrypt the drives and shut off if certain files aren't touched every X minutes.

Chip's problem now is that 100% of his admissable evidence is in the hands of a known immoral and hostile agent. There is no practical way to back up his claims without more money. Any 'evidence' he gets back from those machines may be unreliably tampered after the police's uber-windows nerd gets done trashing his probablly non-windows boxen.
</PARANOIA>

Save Chip, Sink Heath('s legal team)

Re:Am I missing something?

[gomiam]

...he essentially blackmailed his employer...

And, pray tell, where is the blackmail? I have read this letter and it just states what HMS was doing and its being illegal. Asking the company to stop doing it, refusing to cooperate on it, and warning on telling the authorities amounts to blackmail now? I guess there's this hidden paragraph where he asks for money or some other compensation. When you find it, please tell me. Until then, your blackmail charge falls flat.

Re:Am I missing something?

[DShard]

one comment about two... make sure it is to the DA and anonymous.

Re:Am I missing something?

That's true. Someone I knew blew the whistle on major timesheet fraud by a big IT government contractor, and they tried to destroy him for it. He sued for wrongful termination. Filing frivolous or false criminal charges is even worse.

Not sure about what protection he has. The whistleblower protection laws we have apply to reporting government fraud and waste.

Re:Am I missing something?

[Romancer]

How do you blackmail an employer by filing an internal memo that can be traced by anybody in management? Blackmail requires some basic form, what's the threat and what's the demand?

It's more plausable that the company feared the files that would prove that they were breaking the law were copied on his home computers and made something up with their lawyers to get his computers for "imaging". He might or might not have been planning on going public, but their reaction is totally over the top. We'll see if any of the computers come back formatted. :)

Re:Am I missing something?

[gomiam]

Perhaps it is moderated that way because the poster is not "absolutely correct". Read the rest of posts and notice resignation isn't needed. If HSM took the right path, and stopped their illegal harvesting, why shouldn't he be able to keep working at it?

I don't know where winkydink or you work, but where I work, jumping the law is frowned upon. Perhaps yours is a more "permissive" workplace.

So, whether logged in or not, whether on topic or not, the comment makes no sense and borders insult. I don't know if moderating as a Troll is the right one, but it looks much closer to the good one than Flamebait or Offtopic, to name two.

Re:Am I missing something?

[oliphaunt]

Deserves? No. Expects? well, that's another matter entirely. If you've already confronted the founder of the company and pointed out that the business practices that he himself WROTE THE CODE to perform are, in fact, illegal... and he didn't seem shocked and appalled by that news... then odds are, he's already well aware of the legal status of his company's activities, he's a (wealthy? powerful?) unscrupulous bastard anyway, and won't mind squashing you like a bug if it keeps things just the way they are.

honestly, people- if your company's financial success is built on illegal behavior, and the guy who owns the majority of the company set it up to be that way, why would you think he's going to change anything just because you were bright enough to notice? The best you could hope for is that, when you try to blackmail him into splitting the profit with you, it's not just cheaper to have you killed.

Picture this: Vince Coll walks into Dutch Shultz's office.

Vince: Hey Dutch, I've been thinking.
Dutch: That's a dangerous habit.
Vince: You know, this Prohibition thing? That makes alcohol illegal right?
Dutch: Yeah.
Vince: So, all this beer we're selling, that's illegal too, right?
Dutch: Yeah. That's why we make so much money.
Vince: Well, I don't feel so good about breaking the law.
Dutch: I don't like where you're going with this.
Vince: I think maybe we should, you know, stop?
Dutch: Don't make me shoot you in my office.

I can understand why Chip had the moral problems that he did, but he sure picked a naive way to try and resolve them. There IS a federal whistleblower statute, so if he went to the Feds with his first letter he would have been legally protected from retaliatory action from his employer... but keeping your job after you've turned them in doesn't do you any good if the company's only revenue stream depends on illegal activities.

Re:Am I missing something?

[NitsujTPU]

Wow.

I would have asked to be placed under protective custody by the police. I've known the kind of messed up people who would do this sort of thing. When they are in charge, there is no depth too deep for a company to sink to.

Re:Am I missing something?

[IthnkImParanoid]

I really don't care about what's "expected" in this situation, and I don't care whether he was naive in his approach or not. What I care about is that if a company retaliates against someone for pointing out unethical behavior, files fradulent charges, and drags him through legal and financial hell, that they get their ass nailed to the wall.

(This is based entirely on conjecture. None of us really know what went down for sure.)

Re:Am I missing something?

[jbolden]

The newspapers don't do the research on judges. For minor offices I go by endorsements. I can't even get endorsements for most judgeships. How is the average person supposed to get this information?

Re:Am I missing something?

[chrisah6]

Threats? Where do you arm chair lawyers get this crap? He brought this to the attention of management through a memo and stated he would have nothing to do with it and report it to the authorities if it didn't stop. That is a threat? Next time someone does something illegal and you know about it, don't say a word. Then when that person gets caught you tell the authorities that you knew what the person was doing all the time but you didn't think it was any of their business. Then let you know what happens.

Re:Am I missing something?

[Mac+Degger]

A better way would be for mandatory sending of voting-histories to voters. Second best would be to get the (local) newspapers to print those voting histories.

I'm actually surprised that the later isn't SOP...but then again, when was the last time the media was used to inform people?

Re:Am I missing something?

[databyss]

He made no veiled threats. The company was doing an illegal practice. He said "you shouldn't do that, and it's my ethical responsibility to report it to the authorities if you don't stop it."

He made an internal memo to save the company from public embarassment. He didn't make anything public until they had raided his house.

Re:Am I missing something?

[iamwahoo2]

Auditors find poeple commiting crime withing organizations all the time. That does not mean that they should quit their job. The same goes for anybody who finds something wrong at their company. You report it to the proper authorities and do what is right. Quitting his job would be exactly what the wrong-doers would want.

Re:Am I missing something?

[iamwahoo2]

Just because a few peoople within the company are doing somethings wrong is not a good reason for quitting. The last thing you should do is quit, ecspecially if you are determined to fix the problem. If you quit, the acts will look retaliatory.

Re:Am I missing something?

[frost22]

please give more substance. According to the web site Salzenberg reported the issues to CEO and COO. That is absolutely normal and correct in a company of that size.

I did comparable things numerous times - reporting upwards as far as I reasonably could what I considered unethical or criminal behaviour.

Why th f** do you claim he made threats ? Is it a threat already to tell Mr CEO that his company is breaking the law ? Is a CEO entitled not to be told such things because it breaks his plausible deniability shield ??

You awfully sound like a f** paid shill for that criminal slimeball CEO.

Re:Am I missing something?

[iamwahoo2]

Wow, an internal practices website sounds like the perfect place to discuss internal practices.

Re:Am I missing something?

[I_Human]

Where do you live? In the state of Ohio any early termination/unexpected termination other than when caused by a conviction of some sort earn unemployment compensation. Of course there may be some other cases, IANAL..

Re:Am I missing something?

[soft_guy]

I always vote against incumbent judges. If everyone did that, then at least bad judges would get turned out after one term.

Re:Am I missing something?

[CAIMLAS]

Seems to me that this might fall under the grounds of railroading, harassment, blackmail, or any number of other unethical items. Seems to me that, once the criminal charges are over (are there any?) he'll have the grounds to sue them for millions (not to mention potential legal reprecussions): for falsely representing evidence, for lying to cops, using the law to their own ends, ruining his name and reputation, for taking his property, and functionally preventing him from working (due to the legal charge). It might even direly impact his career in the future.

There isn't a single ethical computer science professional in the world (professors, lauded scientists, hell, even LW or LT) that wouldn't hesitate to come to his defense as an expert witness, I imagine.

Re:Am I missing something?

Well said :P
DerekLyons, you're a dumbass

Re:Am I missing something?

[iamwahoo2]

This is a good point. If federal law has been broken here, why hasn't he gone to the FBI? That obviously would have taken care of where the computers went as the FBI would have taken them.

Re:Am I missing something?

[larry+bagina]

in most states, you can only recieve unemployment if you were terminated without cause. If they had a reason to shit can you (incompetency, bad odor, you spent all your time pulling your pud and reading slashdot, etc) you're out of luck.

Re:Am I missing something?

[ChrisMaple]

He'd already informed his employer that they were acting illegally and immorally, and they refused to do anything about it. At that point, the employer is identified as psychopathic and there is nothing that should not be expected of the employer.

Re:Am I missing something?

[swimin]

In my town I already know anyone who would run for judge, I go by that.

Re:Am I missing something?

[Fulcrum+of+Evil]

if I were a high-profile FOSS developer, I'd invest in a wireless adapter and a decent SOHO SAN box. Put that baby inside a wall with a UPS.

Because that wouldn't look suspicious at all if they ever found it. Also, you'd be doing drywall and paint work every time the stupid thing ate a disk.

Chip's problem now is that 100% of his admissable evidence is in the hands of a known immoral and hostile agent. There is no practical way to back up his claims without more money. Any 'evidence' he gets back from those machines may be unreliably tampered after the police's uber-windows nerd gets done trashing his probablly non-windows boxen.

Which may not be an actual problem. Given the company's apparent bad faith, it could be argued that all evidence is tainted as a result of the state's mishandling of it, therefore it could be assumed that there was exculpatory evidence, even if it is no longer present.

Re:Am I missing something?

[toddestan]

Because that wouldn't look suspicious at all if they ever found it. Also, you'd be doing drywall and paint work every time the stupid thing ate a disk.

I would just do one of those crazy case mods. Something like a mini-ITX board with wireless in a clock radio or something like that. That way, it would be easily accessible and he could leave it in plain sight and it would likely be passed right over. If they do happen to find it, he could claim he's into case modding on the side.

Re:Am I missing something?

[boots@work]

And before you even do that, see a lawyer! Work out what risk or protection you'll have, what your liability may be to the company, whether you should resign first and if so how, and so on. Remember the prosecutor and police will not always act in your best interest.

Re:Am I missing something?

[NutscrapeSucks]

and report it to the authorities if it didn't stop. That is a threat?

Yes, that is a threat. By definition.

English. Learn it, love it.

Re:Am I missing something?

[Arker]

Actually what he did was write senior management about the illegal and immoral practices he had discovered in the company, in private, in the hopes they would put their foot down. Instead, they sicked the police on him.

Could I have predicted the outcome? Yes, but that's only because I'm a cynic, and we're rarely wrong. Any idealists left in the audience should definately be up in arms over this.

Re:Am I missing something?

[neomajic]

You've proven nothing other than you're a complete dickhead who works in HR. Here's a question for you: What are the criteria for collecting unemployment then? I was fired from my job in 2001 and managed to collect unemployment for a year. Good thing you didn't work there.

Re:Am I missing something?

[soulhuntre]

Yes, that is a threat. By definition.

Thank you, someone had to say it.

Re:Am I missing something?

I read the affadavit, and I saw no legal basis for the seizure of this man's property. This was one step above an anonymous tip. I imagine the conversation might have been like this: Mark Brosso: "Look! This guy that we've employed for 2+ years at a job involving software development has been transferring data to and from our network using our computers! He's a thief! Seize him!" Affiant Det. Al Elverson, Jr: "Er, didn't you, his employer, issue him the computer and the account? Wasn't it his job to access your computer network? Didn't his job involve transferring data? If you wanted him to stop, why didn't you deactivate those? Do you have any EVIDENCE that what he downloaded was outside the normal course of his work? Can you prove to us that you have even informed him that he is no longer authorized to access the data? Can you prove that any of your trade secret information has been disclosed to ANYONE? So, you have a SUSPICION that a person who you employ MIGHT have trade secret information on his company laptop, or on removable media... which isn't illegal, since he hasn't DISCLOSED it... and you want me to bring the force of the law in to seize private property? I think I can find a judge that will do that..." Judge: "So, you have no evidence of any actual wrongdoing, and you want me to sign a warrant to seize private property? Sure! Where do I sign?

For, who the good fortune to be able to vote AGAINST someone who would issue a warrant for the seizure of computer equipment based on the affadavit of someone who couldn't even use a word processor to edit the request (see for yourself! It's obviously copied from a drug-related case, with the drug parts CROSSED OUT), without any actual basis of suspicion other than one man's un-sworn complaint against another, the issuing judge is the Honorable Jeremy Blackburn. Remember that when his term is up. Unfortunately, I think his district is in Chester County (where the property was seized), not in Montgomery County (where Salzenberg works, and where I live), so I don't think I get to vote for him.

Re:Am I missing something?

[DerekLyons]

Threats? Where do you arm chair lawyers get this crap?

By actually reading the memo he sent. Right in the last line he threatens legal action.

Re:Am I missing something?

[the_mad_poster]

You're not real clued in to how criminal investigations work, huh?

When the police find something "suspicious", you don't just say "oh, I have this perfectly plausible excuse which sounds highly improbable to technical incompetents like you" and walk away. Trust me, I know. I had to jump through some pretty ridiculous hoops with a detective once just to prove that it was not, in fact, uncommon for a brand-spanking new hard drive to appear "wiped".

The justice system is a misnomer. It's not a "justice" system, it's a "legal" system. Justice would imply that all parties are acting in an informed, responsible, and full-capacity manner, which is probably the sickest joke one could make about our incompetent, bungling court system.

Chip Salzenberg is fucked. You would be fucked if you tried to right off your little hidden system with that excuse, and you'd probably get charged for trying to interfere with the investigation and giving false information to the police if you used it.

Re:Am I missing something?

[Arker]

It's simple.

If they're on the ballot, they have already sold out.

Hey, I said it was simple, I didn't say it wasn't depressing.

Re:Am I missing something?

[general_re]

In the state of Ohio any early termination/unexpected termination other than when caused by a conviction of some sort earn unemployment compensation.

Not true. If you're fired for cause, or you quit without cause, you're ineligible to receive unemployment compensation. Even in Ohio ;)

Re:Am I missing something?

[general_re]

You do not get unemployment when you are fired.

That's not exactly true - not often enough to be a general rule, anyway. The general rule is that if you can show that you were fired without just cause, you can still receive unemployment benefits in most states. If you're fired because you don't do your work, or you're late all the time, or you're generally incompetent, you likely won't be eligible to receive unemployment. If you can show that you got fired without such just cause - for example, you get fired because you refused to break the law when directed to - you will almost surely be eligible for unemployment benefits. The catch is that it's usually up to the fired worker to show that the termination was unjust.

Re:Am I missing something?

[mcrbids]

Because that wouldn't look suspicious at all if they ever found it.

It's HIS stuff. HIS box. HIS wall. Having computers in the wall is not illegal (not sure, it may be against the building code in some areas, but it'd be a stretch)

What's to be suspicious of? I've considered putting one or two of my main (home-based) systems in an obscure cabinet (that looks like an Air Conditioner) in the cellar instead of out in public view, just to deter theft.

Also, you'd be doing drywall and paint work every time the stupid thing ate a disk.

That'd blow. I'd suggest the obscure cabinet in the cellar, first.

Re:Am I missing something?

[Fulcrum+of+Evil]

What's to be suspicious of?

You've got a computer in a hidden place. Any cop will call that suspicious as hell. If they come by to round up all your computers and it turns out that you've done this, they may arrest you.

Re:Am I missing something?

[patmoore]

Many laws are written that allow for actions that occur *before* the event resulting in legal action (examples: shredding documents, moving money overseas, creating bankruptcy law-proof trusts, etc.)

They can't arrest you unless they can prove that you hid the computers after being made aware that your home would be searched. But hidding computers: I am thinking about doing this from a theft protection and fire protection perspective.

Re:Am I missing something?

[ShawnDoc]

The problem with voting histories for members of congress, is that final bills that get voted on are very complex and often contain content that goes against the title and summary of the bill. You know that the person in question voted against the "Feed the Orphans Act of 2003", but you don't know why. Were they against feeding orphans? Or did someone amend the bill to include language to make it illegal to wear pink on Thursdays? There are so many bills that start off good, generate good buzz, do good things, and then either get gutted or have so much crap added into them before the final vote that they no longer do any good.

Re:Am I missing something?

[ShawnDoc]

But would a lawyer have helped? I don't think so. They didn't go after him for the content of his letter or anything he actually did. They trumpted up some charges and sicced the police on him. How would a lawyer have protected him from that?

Re:Am I missing something?

[DerekLyons]

He made no veiled threats.

And I quote from his letter:

And in order to protect myself from the repercussions of HMS's illegal and immoral activities, I am carefully considering my legal options, including notifying the appropriate authorities.

That my friend is a threat. Period.

He said "you shouldn't do that, and it's my ethical responsibility to report it to the authorities if you don't stop it."

Certainly he said that - the problem is that he went beyond that and threatened legal action and announced he would no longer perform his assigned duties.

Re:Am I missing something?

Police File Note: When we go and raid waveclaw's house, we have to smash open all the walls. We heard a rumor that he's got computers hidden in there.

Re:Am I missing something?

[boots@work]

Well, I'm not a lawyer. But they perhaps might have told him any of these things (I don't know which):

"Take out these sentences, it sounds like you're threatening them."

"Resign first, make absolutely sure you have none of their information on your machines, then send this."

"Don't warn them, just contact the DA."

"Don't be a hero, just resign and keep your mouth shut."

"Make a statory declaration of the facts first, and give me a copy of the documents."

Re:Am I missing something?

[FurahiVSZuri]

Fire protection? Isn't that more like fire hazzard?

Re:Am I missing something?

[ShawnDoc]

"Take out these sentences, it sounds like you're threatening them."
But he wasn't busted for threatening them. Do you think a friendlier tone really would have made much difference.

"Resign first, make absolutely sure you have none of their information on your machines, then send this."
How would that have helped? They would still have sicced the police on him, and he still would have had his computers confiscated. And would a lawyer really have guessed that his employer would sic the police on him? I doubt it.

"Don't warn them, just contact the DA."
Do you think the DA would have cared? They're too busy with murder, drugs and the like to care about some computer crime they probably don't even understand . Besides its easier to convict joe blow criminal than it is to go after a company with their staff of lawyers.

I think its also clear that his hope was that upper management was unaware of the legality of what was going on and hoped they would fix it. He obviously hoped to keep his job. "Don't be a hero, just resign and keep your mouth shut."
That's advice I'm sure he got from many people.

Re:Am I missing something?

[singleantler]

I think having a hidden / obscured computer in the house isn't the way to go - it could be found and could be seen as suspicious, plus if they ask if there is any more equipment in the house and you/he says "No" then they find out there was, you're in big trouble immediately, even if the original case is bunk.

So, just use an off-site backup service. It's completely understandable why you would have one: in case your house burns down and all work is lost. You can give up all the computers in your house so they can be checked for evidence, then go and buy a new one and get all your work back immediately / over a few hours.

Re:Am I missing something?

[Mac+Degger]

Yup, I do realise that. However, don't you think it would raise the level of debate if the politicians, knowing how bad it looks to have voted against "Feed the Orphans Act of 2003" would actually have to explain, on air/in print, why exactly they did so? They'd actualy be forced to do so....you know, speak on the actual issues?
It might even stop politicians from clouding bills with irrelevant clauses by tacking on pork, if they knew that the next election, their opponents would [be forced to] explain to the public that they couldn't in good concience vote for "Feed the Orphans Act of 2003" due to the clause the other guy added which ordered a swimming pool to be created in his backyard with taxpayer money.

Now I know that such debate does, sometimes, go on...but most of the time it's character assasination which goes on in the mainstream media, and voting history and it's reasoning behind it is largely glossed over. And I don't get that they actually get away with that.

Re:Am I missing something?

[siliconbunny]

I think what's wrong is the election of judges. To any lawyer observer from another common law country (like me), it just seems unbelievably wrong.

If you have to put yourself up for election, you will be deciding cases with a view to what potential voters -- really, just people mobilised by issue organisations, given how uninterested the average member of public is about voting --might think. This is either playing to mob mentality, or playing to vested interest groups. Either way is a recipe for bad judging.

The whole point of judicial independence is that judges will only feel free to take courageous decisions, and to avoid knuckling under to the government in power at the time, in particular, if their jobs are secure. That is, they can't be fired, and they can't have their pay reduced so much that they have to quit. Having to be re-elected to office is very much a serious job insecurity.

I would hate to have any of my legal rights determined by a judge with an eye on the opinion polls, the lobbysists and the millions of dollars in the bank accounts of sleazy, smoke-filled backroom operators itching to replace them if they decide cases in a way of which they disapprove.

I know plenty of judges in a number of countries, and have been employed by one at a court. Invariably they are horrified by the system of election of judges. Basically: they cannot see how many elected judges would feel comfortable taking an unpopular decision. Unpopular decisions being ones that (i) are against the prevailing mob mentality at the time and (ii) invariably turn out to be correct when viewed after the event, when passion and emotion has cooled, and what is left is the objective facts.

We've seen what playing to voters does to politicians. Why inflict it upon the judges too -- who are usually the ones who have to keep the politicians in check?

Re:Am I missing something?

[I_Human]

I stand corrected ;) And I'll keep that in mind during my next job :P

Re:Am I missing something?

[surprise_audit]

blockquote> We'll see if any of the computers come back formatted.

Formatting may be the least of his problems. If they really want to screw him over, they'll "find" something nasty, like kiddie pr0n, and he won't be able to prove it was put there *after* the computers left his control.

Re:Am I missing something?

[Vitus+Wagner]

No, it is not an option. They can use some magnitometer or radio-wave detector to find out that here is operating electronic equipment inside the wall.

There is much better thing to do - if you are high-profile OpenSource developer, you obvoisly have people all around the world, which know you and respect you.

So, just ask some of them, who are living in different jurisdictions (preferrably reasonable powerful countries, like Russia, China or India, where US wouldn't risk to send naval squadron just to seize your data) to keep your backups. Do the same for them. Of course, backup files should be encrypted and secret keys kept in the pocket of data owner, so if US police seizes you computer, they wouldn't get hold of my implementation of Russian cryptoalgorithms.

Keys should be backed up in different jurisdiction too. Say, you are in US, your data in Russia and your key to access them - in China.

Re:Am I missing something?

[Hal_Porter]

I know plenty of judges in a number of countries, and have been employed by one at a court. Invariably they are horrified by the system of election of judges. Basically: they cannot see how many elected judges would feel comfortable taking an unpopular decision. Unpopular decisions being ones that (i) are against the prevailing mob mentality at the time and (ii) invariably turn out to be correct when viewed after the event, when passion and emotion has cooled, and what is left is the objective facts.


I'm sure unelected kings would have used the same argument about electing presidents back in the 18th Century.


Unpopular decisions being ones that (i) are against the prevailing mob mentality at the time and (ii) invariably turn out to be correct when viewed after the event, when passion and emotion has cooled, and what is left is the objective facts.


You're working on the assumption that there is a small group of people who can see the objective facts, and a mob of people who can't aren't you?
I think this is elitist crap. No group has more insight than any other group, they just think they do. Even worse, the better educated tend to have more of a weakness for fashionable but impractical ideas, so they may well have less. E.g. look at the reaction to Stalinism by British Intellectuals. You're far better off giving everyone a say and letting the errors average out.


We've seen what playing to voters does to politicians.


Yeah, it makes them equate happy voters with keeping their job. You're a voter too remember.

Re:Am I missing something?

[databyss]

I said he made no veiled threats. That, my friend, is an open threat. My comment was in reply to the parent to my post who said he made veiled and open threats.

"the problem is that he went beyond that and threatened legal action and announced he would no longer perform his assigned duties."

Threatening legal action is what I said he did. He didn't go beyond what I said. Like it was even in the line you quoted from me. How did you miss that?

You suck as a troll.

Re:Am I missing something?

[Tim+C]

When the police find something "suspicious", you don't just say "oh, I have this perfectly plausible excuse which sounds highly improbable to technical incompetents like you" and walk away.

That'll be because the first thing the bad guys do in that situation is either claim ignorance, or trott out a prepared excuse.

The police can't take everything they're told at face value, or they'd let everyone go. Yes, it sucks when you're on the receiving end of it, but what's the alternative?

Re:Am I missing something?

[Thomas+Shaddack]

You may also hide the machine in a box hidden underground in your backyard. Not only it will be safer from the fire perspective (power supplies are a royal pain these days), you can also swear that there is no more equipment *in* the house. It should also give a limited resistance against fire in the house. For extra sensitive files, you may have a computer hired offshore, with an encrypted drive mounted via NFS/VPN or WebDAV.

Re:Am I missing something?

[Hal_Porter]

Chip Salzenberg is fucked. You would be fucked if you tried to right off your little hidden system with that excuse, and you'd probably get charged for trying to interfere with the investigation and giving false information to the police if you used it.

Well said. Otoh, I sense that something very nasty happened to you to teach you how expensive and time consuming the legal system is once people get to stage of threatening law suits.

What can say. Chips's about to learn this for himself, poor bastard.

Re:Am I missing something?

[YouHaveSnail]

Chip's problem now is that 100% of his admissable evidence is in the hands of a known immoral and hostile agent.

Perhaps, but if he can get some traction with, say, the attourney general in Montana or elsewhere then HMS may suddenly find its own hardware siezed. HMS, if it's as guilty as Chip says it is, cannot go from very dirty to crystal clean overnight. They can't cover up everything they've been doing.

I suppose the open source community might even lend him a hand. Why not set up a few machines that look like open proxies, get them listed wherever these things are listed, and wait for HMS to come to us? Log all traffic from HMS and find out whether or not they're still ignoring ROBOTS.TXT. That sort of thing would be fairly inexpensive and would provide exactly the kind of evidence that Chip needs to back up his allegations. It could also be used by every website that HMS illegally harvests as the basis for a law suit.

Re:Am I missing something?

[rpresser]

I think what's wrong is the election of judges. To any lawyer observer from another common law country (like me), it just seems unbelievably wrong.

For what it's worth, not all states of the USA elect their judges, and no federal judges are elected. I for one live in New Jersey, an appointed-judge state, right next door to Pennsylvania, an elected-judge state, and I've always shared your opinion of judge elections. I'm not even sure the DA should be elected.

Re:Am I missing something?

[rhaas]

Of course, unelected judges are not much better, since they can make decisions with which the vast majority of citizens disagree, and you can't even vote them out of office. If you don't elect your judges, their decisions won't be biased by the fear of not getting re-elected, but that doesn't mean they'll be unbiased. In fact, it may very well mean that they'll use their seat on the bench to push their own personal agenda.

Re:Am I missing something?

[snorklewacker]

> However, don't you think it would raise the level of debate if the politicians, knowing how bad it looks to have voted against "Feed the Orphans Act of 2003" would actually have to explain, on air/in print, why exactly they did so?

Hopefully they'd do better with their explanations than Kerry did. I must admit, "I voted for that bill before I voted against it" was amazingly succinct. He even went on to say why he, uh, flip-flopped. But he hopped in the coffin and handed Karl Rove a nailgun.

So frankly, it doesn't really matter what you say, why you say it, or who you say it to. It's about how well you can rally vast masses of functional illiterates to your cause of ... whatever.

Re:Am I missing something?

[Marc2k]

Booooo, I'm from Lehigh County, and I have a bunch of politically active friends from MontCo. I'm actually pretty disappointed it transpired in Chester.

Re:Am I missing something?

[Chibi+Merrow]

I would hate to have any of my legal rights determined by a judge with an eye on the opinion polls, the lobbysists and the millions of dollars in the bank accounts of sleazy, smoke-filled backroom operators itching to replace them if they decide cases in a way of which they disapprove.

And I would hate to have the fate of my nation determined by an individual accountable to no one that has no fear of reprisal should he or she decide to push their own agenda upon the country. Kinda like the Federal Judiciary, for instance...

Re:Am I missing something?

[boots@work]

I don't know what a lawyer would have advised him. For all I know he did get legal advice first.

The lesson I take from this sad episode is: before threatening to report someone for a felony, get legal advice on the possible consequences to yourself. At worst, you're a few hundred bucks down and you got a chance to think it over before acting; at best you saved having your home raided and your computers effectively stolen.

Re:Am I missing something?

[singleantler]

Yeah, go ahead and argue semantics like that with the Police, I'm sure they'll be really impressed. Besides, wouldn't they phrase it like "on the property"

Re:Am I missing something?

[danikar]

Obviously if the story is true then he would be fired for a unjust cause and if you are fired for a unjust cause then you can recieve benfiits. I knwo cause i did, Mr. HR

Re:Am I missing something?

You are missing something. He did not write the exploitive code the company used; he wrote the language in which they implemented it.

But he did screw up big time by not protecting hismelf with the lawyer and the authorities before writing the letter to his employers. That's the trouble with Open Source developers, I guess--they have this awful habit of trusting people even when they shouldn't.

Re:Am I missing something?

[toddbu]

Does your local government (city, county, state) produce a voter's pamphlet? Usually those contain a candidate statement and a list of endorsements. Sometimes it can be difficult to interpret where a candidate stands based on their wishy-washy statements, so looking at the list of endorsements can go a long way toward understanding a judge's position. You still have to be careful though, because some endorsements aren't always what they seem. An endorsement of a judge by a police union may be because the judge is tough on crime, but it may also be because he supports big labor. If you're still in doubt then read some of the judge's opinions in cases that he's ruled on.

Re:Am I missing something?

[jbolden]

Those (at least in CA) don't generally cover judges either. Besides the endorsements are hard to make sense of. Things like "People for the American way", the democratic party, ACLU, ABA, ... would be very useful.

Re:Am I missing something?

[cbr2702]

You don't have to have elected judges to have accountability. It looks to me that this judge was incompetent to the point of justifying impeachment.

Rats...

[rah1420]

don't like the light of day. This deserves a wide audience as well as the help that Chip himself needs.

The sad part about it is that the suits who use HMS would go "Open proxy? Isn't that something that we do when we vote our stock?" and go back to their financial reports.

What we need is a UDP for entities, rather than netblocks.

Re:Rats...

[toddbu]

... as well as the help that Chip himself needs

Ok, I'm not accusing anyone of anything, but I have a simple question. How is anyone to know if this is real or if it's just made up? I seem to recall that there have been cases of people asking for help when it was all just a big scam. Anyone have any suggestions on how to tell if this is for real, other than inspecting documents provided for by the purported victim in this case?

Re:Rats...

[stoolpigeon]

There will be public documents for his arrest and the lawsuit that will allow one to know if those things really happened. But as for who is truly the guilty party, I doubt that will be so easy to decide.

But the parent post is right regardless of where the guilt lies. The more that comes to light, the more likely the truth will prevail. The more attention this gets, the greater the odds that people will get to what really happened. If the company is jacking him over, we'll find out. If he's a weasel that really stole stuff, this will motivate the company to provide real proof that goes beyond vague allegations.

Any lega rights?

[bigox]

Doesn't he have any whistle-blower rights?

Re:Any lega rights?

[MeanMF]

It might be a violation of the terms of service with their ISP, but I'm not sure it's illegal... In any case, if what he was doing turns out to be illegal then it really doesn't matter if he has the goods on the company or not.

Re:Any lega rights?

[bigtangringo]

In any case, if what he was doing turns out to be illegal then it really doesn't matter if he has the goods on the company or not.

Why precisely?

Re:Any lega rights?

[MeanMF]

Whistleblower protection prevents a company from firing or otherwise disciplining you.. You don't get a get-out-of-jail-free card just because your company is doing something illegal and you know about it.

Re:Any lega rights?

[gurps_npc]

Consider an obvious criminal set up.

You are mafia boss.

Your underboss goes to the police and complains that you are running a protection racket. He does not make a deal for immunity, he just tells the police.

You call up the police and say "Hey, that guy that's talking to you? He's dealing cocaine at 4th and Vine every saturday.

If the police catch him dealing, they will arrest him and send him to jail. They might thank him for ratting out you, but he still goes to jail.

Re:Any lega rights?

[Senjutsu]

It might be a violation of the terms of service with their ISP, but I'm not sure it's illegal... In any case, if what he was doing turns out to be illegal then it really doesn't matter if he has the goods on the company or not.

Depends on which "what he was doing" you mean: if what the company is accusing him of doing were true, whistleblower laws would not protect him. But the charges they are leveling reek of retaliatory accusations with no substance. He is protected from that.

If the actions he took at the company's behest (ie, developing software to work around ISP blocks of their spyders) is illegal, whistleblower laws do protect him, provided he reports the illegal actions to the proper authorities when he becomes aware of their illegality.

Re:Any lega rights?

[hobbesmaster]

Hes using a VPN and CVS to syncronize the code database to his laptop, working on it, then sending back the .diff's. It even sounds like they bought a network appliance with VPN for just this purpose.

On a side note - the corp has a contact form here. Not that I encourage improper use or anything, in fact I'm sure some /.'ers would have some business to do with this company now that they know it exists.

Re:Any lega rights?

[Monkelectric]

I dont know about PA, but in California he absolutely would. I was in a situation where I was asked to do something extremely illegal, and I was able to report the problem to a different part of my organization which then *called* a Detective and DA to prosecute members of their own organaztion. I ended up wearing a wire in two undercover operations... However, they were unable to prosecute because the guys wised up somehow and did the scam in a way that was extremely hard to prove. Throughout the whole process I was anonymous through californias whistleblower laws.

This guys mistake was having faith in humanity that his company had any intention of being honest. If I was this fellow, I would find a tech savy lawyer and take all their money.

Re:Any lega rights?

[jbolden]

Nope. PA protects employees of public companies. The judiciary has extended this to empkloyees of companies that get most revenue from the government. That doesn't apply in this case. Chip is explicitly not protected.

Re:Any lega rights?

[hurfy]

My head hurts from all the buzzwords

Not even sure what all they do other than sell a mailing list is one.

Lesson to be learned here

Any time you're going to be challenging the mental giants that are in charge, ALWAYS have a lawyer in your pocket and all your ducks in a row. And offsite backups.
Seriously, what the hell did he expect - if they can use open proxies like this, that they would play nice with him?

Re:Lesson to be learned here

[egarland]

Any time you're going to be challenging the mental giants that are in charge, ALWAYS have a lawyer in your pocket and all your ducks in a row. And offsite backups.

I absolutely agree. Speak softly and carry a big stick.

This was a loud letter full of scarrey words for a CEO like "illegal" and "under explicit management direction" and it ends with "notifying the appropriate authorities". Hell, if I was a CEO and I got this letter, I'd freak out too.

DON'T EVER send a letter like this without already having talked to a lawyer and given the lawyer everything you'd need. The unfortunate fact is that police will raid the house of an employee in a heartbeat, take all your computers with evidence on them and hand them over to the criminal employer who can then accidentally delete all the evidence. There's no way in hell they'd be able to get to anything you've given your lawyer though.

Honestly.. I'd want to have already talked to the appropriate authorities before sending a letter as explosive as the one he sent.

Re:Lesson to be learned here

Chip's problem was he treated the matter like one of the many flamefests he's been involved in on USENET over the years where a dose of heavy language makes you sound authoritative and the only repercussions is having to repeat ad nauseum when you get a smackdown on some newsgroup discussing spam. What the company did was indeed wrong, but he was a total fool for sending that letter.

The moral of this story

[Doktor+Memory]

Retain, and have a very long chat with a very good lawyer before you threaten your bosses with police action.

Re:The moral of this story

[XaXXon]

While this is sound advice, it doesn't necessarily follow from this story.

He said he made an internal report of unethical and possibly illegal behaviour. It doesn't say he took this up with police at all. It sounds more like he was trying to warn them that they were doing something they shouldn't be so they could stop before they got caught.

And just in general about this story: *sigh*

Re:The moral of this story

[$RANDOMLUSER]

Yah. Fer Pete's sake, check out the tone of his letter. He's a Senior Programmer, and he's writing as if he were a Partner. He's confrontational and adversarial in the same breath, and somehow expects to remain employed and that nobody's going to be pissed at him. We've all seen Captain Kirk jumping up on the rock shouting "Everything you know is WRONG!", and the natives repent, but Real Life(tm) works differently.
I don't know about everybody else, but when I stick my finger into a hornet's nest, I expect to get bitten.

Re:The moral of this story

[peacefinder]

Better yet, don't threaten. Just go straight to the cops. With bad behavior this (allegedly) pervasive, there's nothing to be gained from threats.

Re:The moral of this story

[Doktor+Memory]

He said he made an internal report of unethical and possibly illegal behaviour. It doesn't say he took this up with police at all.

Read the last paragraph of the letter again -- he was definitly threatening them with exposure to the legal authorities.

And hey, more power too him -- that was certainly the morally right thing to do. But as a practical matter, you want to make damn sure you have all of your ducks in a row and have an old-school carnivore lawyer in your corner before you throw that kind of threat down.

Re:The moral of this story

[Qzukk]

He's a Senior Programmer, and he's writing as if he were a Partner. He's confrontational and adversarial in the same breath, and somehow expects to remain employed

You assume, of course, that he wants to remain employed.

There is, however, a difference between being fired, and having your employer lie to the police in order to have you arrested and your computer equipment seized.

Re:The moral of this story

somehow expects to remain employed and that nobody's going to be pissed at him

Where did you get that from? I think he didn't expect to have his home raided by the cops.

Re:The moral of this story

[dillon_rinker]

Gotta disagree about the morally right bit. If it's illegal, you report it. If it's not, you shut up. You don't THREATEN.

Re:The moral of this story

[Doktor+Memory]

mmmmmph. I don't think it's that clean-cut. Management of this company may have been corrupt, but presumably not every other employee was in on it. (They're a big company.) So, assuming that you like your co-workers and don't want to see them all out of a job (either from the cops shutting down the company or from management firing anyone who was friendly to the whistleblower), and assuming also that you believe the company can be profitable without engaging in illegal behavior, I can see wanting to try to resolve it without immediately involving the cops. The police tend to not be very tech-savvy, and once they're involved it's hard to predict which way they'll jump.

Re:The moral of this story

Retain, and have a very long chat with a very good lawyer before you threaten your bosses with police action.

Amen. I learned the hard way through several companies (some I started, some I helped turn around, and some I was wise to leave) that unless you're old money, your best option is to walk away. Notify the authorities anonymously and under extreme caution if you must, but make sure it's darn near impossible to pin it on you that you were the whistleblower, and even then, expect them to still come after you (who do you think the authorities work for, the people? LOL!). Old money and its network will blacklist you further than you'd ever imagine possible. Old money continues to keep making money by having idealistic middle class hard working entrepreneurs achieve great successes, only to discover old money eats first. After they are full, they may decide to leave you with some scraps.

The most important lesson I learned is that in any company, figure out quickly who is just like you (assuming you're a member of the unpriviledged middle class) and who's old money nobility. They're special people - the equivelent of "made men" - and middle class folks are not permitted to touch them. I learned at one company that even a psychotic, cocaine abusing, chair-sniffing and female harassing sexual predator, old money company owner who kept on blowing through family millions had more clout than a the technology manager who rebuilt the dying company product.

If you have to get into battle, get an old money law firm and get some old money patrons on your side. Let them protect you and understand you'll have to pay back the favor if you haven't already earned it. Just because the United States is technically a representative republic doesn't mean Machievelli's world doesn't rule here. I've had too many attorneys explain otherwise (if you've ever had a hearing moved to a different judge that your attorney used to clerk for, you know what I mean). As long as you understand that several thousand years of civilization has been about those in power making sure that the rest of us keep them in power and luxury, and you don't mess with that rule, you'll do fine.

Re:The moral of this story

[jcr]

Fer Pete's sake, check out the tone of his letter.

The tone of his letter showed a remarkable degree of restraint. IMHO, he shouldn't have written it at all, but rather called the FBI.

-jcr

Re:The moral of this story

[GooberToo]

Yah. Fer Pete's sake, check out the tone of his letter. He's a Senior Programmer, and he's writing as if he were a Partner.

Troll is what I'd label you. Your position is, because he's not a partner he has no moral or legal responsibility to address such issues? Total BS. Dummies that take your position find themselves in jail or serious legal issues with the "good guys". Firing him because they are scumbags and have no desire to change is one thing. Suing and getting the police involved is a large step beyond their documented illegal dealings.

If you can't see and understand the difference here, you've got other things to be worrying about.

Re:The moral of this story

[GooberToo]

I agree with you. IMO, he had only three obvious choices to make. 1) Maintain status quo. 2) Go to the FBI. 3) Remain silent and find a new job.

The fact that he invisioned a fourth option here, while commendable, is surprisingly stupid at the same time.

Re:The moral of this story

It would be a good idea to have a few bucks saved up to pay for that too. Not everyone is going to get a story posted to Slashdot begging for cash when they get in a bind.

Re:The moral of this story

[$RANDOMLUSER]

> Your position is, because he's not a partner he has no moral or legal responsibility to address such issues?

No, my position is that working from the inside, he took entirely the wrong (naive) approach. Look, the company founder wrote the code, and clearly wasn't surprised when informed (verbally) that it was illegal. Salzenberg then ups the ante by writing a hostile and threatening formal letter, again, attempting to work from the inside and without resigning on the spot. You simply can't work within a system like that and be that openly hostile to it. The moral high-ground in a system like that is outside the system, not inside it.

I agree that the activities of HMS were slimy and illegal, and that they knew it. What I don't agree with is Salzenberg's response. A simple "I can't be a party to this, buh-bye", would have done. The fact that his letter doesn't end with "and therefore, I quit", but instead offes vague threats is exactly what got him into this position. Had he Loudly Quit by posting this as his resignation letter, he'd be an eternal hero to the entire Open Source community. Instead, we're now supposed to feel sorry for and support him. I do feel sorry for him, nobody should be treated like this. But he brought a fair amount of it on himself by his naive actions.

And make no mistake, while I think that HMS's activities were morally reprehensible before all this, I think their illegal use of the police and courts in this matter is beyond disgusting. I look forward to seeing them go out of business and burn in hell.

Re:The moral of this story

[GooberToo]

Which has ZERO to do with anything.

People do illegal things all the time. Often they don't realize it's illegal or believe that it's a gray area. Informing people they are doing wrong in the eyes of the law is often a good thing. Granted, here, I would not of written the letter.

Read some of my other replies.

Read some of my other messages and you'll see that, IMO, he only had three real options available and yet he came up with this crappy forth option.

Re:The moral of this story

[DerekLyons]

Retain, and have a very long chat with a very good lawyer before you threaten your bosses with police action.

While this is sound advice, it doesn't necessarily follow from this story.

He said he made an internal report of unethical and possibly illegal behaviour.

Try reading his letter rather than the sob story at the head of this discussion - a very different picture emerges. He made an internal report in which he threatened personal legal action against the company and announced that he would no longer performed his assigned work.

Re:The moral of this story

[jpostel]

I gotta say that I am more likely to report my employer to the BSA on the way out the door, than I am to the proper authorities. I have been on the right and wrong side of the law and it's hard to be believed when you are already labeled "criminal" before the trial starts.

Re:The moral of this story

I feel for Chip, but I don't have any money left over really. Anyway that is why, if I do not like a company's policies, I leave. Screw them. So far I always found a new job -- of course, I will never get rich or anything but what the hell.

Re:The moral of this story

I learned at one company that even a [...] company owner [...] had more clout than a the technology manager.

This somehow surprises you? What bizzaro world companies have you been working for?

Re:The moral of this story

Indeed. I have a similar story to this guy.

I once worked for a large Australian company which accepted credit cards at machines similar to ATMs. I discovered that with *four clicks* on the computer I had been given to work on, starting with an icon on the desktop, I could look at a record, the names and numbers, of EVERY CREDIT CARD EVER USED on those machines. I had not been asked to sign any sort of confidentiality agreement, so I promptly took my discovery to my manager. She too was stunned. I took it to the CTO - and the man threatened to fire me if I ever performed those four clicks or told anyone else about the 'technique'!

It is easier and MUCH cheaper for these companies to scare their employees into silence than it is to fix the problem. Sometimes the best thing to do is to appeal to true democracy - through the media.

Which is exactly what this guy has done.

AC

Re:The moral of this story

[Weezul]

If management is corrupt, just go directly to the cops, period. A corrupt manager will always see it as (1) "be 100% legal and lose money" or (2) "find a way to continue with time honored buisness practice." (2) always means shut the guy who noticed it up. If your company is doing illegal stuff, just find an annonymous way to report it to the cops.

Re:The moral of this story

[Zontar+The+Mindless]

Derek, you persist in lying through omission.

He stated that he believed the company to be engaged in illegal behaviour, and provided evidence of same. He said if the company didn't take steps to correct the problem, he'd go to the authorities.

What you're conveniently omitting is this, Derek: Under the law, if you witness the commission of a crime and you fail to report it, you can be charged as an accomplice.

He was giving the company an opportunity to cease behaving illegally, and covering his ass in the meantime.

The company responded by kicking him in the nutbag.

Afraid to touch Perl now...

[Fizzlewhiff]

What is it with Perl developers and legal hassles?

false police report

[Deton8]

You should take your original letter to the police who raided you. Hopefully they will then prosecute your employer for filing a false police report.

Re:false police report

[truckaxle]

At least he could return fire and file a police report and have have HMS's computers consficated :)

Re:false police report

[OverlordQ]

How do you know it's false? Wait till you get all the sides of the story and not just he 'victim'

Re:false police report

You do not understand what police are or do.

A DA would be a more appropriate place, but not right either. Finding people that have been abused by the company, and having them file action would be even better.

Re:false police report

[Medevo]

actually all the info that his company gave the police, as near as he can tell, is legit. The issue is that all the info simply shows him doing his job (ssh and cvs logs of him accessing his normal files).

Somehow a judge was convinced that his normal work patterns constituted enough information for a police search warrent, and thats where the breakdown in the system is.

Medevo

Re:false police report

[InfiniteWisdom]

Only if you could prove that they knew that they were making a groundless report... that's very hard to to prove in this case.

Re:false police report

[mikelieman]

There is no reason any person cannot draft and file their own misdemeanor complaint.

The court clerks might not know they're supposed to to take it, but in New York, a letter to the supervisiong judges office explaining the hang up usually results in a short reply of "Your filing will be accepted."

NOW, will the DA "Decline to Prosecute?"... Maybe... But firing that first shot across the bows is well within anyones reach.

Perl a high-risk legal environment?

Didn't Randall Schwarz (sp?) have some interesting legal struggles to?

is this a mini-version of SCO against Perl

Re:Perl a high-risk legal environment?

[Frank+T.+Lofaro+Jr.]

Yeah, convicted of a felony (!) for what should've been at worst, considered a disciplary matter between him and his employer.

Two lessons

[Otter]

1) Past and future Ask Slashdot questioners: when we tell you to document your situation and to see a real lawyer, do it! This is why!

2) Working for obvious scumbags is going to burn you in the end.

(Assuming his version of the story is accurate -- I realize there's another side. I also realize that both of my suggestions are frequently easier said than done.)

Re:Two lessons

2) Working for obvious scumbags is going to burn you in the end.

A slightly better way to say this might be:

If you're dealing with someone, whether friend, employer or significant other, who craps on other people, sooner or later they will treat you the same way.

I learned this the hard way myself ($8,000 in legal fees later).

Re:Two lessons

[IgnoramusMaximus]

2) Working for obvious scumbags is going to burn you in the end.

Minor difficulty: This would exclude 90% of corporations -- worldwide -- as it appears that being a "scumbag" is a pre-requisite to "corporate success". One has to only take look at the current CEO/CFO lineups, their views on society, their history of "ethics" and their inexplicable inter-dependencies with each other to see that quite clearly. These are the proponents of "globalization" where wealth is to be shuffled around the planet and no attention is to be paid to societal consequences of it. These are the promoters of taxation of individual consumption (via sales taxes) and no taxation of their own vast fortunes to "promote economic growth". These are the people who profit from wars and (in the case of Chip's nemesis) from illness and misery. Or slave labor. List an evil and chances are you can name a large corporation involved.

On a side, off-topic note, the problem is systematic to any large corporation. Larger the size, more attractive the operation becomes to conmen. Well healed conmen with dynastical family connections or self-made conmen who grease the right palms, it doesn't really matter. Sooner or later any company of value is run by them. Honest people do not stand a "snowball's in Hell" chance because the corporate game is rigged hopelesly against them, mostly due to the fact that the whole "free market" charade is run by the said hustlers, but also due to the fact that these thieves use the most powerful weapon known to blind and stupify their prey: greed. Thus they constantly talk about "growth" and "share value" to separate shareholders from their senses and grant themselves all the powers they need. A honest person, when put beside a pack of these howling wolves, appears timid and meek. Which is seen by the shareholders, themselves whipped to a frenzy, lusting for mega-profits to dismiss a down-to-earth, objective and realistic candidate out-of-hand and replace him/her with a snake who will promise them "profits beyond your wildest dreams". And the rest is history.

Re:Two lessons

[Otter]

Honest people do not stand a "snowball's in Hell" chance because the corporate game is rigged hopelesly against them, mostly due to the fact that the whole "free market" charade is run by the said hustlers, but also due to the fact that these thieves use the most powerful weapon known to blind and stupify their prey: greed.

Hey, there's a time for this and a time for that!

When it's time for pompous, self-righteous faux-cynicism, your jabbering about "howling wolves" and "shareholders, themselves whipped to a frenzy, lusting for mega-profits" works beautifully. When you're really going to quit your job, distinguishing between someone who hijacks proxies and someone who wears a tie will seem a lot more sensible.

Re:Two lessons

[IgnoramusMaximus]

When you're really going to quit your job, distinguishing between someone who hijacks proxies and someone who wears a tie will seem a lot more sensible.

No it is not. My point is that any corporate serf is equally exposed and vulnerable to the type of persecution this dude was subjected to. The corporation is not to be trusted at any time, more so if you work for it. "wearing a tie" is not a sufficient criterion to evoke trust and loyalty, if anything it is a warning label saying "I am a member of a wolfpack. I strive for servitude and conformity and I shall treat you as an enemy of my wolf pack, on a command from my superior alfa wolf". That is why people wear constraining jackets with matching piece of cloth hanging from their necks, originally a uniform of Croatian thugs, appropriated so neatly to wipe snoot and food remnants from the face of a "sophisticated" parasite dweller of the Louvre palace when King Louis XIV was farting about. An article of clothing quite poetically fitting the mindset of the corporate world.

Prey

[Necromancyr]

Is it just me or does this sound similar to the begining of the Crichton book Prey?

(Could be that I just read it yesterday...)

Heh

[OverlordQ]

Friends have set up GeeksUnite.net, an informational web site and Legal Defense Fund.

and slashdot has blasted it off the web.

Re:Heh

[cursion]

well now everyone can get karma for telling us about a mirror ... right?

Re:Heh

[B11]

You might get real karma by giving some money while you're there.

Pumpking?

[eno2001]

Oh my god! It's true! OSS projects are sexual in nature! ;P (It's a joke for those of you who don't get those kinds of things) Beyond that. What in the hell is a "pumpking"?

Re:Pumpking?

[uncle_fausty]

I hate to be the guy who says "Search the Frickin' Internet", but... http://search.cpan.org/dist/perl/pod/perlhist.pod It's the maintainer of a given release of Perl.

The company's website and contact info

[waynegoode]

The website of Health Market Science of King of Prussia, PA and their contact page and their email address info@healthmarketscience.com.

Re:The company's website and contact info

I see they're trying to hire a software engineer and a QA person with perl/linux/unix skills. I'm sure destroying Chip's life will help them with their recruiting efforts, now and in the future.

Re:The company's website and contact info

[TwistedSpring]

I think a legion of slashdot readers blasting these contact details and sending trollish e-mails will only worsen this guy's situation: "Then he got his legion of goons to come to his defence, causing massive problems with our e-mail infrastructure and bringing our website to a crawl, before this had even got to court." That cannot be good.

I would advise any slashdot readers considering trolling this e-mail address to think carefully about the implications their messages might have on this guy, and refrain from contacting HMS unless they have something worthwhile and appropriate to contribute.

Re:The company's website and contact info

Given the current state of the market and outsourcing of tech jobs, can one really afford to apply an ethical conscience to the few jobs avaliable to you?

Re:The company's website and contact info

[waynegoode]

Very good point. I'd give you my last mod point, but I've already posted here. I too encourage those who reply to show restraint.

I sent a short email (50 words or so) using the contact page that basically said "The guy was trying to help. Leave him alone." My point was to let them know people support Chip, not to aggravate them.

Re:The company's website and contact info

[after+fallout]

Someone should warn them that they are not likely to get a new employee that knows perl even remotely as well as Chip as almost every one of them has read his letter. They are more likely to get someone who is a .NET vb guru that can rewrite their entire system according to the documentation that is (should be) written.

Re:The company's website and contact info

[HiThere]

Yes. It's much easier than affording $40,000 (and climbing) legal bills.

If you don't think you might end up in the same place, then you aren't exhibiting much foresight.

Re:The company's website and contact info

[soft_guy]

Yes. He would be far better off if we all donated a dollar to his defense.

Re:The company's website and contact info

Don't confuse doing something that makes you feel good (I told them!) with doing something that will help the situation.

Re:The company's website and contact info

FUCK YOU, JERKFI$H! You're never going to code your way to freedom! DEATH TO O'GARA! DEATH TO GATES! DEATH TO MCBRIDE!

Re:The company's website and contact info

[waferhead]

Hopefully the company broken enough laws that the CEO will have time to reflect upon his misdeeds from Club Fed.

Sadly, in seldom works that way, but at least they are now known spammers, and forevermore will be known that way.OTOH, Microsoft might buy them then (Claria)

Re:The company's website and contact info

[johansalk]

"I would advise any slashdot readers considering trolling this e-mail address to think carefully about the implications their messages might have on this guy, and refrain from contacting HMS unless they have something worthwhile and appropriate to contribute."

I'm afraid you just invited the trolls to, uh, be trolls - to do something they're not supposed to do :-/ I can imagine a few jerks right now responding to your kind regard with deliberate trollish emails to HMS, perhaps some of them even making things up - such people I would love to strangle with a barbwire.

Re:The company's website and contact info

[jambarama]

Haha, that'll teach them. Slashdotted the company website. Nice.

In April of this year, huh?

[greenguy]

If anyone else was as confused as me about the intro, there's a town called "King of Prussia" in Pennsylvania. Go figure.

Re:In April of this year, huh?

The pumpkin is in King of Prussia? What have the editors been smoking?

Re:In April of this year, huh?

[ImaLamer]

Yeah, it's the hometown of my favorite smokes: "Black & Milds"

Re:In April of this year, huh?

For any Phishheads in the crowd, there's a leather shop in the King of Prussia mall called "Wilson's". They have interesting business cards.

Re:In April of this year, huh?

[illumin8]

In Soviet King Of Prussia, You arrest Companies!

Re:In April of this year, huh?

[Kremit]

Wilson's is a pretty popular leather shop. Many of them here in Ohio and around the US.

Re:In April of this year, huh?

[wilgamesh]

king of prussia is home to the self-proclaimed 'second largest mall in the united states.' the first being the one in minnesota.

here's google satellite image map of the mall. http://maps.google.com/maps?q=king+of+prussia&ll=4 0.088521,-75.392979&spn=0.004413,0.006961&t=k&hl=e n

i went to KoP for a wedding once, and had the pleasure of strolling through the mall the next day. over and over again, till my feet bled.

Re:In April of this year, huh?

[ShawnDoc]

Why settle for the second largest mall in the US, when you can fly to Canada and go to the world's largest?

Re:In April of this year, huh?

[OneSmartFellow]

My God, it's full of cars !

Sorry, had to be done

Re:In April of this year, huh?

Nomen omen?

Re:In April of this year, huh?

[archen]

Bacause your girlfriend wants to go to Victoria's Secret?

Why write to this management?

[Teun]

Why write up such a paper about the companie's (il)legal activities when it's quite clear the managament expressely supports it/ sees it as a business model?

Get out or be prepared for a long and costly fight!

Mirror

GeeksUnite mirror:
http://geeksunite.net.nyud.net:8090/

Who are you?

If this was Dan, I'd contribute straight away. I have no idea who you are other than a handful of posts to perl6.internals about the parrot hackathon after Dan quit.

For all I know you could be totally evil!

I can't send money

[stoolpigeon]

because all I know about the case is what I read on slashdot and a site set up by this guys friends. I have no idea what is going on and I don't have time to fly to Kind of Prussia (wtf?) and look into it. Even if I did, I don't think the suits at his former employer are going to take the time to go through interviews with me so I can decide whether or not I should contribute to his legal fund.

Sucks for him if he didn't do anything wrong. If so I hope it works out. If it goes to court and he is found innocent-- then giving to the fund would be a lot easier.

Re:I can't send money

[Chandon+Seldon]

It's perfectly possible to verify this guy's story. He was a major developer for a version of Perl. Perl is pretty well known and legitimate software, so unless you're overly parinoid, you can assume that the average Perl developer who isn't currently asking for your money is trustworthy. So, to verify his story email some other perl developer with the link and ask them if it's legit. Even if you pick the wrong developer, they will probably be able to direct you to someone who can help you.

Re:I can't send money

[stoolpigeon]

The thing is-- it is quite possible that nobody knows he was doing something wrong except for him.

I don't doubt the depiction of verifiable events (law suit, search warrant, letter sent) and they lead me to lean towards thinking he did nothing wrong. But I don't know. And I'm not dishing up my cash until I do.

The fact that he is well known just doesn't have much to do with it. I've been shocked by what people I know personally have done. I've never met this guy before in my life. That he is a skilled programmer tells me nothing about what is really going on.

Re:I can't send money

[Gzip+Christ]

I can't send money because all I know about the case is what I read on slashdot and a site set up by this guys friends.

You should send me money instead. I promise to use it only for booze and porn.

Re:I can't send money

[vanyel]

I'm rather concerned that a Senior Programmer can't build a web page with properly working Paypal Donate button on it (it just links back to the page it's sitting on). Is this really Chip Salzenberg or some scam?

Re:I can't send money

[ElBeano]

The problem is... you'll decide it's too much trouble to get to the bottom of it and pass on a chance to help. Maybe I'm wrong, but apathy conveniently finds excuses to do nothing.

Re:I can't send money

_King_ of Prussia, it's a suburb of Philadelphia

Re:I can't send money

Doesn't sound like he's got a very good lawyer, either.

The employer / judge / cops / DA establishment totally had their way with him.

Bad lawyers will do you more harm than good. IMHO, he'd be $40K better off without his lawyer right now.

Re:I can't send money

[Zaak]

...they lead me to lean towards thinking he did nothing wrong. But I don't know. And I'm not dishing up my cash until I do.

The purpose of a legal defense is not to exonerate the guilty. It is to ensure a fair trial. Whether you believe he is guilty or innocent, or whether you don't know, makes no difference. He has the right to a fair trial. At present in the United States, that means having a lot of money to pay a competent lawyer.

TTFN

Re:I can't send money

I would like to add that I seem to be getting the feeling that the more "programmer" you are, the more lacking in street smarts and social skills you may be as well. If I found out that the company I was working for was a piece of shit and was doing unethical and possibly illegal things knowingly, I would be posting my resume all over town, all over the next town over, and all over the state to get the hell out of dodge. THEN I would blow the whistle and attempt to fuck over a fucked up company.

But these Ask Slashdot's just seem to increasingly not make sense to me whenever dealing with the work/legal issue type of questions. Seriously, why would you even WANT to keep your job if you knew the people you worked for or with were a bunch of jackasses without morals?

Re:I can't send money

It's KING of Prussia, pal, a community about a half hour from Philadelphia PA, near Valley Forge. Yes, THE Valley Forge, where Washington's troops weathered a bitter winter during the American Revolutionary War.

King of Prussia has a LOT of office complexes, and one of the largest malls in the country. I saw Batman Begins at the IMAX near the King of Prussia mall. It was so dope, yo.

ONE SEARCH for "King of Prussia" on google.com led me to this page, where you can read all about how King of Prussia got its name. Surely you had time for THAT, before you went "wtf", no? Here's another link you might find useful.

Re:I can't send money

[stoolpigeon]

My point was more along the lines of I can't get to the bottom of it. It's not really apathy-- it is just way too complicated a matter to be settled reading what is posted on the web and my life doesn't allow me time to go beyond that. Not to mention I probably will just not have access to all the information - whether I want it or not.

I see what you are saying, but I think a wrong action can be worse than no action and I don't feel informed enough to move. If you are right-- I'm so apathetic I don't even know it. (that strikes me as a bit funny)

Re:I can't send money

[stoolpigeon]

Point taken. I have no reply, I want to mull it over. But I did want to say 'thanks' for the comment. I had not considered that aspect and will now do so.

Re:I can't send money

[stoolpigeon]

I admire your regional pride. I thank you for the chuckle. The 'd' was a typo and I didn't preview. I'm still not gonna google it though. Just keep making fun of the name. I expect plenty of chuckles from co-workers tomorrow when I bring it up. sorry. (well not really sorry, but you know what I mean)

Re:I can't send money

[wik]

Sometimes also called Silicon Valley Forge. It's neither as big nor as famous, but it does house a fairly large collection of tech companies.

Re:I can't send money

Chip Salzenberg is for real. He was the closing Keynote speaker at YAPC::NA (Yet Another Perl Conference - North America) 2005. Larry Wall (creator of Perl) was the openning Keynote speaker at the conference. It was during the closing Keynote presentation that Chip revealed his legal battle to the community. He gave the Keynote presentation yesterday (June 29th), which probably explains why it was slashdotted.. I can't imagine the ~500 Perl programmers in the audience sitting still after hearing of his troubles..

He's not required to resign...

[Senjutsu]

Whistle blower laws were enacted to encourage employees to bring to light nefarious and illegal activities being perpetrated by their employers without fear of retaliation. HMS appears to be trying to side step these laws by, rather than firing him for doing the ethical thing, falsely accusing him of crimes based on highly flimsy evidence in an attempt to ruin him financially long before the courts can sort the mess out and bitch slap them for breaking a number of laws.

Re:He's not required to resign...

[winkydink]

So you drive the company into Ch 11 after a long, and protracted battle. Then what has he got to show for it? Exactly what he has now: jack + big lawyer bill.

Re:He's not required to resign...

[hrieke]

Not really. If he can pierce the corporate vail, then he can directly sue the board, the directors, and senior management. Showing that they KNOWENLY acted illegally, immorally, and unethically is the easiest way to do so, and that letter just put them on notice.

No probable cause...

[jhoger]

Based on the evidence at hand there was no probable cause for the search.

If he didn't keep any of the company's information, they likely have no case.

Crossing your fingers for summary judgment, a directed verdict :-) or a nice juicy settlement favoring the plaintiff.

Pretty scary though that the judge would authorize grabbing all your equipment with no genuine evidence of theft/misappropriation of trade secrets. There ought to be a high bar set for the kind of disruption that causes. There's no reason discovery couldn't have been allowed to proceed in a less violent manner unless he wasn't cooperating.

Re:No probable cause...

[slavemowgli]

Unless the police are asking for a warrant when there really and obviously is no case at all, a judge will pretty much always grant whatever they ask for. The reason for that is simple - judges fear that they might deny a warrant for a case that turns out to be real in the end after all, which likely would have a negative influence on their career (after the local media being all over it); issuing warrants in cases where they wouldn't have been appropriate does not carry a similar risk.

As such, most (if not all) judges will simply err on the safe side (from their perspective) and just trust that the police will not abuse their power too blatantly.

Re:No probable cause...

[Brian+See]

Looking at the documents posted online, there are TWO separate things going on.

The search warrant was issued in a CRIMINAL proceeding. It looks like the state isn't pressing criminal charges.

There appears to be a parallel civil action, with expedited discovery. The civil action appears to assert that Salzenberg misappropriated trade secrets, and the discovery is targeted at imaging Salzenberg's computers.

The authorizatoin for grabbing the computers happened pursuant to the search warrant in the criminal investigation, not the (expedited) civil discovery.

Re:No probable cause...

[TRRosen]

More likely the Judge knows nothing about technology and rather then show his ignorance by questioning the request he simply signed off on it with no Idea what the evidence was or what it meant.

Re:No probable cause...

[Locke2005]

If he didn't keep any of the company's information, they likely have no case.

If he was still working for the company at the time of the seizure, than chances are he had a full source tree on his home computer so that he could do test builds at home. All of which is perfectly normal and necessary to do his job. To the non-technical, the argument "why did he need copies of files he was not charged with maintaining?" may sound valid. However, anybody who has ever maintained software can tell you that you usually need almost all the header files and always need all the objects to link against in order to do a test build just to see if you made any mistakes in the single file you changed. Again, finding all the companies source on his home computer proves nothing; what they would have to do is find proof that he was transmitting that source to somebody else. The REALLY stupid thing is that it is not at all necessary to download source to your home computer to appropriate secrets; anybody could walk into the company with a few 1GByte USB flash memory keys and walk out with all the source, and there would be no record of it having been transferred. Hmm... did the search warrant explicitly include flash memory devices as well? I am not a lawyer, but I beleive they can't seize anything not specifically mentioned in the warrant.

Re:No probable cause...

[Inigo+Montoya]

It looks like the state isn't pressing criminal charges

This is good news. The DA has realized there is nothing criminal going on (or perhaps just not enough evidence of something criminal going on).

As for the second action, unfortunately for Mr. Salzenberg, you can be sued for anything in the USA, and when you are sued, you do have to defend yourself at your own cost. You can often get those costs awarded back to you if you ultimately prevail in court. In this case, if Mr. Salzenberg's computer equipment is currently being imaged in a civil discovery, he'll have nothing to worry about if he's done nothing wrong. However, I think the timing of the events will hurt him and make his defense more difficult. There will likely still be company data on his computers, only because merely 1 day had passed after his converstation with the CEO before his house was raided; He had no time to dutifully erase his hard drive if he was already resigned or terminated after his CEO conversation (backdated resignation notwithstanding)

Re:No probable cause...

[Brian+See]

He had no time to dutifully erase his hard drive if he was already resigned or terminated after his CEO conversation

I posted this upthread, but I think it bears repeating. In the affidavit supporting the search warrant, the detective says that the company president sent emails to Salzenberg "asking him to return any and all company property to the business and he has refused to do so". The company's lawyers are probably going to use that piece of information for all it's worth in arguing that it's evidence of Salzenberg's bad intentions.

Re:No probable cause...

[HiThere]

Polyanna lives on.

When your equipment is seized, your work is DOWN! When you are fired, and also can't work on your own, it's quite difficult to do anything.
He can expect to get his equipement back in a decade or two...possibly no worse for wear, but what will it be worth then?

This is yet another example of the blatant abuse of power by the powerful. Don't expect to hear any justifications of their actions, they've got the power, they don't need to justify how they abuse it. From where I sit (on the other side of the country) it looks like they did everything legally. This merely proves how biased the "approved legal procedure" is.

Note that the DA is not reported as having dropped the charges. That means that they are going to continue to hold everything as "potential evidence" even if they never look at it. They would need it were they ever to proceed. There is NO attempt to compensate the victimized party for the actions of the police. If and when they eventually return the equipment, whether it's in working condition or not, no matter how long it's been, that will be all the recompense that can be expected. (And don't hold your breath for that one.)

Do I suspect under the table political deals...yes. There's no evidence, but I'd be naive to not suspect it. This is a major corporation, of course the town is going to bend over backwards to keep them happy. And if I were call them scumbags, I wouldn't know whether I was referring to the corp. or the city.

Re:No probable cause...

[Brian+See]

Note that the DA is not reported as having dropped the charges.

As far as I can tell, this is incorrect.

The /.'d timeline on the geeksunite website says that on June 6, 2005, "DA Drops Criminal Investigation - Announces Return of the Seized Property to Salzenberg."

Also, the court's online system is reporting a miscellaneous action which looks to be related to the criminal matter, case CP-46-MD-0002495-2005, as "closed". I think a valid deep link to the criminal docket sheet is http://ujsportal.pacourts.us/crystal/enterprise9/D SReportsPDF.csp?ct=4&dktno=200068158.

Re:No probable cause...

What, in that reused drug case warrant with "controlled substances" lines crossed out in pen? As a judge, on principle, I'd throw out any warrant for seizing computer equipment requested by any detective who can't even use a word processor. Obviously the detective doesn't know how to use a computer, so how can he/she know what to ask for or search? Geez, this one was so bad that the affiant (the detective in Upper Merrion) even screwed up Saltzenberg's name in part of the affadavit! They were apparently looking for the home of a "Saltzenberger" not a "Saltzenberg". No matter, those small mistakes were peanuts to the lack of cause to suspect any wrongdoing on the part of Saltzenberg, but the Honorable Jeremy Blackburn scribbled on it anyway. Apparently he values his 4th Ammendment rights (or at least those of his fellow citizens) less than I do. One affadavit from a detective that can't use a copy of "Word" based on (as far as I can tell) unsworn testimony from another person, and that's enough to issue a warrant to invade a person's home and seize thousands of dollars of property? Shame on him.

Re:No probable cause...

[v1]

Part of the problem is that with electronic data, specifically data that might be unique, is that there is a genuine risk that if you let a malicious person know you are going to try to take that unique information, that they might destroy it. It doesn't take much effort convince a judge to give someone a warrant if they lead him to belive that the victim has the only copy of precious data and is ready to erase it at a moment's notice. They'll paint it like a hostage situation, and judge/law will react accordingly - with a great deal of very sudden force, in an attempt to throw the victim off balance while they rescue the data, "just in case".

In some respects this method makes sense. Until you remember that it's wrong to infringe on the rights of one to protect the rights of another. Usually, if the ONLY way to guarantee the rights of one person is to infringe on the rights of another, they usually permit it, which is completely retarded.

I think the courts/police do it out of sense of duty... if they're presented with a scenario where they can either do nothing and risk one person being injured, or take action to protect that person and in doing so, injure another, they seem to prefer taking action. I think it's a matter of them simply wanting to take some action, trying to protect something, irrespectful of who gets trampled in the process.

Re:No probable cause...

Heh, I work in KoP... HMS with "Nearly 40 employees" (or so says the Affadavit attached to the warrant) would be small potatoes. Upper Merrion Twp. is doing so well they don't even charge the 1% EIT that most other townships in PA do.

Re:No probable cause...

Some judges make search warrents all to easy to get.
There is more than one that is known to keep a bunch of presigned but otherwise blank warrents around for the cops to get when they want without calling him in the middle of the night or whatever.
Judicial oversight?
HAH!
Just lots of rubberstamping....

Re:No probable cause...

[jhoger]

I agree that this is the situation, my problem with it is that it is not very egalitarian. If this were two big corporations fighting, it would probably just go the normal route of discovery with the judge compelling the parties to produce whatever either side needs.

I'm just saying the bar should be a lot higher... just because you have an individual here, and not a corporation (with rules/regs/procedures) there's no reason to assume he won't comply with a judge's orders unless the evidence presented for the warrant is extremely compelling. In this case it doesn't even appear that your average judge could understand the issue involved, how could he be convinced?

Can't know what really happened, but on its face, anyway, I hope the pumpking gets a good lawyer and pushes this as far as it can go and makes them pay for abusing the system...

At the larger scope, there needs to be some experts made available to the judges to get these extreme results from occuring at all.

-- John.

Re:No probable cause...

[HiThere]

Yes. I didn't see that until after I had posted. (I'm not certain it wasn't there earlier...I may just have missed it.)

That said, they still expropriate people property without recourse with VERY little reason. Because they can, and you can't stop them. (Yes, sometimes they have good reasons. That doesn't excuse the times they don't.)

Re:No probable cause...

[ShawnDoc]

Also keep in mind the typical judge grew up before personal computers, and probably have little or no understanding of computers or networks. It wouldn't take much to convince such a person that there was reasonable cause to think Chip had stolen trade secrets.

Re:No probable cause...

[HiThere]

I don't know the town, but I can think of a lot of towns where a company with 40 employers would be quite significant.

(If they don't even have that reason, then WTF were they doing?)

Re:No probable cause...

[Rich0]

Uh, look up king of prussia at google - you'll note the second largest mall in the US in the satellite photo. Right next to it is a military contractor (used to be GE, I think it is Ratheon now). This is NOT a small town by any stretch of the imagination...

Re:No probable cause...

told police that they feared I was misappropriating trade secrets. IANAL.

Likely bullshit, as no future employer wants to be contaminated with stuff that will come back to haunt them. Secondly most trade secrets are in peoples heads - not written down, or if they are, its in a safe.

Lets split this up. Told police is no good, they have to testify (in latin hold testes) and in good faith, that they truely believe that and with justifiable cause. If those beliefs were not sound - thats not probable cause.

An ex-employee who did remote/mobile work, a mere day after acrimonious departure, may have a tree or some code on his disk, not having time to wipe, and if it was wiped, it is still gettable back, so having code proves nothing, and is far from willful intent, but one of passive circumstance. Upload/download patterns are not proof of furtive activity.

Genuine fear, would be if they genuinely believed the someone was going to POST/Publish something, not just anything, but a specific trade secret.

In cases like this, separate the issue - is it a problem that ex-employee has physical code/information? or do they have hard evidence that he was yakking about iminent disclosure of a trade secret, of which using an open proxy is not.

Every trade secret will be merticiously and chronologically logged and documented. The way to counter this action, is a huge and impossible discovery order (think SCO), discovery of company emails - the works.

A discovery motion, 1000 issues long, is a good start. Evidence not directly related to a documented trade screts should not be admissable, so claims of theft etc should be thrown out.

AVO orders are a similar abuse - genuine fear is rare, its just another unfair tactic, and a practice that need fixing - the difference between genuine an a 'possible maybe' - are light years apart.

After this lot, going after them for damage to reputation may be the go. Just get a good tactician to apply the rules of evidence and admissability strictly.

Re:No probable cause...

[v1]

I don't know that I can entirely agree with that. When the courts become involved, companies become incredibly well-behaved. (they may not act legally before the courts are involved, but once the magnifying glass comes out, they straighten up usually) Individuals are less predictable that way. Again, likening it to a hostage situation, you never know what a despirate kidnapper might do - maybe he'll kill the hostage if he feels his advantage has disappeared? I think the judges may look at it the same way, considering the individual less predictable and possibly more "dangerous" in many respecs as a result. Companies usually act on their financial best interinst, but individuals can be more prone to things like revenge, and the judge will take that possibility into consideration.

What it all seems to boil down to is that the courts WILL trample on one person's rights in order to protect another person's rights. So in many cases, it's a matter of he who gets to the judge first wins.

Start reporting them

[david_anderson]

Every company I have ever worked for has violated all sorts of labor laws. Start giving them a pile of minor regulatory headaches.

Then make sure you have a good shark for a lawyer. Make sure he has a technologically savy partner or associate that can understand the CVS and gateway issues.

Then countersue. They may have infinite resources compared to you, but they also have much deeper pockets to go after. If they are vunerable on this point, your lawers will be more than happy to go after that big paycheck.

If all you do is try and defend yourself, then they will steamroll all over you.

Re:Start reporting them

"Every company I have ever worked for has violated all sorts of labor laws. Start giving them a pile of minor regulatory headaches."

you are an idiot if you think that a judge would take kindly to this kind of harassment in your retaliation

Re:Start reporting them

[david_anderson]

Where did I mention retaliation?

I did not suggest harassment, whech the judge would have problems with. I suggested reporting actual violations of the labor laws. Judges are generally in favor of reporting illegal activity.

Re:Start reporting them

You have my name dude

Re:Start reporting them

Hey, if anyone else wants to try this, they're hiring, and I hear they recently lost a senior developer...

(ducking)

Re:Start reporting them

[DrHyde]

"make sure you have a good shark for a lawyer" translates to "pay your union subs".

Re:Start reporting them

then you worded your recommendation incorrectly as it implies a form of harrassment

Re:Start reporting them

Every company I have ever worked for has violated all sorts of labor laws. Start giving them a pile of minor regulatory headaches."

you are an idiot if you think that a judge would take kindly to this kind of harassment in your retaliation.

It's not harrassment to report violations of the law. In fact, it's often illegal not to do so. You have to comply with all the laws, all the time, period, no exceptions. That's why they're laws, and not "suggestions", or "guidelines", or "options".

Why is this so damn hard for corporate types to figure out? The law applies to everyone, and that includes you!!!

It says

[waynegoode]

Eeeh.. Slashdotted. What's it say?

skip to: page content | links on this page | site navigation | footer (site information)

We need your support - Please mirror this site. Donate Now.

Welcome to GeeksUnite.net -->

About the Site Content Who is Chip? About A & C Open Source perl Parrot

CONTRIBUTE NOW to the Chip Salzenberg Defense Fund...

MIRROR THIS SITE
Spread the word. This can be any one of us.

To email us the url, get the latest info or just say "Hi" info@geeksunite.net

Come back frequently for the latest site and case updates.
Last updated 6/29/2005.

Join our mailing list info@geeksunite.net

PA Code by Case Subject Search & Seizure
Return of Property
Misappropriation
Trade Secrets
Harvesting/Open Proxies
Related Link

Case Documents The OMITTED Letter The Search Warrant Plaintiff DefendantInterveners
Timeline of Events

Please Contribute. Thank you for spending time on our site. It will be updated frequently. Please come back.

None of the views expressed in the website constitute the views of the Armstrong & Carosella PC law firm, or any
principals or employees, or agents or experts who have been retained in any capacity in connection with the case.
Information on this site is for educational purposes. Case Caption: Health Market Science, Inc. v Charles H. Salzenberg, Jr..
Court of Common Pleas of Montgomery County, Pennsylvania. Case Number: 05-11918

Chip Salzenberg Defense Fund
Please mirror this site. Learn from it and protect yourself.
We need your financial assistance to continue the fight.
Donate Now.


OMITTED from the Company's Pleadings,
UN-INVESTIGATED by the Detective,
it caused IMMEDIATE ACTION by the CEO,
READ the LETTER that started it all!

Why 23 million telecommuters need to be worried about this case
Or: How your life can land into the "wrong hands".

Twenty-three million telecommuters (IATC 2003) access their employer's network from home. Some use their own personal computers, while others use a computer their employer assigned to them by their employer. Some bring their laptop to and from work. Do you? Should a dispute arise between you and your employer, you may be exposed to the legal tactics and strategies used by Chip's employer.

The company can file a police report, show logs of your network activity, convince the often insufficiently sophisticated police that your behavior is suspicious and claim they are in "fear" of the loss of their property and/or trade secrets and potentially millions of dollars of profits . If you're a programmer, that is your job description permits you to "appropriate" huge source code downloads with only even less uploads - exposing you to a "claim" of theft of your company's confidential and proprietary information and trade secrets . All the while you are having an exchage with the CEO by

The Letter

Can somebody post that open proxies letter as a .DOC? I prefer using industry-standard software for my browsing, and Word doesn't seem to be able to handle this ".pdf" thingy.

Re:The Letter

Geez, you are supposed to use NOTEPAD for opening .pdf file, you silly!

Those Windows users. Would they ever learn?

Re:The Letter

You need to find that NTLDR file thing, give the .pdf the same name and replace your original file.

Enjoy

EFF?

[The+Amazing+Fish+Boy]

Why shouldn't the EFF be handling this? Or the ACLU? Do we really need a new fund?

Re:EFF?

The EFF and ACLU aren't handling this because HMS's case is rock solid (regardless of Chip's spin-doctoring).

Re:EFF?

Maybe because he already went to them and they feel he may be guilty. Just a thought.

Re:EFF?

[bladesjester]

The EFF is a lobying organization. They don't want to get involved in anything that may paint them in a bad light to legislators (who receive large contributions from companies like HMS).

They're notorious for dropping people like hot potatoes if they think there is a chance that it will negatively impact their political lobying.

Re:EFF?

Evidence?

Re:EFF?

[bladesjester]

Evidence?

The trial of several of the members of MOD comes to mind off the top of my head. The EFF, shortly after it was formed, promised to help them legally and even set them up with their legal council initially.

They then decided that they wanted to be a political lobby group and that they should distance themselves from overly controversial issues least they become associated with them (The government was extremely hot to prosecute the kids. The FBI, Secret Service, and NYPD were fighting each other tooth and nail to get the credit).

They pulled their legal support.

The lawyer decided to help the kids anyway and the EFF talked to his bosses, getting him removed from their practice because they didn't want to be associated with the controversy (after they had already promised to help and then backed out). The guy was finally given back his job after he agreed to stop providing council for the kids.

Re:EFF?

Link? Sounds like bullshit to me.

Re:EFF?

[Jah-Wren+Ryel]

Sounds like bullshit to me too.
MoD was indicted July 8th, 1992.
According to Phrack one day later the EFF made this highly ambiguous press release:

EFF Issues Statement On New York Computer Crime Indictments July 9, 1992

Cambridge, MA -- The Electronic Frontier Foundation (EFF) issued a statement concerning the indictment of MOD for alleged computer-related crimes.

This statement said, in part, that EFF's "staff counsel in Cambridge, Mike Godwin is carefully reviewing the indictment."

EFF co-founder and president Mitchell Kapor said "EFF's position on unauthorized access to computer systems is, and has always been, that it is wrong. Nevertheless, we have on previous occasions discovered that allegations contained in Federal indictments can also be wrong, and that civil liberties can be easily infringed in the information age. Because of this, we will be examining this case closely to establish the facts."

When asked how long the complete trial process might take, assistant U.S. attorney Fishbein said "I really couldn't make an accurate estimate. The length of time period before trial is generally more a function of the defense's actions than the prosecution's. It could take anywhere from six
months to a year.

That sounds like it's a long way away from promising to help them[MoD] with legal support.

Re:EFF?

Explain? You are the only one claiming that I have seen here so far.

Re:EFF?

[ntk]

Actually, the EFF is a 501(c)3 organization, which means that its specifically restricted as to how much lobbying it can do. Instead, the EFF concentrates on being an advocacy organization, representing defendants and plaintiffs in cases where there's a chance of making good case law.

(Actually, in practice, *I'm* the majority of the lobbying bit. If I had any influence on dropping people, I'd be like all "Hey drop *him*! Now pick him up! Now drop him again! You other lawyers, bring me a mojito!". But that's not really how lawyers work, alas.)

Cops... and Freedom

[Plugh]

It's no suprise that the police are blindly taking orders and taking property. This recently came up at FreeTalkLive

Just one more reason I moved to New Hampshire, where there's at least hope that this kind of Police-State abuse can be rolled back.

Chip... as a longtime Perl user, my deepest thanks for all you've done. Good on you for taking the moral high ground here.

Re:Cops... and Freedom

[eukreign]

I'm totally with you on that one!

Mirror

[pudge]

http://homepage.mac.com/pudge/geeksunite.net/

It won't last long ...

Fuck HMS

[ZombieChiefExecutive]

This looks too much like HMS taking revenge on Chip for the complaint about the misuse of open proxies.

Getting exposure with those who understand the technical stuff like logging in with ssh etc is worthwhile.

I can't offer any useful advice, but my friend was in a similar situation a few years ago. A local government outfit pressed police charges against a friend for misuse of the local government's network (downloading heaps of stuff). Even though most of the logins were not from his home number (it was dialup access), the stupid police proceeded with the charges. As it happens, the username was the name of the local government, and the password was the name of the local government with 1 on the end.

Because he had marriage problems and his wife was throwing a fit about it, he didn't fight it and changed his plea to guilty.

Months later the entire local government was sacked by the state government for corruption.

Those connected with the local government even managed to follow him interstate and have him sacked from his new job.

I believe he complained about the username and password and things to do with the network before all this happened.

In short, you must fight this. They have no case since you were authorized to work from home using the company resources and the management had knowledge of this. They also have the burden of proof that you were engaging in some kind of illegal behaviour.

Honestly I don't think you have anything to worry about legally. The biggest problem will be the legal bill these bastards are running up for you.

Get lots of publicity (= negative publicity for HMS). Make sure everyone knows what's happening.

Wait for this to blow over, then sue them to the ends of the earth.

Mirrors for the Chips site

[jns]

There are two (european) mirrors of Chip's site at
http://phoenixrising.ws/mirror/www.geeksunite.net/ and http://www.perl.gellyfish.com/geeksunite/

Amazing Fish Boy Makes Statement, Is Correct.

[The+Amazing+Fish+Boy]

I won't pay for a different reason. I steadfastly refuse to help those that choose to write headlines in the third person.

Re:Amazing Fish Boy Makes Statement, Is Correct.

[Rick+and+Roll]

I sent a /. story and they preserved everything except the headline. It could have been the same for him. So you are unfairly judging this dude.

Own grave dug

[petesmart]

It's disgusting that they can do this, particulary at such personal expense. Sadly, Chip has dug his own grave, I don't know much about US emplyment law, but I don't think whistle bower type protection will be any good, as he approached the company first, and not the authorities who are now chastising him. Working for an ethically dubious employer is tough, say something, and they'll throw the book of selective dismissal conditions at you, say nothing, and, well, like myself, sometimes the roof over your head is worth keeping whilst you seek employment elsewhere.

Re:Own grave dug

[lifeblender]

No, that's not how it's supposed to work. As an employee, loyal to the company, you are supposed to have internal recourse available to bring illegal activity to the attention of your seniors, and all the way up the chain if you direct supervisor won't listen. You are not supposed to have to go to the police, since a company should be capable of cleaning up its own act. Going to the police means that the normal channels of reporting issues have failed.

Everything I wrote there is how it works in ethical companies, meaning companies whose executives have laid out specific plans for remaining on the right side of the law. I don't care if you think that "most companies aren't like that". What that would mean is that "most companies deserve liquidation". If you can't at least have a plan for handling your own breaches of the law, and avoiding them in the future, then the company is not run in an ethical manner. Go ask someone with an MBA what kind of ethics class they had to take to get it. A company that doesn't have a plan for reporting issues about itself is derelict in its duties. All claims of impropriety leveled at such companies, including Chip's, have extra weight once they reach court.

Yeah, it'll be a while before they reach court.

If his complaints are true, then I sure as hell don't want to have anything to do with those companies. See? That's the reason that (ethical) companies need internal reporting mechanisms. If the CEO of an ethical company got wind of this behavior through internal channels, then they could correct it before I ever heard of it, and they wouldn't lose me as a customer, distributor, or business partner. That's what internal channels are for: protecting the company from itself.

Anyway, it's obvious from this that Chip's company doesn't have good internal reporting mechanisms. And that necessarily gives that company a strike against them to begin with. Or it should. We'll have to wait and see if it really does.

Re:Own grave dug

[gujo-odori]

Like others have noted, as I read his letter I could only think "Just what did he expect would happen if he delivered a letter like that to an employer that was knowingly involved in these activities?" The only thing more surprising than his naivete in giving them that letter was that I read all the way to the end only to find that was *not* a letter of resignation. If I received a letter in that tone from any of the people I manage, irrespective of specific content, I would assume I was reading a letter of (probably immediate) resignation.

That they are only out to screw him over seems pretty obvious, but his apparent lack of wordly understanding of these matters has given them every possible opportunity to do so. To anyone in a similar situation, my advice (as a manager, for whatever that may be worth), is to:

1) Prepare yourself financially to be unemployed;

2) Prepare your documentation of all allegations;

3) Make a backup set and put it in some secret offsite location that no one could reasonably either know about or get a search warrant for;

4a) Get a lawyer;

4b) Submit your letter of resignation, and don't say why. If pressed for an answer, just say you want to take some time off, then pursue other opportunities;

5) Finally, when you are no longer employed at that company, go to the police with your evidence.

The order of 4b and 5 could be reversed on advice of counsel, and if you want to move 4a up to, say, 1a, well, it's never too early to have a lawyer in a situation like that.

Re:Own grave dug

[DerekLyons]

As an employee, loyal to the company, you are supposed to have internal recourse available to bring illegal activity to the attention of your seniors, and all the way up the chain if you direct supervisor won't listen.

Had that been what he did - you'd have a point. But it's not. He threatened (personal) legal action against the company and announced his refusal to continue working on his assigned project. If you actually read the memo he submitted - it paints a very different picture from the sob story at the head of this discussion.

Anyway, it's obvious from this that Chip's company doesn't have good internal reporting mechanisms.

A completely groundless assumption. Again, try actually reading the memo - it has a whole raft of adressees, and no discussion or indication that any attempt to bring this to the attention of anyone had been made beforehand.

Re:Own grave dug

[lifeblender]

Well, I suppose now we've hit the crux of the matter: How well did he research his options ahead of time? As a fellow computer scientist, I've been giving him the benefit of the doubt. You are, however, quite correct about his statement. It does threaten legal action, and perhaps he really was silly enough to threaten this without already having it ready. Again, I was giving him the benefit of the doubt, but I guess that second nod to his forethought is not correct.

I think you are somewhat mistaken about his attempts to bring the matter to the attention of his superiors. In his letter, he discusses his conversations with management, etc., and how he got no reaction from them. That was actually my reason for stating that his company had no internal reporting mechanisms. Again, I've been giving him the benefit of the doubt: since he tried _something_, I figured he tried the best thing he knew to do.

Of course, I could be wrong. He could have done all of this so hastily that he skipped over the anonymous reporting channels that his company provides for just such isses. And I wouldn't know.

Since I don't know, I'll just end this here, and wait for the trial. If he was so hasty that he ignored perfectly good channels, then I've been over-estimating him. I don't think I have, but you've provided a counter-example so now I'll just wait.

Re:Own grave dug

[jim3e8]

The first sentence says he brought it up with a company founder and an author of the source code over a month before writing that letter.

But their alleged blow-off of his concerns should have been the catalyst for either getting a lawyer in preparation for further action, or quitting and moving on. Nothing happened until he threatened actual legal action to the very people who were allegedly complicit, and to their superiors.

It is unethical and possibly illegal for a company to have your property seized under false pretenses. It is wrong that the legal system is skewed towards those with the money. But many things in life are unethical, illegal, and wrong, justice is not always served, and idealism doesn't change that a whit.

TImeline of events

[winkydink]

[sorry for sh*tty formatting...]

Timeline of Events

Please Contribute. Thank you for spending time on our site. It will be updated frequently. Please come back.

None of the views expressed in the website constitute the views of the Armstrong & Carosella PC law firm, or any

principals or employees, or agents or experts who have been retained in any capacity in connection with the case.

Information on this site is for educational purposes.
Case Caption: Health Market Science, Inc. v Charles H. Salzenberg, Jr..

Court of Common Pleas of Montgomery County, Pennsylvania. Case Number: 05-11918

Timeline of Events in Case

June 21, 2005

Intervener's Too Late? - DA Gives Away Computers Early. Company Already Imaging.

June 20, 2005

Emergency Stays Filed by All Parties - In an Attempt to Keep Property from falling into the Wrong Hands

June 17, 2005

Judge Awards Personal Property to Company - Admits to NOT Reading Salzenberg's Opposition.

June 16, 2005

Company Runs Interference - Files Motion to Intercept Released Computers Contrary to the May 2, Order and the "Return of Property" laws.

June 6, 2005

DA Drops Criminal Investigation - Annouces Return of the Seized Property to Salzenberg.

May 2, 2005
Company Agrees Not to Enforce Exparte Orders - Property to be Returned to Salzenberg unless another motion is filed.

April 26, 2005
Company files Exparte - Receives orders to intercept equipment from police to start imaging.

April 25, 2005
Salzenberg receives back dated letter from company "accepting his resignation"

April 21, 2005
Salenberg's Property Seized within hours of police report made by CEO.

April 20, 2005
Salzenberg and CEO exchange emails and faxes in an attempt to negotiate a face to face conversation. CEO finally gives the OK to Salzenberg bringing an attorney with him.

April 19, 2005
Salzenberg sends compliance letter to CEO. Salzenberg also sends follow up message to COO that he has "not resigned". CEO immediately locks Salzenberg out of company email and network.

April 18, 2005
Another employee leaves company after voicing compliance issues.

Software Developers need a union or Guild

[Inigo+Montoya]

Ok, there are many guilds out there already, but I mean perhaps we should band together somehow, pay dues/insurance fees specifically designed to create an insurance fund to protect us in our times of need against these software malpractice suits.

Re:Software Developers need a union or Guild

And then we can have a weekly awards ceremony to supplement our daily therapy sessions...

What?

[Senjutsu]

Why would he still have legal bills if HMS hadn't decided to trump up charges? He made criminal accusations; those are prosecuted by the state, now by him.

Re:What?

[Senjutsu]

s/now/not/

Re:What?

[winkydink]

He's lawyered up.

If he wins a judgement, but the company declares bankruptcy, then he's just another unpaid creditor.

His lawyer, however, will still expect to be paid.

Re:What?

[Senjutsu]

We're going in circles here. If the company hadn't accused him of an unrelated (and probably fictitous) crime, he never would have had to "lawyer up".

Let's start over: A whistle blower should not have to resign when they report illegal activity by their employer. That is the point of whistle blower laws. As long as he remains an employee, any retaliatory actions taken by the employer (firing him, usually, but also demotions and de facto demotions and the like) will be prosecuted by the state, rather than requiring him to spend his own money defending himself. Financially, it is to the whistleblowers benefit to not resign, as he continues to draw paychecks and gains the ability to have the state deal with punishing unfair treatment by the company, rather than having to do it out of his own pocket.

The only reason this is costing him a dime is because the company apparently decided to commit a second crime (filing a false police report) in retaliation; this requires him to retain his own lawyer to defend himself against the criminal charges involved, and could/would have happened even if he had resigned.

In summary: Saying he should have resigned is utterly asinine.

Re:What?

[winkydink]

I disagree with you. In theory, a whistle-blower has many protections. In reality, many of them have their lives completely ruined by the experience. While it may be theoretically financially benficial from a paycheck standpoint, what is the ultimate cost? Your employability? Your marriage? Your health? Your life?

It's easy to be altruistic when speaking of others.

Re:What?

[1u3hr]

The only reason this is costing him a dime is because the company apparently decided to commit a second crime (filing a false police report) in retaliation; this requires him to retain his own lawyer to defend himself against the criminal charges involved, and could/would have happened even if he had resigned.

From what I saw in the warrant, the company didn't directly accuse him of criminal acts; they said that since his letter to the company (complaining of their immoral and probably illegal practices) he had accessed their source code which was worth X million dollars, vital trade secrets, etc; implying he was going to release or sell it. Though why the police took this as a cue to strip his home I don't really see. I thought you needed more than suspicion to conduct such an intrusive search.

Some years ago I quit from an employer that was months late with my salary. One of the delaying tactics they used at the Labour Tribunal hearing was to say that I had hacked their network (which I had set up) and asking for an injunction to prevent me doing that -- though how the court could do that aside from locking me up in solitary I don't know. The judge thankfully ignored this claim.

Re:What?

[tricorn]

Actually, I thought it was striking that nowhere in their documents did they claim he accessed their network after his purported resignation. All the access was in the 3 weeks BEFORE he sent the letter. The "big deal" appears to be that he was using his personal laptop to access CVS, both at work and at home, and that he accessed source code for projects that he "wasn't authorized to work on", plus the utter stupidity of the insinuation that downloading more files than you upload is evidence of misappropriation (in fact, that he uploaded changed files AT ALL is indication that he was working).

Hopefully, the response to all of this will be that a) his legal bills get paid by donations; b) his case gets thrown out; c) they get fined for filing false reports; d) he successfully sues these bastards for defamation; and e) they get hit with a bunch of lawsuits for computer trespass and have everything in their offices and the homes of their officers seized.

Health Market Science has Copyright on a perl mod

[ugmoe]

It looks to me like Health Market Science shares a Copyright with Chip on some of his Perl work.

What did Health Market Science think they were getting for their funding dollars?

AUTHOR
Chip Salzenberg,

ACKNOWLEDGEMENTS
Thanks to Heath Market Science for funding creation of this module. Thanks also to Larry, Damian, Allison, et al for Perl 6 subroutine syntax, and to Damian for Filter::Simple and Parse::RecDescent.

COPYRIGHT & LICENSE
Copyright 2005 Chip Salzenberg and Health Market Science.

Pumpking Definition

From http://search.cpan.org/dist/perl/pod/perlhist.pod

To explain: David Croy once told me once that at a previous job, there was one tape drive and multiple systems that used it for backups. But instead of some high-tech exclusion software, they used a low-tech method to prevent multiple simultaneous backups: a stuffed pumpkin. No one was allowed to make backups unless they had the "backup pumpkin".

The name has stuck. The holder of the pumpkin is sometimes called the pumpking (keeping the source afloat?) or the pumpkineer (pulling the strings?).

Therefore, the person in charge of making sure that things arent duplicated/mixed up/general weirdness is the keeper of the pumpkin, or the pumpking.

re: what's to stop them?

"what's to stop your employer or client from doing the same to you, should your relationship sour?"

The cleverly placed logicbombs in every piece of software I've written for them in the past 5 years.

Legally plugged in I might add, due to a slick little addition I was able to get management to sign off on, in our common development standards, they "help protect against misappropriation of our trade secrets", the irony of this post is almost painful.

They know of their existance, but not of their operation or location, it's my magic bullet against our new board of directors trying anything stupid.

Maybe they really meant it

[funkwater]

Just because this guy is an OSS programmer doesn't mean he's an angel. Hell, I know of at least one other Perl guy that is a convicted felon. Perhaps HMS actually believed that he was misappropriating their trade secrets. Would it then be wrong to have the authorities get involved?

Let the courts decide what really is going on. Let all the facts come out before passing judgement against his employer. Isn't that why we have a judicial system?

Re:Maybe they really meant it

This has nothing to do with what the man did or did not do. I couldn't care less about that, frankly. I am concerned that the judge in this case appears technically illiterate and granted a search warrant on pretty damn flimsy "evidence". Any of us could get hit just as easily, and for even less reason. Good reason to maintain hidden offsite backups and to thoroughly encrypt anything important, that's for sure. Let them have your computers ... those are cheap nowadays. But if the evidence-handling types "lose" your data (as they often do after your hardware has been confiscated) you're screwed.

Law enforcement and the judiciary seem to have taken the approach that anyone who is knowledgeable about computers is suspect. I think that's largely due to ignorance: the majority of people (judges, cops, FBI guys, whoever) don't know squat about computing technology, and consequently lack the ability to make intelligent judgements about issues that involve it. That really needs to change, or more technojocks are going to end up on the wrong end of the stick.

Better yet -- contact the customers!

[BroncoInCalifornia]

The website of Health Market Science of King of Prussia, PA and their contact page and their email address info@healthmarketscience.com.

Here is where these slease balls brag about their customers. Contact them:
http://www.healthmarketscience.com/customers/custo mers.html

Re:Better yet -- contact the customers!

Yeah, because 17 of the top 20 pharmaceutical companies are going to care!

Re:Better yet -- contact the customers!

Can you post that list here? The site is down.

Re:Better yet -- contact the customers!

[Withershins]

The healthmarketscience websites have been taken down. I expect they had no idea of what they were sturing up.

Re:Better yet -- contact the customers!

I was able to get to the customer listing through google. Here is the list:

1)Guidant
2)Medtronic
3)Pfizer
4)Quiet Diagnostic
5)Wyeth
6)Abbott Laboratories
7)AzeraZeneca
8)sanofi aventis
9)Brystol Meyers Squibb Company

Be sure to inform them, politely, that their affliation with Health Market Science means you will avoid any product or investing opportunity associated with them.

Chip was naive, but that does not mean we are release from our duties as active citizens. A teenage girl that is assaulted when in the wrong part of town late at night is naive, but that does not mean we don't pull the assailant from out of their hole and make them accountable.

Re:Better yet -- contact the customers!

[Idou]

They will if they think you are an investor. . .

Re:Better yet -- contact the customers!

Customer List:

• Medtronic
  
• Pfizer
  
• Bristol-Meyers Squibb
  
• Wyeth
  
• Guidant
  
• Abbott Laboratories
  
• Quest Diagnostics
  
• Sanofi Aventis
  
• Astra Zeneca
  

Note: I am not advocating a boycott or anything, just hoping that there is someone clueful at these companies and has the clout to refuse to do business with HMS.

Toast

[donutello]

Sounds like his webserver was running perl.

Oh, wait. That didn't make any sense.

Re:Any legal rights?

You sig would be better (and funnier if you had "!11!!!d00n" which would work better. That way the impression can be read by anyone.

warrant

[jotux]

The warrant is halarious. If you read the bottom, it basically says:

the company president called me, and said that one of his employees has accused him of illigal acts. Please go to my employees house, and remove everything that he has that could be used to prove that we have committed illigal acts.

Re:warrant

the perfect tit-for-tat would be to get a search warrant to seize all the COMPANY'S computers (and scanners, copiers, camcorders, etc etc etc).

Perl = Legal Trouble??

[Captain+Bumpsickle]

What is it with people high up in the Perl community and legal troubles?? Didn't Randal L. Schwartz also get into trouble with a past employer?

This should be reason #1 to use Python.

I'm just joking everyone...nothing to see here...carry on.

Re:Perl = Legal Trouble??

[Mike+Buddha]

Didn't Randal L. Schwartz also get into trouble with a past employer?

Yeah, Intel. He was convicted of three felonies. He was running a password cracking program on their servers. He had cracked computers not only on Intel's machines, but on the machines of some of their partners, as well. He'd also installed some backdoor programs on several machines at Intel. It was really stupid of him to do all of this.

Re:Perl = Legal Trouble??

I might also add that in 1994 the first spammers used Perl for their mass-mailout program. AND THE GUYS WERE BOTH OF THE LEGAL PROFESSION!!

ROFFLE!!!

WTF is this guy on

[OverlordQ]

Some nice exerpts from his original letter:

Federal courts have held that web spiders must obey the
established ROBOTS.TXT mechanism by which web site owners limit automated access,
and that a failure to obey ROBOTS.TXT constitutes trespass.

I musta missed this case.

At that time, the accepted
strategy for getting around such blocks was to obtain multiple web hosting accounts to act
as proxies for HMS's harvesting systems. I did not then realize that knowingly bypassing
blocks placed by web server operators was illegal.

Must have missed this one too.

hijacking thousands of vulnerable machines all over the
Internet, using them and their network bandwidth without the knowledge or
permission of their owners as unwitting accomplices in HMS's data harvesting
operation.

one could argue by allowing all connections the owners are implicitly granting permission

Under PSC 3933, every instance - every single instance - of hijacking an
open proxy is a misdemeanor of the first degree.

Again they're not hijacking them they're just using them.

Anyways here's a mirror of his original letter.

Re:WTF is this guy on

I musta missed this case.

yeah, what's your point? i missed last night's episode of "law and order" - but i don't feel the need to tell everyone about it.

oh wait - maybe you're trying to say that because you've never heard about it - that means it doesn't exist.

excellent logic. you must be a lawyer.

Re:WTF is this guy on

[mi]

I did not then realize that knowingly bypassing blocks placed by web server operators was illegal.

DMCA may apply to any such bypassing... It also may not, but this is a reasonable concern.

Re:WTF is this guy on

Thank you. I was beginning to think I was the only one around here that did a touble take when reading this guy's letter. I could see how an employer might be concerned that such a vigalante type might attempt to convict the company in the court of public opnion by publishing their supposedly illegal code for all to see (hence the trade secret suit). I'm not saying that what they did was necessarily right, but this guy does seem to be pulling the criteria for what is legal out of his ass I wouldn't be surprised if there were some threats or insinuations about publishing the source.

SLAPP

[BrookHarty]

I think you should check into SLAPP protection.

http://en.wikipedia.org/wiki/SLAPP

Heres the little secret, Judges do not like to read long legal briefs, if someone makes a case and references some case law, they might just get the warrent, action or restraining order.

Its a messed up country where the legal system is in a horrible state by lazy judges/commissioners that have to actually think the about the case. Whats worse, some are voted into office...

Missing Something!

[NickFortune]

Chip isn't a whistleblower. Whistleblowing involves running to external authorities with a story.

Chip complained internally. That's allowed. That's ethical. He was giving his employers a chance to sort out a problem. The open proxy scam might have been in contravention of company policy.

Unlikely with hindsight, I'll grant.

OK, I'm missing your point, I know. I don't even disagree with your advice. All I'm saying is let's watch the terminology. A lot of people will thing "Whistleblower, pah! He had it coming!" when nothing is further from the truth. He got into this mess because he gave his employers the benefit of the doubt.

Re:Missing Something!

[TwistedSpring]

Chip threatened his own employers with legal action. What do you expect them to do?

Re:Missing Something!

I *am* a lawyer......

Chip's mistake, from what I can tell, is not consulting with a lawyer before he did anything. The letter he wrote, while a great "f* you" letter to his employer, made a couple of mistakes that almost lawyer would've told him to leave out. Including the threat of legal action.

Once someone threatens you with even possible legal action, most companies go into offense mode. It's not really a choice they have, they have to protect themselves and what they see as their intellectual property. (I say it's not a choice because it's what their counsel tells them. They can also choose to ignore their counsel, but then few companies do that since it defeats the purpose of engaging such counsel in the first place, at least in their minds.)

I feel badly for this guy and will likely contribute to this fund. But I can't help but think there was a better way of handling this situation before it got down to an employee threatening their employer with legal action if they don't stop a behavior they, personally, find objectionable.

If you don't like something your company is doing, let them know you don't like it. If they say, "Tough sh*t," then you have two choices -- leave on your own, or stay and suck it up. Staying and making threats against your employer isn't likely to be tolerated by anyone, anywhere.

Re:Missing Something!

I'm tired of crap answers like this. What do I expect them to do? Act responsibily and don't abuse the law.

What the fuck is up with nerds on slashdot thinking that companies acting like this should be acceptable, reasonable, or predictable? Yeah, it's all those things as long as you let it. I mean shit, if my company pissed me off and filed false charges against every level of management, would that be acceptable or predictable? Why is it okay for companies to act like this and people just accept that it's normal and acceptable?

This company and the managers behind this action should be skinned alive and hung out to dry. I just contributed 50 bucks and will contribute more after next payday.

And if he loses this, then I know what I will do in the future while working for a company engaged in questionable activity. Legal action first, ask questions later. And trump the lawsuits up too, like the CEO made unwanted gay advances towards me, promises of promotion if I'd only let him have his way with me, etc... Fsck this. Corporate America wants a war, let's bring it to them.

Re:Missing Something!

[jbolden]

I'd expect them to determine if Chip was correct that they were acting illegally and if so work to immediately correct the situation and compensate anyone they had harmed. Back in the 1940s-1970s when we had a government which wasn't in the pocket of business and actually enforced laws that's what likely would have happened.

Re:Missing Something!

[soft_guy]

I would only expect gangsters to act the way they acted in response. Another poster already stated that he would expect them to investigate the allegations and correct the problem. The fact that they didn't tells me they are gangsters.

Re:Missing Something!

[Apuleius]

How about putting a halt to the activities that prompted his threat?

Re:Missing Something!

[putaro]

Chip's mistake, from what I can tell, is not consulting with a lawyer before he did anything

Yah, everybody's mistake is not consulting with a lawyer before tying their shoes or opening their mouths. I think that everyone should have a lawyer with them at all times to make sure that they don't do or say anything actionable.

I say it's not a choice because it's what their counsel tells them.

Maybe the problem is that lawyers tend to see every problem as requiring legal action and more billable hours.

Re:Missing Something!

[calvertvl]

My understanding, from the PDF linked at the top, is that their action is not "personally [found] objectionable" by Chip, it's completely and utterly illegal (at least in terms of ignoring robots.txt and using open proxies, not to mention zombies). That said, I have not actually read the law myself, nor am I a lawyer. Retaining a lawyer would have been a *very* good idea, as this is related to illegal business practices. Also, he was doing this internally, and, while I agree that threatening legal action was stupid, I can see exactly why he did. (And this is why a lawyer would have helped.)

Furthermore, if the company is already breaking the law, and has sufficient legal firepower and the will to defy the court system (not unlikely in this case), then the *only* way to be able to take something like this to court is to keep backups and/or immediately go to law enforcement. Unless anyone has other ideas?

Of course, it seems that most lawyers aren't very good regarding technical issues, not to mention most judges, so going to law enforcement, if you don't go to the FBI directly, which probably would have been the best option, is of limited value.

Re:Missing Something!

you sir, are a moron

Re:Missing Something!

you sir, are a cowardly moron

Re:Missing Something!

IANAL, but it seems like there is still something else missing.

At most companies where you handle their intellectual property, you are granted access for the purpose of doing your job. If you read his letter, Chip sought out source code which documented the wrongdoing. It is unlikely that his job description includes collecting evidence against the company. If a legal case is going to be brought against the company, it should be going throught the legal system. So, it may well be true that, although well-intentioned, he did misappropriate company property.

Re:Missing Something!

[boots@work]

Obviously the point is to have enough sense to know when you need to see a lawyer and when you should save your money.

Seems to me that before starting a fight with (what you believe to be) a criminal organization it would be a good idea to see a lawyer. A few hundred bucks for a consultation is small change compared to what he's up for now.

Re:Missing Something!

Well, IANAL, but I agree with your advice, with one caveat. It's also OK to do this if you have dirt on the CEO's wife. If you know which VP she's banging, you can drop that on the CEO when he thinks he has your nuts in a vice. You only have to threaten to tell the secretaries in the company and he'll go limp. Trust me, it works every time.

Re:Missing Something!

[UnrepentantHarlequin]

Clean up their act, maybe?

Ethical people tend to believe that others are ethical until and unless (and sometimes even after) they are faced with incontrovertible proof to the contrary. If you tell an ethical person that he's doing something wrong, his response will be "oops, lemme fix that." So, assuming Chip is an ethical person (and the fact that he tried to resolve the matter internally is evidence of that) it's logical to assume that he expected them to say "oops, we'll get right on fixing that" and, in fact, fix the oversights -- not retaliate against him for bringing up the intentional violations of either legal or ethical standards.

Re:Missing Something!

This guy got screwed over and I feel bad, but it was incredibly stupid of him to go internal with this after he found out the CEO fully supported the operation. What did he think they were going to do? If he had done the smart thing and gone to the Feds, he wouldn't need to be taking donations on his website right now.

Re:Missing Something!

[aminorex]

The only people who dis whistleblowers are the criminals and reprobates that said agents of justice are dragging out of their rat holes.

Information does not want to be free, but a free people *need* it to be free.

Re:Missing Something!

[TwistedSpring]

I mean, did you expect them to not be bastards about it? "Lol guys you're crooks, I've got a ton of your IP right here and substantial evidence that you're conducting illegal practices". You think the company is going to say "Oh ok then Chip yeah you're right, we never realised that before! Better clean up our act!" Bullshit. What sort of world do you live in? They're going to say "Yeah we know it's illegal and we'd rather not have problems like you. Get off our back, little man. We're going to fight you in court to save face. We know you don't stand a chance against our MegaLawyers. Now we'll just be taking all your hardware and manipulating the legal system into deleting all that IP of ours you had the right to download onto it."

Expecting Corporate America to be ethical and legal is extremely naïve. It will be as unethical and illegal as it can possibly be whilst still being able to smack down people like Chip who have a "hilarious" moral objection to their nefarious dealings. Corporations work on legal loopholes and avoiding prosecution. They certainly do not run on ethics.

Re:Missing Something!

[NickFortune]

Interesting.

HMS fabricated evidence in order to have the police raid Chip's house and sieze his computer equipment.

Chip threatened his own employers with legal action. What do you expect them to do?

Have your expectations regading business ethics fallen so low that you expect all companies to break the law as a matter of routine? Or are you suggesting that this is acceptable behaviour for an employer? Your message reads as though you approve, which may not be what you intended to convey.

HMS was already knowingly engaged in illegal activities. So probably Chip should have expected their response to be similarly illegal. With hindsight, that seems glaringly obvious.

But to simply dismiss that the company's actions with "what do you expect?" is foolish and dangerous. If we grant acceptance to such activities what can we expect the next time some CEO decides to push the envelope?

I mean yeah, ok, ScumBagSoft sent some goons around to beat the guy senseless, rape his wife and kidnap his kids. But, you know, he was like rude to his CEO in public. What'd the guy expect?

Re:Missing Something!

[NickFortune]

Up to a point. A lot of those criminals and reprobates would seem to have spent some time trying to make whistleblowing seem like a bad thing. I think there are a lot of basically good people who think whistleblowing is somehow wrong, just because of the spin its been given in them media.

So without disagreeing with you, I thought it was worth stressing that Chip wasn't blowing any whistles.

Re:Missing Something!

[NickFortune]

I *am* a lawyer......

Good. HSM seem to have misrepresented log data to the police in order to get Chip's home raided and his property confiscated. I would have said that was illegal. Do you concur?

If you don't like something your company is doing, let them know you don't like it. If they say, "Tough sh*t," then you have two choices -- leave on your own, or stay and suck it up. Staying and making threats against your employer isn't likely to be tolerated by anyone, anywhere.

And the next question is what constitutes an acceptable level of intolerance.

• Getting shouted at by the boss - fair enough.
• Instant dismissal and being escorted off the premises - a bit harsh, but I could see where the employer was coming from
• Having the employee's personal possesions siezed on trumped up charges... that seems somewhat excessive.

You sympathise with Chip's predicament, but the subtext I get is that Mr. Salzenberg's naivety somehow justifies the illegal behaviour of his employers. I think there must be a limit to the sort of unpleasantness we are willing to countenance, simply because it's "just business". That didn't work for Al Capone and it shouldn't work for the likes of HMS either.

HMS are deeply, massively and incredibly in the wrong over this. Let's just keep that in mind.

Re:Missing Something!

[16K+Ram+Pack]

The point is really, check with a lawyer before *threatening legal action*.

Trust me, People react pretty badly to such a threat.

Re:Missing Something!

[Shaper_pmp]

FFS strap down that jerking knee before you do someone an injury.

Yes, lawyers get involved in things too easily these days.

Yes, the legal profession is sucking the money, time and vitality from american (world?) culture, and fattening up on their ill-gotten gains.

Yes, lawyers themselves often come off as objectionable, closed-minded, grabby little bastards (with apologies to the GP).

However... this is someone who uncovers prolonged, well-known and deliberate, immoral and illegal behaviour by the company he works for.

The software in question (IIRC) was written by the very people he's writing the memo to.

They clearly understand and appreciate they're doing something shady (if not outright illegal), and he basically calls them on it, to their faces.

If this memo was written as a resignation letter, fair play (although the implications are a little threatening - I know you're doing illegal stuff, here's how much trouble you'd get into if anyone found out, BTW I'm quite clearly pissed off with you and I'm resigning...).

If it wasn't offered as a resignation letter, it's extremely stupidly-written. Sure, the company has gone way overboard and are clearly a bunch of shameless criminal cunts, but read the letter again - did he ever, under any circumstances actually expect them to thank him for the memo and pat him on the head?

No - he's clearly telling them he knows what they're doing, he's clearly stating how much trouble they'd be in, and stating his position as diametrically opposed to them.

Sure, it could harm his professional credibility if/when it came out, so he should have resigned quietly, or gone straight to the authorities. Given the company's position on the matter he's clearly never going to persuade them to stop what they're doing, so his job was pretty much gone from the moment he decided he couldn't tolerate their behaviour.

Sending this not-resignation letter, requesting (presumably) he be assigned to another project, then explicitely threatening them with legal action?

I have all the sympathy in the world, but well, he's basically asking for trouble.

Just to clear up: I have every sympathy for Chip, and I sincerely hope these criminal fuckwads get everything coming to them, but yes, consulting with a lawyer would have been a no-brainer, and yes, he fucked up.

Knee feel any better yet?

Re:Missing Something!

[The_Other_Kelly]

May I enquire then what he SHOULD have done ?

Seems to me that he played straight ball, by the rules. It is in NO way "threatening" to state that you will report illegal activities, should they not cease immediately.
It is in fact a DUTY to do so. Perhaps even to report previous events, even if they are no longer being committed.

It is polite, as Chip did, to first bring things to the attention of the owners/decision makers, since it is possible that they simply did not know. But only polite, since the "deal" is between a citizen and the state.

From their subsequent actions, it is quite clear, that they did know, did not care and sought to hide any evidence and suppress any witnesses.

The other aspects:

• gunpoint blanket seizure of any related property, by pumped up police
• search warrants signed automatically, without inspection, by overworked, disengaged judiciary
• the implicit assumption that ANY individual involved in ANY action with ANY COMPANY is, obviously guilty.
• The automatic DEFENSE, without bothering to read or check any of the facts, of the COMPANY, by people who should know better.

All of these seems to be now "normal", and part of a whole climate of contempt for the rights of individuals, and the deification of the rights of companies.

When exactly did it all change? When did it start being normal that the citizen is automatically the enemy ?

Re:Missing Something!

[surprise_audit]

Given what Chuck's accusing the company of, I'm surprised they'd be so apparently willing to let it be dragged into court. It doesn't really matter whether he has the money for a long legal battle, once those accusations become general knowledge, the company is going to face some tough questions from people that can shut them down.

Yes, it's a crying shame that Chuck's being victimised, and I'm not in any way condoning that. I'm just pointing out that the company have screwed *themselves* over by making such a big fuss. That letter names names - both the principal offenders *and* several victims (Washington State & Montana) and hopefully that's a juggernaut that will roll right over HMS and grind them flat.

Re:Missing Something!

Expecting Corporate America to be ethical and legal is extremely naïve.

There's a difference between acknowledging that corporations sometimes take legal shortcuts and expecting corporations, just like normal people, to follow the law and act ethically.

The difference is in the semantics of the word "expect", I'll grant. But it seems that difference is lost on some. "He threatened his company. Why should he be surprised?" is not the same thing as "He threatened his company. He had it coming" (for one thing, I don't see anywhere that Salzenberg claimed to have been surprised). But you wouldn't know that from the GGP, in which you responded to derision of the sentiment "Whistleblower, pah! He had it coming!" with "Chip threatened his own employers with legal action. What do you expect them to do?"

As the GP post noted, we should expect them to follow the law. That's a reasonable expectation, and we shouldn't let cynicism regarding abusive companies dull that sensibility. By contrast, it is NOT reasonable to believe, in any way, shape, or form, that Salzenberg "had it coming". He did not deserve what happened. The company is clearly in the wrong.

Oh, and one more thing: not all companies behave illegally and unethically whenever they can.

Re:Missing Something!

[dstewart]

I think you misspelled "Thank you for the free advice."

Re:Missing Something!

[snorklewacker]

You know, I'm not a big fan of the way lawyers are insinuating themselves into every crevice of modern life ... but this would have been good advice 50 years ago. Threatening legal action before you consult a lawyer is equivalent to going into battle unarmed. Your anti-lawyer rhetoric is really gratuitous here.

Lawyers are expensive. Doing the right thing often is. What Chip is now having to defend against is much more expensive.

Re:Missing Something!

Have your expectations regading business ethics fallen so low that you expect all companies to break the law as a matter of routine?

Haven't you? If so, why not? Remember, "profit at all costs" is the mantra of modern business. A company can afford to lose a few hirelings to jail if it means enough profits.

I mean yeah, ok, ScumBagSoft sent some goons around to beat the guy senseless, rape his wife and kidnap his kids. But, you know, he was like rude to his CEO in public. What'd the guy expect?

Unlikely and sensationalistic. If a company wants to discredit someone, they can be a lot more subtle than that. Steal his dog; and then wonder out loud that he's that bad at taking care of his dog, how safe are his kids? Walk away with the threat unstated. Watch him go quietly insane.

He'll probably want a drink at that point. If he goes to a bar, have your crew of thugs start a minor shoving match, give the victim a black eye, and have them all, plus the bouncer and bartender, testify in court that he got drunk, and attacked them.

Once he makes bail, he'll be really paranoid. Now, all they have to do is plant drugs on him; say, the kind that make you paranoid. Or they could be more direct, and just kidnap him, shoot him full of heroin, and call the cops to pick up his drooling body.

When he tries to tell the police how he was kidnapped, shot full of drugs, and how it's all one big conspiracy, he'll never be believed. This will make him bitter and paranoid in front of the judge. He's got absolutely no credible defence; any reasonable jury will convict him of drug possession.

If he hasn't caved completely by the the time his civil suit comes up, he'll be bitter, paranoid, angry and thoroughly discredited. He'll make a horrible witness. "Your honour, this man is a convicted drug addict who has also tried to pin the blame for this prior assault and drug convictions on this company. Clearly, he's got some sort of irrational vendetta against us. We're innocent of all wrongdoing, I assure you."

It wouldn't be very expensive to buy a small amount of drugs, to hire a dogcatcher, or to hire a bike gang to cause trouble. It would take a highly unethical band of driven, opportunistic bastards to pull it off, but then, there's no real shortage of businessmen in the world. So, is this sort of thing possible? Yes, of course.

Does it happen in the real world? Your guess is as good as mine; but it's sure possible, and in my tinfoil hat moments, I sure wonder a lot. It's what I'd do, if the stakes were high enough, or if I was pissed off enough, if only I didn't have all these annoying attributes like a conscience and a soul to hold me back...
--
AC

Re:Missing Something!

[NickFortune]

Have your expectations regading business ethics fallen so low that you expect all companies to break the law as a matter of routine?

Haven't you? If so, why not? Remember, "profit at all costs" is the mantra of modern business. A company can afford to lose a few hirelings to jail if it means enough profits.

OK, that's a fair question. I'll do my best to answer it properly.

First of all, there is an ambiguity regarding the verb expect. On the one hand it means antcipate or pedict. e.g. "I expect it's going to rain this afternoon".

On the other hand, it can also mean to insist upon or require. e.g. "I expect better service than this in a restaurant that charges these prices!".

So while my expectations/anticipations regarding the quality of modern corporate ethics may have fallen in the face of recent behaviour from a few well publicised cases, I still expect/require ethical behaviour from corporations.

I hope that clarifies my position.

Unlikely and sensationalistic. If a company wants to discredit someone, they can be a lot more subtle than that.

Granted. I offered an extreme example to illustrate where corporate behaviour may end up if we appear to sanction coropate contempt for the law. And when we say "what did you expect?" that is what we do.

Does it happen in the real world? Your guess is as good as mine; but it's sure possible, and in my tinfoil hat moments, I sure wonder a lot. It's what I'd do, if the stakes were high enough, or if I was pissed off enough, if only I didn't have all these annoying attributes like a conscience and a soul to hold me back...

Well, without commenting on the liklihood or the sensationslism of your scenario, we can at least say that it;s a lot more work than openly hiring thugs. At the very least, we should try not to make corporate scumbaggery any easier than it already is.

They should be careful too

[chris_mahan]

It *could* happen that all future versions of PERL will fail to install on Health Market Science servers.

Purely coincitentally, of course...

Re:They should be careful too

[SirSlud]

Anyone have the story of MS trying to buy that E-Card company (Blue Mountain or something?), and the next version of Outlook had some bug in it that would silently delete email coming from that domain?

No, I'm not claiming it happened, but it does ring a bell, and your post reminded me of it.

Odd town names

[winkydink]

As opposed to say, Intercourse, Pennsylvania?

Re:Odd town names

[fizbin]

That's nothing - near the same place are the towns of "Blue Ball" and "Paradise", and the route between them leads, if not directly through Intercourse, pretty damn close.

Re:Odd town names

Yeah yeah. Ha. Like everyone in Pennsylvania hasn't heard/told those a million times before.

Mirror of the donation insturctions

[Fiery]

None of the views expressed in the website constitute the views of the Armstrong & Carosella PC law firm, or any
principals or employees, or agents or experts who have been retained in any capacity in connection with the case.
Information on this site is for educational purposes. Case Caption: Health Market Science, Inc. v Charles H. Salzenberg, Jr..
Court of Common Pleas of Montgomery County, Pennsylvania. Case Number: 05-11918

Donate today, to the
Chip Salzenberg Defense Fund. Over $40k in legal defense fees incurred since April 23, 2005.
Protect yourself from the same thing happening to you. Learn from this site, mirror it. Please donate. We thank you for your help.
OMITTED from the Company's Pleadings,
UN-INVESTIGATED by the Detective,
it caused IMMEDIATE ACTION by the CEO,
READ the LETTER that started it all!

Why care?

We didn't ask for this fight but we do hope that the telecommuting community learns from it. As a well known contributor to OpenSource and perl for many years, Chip continued his efforts to protect the spirit of opensource and the internet by attempting to inform his employer...sadly it brought on serious consequences in the form of an ugly legal battle with results that can affect all employees and consultants who hook up to an employer's network. We urgently need your help. The Chip Salzenberg Defense Fund is an escrow account sponsored by the law firm of Armstrong and Carosella to help pay the mounting legal defense fees for Chip Salzenberg and his family. The funds will only be used for legal costs to defend Charles Salzenberg and his family against Health Market Science, Inc. Donations are NOT tax deductible. Thank you in advance. We would love to hear from you.

Donate by email

You may send us your email address, name, phone number and pledge amount. We will email you back a "Request for payment".
You'll be able to pay by credit/debit card or using your Paypal account. Send email to: gifts@geeksunite.net.

Donate by Mail

If you would prefer to mail your donation, please send it to the following address:

Chip Salzenberg Defense Fund Escrow
Care of: Armstrong & Carosella
882 S. Matlack Street
Ste. 101
West Chester, PA 19382

Make Checks payable to Chip Salzenberg Defense Fund Escrow" (NOT tax deductible).

If you have questions or need additional information about making a gift to the Chip Salzenberg Defense Fund,
please call 925-457-6634 or email gifts@geeksunite.net.

you expect to get bitten?

I would expect to get stung! Or is that nest in a dog's mouth? Dogs that when they open their mouths they shoot bees at you!!!

I think the lesson here is obvious...

[hunterx11]

Perl Programming Considered Harmful

I am continually shocked and dismayed to see people write test cases, install scripts, and other random hackery using Perl. Perl is seductive because of the abundant CPAN modules and its TIMTOWTDI philosophy, so the path of least resistance is followed and a Perl script is written. Sadly, programming in Perl inevitably leads to one's employer taking legal action against the programmer.

The most common problem encountered with Perl programmers is pointing out embarrassing things about their employers. All they are able to do is white-hat hack or whistleblow. While some educators have fixed some of Perl programmers' flaws (closed-minded disciplinarians do much better here), many have added new ones. Most of their problems can never be solved because they're not inadequacies per se, but rather the direct consequences of intelligence and free-thinking.

Re:I think the lesson here is obvious...

[tktk]

Perl Programming Considered Harmful

Did Netcraft confirm it?

Send in the wobblies!

[dyfet]

There actually is such a "Union", which offers a local for those practicing the software "trade". The IWW (Industrial Workers of the World), more effectionately known as "the Wobblies", actually do this. I will say no more, for the IWW and its long and colorful history are in itself is a topic that when researched through google should cause endless thought and speculation on many things past and present, and which many people will hold very strong views about. My suggestion, it would have been far more painful for his (now ex) employers if rather than reporting their misdeeds to the police as some had suggested, he instead responded by trying to "unionize" their "software shop" under the IWW! :)

Re:Send in the wobblies!

Sounds like fuckin' commie bullshit to me.

Re:Have you been charged with a crime?

[Frank+T.+Lofaro+Jr.]

Let me clarify - you should do what's right and face any charges, civil or criminal - however - don't allow yourself to even spend one day or even an hour in jail - see http://www.spr.org/ for why.

Stay out of jail while getting evidence and aid to your side (or having public supporters do so).

Your #1 priority is staying out of jail until a final disposition of the case (if there is a criminal case).

Even if you win in the end, you must not be left alone in prison for any length of time.

Increasing level of risk:

Police/court lockups -> city jail -> county jail -> state and federal pen

Get the number of a bail bond agency NOW. Read http://www.spr.org/ NOW. Do some weight training to get strong NOW. Train yourself to run fast too - not to escape prison, but to escape the other prisoners. Remember, on the inside, you have no friends, just those who are threats, and those who (currently) are not.

An hour imprisoned can be a death sentence with AIDS.

Time line of events

[cursion]

Pulled this off the site ...

June 21, 2005 Intervener's Too Late? - DA Gives Away Computers Early. Company Already Imaging.

June 20, 2005 Emergency Stays Filed by All Parties - In an Attempt to Keep Property from falling into the Wrong Hands

June 17, 2005 Judge Awards Personal Property to Company - Admits to NOT Reading Salzenberg's Opposition.

June 16, 2005 Company Runs Interference - Files Motion to Intercept Released Computers Contrary to the May 2, Order and the "Return of Property" laws.

June 6, 2005 DA Drops Criminal Investigation - Annouces Return of the Seized Property to Salzenberg.

May 2, 2005 Company Agrees Not to Enforce Exparte Orders - Property to be Returned to Salzenberg unless another motion is filed.

April 26, 2005 Company files Exparte - Receives orders to intercept equipment from police to start imaging.

April 25, 2005 Salzenberg receives back dated letter from company "accepting his resignation"

April 21, 2005 Salenberg's Property Seized within hours of police report made by CEO.

April 20, 2005 Salzenberg and CEO exchange emails and faxes in an attempt to negotiate a face to face conversation. CEO finally gives the OK to Salzenberg bringing an attorney with him.

April 19, 2005 Salzenberg sends compliance letter to CEO. Salzenberg also sends follow up message to COO that he has "not resigned". CEO immediately locks Salzenberg out of company email and network.

April 18, 2005 Another employee leaves company after voicing compliance issues.

Re:Time line of events

The problem isn't just sleezy company practices, sleezy CEO's, and sleezy attorneys. It's judges who don't read what's put before them, and if they do read and don't understand what's put before them, don't get enough information so that they have an understanding before they rule. I was tempted to write "bonehead judges," but that would have been hostile.

Re:Time line of events

[Ikarius_rb]

I want to know more about what occurred from May 2 on. So what happened to cause the DA to drop the criminal investigation? And what exactly occurred where the judge admitted that he didn't read the opposition before ruling on June 17th?

Re:Time line of events

Why did you post that in reverse-chronological order? Wouldn't past-to-present have made a lot more sense?

Re:Time line of events

[Lew+Payne]

Judging from the Company's actions, if Salzenberg wants to litigate the matter of the return of
his personal property in an expeditious manner, he should seek out a criminal law attorney and file a
Jencks motion for the return of said property. It will be heard by a different Judge, and he'll be able
to show the Company's prejudicial actions. I had to file same to have the FBI return my property to
me, and (though expensive) it worked like a charm.

Here's a link to a Jencks Motion for the return of property.

Re:Time line of events

[Denny]

Because he just cut and paste it from the website without engaging his brain.

(karma whoring)--

Re:Time line of events

[SolusSD]

this people is (yet again) proof that our legal system does not work. it is a pawn for big business to 'legally' crush individuals and smaller companies.

The customers are probably slimebags too

If they are hiring spammers and harvesters I can't imagine they would care what people think about them or their suppliers.

SUE THEM BACK

[dynamo]

It's the only way to recoup your costs and get a fair result. They should be put out of business for what they did to you and the internet - might as well take their money for yourself. I'd contribute to the legal fund much more readily if it was an ATTACK fund rather than simply a defense fund.

Courts do nothing to stop unethical co. behaviour

[philovivero]

I worked for a company out of Reno, NV (yeh, a hotpot of corrupt companies, I know) and when I found out they were trying to bilk millionaires out of VC capital, I just turned in my laptop and said that was my final day.

The company refused to pay me for my last two weeks of service or any vacation time I had built up.

When I attempted to get the money from them, they produced a list of dates I was not in the office (exceeding my vacation pay plus 10 days for the last two weeks of service). These were days I worked from home (and I actually WORKed from home).

I tried to appeal to the legal system, but got a big runaround. This same company sued other ex-employees for frivolous things, and the courts took this company (that had a history of this sort of thing) quite seriously for years.

The courts have it in their best interest to make sure lawsuits keep happening and go on for extended periods of time. It's job security for them, and they just don't care that it's a drain on the rest of society.

I feel a need to download their web site.

Just a single copy, mind you. Repeated downloading might constitute harassment. But I am curious if they will change their site in response to this, so I want to keep an archival copy of the entire site (99 files, 1142600 bytes) for comparison.

Face it...

[HPNpilot]

Money and power are clinching their position in this country, and VERY rapidly. Combine the "Patriot" act with limiting freedom of the press to gutting of whistleblower laws to widespread corruption and add in a good dose of "liberal" bashing taking the form of "get tough on crime" and you get what we have.

Too late now, I'm afraid, and it will ge a *LOT* worse before getting any better.

What kind of mess have we left for our kids?

Mirror of the original letter

[Fiery]

19 April 2005

Charles H. Salzenberg, Jr.
P O Box 537
Southeastern, PA 19399

Health Market Science
2700 Horizon Dr. Ste 200
King of Prussia, PA 19406

Attn: Mark Brosso, Matt Reichert, Rich Ferris, Rob DiMarco, Dorothy O'Hara
Re: Legality and Morality of Harvesting Operations

It has recently come to my attention that that HMS is continuing the illegal and immoral web harvesting operation that I brought to Rich Ferris's attention over a month ago, in a conversation including Tim McCune. HMS's continued harvesting operations are a threat to me legally, morally, and professionally.

That HMS systematically collects data from web sites without the express permission of their owners is well known (inside HMS). Some web site operators are not pleased when (if) they figure out that their sites are being harvested. They sometimes respond by blocking the network addresses of the harvesting machines. This was a common problem in harvesting when I hired on to HMS in December of 2002. At that time, the accepted strategy for getting around such blocks was to obtain multiple web hosting accounts to act as proxies for HMS's harvesting systems. I did not then realize that knowingly bypassing blocks placed by web server operators was illegal. (As a result of other research, detailed below, I now know that has been illegal all along.)

As bad as HMS's past harvesting practice was, current practice is worse ... much worse. HMS has taken a page from the spammer playbook and is, deliberately and under management direction, hijacking thousands of vulnerable machines all over the Internet, using them and their network bandwidth without the knowledge or permission of their owners as unwitting accomplices in HMS's data harvesting operation.

I have confirmed these facts in conversations with several people with first-hand knowledge, including Tim McCune and John Marquart. I asked Tim McCune about HMS's proxy hijacking in the presence of Rich Ferris, a vice president of HMS and a company founder. In that conversation, Tim McCune confirmed to Rich Ferris and me that proxy hijacking was standard practice. Shocked, I informed Tim and Rich that proxy hijacking is very illegal and immoral. They were unmoved. I also have witnesses for other conversations.

I have also confirmed that the Harvester source code - which I, as a Senior Programmer, am authorized to access - includes Java code which collects lists of such vulnerable computers, called "open proxies," from web sites that maintain lists of them. I have also found the Java code which uses such proxies, without the permission of their owners, to connect to the sites that HMS harvests. The offending source code was written by Rob DiMarco, Tim McCune, and Jason Franklin.

This deplorable activity by HMS has serious legal, moral, and professional implications.

First, the legal.

I am not a lawyer, but I can read the plain English of the Pennsylvania Consolidated Statutes, and it is clear to me that hijacking the computers of random people is a crime in Pennsylvania. Under PSC 3933, every instance - every single instance - of hijacking an open proxy is a misdemeanor of the first degree.

HMS is committing these misdemeanors by the tens of thousands, under explicit management direction, and in accord with corporate strategy. One petty theft may draw little attention; but tens of thousands of petty thefts, all made by one company, at explicit management direction, and in accord with company strategy, might well lead to unpleasant legal consequences. Even a small fine is painful when multiplied by a hundred thousand.

HMS thus makes itself an attractive target for prosecution by a state's attorney who wants to show himself tough on corporate crime. HMS could be a stand-in for the spammers who commit the same crimes.

HMS's legal exposure is not limited to Pennsylvania. A number of the sites that HMS harvests are run by governments of other states who would be

Re:Mirror of the original letter

I used to write web bots for four years before moving onto a different line of IT work. Aside from Robots.txt, there is unofficial bot etiquette required in order to NEVER get caught.

1) Sleep the program plenty between each hit
2) Run the program at night to early in the morning
3) Only download new information whenever possible, by comparing what you got in a db versus what is on a list of data online. Crawling everything over again and again will only piss of site admins.

Obviously the company mentioned in the article is botting inappropiately, so too bad for them. They should have hired me instead to do the dirty work ^_^

Sounds pretty clear to me

[suitepotato]

They got caught with their hand in the cookie jar and immediately attempted a smear campaign to draw attention away from themselves.

Further, on nothing more than the company's say-so, they got a search and seizure warrant from a judge who was obviously unfit for service by the very fact of his signing it. Actual investigation and evidence is required usually for this kind of thing and it seems to be a case of "he-said, got the warrant, screw what the other guy said" sort of thing. Having been the victim of this myself, I am not surprised. Saddened that it continues, but not surprised. People who love increasing the powers of the state for their political aims can just as quickly be the nail getting pounded down by that same state.

What is so shocking is that they think they will get away with it. All that are needed are logs from servers harvested by this scumbag outfit despite their attempts at a polite no through robots.txt, etc., and it will become a landslide against them with the first lawsuit for the intrusion.

If I had any money, I'd send some.

Re:Sounds pretty clear to me

immediately attempted a smear campaign to draw attention away from themselves.

Looks like they've been taking lessons from the Church of Scientology!

Sympathy for the devil / company

[Brian+See]

I have a feeling that this will be unpopular with many /. readers, but what about the perspective of the company? Were/are they really acting unreasonably?

Here's an employee who's signed an agreement not to disclose trade secrets, and he's threatened to disclose the source code. He has CVS access, and it looks like he's downloaded a lot of the source code to his personal computer. If the company is in the right and it's not "hijacking" open proxies, what's it supposed to do? Let this guy go and let him smear the company's name and product? Or worse, let him post the company's source code publicly? Salzenberg cites the Pennsylvania statutes on "unlawful use of computer" in his letter, but the misappropriation of trade secrets is also a statutory violation...

If everything Salzenberg says is true, then he's truly gotten a bum deal. But I'm sure his superiors at the company have a different story, and who knows what that might be. Unfortunately, it looks like this will result in some pretty ugly litigation before it gets resolved.

Re:Sympathy for the devil / company

[NitsujTPU]

I've dealt with a situation like this before, but because of the sensitivity of the matter, decline to comment on it here.

That said:

1) He was working from home.
2) He downloaded CVS archives that he was working on.
3) He sent a letter to the company first.
4) He threatened to disclose their illegal activity, I didn't see anywhere discussing publishing source code.

Is the company supposed to let him go... no. Of course, he hasn't actually done anything illegal (did you see their source code anywhere?). The police were willing to confiscate his equipment with what amounts to no evidence.

What are you arguing? That he was upset and could have done something illegal with the equipment?

Re:Sympathy for the devil / company

[krbvroc1]

Here's an employee who's signed an agreement not to disclose trade secrets, and he's threatened to disclose the source code.

Where did his letter say that? I just read the entire thing and do not recall any threat to disclose source code. He simply said that he looked at the source code, which as a Senior Programmer, he was authorized and verified that some of the claims he made in his internal letter were valid (ie; code doesn't use robots.txt, code culls current list of open relays from online databases, etc).

He said he could not work on an project he felt was violating the law.

As far as the company perspective, I have not seen it so I cannot comment. Personally, his internal memo was much too details for most executives to understand. He should have layed out his concerns at a high level. Actually, he should have first contacted the press and law enforcement.

Re:Sympathy for the devil / company

[TwistedSpring]

Even if he is going to go smear the company's name and product (which he threatened to do in the letter, at least he mentioned that any case would get a lot of press attention and then proceeded to threaten legal action) on justifiable grounds, the company would obviously be very interested in not allowing that to happen.

In other words, even if Salzenberg has a point, the company don't want his point to get out there, so they're attacking him regarding something slightly different in order to cost him a lot of money and stop him from doing this sort of stuff again. I agree with you: Salzenberg took the wrong action. He was trying to be ethical with what looks like a totally inethical company. He should have either just resigned or gone for legal action immediately. Instead he gave the company the opportunity to shoot first, and it'll probably be a headshot.

Re:Sympathy for the devil / company

[Brian+See]

I agree, Salzenberg's letter does not contain an explicit threat to disclose source code. The company's argument, though, is probably that given the totality of the circumstances, they were afraid that their trade secrets might be mishandled. (And who knows what else might've been said or misinterpreted in communications other than what's in the letter.)

In the affidavit supporting the search warrant, the detective says that the company president sent emails to Salzenberg "asking him to return any and all company property to the business and he has refused to do so". It's that kind of fact that the detective and/or judge could have latched onto to come to the conclusion that the company's trade secrets actually were at risk.

Keep in mind, it appears that the criminal matter is closed...

Re:Sympathy for the devil / company

[jeepnut]

There are some things I feel you are overlooking in your analysis. I did not read his employee agreement and true to suit it probably has a section about the disclosing of trade secrets and probably a restrictive covenant in terms of future employment.

The problem is that you are not necessarily understanding "misappropriation of trade secrets". At the point the search was conducted against him, he had committed no crime. He had disclosed nothing except to the people he worked for. You cannot misappropriate trade secrets within your own company. (Granted, large company, different sectors, MAYBE) All he did was give the company an opportunity to explain their actions and/or adjust. His mere threat of talking to a lawyer gives no rise to a cause of action for misappropriation of trade secrets.

As for "smear[ing]" the company's name, that is ridiculous. I once again go back to the fact that he talked to them first. One of two things could happen, they could easily respond by justifying their actions legally, or he was right, and he wouldn't be "smearing" their name.

Their actions reek of foul play. It makes me think everything he alleged was true. Why the hoopla. If he was wrong, he gave them the opportunity to talk to him, they chose to go after him.

Bottom line, he "legally" did NOTHING wrong. He merely made his superiors aware of a crime within his company. They chose to go after him without acknowledging the letter.

My bet, this goes to trial, their claim will get bounced for no foundation for the cause of action and if he has a good lawyer, should be able to counter-sue and recoup legal fees as well as damages. Hell, I bet he could even get some sort of constructive defamation.

Re:Sympathy for the devil / company

[n6mod]

Here's an employee who's signed an agreement not to disclose trade secrets, and he's threatened to disclose the source code.

Where in that letter did you see a threat to disclose source? There was notification that he was considering contacting the authorities, nothing more.

Or is there something outside TFA to which you are referring?

-Z

Re:Sympathy for the devil / company

[Brian+See]

I agree that there's no explicit threat in the letter to disclose the source code, but the original TRO requires Salzenberg to identify "any websites on which defendant posted" the source code. It was definitely on the company's mind. (See my comments upthread, too.)

I haven't seen the complaint, but I think that regardless how good they are, Salzenburg's lawyers will have a hard time arguing that the company's civil claims are frivolous (thus making any recovery of attorneys fees difficult). I suppose a malicious prosecution or some sort of defamation claim might get them to fees, though.

The way I see the company's arguments, Salzenburg was asked to return company property "and he has refused to do so". (That's in the detective's affidavit supporting the search warrant.) The source code is company property, and he's (allegedly) refused to give it back. That gets the company most of the way to a prima facie case of trade secret misappropriation, I think.

We're all armchair lawyering this one without all of the facts. The point of my original post was to point out that the comapny's position was not as unreasonable as some of the other posts have suggested.

Re:Sympathy for the devil / company

[Apuleius]

Doesn't matter. If the source code is evidence of criminal activity, you have every right to present it as evidence when you report said activity to the authorities. Get it? If your boss is engaged in criminal activities, your knowledge of this does not constitute a trade secret. You have every right to reveal this, as well as any evidence.

Re:Sympathy for the devil / company

[HiThere]

Their basic position isn't unreasonable. Their response was.

They obviously see nothing wrong with the abuse of power, so I suspect that every accusation made against them is correct. (Suspicion isn't proof...but I don't have anything better to judge them on.)

They obviously didn't care how injurious to him their requests were, or perhaps, if one is cynical, they were intentionally being malicious. No proof, fip a coin. In either case I wouldn't want to be associated with them.

It does sound as if they are intentionally committing multiple misdeameanors for money. And they have organized to do so. That's a felony. (If they don't get prosecuted criminally, I'm going to be more cynical than I currently am...although I'm already predicting that management won't be prosecuted, or that they'll get off with a very light wrist slap. Felonies don't seem to get prosecuted if you have a bit of money and power.)

Re:Sympathy for the devil / company

[jeepnut]

Just a sidenote, I am in law school now and will be taking Patent and Trade Secret Law in the fall, so then I might be able to lend more insight.

I didn't know he allegedly refused to return source code. If that IS the case, then yes, the company is partialy justified. If they asked for the code back, did not give a reasonable time frame for action on his part, they are still in the wrong and a good lawyer should be able to display that.

It all boils down to whether he
1. Refused to return code
2. Posted the code for others
3. His claims were meritorius and thus HMS's actions were maliciousP. If 1, is wrong, HMS is screwed. If 2 is also wrong, even worse. If 3 is correct, hello counter-suit.

Re:Sympathy for the devil / company

[Brian+See]

If the source code is evidence of criminal activity, you have every right to present it as evidence when you report said activity to the authorities.

I disagree.

It appears that he had a contractual duty to return company property -- the source code. The (alleged) use of the source code for criminal activity does not excuse the misappropriation of company property.

If I know that my former employer is breaking the law, am I justified in breaking into my (former) office and taking documents? It seems like the same thing here.

I think the bottom line is that Salzenberg's refusal to turn over the company's source code gives rise to a colorable claim for misappropriation of trade secrets.

Re:Sympathy for the devil / company

[nsayer]

Except for a couple of things:

1. Contracts cannot cover situations which involve breaking the law. You do not have a legally binding contract if you go out and make an agreement with someone where you will pay them to burn down your warehouse. If the subject of the confidentiality agreement is an illegal act by the company, I think he can argue that that contract is not binding.

2. Even if we take as valid the agreement, disclosure to law enforcement in the normal course of their investigatory duties does not constitute a violation of trade secrets laws. If he goes to the cops, he's probably in the clear. It's another story entirely if he instead goes to the New York Times, though if he's really sure the company is violating the law, see #1.

Re:Sympathy for the devil / company

[calvertvl]

Also, from others' comments, the request for the warrant simply stated that the company had sent email. There are thus a few questions to answer your #1:

A) Was this to his company email, and if so, was this after he was disallowed access? (in this case, the company was faking it)
B) Was this to his private email? If so, did they send it Return Receipt, and did they get a receipt? (Otherwise, it may never have been read.)
C) Why didn't they send a letter with proof of delivery confirmation if they were so upset about it? This would have *definitely* counted as notification that they wanted return of the code.

I'm surprised no one has said anything...how does one *return* code? He'd have to delete it, and proof of deletion would be a mess. Right?

#2 is unlikely, unless he was incredibly stupid. I would think that he wouldn't have even contemplated posting it.

#3 can't be proved without server logs and/or the source code, and a qualified third party to examine it. Problem is, would HMS have a copy of "correct" code on hand? This is unlikely, for very many reasons, so if anyone looks at their code and he is/was right, then they're absolutely subject to a counter-suit

Re:Sympathy for the devil / company

[Brian+See]

He'd have to delete it, and proof of deletion would be a mess. Right?

Presumably, that's part of what's going on in the (civil) discovery process. On the geeksunited website, there is a reference to imaging. I assume that means that the company is taking a forensic image of his computers. (Probably with Encase or dd.) That will let them see what source code is present, and I'm sure they'll also want to poke into what websites he visited (in order to fish for evidence that he mishandled the source).

We're all armchair lawyering this one because we don't know the extent of the communications. It could be sham (such as your example email to a deactivated account) or it could be a result of a face-to-face confrontation. I don't think there's anything on the website or the court docket that shines any light on that issue.

Re:Sympathy for the devil / company

[UnrepentantHarlequin]

Just how exactly do you give source code back?

For the non-clueful: I take a picture of your new puppy with my digital camera. I burn it on a CD and give it to you. You use it as your screen wallpaper. How would you go about giving me that picture back? Give me the CD? Sure, but you're still using it as wallpaper. Burn another CD with the picture on it and give me that, too? Fine, but you still have it. No matter how many times you "give" it to me, you still have that picture.

You can delete the picture, or the source code, from your computer. But you can't "give it back" like it was a borrowed umbrella.

Re:Have you been charged with a crime?

Remember, most geeks will get violated in prison - as they lack the physical strength and mental hardness needed to survive prison.

You didn't go to a public high school, did you?

Legal Defense Fund?

It seems everytime a geek gets in trouble, we set up a 'Legal Defense Fund'

I smell another SuperNova... Take the money and run.

Re:Spammer gets a moral wake up call

[hobbesmaster]

Salzenberg is a spammer? A cursory look on google didn't turn anything up, could you elaborate?

One small recommendation to other readers....

[james_in_denver]

Purchase a small micro-cassette recorder for use when entering potentially "heated" discussions with management. (or sometimes even other employees)

You will want to check your local law, but MOST states permit a concealed recording device on a person when there is no "perceived expectation" of privacy (don't record anything in the bathroom) or when more than 2 people are party to the conversation.

I've only had to resort to this tactic once, but it saved my job and cost the Veep his....

was it worth the $20????

d*mn straight it was.....

Re:One small recommendation to other readers....

[Apuleius]

Just make DAMN sure it's legal in your state.

Re:One small recommendation to other readers....

[NitsujTPU]

I looked back and wished I was carrying one of these for years. I had a boss who told me outright that he was behaving in a manner that nobody at the company would approve of, simply because he could, and that I could do nothing about it.

When I complained, he would say "I never said that."

I got a reputation for being difficult to work with, backstabbing, rude... All I ever asked for was a different boss. I only asked because he was rude to me. Not just rude, his conduct was apalling and shocking.

I eventually quit. I'm in a much better position now, so it worked out for the best.

Re:One small recommendation to other readers....

[greg_barton]

I've had to resort to this myself. I started working at a company where the upper management was highly religious. One of the managers was a tough erratic and liked to sit in my office for thirty minutes a day and evangelize. He also said, in one rant, that one couldn't be a competent techie unless one was "right with the Lord."

I'm agnostic.

So I got a microphone and attached it to my laptop. I was prepared to record his rant if my heathen status was ever revealed. Thankfully it never came to that. The company folded when the very devout Christian CEO was convicted of HUD loan fraud and sent to federal prison. :P

Re:One small recommendation to other readers....

[TTK+Ciar]

I totally second this motion. I've only done it once myself, after the CFO of The Sausalito Group had committed some unsavory, malicious, and illegal actions against me and my co-workers (retroactively declared our last few months' worth of paychecks to be loans, especially heinous in light that when TSG declared bankruptcy, its creditors could then seek to recover these sums from the employees). I asked the CFO, John Harrington, if I could record our conversation. He complied, and proceeded to admit to his misactions, and make various confused and contradictory assertions. He's no dummy, but he got really flustered and said all the wrong things anyway.

The moral here is to go ahead and try to get any potentially incriminating conversation on tape. Even though the other party could clam up and only say nonincriminating things, they could just as easily fuck up and spill the beans. You never know until you're there doing it.

-- TTK

Re:One small recommendation to other readers....

[egarland]

I've only had to resort to this tactic once, but it saved my job and cost the Veep his.... was it worth the $20????

Or.. just keep your laptop around with some handy software on it. It's a noise activated audio recording device hiding in plain sight.

You shouldn't need something like this often, but if you ever do, its there.

Re:One small recommendation to other readers....

Pennsylvania is one of the four states that does **NOT** permit this. It's illegal. Electronic Wiretapping and Surveillance Act. $500 fine per recording, and it's not admissible as evidence.

This is why you NEED A LAWYER!

There was a case in Florida some years back where a woman filed date-rape charges. Florida is another of the four states. Long story short: Guy recorded her consenting to have sex. Tape was ruled inadmissible. Guy was convicted of rape.

Why this entire thing is BS

[powerline22]

According to the detective: the company provided logs that he had been accessing CVS with his IBM Powerbook. 'nuff said.

Holy SHIT!

[jcr]

The Judge didn't even READ Salzenberg's opposition?

That's Judicial misconduct, big time. File a complaint with the federal courts.

-jcr

Re:Have you been charged with a crime?

[Guspaz]

Real smart, when charged with a crime flee to countries the US has extradition treaties with. Let me know how that goes when you try it.

Chip;

[jafac]

You're doing the right thing. Your parents should be proud that they raised a kid who stands up for what's right. I hope you kick HMS's ass in court.

Encrypt your disks...

[mi]

Although your person is pretty well protected by the Constitution, your property is not.

Your computer can be seized -- and pretty quickly. All non-trivial data (including risky photos of your partner) should be encrypted on disk. Major operating systems support this option -- including FreeBSD, Windows, and, no doubt, Linux.

Certainly, "honest people have nothing to hide", but it is not even so much about winning the case (you will, likely, prevail), but also saving yourself a lot of time and money. Your adversary will go through all data found on your machine and your lawyer (don't even think of not hiring one) will be billing you in proportion to the amount of things, the other party brings up. Even if all of it ends up being nothing.

True, the opponent may demand, that you decrypt the data -- but you (your lawyer) can fight that demand -- it will likely be cheaper, than explaining away all messages in your ExEmployer-folder.

Do not rely on mere obscurity -- I found out first-hand, that even FreeBSD is "mainstream" enough for professionals (yes, there is a good market for these services) to know it. They came with software (something from SourceForge) to search through filesystems (very easy -- "grep" for the disk devices). For Linux they'd probably even have GUI.

Treat these guys decently -- they are just doing their jobs. If you do, they are more likely to overlook your older computer, which will let you post about your troubles on Slashdot when they are gone.

Set up encryption. Encrypt your back-ups, before they leave your computer. Do not automate decryption so that it happens by itself on boot (duh!)

When you are done, treat yourself to "Cryptonomicon" for fun and more behind-covering ideas.

Re:Encrypt your disks...

I guess you missed this one:


Amendment IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.


The Constitution DOES protect your property.

Re:Encrypt your disks...

Encrypting your disks is useless. If a judge orders you to provide the key and you refuse, that pretty much screams "guilty". Doesn't it.

Re:Encrypt your disks...

[mi]

against unreasonable searches and seizures [...] but upon probable cause

Searching and seizing his computers was reasonable -- in the opinion of the one judge, who did not even get to his side of the story. Merely "upon probably cause".

His person certainly is much better protected -- a hearing is required before he can be locked for any significant time before full jury trial.

He also can not be beaten or damaged while incarcerated with strict punishments for violators, whereas his computers may spend days in dusty rooms or under rainy sky even with nothing but "oops".

The Constitution DOES protect your property.

It does, but not nearly as well as your person. Surprisingly poorly, in fact -- to everyone, who ever had to deal with such situations. That was my point...

Re:Encrypt your disks...

His person certainly is much better protected -- a hearing is required before he can be locked for any significant time before full jury trial.

Unless he's sent to Gitmo when he becomes an unperson.

Re:Encrypt your disks...

[HalWasRight]

Better yet, don't use personal equipment for work! Big mistake on his part.

Re:Encrypt your disks...

[mi]

My advice was more generic -- one can sued by someone other than their employer.

Re:Encrypt your disks...

[mi]

If a judge orders you to provide the key

First and foremost, it will give you time, which is precious, whenever you are under assault. Second, for a judge to do it, (s)he will -- most likely -- at least, hear your side of the story -- a luxury, which Chip did not get, according to TFA... Third, you may also be able to negotiate a limited scope: "Ok, here is the ExEmployer folder, but I'm not showing you the ExGirlfriend mailbox. And, by the way that one over there is my dad's computer. Your honor, can he, please, have it back?". Fourth, you'll also be able to arrange, that you and/or your lawyer be present, when the decrypted data is searched, etc. Without encryption, your opponents will be happily fishing through all of the data, while you argue for all those things.

and you refuse, that pretty much screams "guilty". Doesn't it.

No more so than "taking the Fifth" does. Thousands of people are acquited every month despite refusing to testify themselves.

BTW, I just realized, that you may be able to -- literally -- "take the Fifth" to justify refusing to decrypt your data. Khmm, worth asking a lawyer...

Not again..

[mindstormpt]

No matter how many times it shows up, "King of Prussia, PA" always makes me laugh my ass out.

Randal, Chip, ...

Moral of the story? Perl programmers seem to a few semicolons short of a shell script when it comes to the law.

How Health Market Sciences screwed with me

[dmuth]

My name is Douglas Muth, and I live not too far from King of Prussia, PA.

Back in 2001, I was laid off from my previous job and looking for work. I interviewed with Health Market Sciences sometime around that July for a Software Engineer position, and it was an interesting experience. I met some of the people from that company and was finally interviewed by one of the Vice Presidents, a guy by the name of Rich Ferris. Rich seemed pretty impressed with my resume and said something to the effect of "we'll get you an offer by the end of the day".

So, I went home and gave Rich a call at the end of the day. But suddenly his story changed, and it was, "I had problems getting the offer through HR (or somesuch), I'll have one for you on Wednesday".

Wednesday came, and I was told, by Rich, to call back again on Friday. Friday came, and they were having money issues and would get back to me on Wednesday. Finally, next Wednesday rolls around and I'm suddenly told, "Well, we really want to hire you, but we don't have the money right now, so we cannot make you an offer".

So what it boiled down to is that I was led on by that company for over a week with the promise of employment, only to have it yanked out from me because they didn't have their stuff together. It was a total waste of my time, and the time of the job recruiter I was working with. If they didn't have the money, they shouldn't have been hiring in the first place. The whole experience left me rather bitter.

I hope Chip sues that company into oblivian.

Re:How Health Market Sciences screwed with me

oblivian

pffshh, i wouldn't hire you either.

Re:How Health Market Sciences screwed with me

I interviewed at HMS a year or two back - they struck me as fairly obnoxious people. Doesn't it feel sweet to read that they have showed their own employees far worse behavior than I experienced!

Re:How Health Market Sciences screwed with me

[slashdotnickname]

No offense, but sounds like you sat around the phone for a week and left the fate of your career to, pretty much, a complete stranger.

Even after a good interview, you should always continue shopping around until you sign something. The end of the 1st day (when he told you he was having problems with HR) should of raised all sorts of red flags about the certainty of the job.

So I don't understand your bitterness towards them. Rich sounds like he liked you but just couldn't justify the expense of your employement to the others in charge. In hindsight, you can cry about how he should of been more upfront about your chances but, ultimately, it's your future that's in question... take some more responsibility for it for fuck's sake.

Re:How Health Market Sciences screwed with me

[putaro]

Well, what typically happens is that Engineering is told "You can go hire X heads" (employees). Engineering looks around, tries to find good people, it takes some time, and by the time they are ready to hire someone, upper management goes "Oh, no, you can't have those heads anymore."

It sucks to be on either end, trust me.

Re:How Health Market Sciences screwed with me

[IANAAC]

That's not at all how most US companies operate. Every department has a yearly budget. That's thought out and approved the previous year. On top of that, by the time the job is offered externally, it's already made the rounds to internal employees that may wish to apply for the job.

What you're describing may be typical of very small companies that don't handle their money well, but it's not typical of large US corps. - particularly if they're publicly traded.

Re:How Health Market Sciences screwed with me

Large corporations do it too -- the average Fortune 500 corp is at least 50% contractors nowdays it seems for exactly that reason.

And the smaller corporations who fluctuate staffing are usually doing offloaded work for the large corporations. If a "certain" contract falls through, too bad, no hiring.

Re:How Health Market Sciences screwed with me

Every company has a yearly budget, yes.

But. Our company missed numbers. BIG TIME. Guess what?

We interviewed 3 people for a position in our department. A few weeks later, we had LAYOFFS! Guess what? We lost the headcount.

And no one was hired. It does happen. In addition, we are publicly traded, and our "company" actually is doing ok.... but ... our "subset" isn't.

Re:How Health Market Sciences screwed with me

[putaro]

Hello! 1950 is calling and they want their business environment back.

In small companies and large budgets are constantly being revised. Publicly traded companies are just as bad if not worse than small companies as they are managed to their quarterly earnings, not to a yearly budget. Within departments projects get approved, disapproved and juggled regularly. Some other department goes over budget and your department pays. The company has a "hiring freeze" or, worse, layoffs.

Get real. Yah, everyone does a yearly budget but it is not a cast in stone contract and it's subject to revision at any time. Head count is constantly tweaked. I've worked, and managed, in large (yes, publicly traded) and small companies and I've seen it again and again and again.

Re:How Health Market Sciences screwed with me

[dmuth]

Maybe I was just being old fashioned, but when someone tells me, "we want to hire you", I'd like to think that I can, you know... trust them? After all, isn't trust a key factor in employer/employee relationships?

Good point about problems with HR being a red flag. Should I find myself unemployed again, I'll keep an eye out for things like that. Lesson learned, I guess.

Re:How Health Market Sciences screwed with me

Yeah, but the people that say "we want to hire you", are not necessarily the ones who can say "I have the power to hire you"

Re:How Health Market Sciences screwed with me

[Sigl]

Wishing a company sued into oblivion for being unorganized is alittle harsh don't you think?

Interesting story though because I've had a similar experience looking for work. I drove 3.5 hrs to interview for a job. When I got there I interviewed with a couple people but they apologized because they forgot the guy I would work for was out for the day. They said he could do a phone interview Wed. Meanwhile I interviewed with another company. I called the first company Wed and they said he would call me Friday. I said OK. The second company made me an offer that was detailed and in the form of an offer letter which I can't say I've seen before. I was impressed. Yet, I wanted to give the other company a chance to play so I told them I would get back to them Monday. Friday came and Monday I accepted the second job. The first company called a couple days later to offer me a job and I told them I already accepted one.

I guess the point is, until they offer me a job there's no way for them to screw with me because I'm not waitin around for them to get organized.

Just like selling a house. You don't take your house off the market because someone promises to make an offer. You only take it off once you've accepted their offer.

Re:How Health Market Sciences screwed with me

[lostguy]

You obviously don't remember the brouhaha several years ago when many "large US corps" rescinded offers en masse due to an economic shortfall.

Re:How Health Market Sciences screwed with me

By convention, someone with the title of VP usually has the power to hire.

Sue the bastards

Obviously you should follow this up with a lawsuit against the company for libel and a suit against their lawyers for barratry. Only settle when they cover your legal expenses.

The letter that started it all

[TwistedSpring]

Having just read the letter, I can only conclude that HMS was right in seeking legal defence against Salzenberg immediately to protect themselves. Perhaps he should have sought legal advice immediately instead of [i]threatening the company he works for with legal action[/i]. He made some hefty allegations in that letter, and also disclosed that he had been snooping around software that he wasn't involved with but had "the right to access" as a Senior Programmer. IANAL and I obviously haven't read Salzenberg's contract with HMS, but I would imagine that if he's not working on the code and browsing other people's projects from home in the interests of taking legal action, this gives HMS grounds to file a suit against him or at least gives them an incentive to shoot first.

This all looks to me like an ill considered vigilante mission gone horribly wrong. It's like shouting "hay guys, you're all crooked bastards and you should be in jail. I'm thinking about taking you fuckers to court! Can I keep my job though? Don't sue me!" What he should have done was file for legal action immediately, and/or resign from the company on legal/moral grounds. Resignation would have looked a lot better, would have relieved him of some of the moral issues, and would not look like he was about to try and sue the company for a ton of money.

I agree with his stance and his moral position, but this was a perfectly stupid and arrogant way to handle the situation. As a Perl hacker I wish Salzenberg the best, but I can't agree with the way he's fought this battle so far.

Re:The letter that started it all

[TwistedSpring]

curse you bulletin boards for making be use square brackets instead of HTML.

Against company policy

[davidwr]

In many companies, using or possessing a recording device without permission is against company policy. Even if you win your main case, you'll be fired for violating policy.

Of course, nothing in a "no bringing in a tape recorder" policy stops you from asking the boss to come into your office, and surrupticiously calling your home answering machine ahead of time, or better yet, plugging a mic into the company computer and recording the conversation.

Maybe programmers should unionize, at least this way we can bring the union steward in to witness the conversation.

What's with Perl community and high-profile cases?

[kriston]

First Randall Schwartz and now this guy. What's with Perl?

Criminal and Civil case status and link to docket

[Brian+See]

Ok, the Pennsylvania Common Pleas Court is partially online, and the docket sheets are available with a little digging. Too bad the full text isn't available.

CRIMINAL MATTER: Docket Number: CP-46-MD-0002495-2005. Filed 4/27/2005. CASE STATUS: CLOSED. Last event was a hearing on the return of property, on 6/10/2005 before Judge William J. Furber, Jr.

CIVL MATTER: Docet Number: 05-11918 (Judge Hodgson). A deep link to the docket sheet is http://12.40.122.125/FCP2.WEB8/0/P12DIS?CASE-NO=05 -11918. Looks like a motion for a temporary restraining order and for expedited discovery and preservation of documents was filed on April 26, and was granted ex parte (without the defendant being able to argue) by Judge Joseph J. Smyth. The latest emergency motions appear to be filed to reinstate this order, presumably as a result of the computers being released after the criminal matters were dismissed. I am very curious to know what's going on with the intervenors - Radian Guaranty and Lisa Perdichizzi. It's Perdichizzi who filed a motion for sanctions against the Plaintiffs on June 22, and there's nothing on the docket sheets since then.

Look they are hiring!

[SatanMat]

Good to know they are hiring!!!

http://www.healthmarketscience.com/company/jobs/de veloper.html

...and "Experience with OO Perl a significant advantage"!

Re:Look they are hiring!

Love the irony... wonder if there's a chance mainstream news will pick up the story (if enough /. nerds forward the pdf, or text of the pdf to various news organizations...)

Devil's advocate

[xenocide2]

Not that I think you have done anything wrong, but I'm trying to consider how one can distinguish a geniune case of trade secret theft from what you've done. Judging from the company's accounts, they suspect you've downloaded far more than what would be needed for a typical day's work; perhaps you've been mirroring their whole source tree as a form of personal evidence?

Of course, even a normal use of CVS would create conditions wherein you would download more than upload, unless you somehow managed to write more code than they had written the past however many years. There's a 99 percent chance that this is simply a case of using fraudulent claims to counter the case.

The good news is that you've got them in an excellent position. Either they lay claim to material involved in felonious computer crimes, or they've filed false reports against an employee. Barring outside collusion with the police, they won't be walking away from this without bruises. I hope they learn from them.

How about getting the real perps behind bars?

[jcr]

From the letter:

For example, Washington State site tried to block HMS from
harvesting. HMS persisted, evading block after block; the harvester personnel treated it like a game. It can only be an understatement to observe that accessing state government computers in blatant disregard for their acceptable use policies is not legally sound.
Worse, Montana's web server actually crashed as a result of HMS harvesting it.

Umm, has anyone been in touch with the authorities in Washington and Montana to prosecute these scumbags?

-jcr

Re:Spammer gets a moral wake up call

[toad3k]

Open proxies+marketing company+shady business practices=spam company.

I feel sorry for the guy, but I would have never, ever in a million years accepted such a job if I knew what they were up to.

Re:Spammer gets a moral wake up call

[GooberToo]

So you would never work for Google, Yahoo, or any other online harvester?

Your line of logic is one of complete BS supported by 20/20 hind site.

Question for Chip

[mcowger]

Quick something I don't understand. If, according to your letter, you were unable to work on your assigned project for legal and moral reasons, why were you making cvs checkouts and checkins AFTER you could no longer work on the project?

Doesn't make any sense to me.

Nothing you can do

If HMS succeeds in tarring me with their false accusations, what's to stop your employer or client from doing the same to you, should your relationship sour?

Absolutely nothing .. I decided to not fight since I had no money and it till cost me 10 grand and 2 years on probation. As well as several days in a holding cell. At least in the holding cells you get judged and ranked based on your bond amount ... for telling the owner of teh company that I was leaving and he needed to go and buy (from a reseller) the copies of my personal software he was running (yes I was very stupid) and then deleting my own copies of software that I owned off of my machines (I was the IT director) and installing legal trailware copies of that same software (90 days to expire) to replace what I removed ... well it was well over 40k so I ranked very high... and after 4 days in a holding cell in a metro atlanta area counties holding cell I was happy to get my de-lousing shower.

Posted anonymously for obvious reasons

Learning from experience

[Locke2005]

For the more than two years that I worked at HMS, I used ssh and CVS to access company files with my laptop both from work and home, with management knowledge and approval.

Did he get that approval in writing? Remember, anytime a manager says "Let's not discuss this via email, let's just talk in person," it is because they don't want a written record of what was said to exist! In which case, your best recourse is to immediatly start looking for another job.

Re:Learning from experience

[soft_guy]

That just paranoid. I resolve things with people who are working for me in person because its quicker than going back and forth in email. Often my concern is making sure that we are on the same page on issues NOW, not later after someone has made a mistake (either technical or political). I'm not doing it to prevent some kind of paper trail.

Re:Learning from experience

[Cheerio+Boy]

That just paranoid. I resolve things with people who are working for me in person because its quicker than going back and forth in email. Often my concern is making sure that we are on the same page on issues NOW, not later after someone has made a mistake (either technical or political). I'm not doing it to prevent some kind of paper trail.

As someone who has worked for several corporate entities among other things - you are taking a risk with your job if you do not keep a written record of everything that is asked of you or said to you.

More than once certain corporate minions tried to get rid of me because I stood up to their bullying and annoyance. Due to a good "paper trail" I'm still around and doing fine.

Re:Learning from experience

[Locke2005]

Not parnoid at all. The last manager that didn't want to communicate in email was Ken Ross, a manager at Oracle who was pulling down $40,000 per quarter in bonuses by billing customers for work that wasn't being done, then assigning me the projects after they were already late and handing me the blame for the projects being late. So it seems he had good reason to NOT want to discuss this via email.

Re:Spammer gets a moral wake up call

He suddenly has a strong moral conviction of what his employer is doing after his house got raided.

Check the time line. His house got raided after he sent the letter to his employer objecting to the company's practices.

Not Surprised

[MSTCrow5429]

The State is the sanctioned use of violence and intimidation. The State is a parasitical organism that lives off of individuals. The State needs you, you don't need the State. If you don't want to have government thugs invading your home and stealing your property, you have recognize the State is an illegitimate criminal enterprise, no different than the mafia or other gangs. The only difference is the State has been able to trick others into believing it has moral authority, something the mafia has been unable to do. Work to end the tyranny of the State.

Re:Not Surprised

[mcowger]

Anarchists are so CUTE. Cuddly and completely out of touch like a puppy.

Re:Not Surprised

[MSTCrow5429]

Hey, I'm single too! Hehehe.

Re:Not Surprised

[humankind]

Kind of like libertarians, but not as cute.

Re:Not Surprised

[psykocrime]

Anarchists are so CUTE. Cuddly and completely out of touch like a puppy.

LOL... Typical statist... full of pejoratives and ad-hominem attacks, but no thoughts of any substance.

Re:Spammer gets a moral wake up call

[BoneFlower]

Spammer or not, how he is being treated is wrong.

I don't know about you, but I don't think morals should change simply because you don't like someone.

Certainly, if there is probably cause that he commited a crime, he should be investigated, and then prosecuted if the investigation bears out the initial suspicions, but that isn't what happened here. His home was searched and his property siezed, and *not* returned, based on him doing his damn job. It would be like your boss having you arrested for tresspassing, using your timecard that is punched for that day as evidence you tresspassed.

Parrot?

OK, so this was the guy who was supposed to have more free time than Dan to work on parrot?

Re:Spammer gets a moral wake up call

[Bloater]

They obey robots.txt, so they are not accessing a computer system without authorisation. They are also not using open-proxies (another action recognised in law as hacking).

Re:Spammer gets a moral wake up call

[jcr]

You didn't RTF Letter, did you?

These clowns aren't just harvesting, they're using zombie machines to do it.

-jcr

What an idiot

[(negative+video)]

It can only be an understatement to observe that accessing state government computers in blatant disregard for their acceptable use policies is not legally sound.

Violating an acceptable use contract is not legally sound, but forming a contract with a web server requires you to enter your name and perform some action. Merely making a policy document available for discretionary download does not form a contract.

Federal courts have held that web spiders must obey the established ROBOTS.TXT mechanism by which web site owners limit automated access, and that a failure to obey ROBOTS.TXT constitutes trespass.

Which is also a load of crap. ROBOTS.TXT is an optional advisory system for people who are going out of their way to be friendly. The definitive requirements for web communication are set out in the HTTP specification, which provides SSL, POST requests, and cookies explicitly to support access controls.

Worse, Montana's web server actually crashed as a result of HMS harvesting it. Once you go beyond access into crashing, you're way into felony territory.

And now we enter hip wader territory--the BS is getting that deep. A web server that crashes by merely being accessed is defective.

Shocked, I informed Tim and Rich that proxy hijacking is very illegal and immoral.

It is neither illegal nor immoral. If a computer owner chooses to make it an open proxy, that is their choice. If they want it not to be an open proxy, they are obligated to either turn it off or install software that does not allow for that feature.

And in order to protect myself from the repercussions of HMS's illegal and immoral activities, I am carefully considering my legal options, including notifying the appropriate authorities.

Anyone with two neurons to rub together could have predicted the outcome of this toothless threat. You do not say "Hey, great fire-breathing beast, please stop terrorizing our helpless village", and then kick the dragon in the shin. The natural state of the human animal is war, and laws on paper make a darn flimsy shield.

Re:What an idiot

[boots@work]

robots.txt is the moral (and in some cases, legal) equivalent of an "authorized persons only" or "no soliciting sign". It states a condition for accessing the owner's property. HTTP authentication, conversely, is like a lock; trying to prevent rather than prohibit access.

Accessing a computer system in a way specifically prohibited by the owner is illegal in most jurisdictions, and a good thing too.

If Salzenberg's letter is correct then there can be little doubt that HMS knew their access was unauthorized and illegal.

Re:What an idiot

[dcgaber]

Violating an acceptable use contract is not legally sound, but forming a contract with a web server requires you to enter your name and perform some action. Merely making a policy document available for discretionary download does not form a contract.
The cause of action here is not breach of contract but trespass to chattels. Look at the legal cases he discusses; those were all trespass to chattels cases. If a web site operator places restrictions on the use of that site (either explicitly or through robots.txt files), and those are violated, then it a trespass to chattels cause of action can be found. Maybe not all courts would sustain, but enough have to give pause to this action.

Re:What an idiot

[(negative+video)]

robots.txt is the moral (and in some cases, legal) equivalent of an "authorized persons only" or "no soliciting sign".

Nope. Operating an HTTP server on port 80 of a TCP/IP interface on the public Internet is a solicitation to issue GET requests. It is analogous to posting a sign that says "free public library". The standards specifications specifically define that HTTP GET requests do not cause any changes to the server and are therefore harmless (modulo superfluous requests that constitute a denial of service).

The standards authors realized that not all libraries should be free to the public, and specified cookies and other access control methods.

HTTP authentication, conversely, is like a lock; trying to prevent rather than prohibit access.

The specification defines HTTP POST requests as potentially causing permanent changes to the server. They are instructions to perform actions, not mere requests for public information. The client therefore must only issue POST requests pursuant to the server operator's wishes, and those wishes can be expressed by an HTML form containing a contract.

Accessing a computer system in a way specifically prohibited by the owner is illegal in most jurisdictions, and a good thing too.

And with HTTP, the owner gives access permission by fulfilling GET requests and denies permission by requiring a particular POST request first.

Re:What an idiot

[(negative+video)]

The cause of action here is not breach of contract but trespass to chattels.

By definition, the reply to an HTTP GET response encodes the site operator's policies. The 200 OK response means they want you to have some information, which follows. The 401 Unauthorized response means that need to try again with an HTTP auth password supplied by the site operator. The 409 Conflict response indicates that for some reason the request cannot be fulfilled; it is followed by instructions for how to resolve the problem, such as a acceptable use contract form, or a credit card payment form. (AFAIK, nobody uses 409 because 200 with instructions and a form works just as well; browsers don't show the response code so nobody knows the difference.)

There is even a 503 Service Unavailable response, which lets you tell the client to piss off for any amount of time you choose. If you gave a 503 with a billion second delay, it would be illegal for a user to click the reload button on their browser.

If a web site operator places restrictions on the use of that site (either explicitly or through robots.txt files), and those are violated, then it a trespass to chattels cause of action can be found.

And my point is that the restrictions are expressed by the site operator to the user by the status code of each HTTP reply. If the operator says 200 OK, the contents they want you to see follow.

ROBOTS.TXT is just an voluntary gentleman's convention amongst certain bot authors. It postdates HTTP and does not modify the meaning of that standard. It is not authoritative; there is not even any way to obtain a legally-definitive copy of it. The authority statement from the Robots Exclusion Standard comes right out and says as much:

It is not an official standard backed by a standards body, or owned by any commercial organisation. It is not enforced by anybody, and there no guarantee that all current and future robots will use it. Consider it a common facility the majority of robot authors offer the WWW community to protect WWW server against unwanted accesses by their robots.

Any judge who finds that "violating" ROBOTS.TXT is a crime (pardon my French) is an asshole.

Re:What an idiot

[boots@work]

You're way off beam if you're thinking about changes to the server. It is not necessary for a client to cause changes to the server to constitute illegal unauthorized access. Australian law, for example, distinguishes unathorized access from unauthorized modification; both are illegal but the second has a higher maximum penalty.

Clearly harm can be done by somebody merely reading information they are not entitled to get.

The analogy is of a library open to the public that bars a particular person because of past bad behaviour. Having been told they are not allowed, it would possibly be trespass for them to sneak back in. The publishers would perhaps be in a stronger position if they specifically told HMS in writing to desist, but blocking their IP and adding a robots.txt line makes the intention clear.

Re:What an idiot

[boots@work]

"negative video" seems to propose two unusal theories:

1. HTTP is legally enforceable, but robots.txt is merely a gentleman's agreement. That seems a hard distinction to draw: both are just conventions adopted for interoperability. Both are widely implemented and respected within the industry it is also very common for them to be violated. HTTP has the imprimatur of W3, but not as far as I know of an international treaty organization like (iirc) ITU or ISO.

I'm not aware of any legislation anywhere that says merely violating HTTP would be a crime, although there are laws against unauthorized radio broadcasts or telephone signals.

2. "Whatever is not technically prevented is by definition permitted." If this were really the case, there would be no crime of trespass, since the owner should have made the trespass impossible. Indeed if that were adopted it would overturn the whole concept of property law.

A more useful argument, which was tried in some of the EBay cases, is that a property which is generally available to the public cannot exclude a particular client. The law is not yet clear here, and it's not clear what would be reasonable. Small-print agreements to access a public web site seem dodgy, but excluding a particular client seems fairly clear.

In any case, it sounds like HMS were infringing the copyrights of the sites they scraped, and that probably is cut-and-dried.

Re:What an idiot

[(negative+video)]

You're way off beam if you're thinking about changes to the server. It is not necessary for a client to cause changes to the server to constitute illegal unauthorized access.

Go read the HTTP specification. It clearly spells out ways for the site operator to say "go away, I don't want to talk to you" with mathematical precision. Conversely, a site operator can give a 200 OK response status which means "thanks for your request; here's the information I want you to have".

Clearly harm can be done by somebody merely reading information they are not entitled to get.

Which is why many sites use the security specs that were explicitly designed for controlling access. They force you to sign contracts, enter credit card numbers, answer riddles, type in some squiggly looking numbers, whatever the operator feels like. In that context, giving information away to anybody just for asking, and then crying foul, it egregiously stupid and has no legal recourse.

...blocking their IP and adding a robots.txt line makes the intention clear.

Go read the Robots Exclusion Standard. It explicitly says the standard is optional, voluntary, unenforced, and not obeyed by all current and future robots. Blocking an IP address likewise does not convey intent.

Given that there are formally standardized ways for conveying the intent, with mathetical precision and total lack of ambiguity, vague claims of intent and policy after the fact are unenforceable.

Re:What an idiot

[boots@work]

forming a contract with a web server requires you to enter your name and perform some action

I think you need to read more about contract formation; it is not nearly that simple.

Re:What an idiot

[(negative+video)]

HTTP is legally enforceable, but robots.txt is merely a gentleman's agreement. That seems a hard distinction to draw: both are just conventions adopted for interoperability.

The HTTP standards claim to be an exact convention for doing things. Poking random data into random TCP ports is unlikely to even constitute a well-formed request; therefore the presence of a well-formed request constitutes strong evidence that the client has read and understands the HTTP specification.

Regarding robots.txt, read the excerpt I posted. The spec itself says it is optional and unenforced. The difference between the two seems clear.

I'm not aware of any legislation anywhere that says merely violating HTTP would be a crime, ...

The courts accept common conventions. If a building has a sign that says "Joe's Burgers" and an unlocked door, it is not trespass to walk inside and ask to buy a cup of coffee; they can toss you out, but not shoot you in the head. Conversely, if the social convention is that there are no obligations, just an opportunity for generosity, as with the robots standard, then a court cannot legislate generosity from the bench.

"Whatever is not technically prevented is by definition permitted." If this were really the case, there would be no crime of trespass, since the owner should have made the trespass impossible.

In retail sales, putting price tags on articles in public is an "offer to treat", an offer to negotiate. A potential customer can pick the merchandise up and examine it, and it is not valdalism, trespass, or theft. My position is that serving HTTP on its well-known port is also an offer to treat using GET requests.

This is followed by negotiation using the limited access that has been granted. In a store, the buyer fondles and inspects the item and carries it to the seller. In HTTP, the client sends a request.

If the negotation is unsuccessful, rejection is given. In a store, the seller says "No way, $5 is already too cheap! Put it back on the shelf!" With HTTP, the server says "409, cough up a credit card number!"

If negotiation succeeds, the transaction executes. In a store, the person walks away with their new purchase. With HTTP, the server swallows the CC# and transmits the requested data.

Likewise, loitering is analogous to a denial of service attack. Everything has exact parallels with existing jurisprudence. The protocol designers did this on purpose, because they wanted it to be useful for people.

The law is not yet clear here, and it's not clear what would be reasonable.

I think it can be clear. The problem is that too many complaintants don't really know what the hell they're complaining about, and being able to explain something clearly is a rare skill. That combination leaves judges floundering in a sea of ignorance.

In any case, it sounds like HMS were infringing the copyrights of the sites they scraped, and that probably is cut-and-dried.

I inferred that they were gathering lists of people/companies/court results/etc. I think the main problem is that the state agencies were publishing valuable information but not bothering to cover the cost of access, and intimidating people who ran up their bills. To analogize, "Mr. Smith, you've been monopolizing the public records room for two days. Time to go." That's a valid strategy, if inefficient and a bit unjust. But that doesn't make Mr. Smith a criminal if he hires a string of college students to do his research, each of which gets the heave-ho after a couple of days.

Re:What an idiot

[boots@work]

The courts accept common conventions.

robots.txt is a common convention, published by almost all nontrivial web sites and respected by all reputable robots. As Salzenberg correctly observes, Federal courts have already recognized this role.

In retail sales, putting price tags on articles in public is an "offer to treat", an offer to negotiate.

That's fine, but irrelevant. If someone is barred from a shop and they sneak back in wearing a wig it's still trespass. It doesn't matter that the public at large is allowed in, or that the shop doesn't require a signed contract to enter, or that the person wasn't notified in writing that they were banned. It doesn't matter that they managed to get past security. It's a criminal offense, and I can understand Salzenberg wanting no part of it.

Re:What an idiot

[boots@work]

Further:

It's not reasonable that a publisher can put arbitrary conditions on access to a web site. ("By reading this paragraph you agree to pay me $50.") As you say, there is a common convention that a server listening on port 80 is generally intended to provide a public resource, and by default anyone can read the information there. As you say: anyone can walk into a hamburger joint, *but not if they've been previously told not to come back*.

According to Salzenberg's account HMS knew they were accessing the servers against the wishes of the property owner, which is prima facie unauthorized access, a crime.

Re:What an idiot

[ShawnDoc]

What a standard says, and what a law (or case law) say may be two different things.

Re:What an idiot

Then to restate boots@work original comment he should clarify by saying that perhaps legally robots.txt says no entrance. It clearly was not meant with that by the creators of the standards (which is what "negative video" has been trying to point out.

Also, by boots@work definition if I were to go to the site with my browser and access a page linked to on the site but which was prohibited in the robots.txt, I would be violating something here (moral or legal). I think with this example it should be obvious that robots.txt was never meant to be used for the purpose that he gives it.

Re:What an idiot

[mckyj57]

And now we enter hip wader territory--the BS is getting that deep. A web server that crashes by merely being accessed is defective.

Are you mentally deficient?

Depending on the definition of "crash", it is easy for a web server to be crashed by excessive accesses. If a robot generates hundreds of thousands of accesses to attempt to harvest a database, it is making inappropriate accesses.

If a lock is on the door, i.e. prevention of single IP addresses from generating those accesses, certainly the use of proxies constitutes breaking that lock and comprises illegal access to the site.

Ghouls

[Doc+Ruby]

"Health Market Science"? They sound like peddlers of human flesh. Diseased flesh. They really do sound like the worst kind of sleazy scumbags, and that's just their name. Harvesting open relays and persecuting a whistleblower, and maybe even bribing a judge, all sound like the least of their crimes. If there were any justice, the local DA would accept Salzenberg's report as a criminal complaint, and call off the dogs. But of course there's no justice, or HMS' mere allegations would never be enough to threaten the security of this person's home, papers and effects.

A couple questions?

[after+fallout]

Is the Data Pump software he says he is working on the thing they are advertising on their front page? quote from link on hms front page: HMS DataPump is the world's leading matching and data integration platform. The same technology used to engineer the Health Market Science Master Reference Files and targeting solutions is now available as a licensed software product to be deployed either on-site or as a hosted service. With the HMS DataPump, your enterprise will have unique capabilities, such as the ability to: * Simultaneously integrate an infinite number of disparate sources across an infinite number of attribute values * More rapidly create single, accurate, consolidated customer and organization master files * Implement the most customizable and powerful match rules to ensure total data quality that matches specific business requirements * Realize processing and hardware efficiencies with next generation indexing and clustering algorithms * Fully leverage the pre-built Health Market Science Master Reference Files to ensure consistency with the industry's most trusted source of customer reference data * Perform advanced meta-data decision tracking, including historical rollback * Actually improve the quality of your customer data over time Unlock the value of your customer data with the HMS DataPump, the most powerful and flexible integration platform available today, for solving the most complex information problems. If this is what he is talking about then the indexing operation they are doing must be the "Heath Market Science Master Reference Files". quote: Choose from over 3.9 million practitioners and 1.2 million organizations, sliced by numerous standard and innovative attributes such as contact information, demographics, specialty, education, and ethnicity. With industry leading breadth and accuracy, My question would be how can I figure out if my computer became one of the zombies that they called "open proxies" (side note, I am sure my personal connections are not because of my level of computer literacy, the fact that I am running linux, and that snort, tripwire, and nagios don't see anything strange)? And could I get in on a class action lawsuit for being used like this?

Re:A couple questions?

[after+fallout]

Oh, I really hate that setting. /. should have a preference setting that sets the default post style. Anyways, here it is easier to read:

Is the Data Pump software he says he is working on the thing they are advertising on their front page?

quote from link on hms front page:

HMS DataPump is the world's leading matching and data integration platform.
The same technology used to engineer the Health Market Science Master Reference Files and targeting solutions is now available as a licensed software product to be deployed either on-site or as a hosted service.

With the HMS DataPump, your enterprise will have unique capabilities, such as the ability to:

* Simultaneously integrate an infinite number of disparate sources across an infinite number of attribute values
* More rapidly create single, accurate, consolidated customer and organization master files
* Implement the most customizable and powerful match rules to ensure total data quality that matches specific business requirements
* Realize processing and hardware efficiencies with next generation indexing and clustering algorithms
* Fully leverage the pre-built Health Market Science Master Reference Files to ensure consistency with the industry's most trusted source of customer reference data
* Perform advanced meta-data decision tracking, including historical rollback
* Actually improve the quality of your customer data over time

Unlock the value of your customer data with the HMS DataPump, the most powerful and flexible integration platform available today, for solving the most complex information problems.

If this is what he is talking about then the indexing operation they are doing must be the "Heath Market Science Master Reference Files".

quote:

Choose from over 3.9 million practitioners and 1.2 million organizations, sliced by numerous standard and innovative attributes such as contact information, demographics, specialty, education, and ethnicity. With industry leading breadth and accuracy,

My question would be how can I figure out if my computer became one of the zombies that they called "open proxies" (side note, I am sure my personal connections are not because of my level of computer literacy, the fact that I am running linux, and that snort, tripwire, and nagios don't see anything strange)? And could I get in on a class action lawsuit for being used like this?

Re:A couple questions?

[Mycroft_VIII]

Actually /. does have such a setting (unles I've completly missunderstood your meaning).
However it also has, imho, not the most intuitive system for setting preferences I suspect it makes perfect sense to some people as it seems like one those sorts of things to me.
However if you click on your own 'name' and look near the bottom where it links to comments setting page and then go down that page there should be a box labled "comment post mode" very near the bottom.

Mcyroft

Re:Salzenberg is not a Spammer! You tell lies.

[Geekgirl2005]

Somebody is trying to tell untruths here. Salzenberg is not a spammer and he did not find out the company's harvesting procedures until he was employed there for a while. Stop telling lies to confuse people. Read the letter.

Oops...

[jcr]

Sorry, my bad.. Looks like they were only ignoring the ROBOTS.TXT files..

-jcr

Re:Oops...

[NitsujTPU]

Uhmmm.

They were running through open proxies in order to avoid blocks set up to block their IP. They also were scanning for such proxies.

So, no they weren't planting trojans all over the place, they were just borrowing everyone else's machines (a jerky thing to do) to get past blocks set up to stop them from being jerks.

Then, when someone called them on it, they resorted to mafioso tactics to make life hard for that guy. To show him who's boss.

Re:Oops...

[nrrd]

This reminds me of one of the "big lessons" I've learned in my life... If someone treats others poorly, it's only a matter of time until it's your turn. Sooner or later, they'll turn on you, whenever it's convienient or profitable for them.

I'm not saying this is a law like gravity, but it's true often enough that I pay a lot of attention to how people treat others.

Re:Have you been charged with a crime?

[Akoman]

Hey, if you ever decide to flee to Canada to escape oppressive corporations and need a couch to crash on give me a ring.

Tim & Rob's HMS code available on Sourceforge?

http://jackcess.sourceforge.net/

If an employee accessing a CVS is a crime, then why is an HMS project available on Sourceforge?

On Thu, April 7, 2005 12:22 pm, Tim McCune said:
Just wanted to announce our new Sourceforge project that is a pure Java library for reading & writing MS Access databases. ...
> --
> Tim McCune
> Senior Developer
> Health Market Science, Inc.

Lawsuits are a tool

[riversky]

Legal action is a tool that one uses to either cause someone a huge headache or directly tie one up with legal bills. My best friend became a lawyer and he is very open about the tactics used in the legal system to basically f*ck with someone. There may be an valid issue or not. The system will make it very hard for either side to win but winning is not the goal most times he says. You win by causing the persons resources to be drained and time to be wasted and that is the goal. Every lawyer knows this. That is how they make money. I say make sure you get rich because if you are playing in the big leagues sooner or later you will be sued.

Opening Line

[fm6]

When somebody says, "I'm not a lawyer, but I know that..." there's a good chance that something nasty is about to happen.

Chip is engaging in a legal crusade against Health Market Science, and doing it without legal advice. Naturally, HMS does have lawyers, and consults them as to the best way to screw him over. Screwing precedes. Gosh that's a suprise.

Re:Opening Line

[surprise_audit]

On the other hand, if what Chip says about their illegal practices is accurate, you'd think the company lawyers would have wanted to keep things quiet. At least until a sanitized version of the source code could be worked up...

Could have been worse...

Retain, and have a very long chat with a very good lawyer before you threaten your bosses with police action.

Many of the top-brass at big companies are connected cough..mafia..cough... these days.

Pull the wrong stunt and end up having your life turned upside down, inside out and backwards and then handed to you on DVD. Be careful out there.

Deep link to miscellaneous matter

[Brian+See]

A deep link to the miscellaneous matter is http://ujsportal.pacourts.us/crystal/enterprise9/D SReportsPDF.csp?ct=4&dktno=200068158/a.

Looking at it closer, it might just be the petition for return of property seized pursuant to the warrant. Thinking about the timing, I wouldn't be surprised if the charges never made it to the grand jury...

In any event, the geeksunited.com timeline says that on June 6 the "DA Drops Criminal Investigation".

I wonder...

Did Chip really not have any idea of the seedy nature of the company he was working for? I mean, come on. He's a smart guy, I'm sure he had a pretty good idea that something wasn't completely legal/moral/ethical, even on his first day.

Maybe I'm wrong. Maybe Chip is completely honest and upstanding. In that case, he will prevail in court and clear his name.

I have bad news for you...

That's absolutely nothing. Even well-meaning companies do a lot worse than that.

Here's a rule to live by: if HR isn't making the offer, it means nothing.

Yes, it's not right. But you're gonna have to toughen up. It's a harsh world out there.

What the ACM has to say...

[zanidor]

From the ACM code of ethics imperative 1.2(http://www.acm.org/constitution/code.html):

"In the work environment the computing professional has the additional obligation to report any signs of system dangers that might result in serious personal or social damage. If one's superiors do not act to curtail or mitigate such dangers, it may be necessary to "blow the whistle" to help correct the problem or reduce the risk. However, capricious or misguided reporting of violations can, itself, be harmful. Before reporting violations, all relevant aspects of the incident must be thoroughly assessed. In particular, the assessment of risk and responsibility must be credible. It is suggested that advice be sought from other computing professionals."

Re:Salzenberg is not a Spammer! You tell lies.

[hobbesmaster]

Ok, that makes more sense, I had read the complaint at that point and didn't realize what the grandparent (of your) post was saying, hence I asked the question out of complete confusion.

WTF Troll???? Damn you facist moderators

[dogger]

Is proxy hijacking illegal?

If not then the above post is certainly not a troll.

What about the next day?

[Night+Goat]

I've always been kind of hesitant to try something like this myself because I get the feeling that once I got my "gotcha" moment and saved my job, the rest of my days working there would be tainted by my having done this. I just get the feeling that I'd be treated poorly and the management would probably be searching hard for a way to get me fired cleanly. Did you have to put up with much crap after doing this? Maybe you have to weigh the pros and cons before doing this kind of thing.

Re:What about the next day?

[bluGill]

Depends... Sometimes they will be happy you exposed someone doing that, othertimes they will want to get rid of you. Unless you know ALL the politics (which you don't) there is no way to know. People play nice to those they hate, and they argue violently with their best friends. Good luck figuring out what is what.

Best is to freshen your resume before you reveal anything. Don't keep anything illegal secret though, you could be got on cover up charges.

Re:What about the next day?

[james_in_denver]

LOL, yeah, I knew it would be the end of my job there, so I gave my 2 weeks notice the next day...

Saved from from getting fired.

Though overall? It was more for my own "vindication". The woman was a MAJOR *sshole, had covered up some mistakes that had cost the company several hundred thousand/year...Only problem?? it was coming out of MY budget.

So when I found it and called her on it, it got pretty ugly.

Best part of the story???

The corporate division that was getting taken for a ride, HIRED ME BACK as a consultant just two days later...

Same staff, same meeting room, except THIS time I was sitting on the "other" side of the table...

That first meeting was SO much fun..............

Re:What about the next day?

[Rich0]

I think it all depends on who is getting defrauded. If a manager is taking the company for a ride you're in for royal treatment. If the company is taking a customer for a ride you may be better off just applying for a job elsewhere. If the injured party has deep pockets you might take it to them - but that could backfire.

Whistleblowing within companies works well when the actions you are reporting are clearly going to be objectionable to upper management. I heard a story of an employee who sent a letter to the CEO in a fortune 500 company alleging a significant violation of government regulations which was being overlooked by direct management. The next day that management was feeling VERY uncomfortabe as just about the entire chain of command decended on them. Letters like this look very bad in lawsuits if the company doesn't have clear documentation that they took action. When the battle is between the manager and the employee, the manager usually wins. On the other hand, when the battle is between the company and the manager, the company ALWAYS wins (although if the manager is high enough to be identified with the company (ie CEO) then losing amounts to a multi-million-dollar severance package).

Re:What about the next day?

you may very well be screwed either way. However it is often best to leave on you own will rather then getting fired.

Re:What about the next day?

[Night+Goat]

You have my admiration. Hats off to you for excellence in employment. I guess you pretty much HAVE to leave in cases like this. You got the best of both worlds!

Posting anonymously here because I've lived it

I've been in a very similar situation recently, and also ran into huge legal bills, from a contracting client who made outrageous claims. It was the worst experience of my adult life. I can't go into any details, but it was terrible, and the case turned on the same kind of criminal trade secret laws. These trade secret laws are so prone to abuse because they take what are effectively civil issues (ie, business disputes) and get the criminal justice system involved. Let me tell you, all this thing about "innocent until proven guilty" is nonsense. Yes, you are "innocent until proven guilty" when you actually get to trial... but by the time you get to trial you've already gone through hundreds of thousands of dollars in legal bills. Where does the average guy come up with that kind of money? I'll give you the answer: he sells all of his assets (house, everything) and he still doesn't have that kind of money, so he ends up getting a public defender, and public defender = plea bargain = no trial.

Basically these trade secret laws let big guys with resources or connection punish small guys (us) without any legal process. We're out tens of thousands of dollars just from the moment the process begins, without a court or a judge even having seen the issue.

There's also the emotional factor. It's terrifying. If I got a criminal trade secret conviction, I would never be able to work in the programming field again. What else could I do? My life would be ruined even if I got probation only. The fear is incapacitating. It's like someone telling you "you have cancer." Even if the cancer is treatable, it is terrifying.

Anyone in the programming field needs to be aware of these risks. You don't think about it because a) these things usually do not result in convictions (in TFA's case, if his telling is accurate, there is no evidence of any wrong-doing) and b) when they go away without a conviction, we're all scared to talk about them (like I am posting as AC right now). But even if the case goes nowhere, running into a $40k legal bill is disastrous. That's a downpayment on a house. That's 100% of your after-tax income for more than a year (probably). That's your new-car and vacation fund for several years. That could cause so much financial stress as to lead to divorce, family estrangement, etc. That's "liquidate all of your assets right now and borrow from all of your relatives" disastrous. That's a penalty this guy is suffering without any trial or judicial overview. That's (possibly) without even having a grand-jury rubber-stamp the police side of the story.

I'm afraid to even post this lest it have some bearing on my situation, but I'm posting because I want all of us Slashdot crowd to be aware of it.

I don't really have a solution, but one thing that seems to help is to put up a very aggressive and determined defense from the very beginning. Let everyone involved know, "there will be no plea bargain. There will be a vigorous defense. Trying to bring a civil matter into the criminal system will not work and I'm not going to beg for mercy. If it gets to a trial, we're fighting all the way and there will be an acquital."

This guy is brave to even be talking about this publicly. I'm sure his lawyer advised him not to (mine did). Most of us who are victims of this are silent victims like me.

Re:Posting anonymously here because I've lived it

I went through something very similiar, when I pointed out that harvesting domain names to sell marketing emails to unscrupulous businesses could get us shutdown, the president of the company threatened me saying he'd level false accusations that would ruin my career. It was the one time in my life that being a hothead worked, I told him I'd break his neck (literally twice his size) if he even dreamed of screwing with my life when I was trying to warn him about his business practices. After that he was as pliable as a puppy and I resigned WITH a severance package.

Re:Posting anonymously here because I've lived it

I don't really have a solution, but one thing that seems to help is to put up a very aggressive and determined defense from the very beginning. Let everyone involved know, "there will be no plea bargain. There will be a vigorous defense. Trying to bring a civil matter into the criminal system will not work and I'm not going to beg for mercy. If it gets to a trial, we're fighting all the way and there will be an acquital."

A great shame that a lack of money makes it impossible to continue with: "I will recover my legal fees from you. You will be providing me with a new house. You will pay damages. I will prosecute you to the fullest extent of the law. I will not stop until your company is liquidated, your house is forfeit, your spouse and children are living on the streets and you are behind bars."

Re:Posting anonymously here because I've lived it

That is only one example of the reasons trade unions are actually a Good Thing. By banding together, workers can afford to fight this kind of abuse when it occurs. And companies knowing that helps keep the abuse from happening in the first place.

Re:Posting anonymously here because I've lived it

I lost $100k fighting against two crooks who decided to blame their $1m failing project on me. You see, they didn't just fire me, they also chose to accuse me of deliberately sabotaging the project and to sue me. Everyone else in the company knew it was absurd, and said so, I had no responsibility in that project -- but even with their testimonies my lawyers and the judge said there was nothing I could do but pay to defend myself and wait for the court to look at all the evidence (they never filed any evidence, just requested further procedural delays in order to "prepare" it).

One week before we finally were going to have our day in court (years later) and nail them, they filed for bankruptcy and started a new company. The "justice" system said "ah, no more lawsuit against you" and refused to go after the individuals who had made the false accusations (since they made them in the name of a now-dead company). All my time and money had been wasted.

The crooks are lucky Western Europe in the 1990s was not the Far West.

After the whole thing, I've shrugged. I will not invest my time in the false expectation that there is a "justice system" there to protect me from crooks. I've given up. I quit developing software. The one creative and professional activity I loved. It's painful to even think of these events. First time I'm writing about it.

Re:Posting anonymously here because I've lived it

Please go away, you fucking UNION MEATHEAD! This is not the employee break room at the supermarket where some n00b $8/hr clerks are longing for the $15/hr "promised land" of an unproductive unionized store. This is Slashdot.

Re:Posting anonymously here because I've lived it

[trailerparkcassanova]

The moral here is to incorporate and have business liability insurance.

Re:Posting anonymously here because I've lived it

jackass, why do you think workers in the US or Europe have a share of the wealth of their countries companies? take a trip around the world, you might learn a thing or two

Fired vs. Libeled, Slandered and Property taken

[billstewart]

Sure, it's almost guaranteed that he won't get his job back and wouldn't want it back if it were offered. However, it appears from a cursory reading of Chip's side of the page that not only did they treat him in a highly unethical manner (which may entitle him to sue for damages under some whistleblower laws, if PA's cover that kind of case), but they also appear to have libeled and slandered him and caused his property to be taken in ways that sound probably illegal or at least tortuous, and he's probably got a cause to sue them for that.

Normally it's not good practice to burn your bridges when leaving a job, but if the company blows them up when you're standing on them that principle doesn't really apply. A more serious problem is whether the immoral bastards were making enough money that you can recover anything if you sue them...

Also, there's dubious ethics and dubious legality. If you know your employer is acting in ways that are illegal, and you continue to support those activities, then you may or may not have a share in the guilt, depending on the various rules about corporation vs. employee responsibility and whether the actuions are covered by civil or criminal law. (To the extent mentioned in Chip's article, it sounds like most of the issues are either anti-spam law, which is mostly just civil and not criminal, or possible torts against the people whose systems they abused, plus of course their treatment of him where he's not the guilty party.)

Dubious ethics is a different problem from dubious legality - if you think they're unethical, you've got a personal responsibility to either work against those actions (if that's realistic in that company) or get out. I used to work for the part of my company that sold services and computers to the military. Took me a while to decide I shouldn't be doing that and find another job, but at least it was a big enough company that that was an option, and I've changed jobs a few times since then.

Why spelling matters

[ChrisMaple]

"Well healed conmen"

reverses the meaning of what I presume is your intention, "well heeled conmen".

To address your main point, there are companies (mostly small) that are dominated by evil, such as Oxidental Petroleum which acted to support the Soviet Union during the cold war. But most large companies are not run by obvious scumbags because they would be destroyed by the scumbags running the company into the ground. Adelphia is an example of what happens eventually.

Re:Why spelling matters

[IgnoramusMaximus]

reverses the meaning of what I presume is your intention, "well heeled conmen".

A typo indeed.

But most large companies are not run by obvious scumbags because they would be destroyed by the scumbags running the company into the ground. Adelphia is an example of what happens eventually.

Unfortunately that is not true. Large companies, especially the so-called "multinationals" enjoy immense support from politicians and national governments. Partly because politicians of all stripe are corrupt, but mostly because politicians fear large scale job losses and thus engage in various forms of corporate welfare, handing out tax breaks, government-guaranteed loans or outright grants and in many cases alter national laws to suit the mega-corporations. Add to this the fact that crookery can go on for a very long time undetected, masked by phony, on-paper "profits", masquerading as "growth" due to never ending cycle of "buy now, pay later" acquisitions of other companies and in some cases the crooks actually manage to make money for the corporation, if they corrupt the local government sufficiently and are allowed to establish an effective monopoly. Only in the most obvious and extremely unsustainable cases do the businesses actually implode. One has to have to literally levitate the whole company on thin air and have debt to income ratio of hundreds to one before something gives. That is why it took super-human efforts to make Enron fail and that is why the airlines (who lose money continuously, since anyone can remember) are still in operation. Running a business into the ground is only an option for a small operation where there is no way to hide the crookery or obtain government bailouts for any length of time. Note also even the very collapse of a behemoth like Enron managed to generate money for the crooks in form of, literally, hundreds of millions of dollars in "legal and consulting fees". Try that with your mom-and-pop shop.

I do agree that small businesses are not exempt from connivery, but my logic is simply this: if business size is kept in check, so is its power and the impact of individual businesses going rogue or simply failing. An IBM can in one fell swoop throw 16000 families into the gutter without even blinking in order to make a few more bucks for the managment, a 50 employee firm can at most harm 50.

But even deeper then that, there is simply a realization that large corporations are corrupting capitalism by reducing its potency to benefit society as a whole. A cornerstone of the system, the very mechanism by which the "invisible hand" is supposed to do its work is competition. If a company size increases and the number of viable companies in a particular field decreases, this in turn reduces competition and leads to oligopoly or outright monopoly situations, effectively destroying any benefits of the system to consumers, not to mention all the disastrously negative political side-effects. This process is in fact the most serious weakness of capitalism as it appears that the system is incapable of self-correcting this situation, contrary to its tenets.

Simply look around and see how many of the everyday products you use are manufactured by companies which have at most one or two viable competitors: Coke/Pepsi; Intel/AMD; Nvidia/ATI; Boeing/Airbus; etc. There are at most a dozen of car manufactuers whose vehicles you will see (many more brands but they all belong to few parent companies). There are just as few oil companies. The list goes on and on.

There are many such -- by now proven to the point of the absurd -- errors in the Adam Smith's plan which require alterations and overrides to save the whole process from reverting to an essentially feudal/mercantile scenario. Unfortunately it would seem that people either refuse to see the obvious or are more then happy to play along in hopes of securing for themselves a place in the ranks of the new "nobility".

mod up

This is not a troll.

Billable hours is, in fact, the victim's problem.

The company will go bankrupt and he will never recover his expenses.

He should shut down negotiations and ask for a court date. Yes, he should have a lawyer for the
trial; but his position is pretty safe.

Computer Search & Seizure Rules

[billstewart]

The EFF was originally founded in response to the abusive seizure of the Steve Jackson Games company's computers. It sounds like there are some definite conflicts between the way Chip's computers were seized and handled and the Federal laws, rules, and procedures for handling computer evidence. (That doesn't mean that Pennsylvania state evidence procedures or prosecutor/police rules are necessarily aligned with Federal, but Federal law still applies.) That's the kind of thing the EFF is good at.

However, the EFF and ACLU seldom get involved with things unless somebody asks them or things are brought to their attention through other channels. No idea if that's happened here.

Unions

[madstork2000]

I bet if there were a technology workers union, this sort of thing would not happen nearly as often.

I personally loathe unions as outdated overly powerful groups, that promote lazy workers and wasted money. However, I think this illustrates perfectly how the big companies will stick it to the little guy given the chance.

I still believe most unions are bad in their current state, but it is obvious to me now that they represent a critical part in the checks and balances that make up our work force.

-MS2k

Not just the perl community...

I'll just note that the author of "Dive Into Python" had some not-so-minor computing-related brushes with the law in his youth. Of course, that was long before he picked up the Python torch, so maybe there's something to that...

No criminal charges present?

[erroneus]

Okay, so since there are no criminal charges at present, by what right does the company have to possess this man's personal property?

Further, any "evidence" the company might claim could not hold up since they have power over ALL known evidence where they can certainly tamper with it. They can plant anything they like but reasonable doubt would certainly rule in the defendants favor... and I'm sure they must know this. So what do they gain?

Possible knowledge of what he has on them for one. But more importantly, they have the opportunity to strip him of any evidence that he may have on them and I think that's the purpose here and with nothing more than an "I'm sorry, your honor, these accidents happen..."

I hope when he was stupid enough to send the letter threatening to bring them to the authorities that he backed up his evidence and gave it to some other party for safe-keeping.

This is a mess that spells "violation of civil rights" all over the place.

Re:Spammer gets a moral wake up call

[darkonc]

I'm gonna be nice and chaulk the GP to horrid misreading.

Salzenberg was working for a company that started using some seriously shady practices. He did the legally appropriate thing, and brought it to the attention of upper management/officers. They went ballistic and pulled the plug on him insteas of the illegal activity. (what says that they already knew of the illegal activities?).

They then called the cops on hime and got them to sieze his compuers on the flimsiest of evidence.

Question: what are open proxies and web harvesting

[ClassicPenguino]

What is web harvesting, what is an open proxy, and how does an open proxy relate to web harvesting? Noobs want to know.

This guy played the situation all wrong.

If you're going to send a letter like this (which is a bad idea in the first place), then you had better also tender your resignation at the same time. If you're THAT appaled by the events in question, then back it up with action.

Furthermore, the dude called out the company right there in the letter (read the last two paragraphs). He says he is pondering his legal options, and not only that he fucking puts it writing!?!?!

I don't know anything about the author (through perl or otherwise), but if he is as passionate about this as he sounds, then I could see him actually downloading the entire CVS for evidence. Sure, he's covering his own ass (prudent!), but that is still a problem.

I'm not saying the company was right, but if you're going to go after your employer, you had better have both barrells loaded. And for God's sake, don't threaten legal action. That's just calling down the thunder!

Job Posting (SCO Employees Apply Now!)

[libra-dragon]

It was looking good until I got to the last two "Required Qualifications"

Position: Software Developer

HMS is looking for a software developer to contribute to the creation of internal tools, customer web-based applications, and data manipulation software.

This is a hands-on technical position reporting to the Director of Software Development in a small, focused development team.The successful candidate will be involved in the further development of tools and websites that support the company's goal of collecting, integrating and presenting data about healthcare professionals from a wide array of sources.

This position requires an experienced software engineer with at least 5 years hands-on professional experience, and recent experience with Java in a Linux/Unix environment. Experience in object-oriented design and development, as well as prior participation in all phases of the software development life cycle is desired.

Candidates with Perl development experience, strong software design skills and substantial technical breadth will have a distinct advantage.

The superior candidate will have a vibrant, self-motivated, get-it-done attitude; the ability to think critically; a desire to learn in new areas; and the discipline to pay attention to deadlines, details and quality. Good communication and interpersonal skills are crucial for this team-oriented position.

Please submit salary requirements with application.

Required Qualifications:
3+ years experience with Object Oriented Programming
Significant experience with Java
Experience with OO Perl a significant advantage
3+ years hands-on Linux or UNIX
Software design skills, with experience in designing and implementing N-tier software systems
Experience in all phases of SDLC (analysis, design, development, testing, deployment
Strong communication (verbal and written), and interpersonal skills
Bachelor degree (preferably in Computer Science), or equivalent work experience
Experience in abuse of open proxy servers
Complete lack of ethics

Additional Desired Qualifications:
Proficiency with C++
Proficiency in SQL programming
Experience with Oracle
Familiarity with GUI design and development
Some Windows programming experience
Familiarity with GUI design and development

HMS Benefits:
Health, Dental, Life and Disability coverag
401K Plan
Employee Incentive Stock Option plan
Semi-Annual Bonus Plan Excellent working environment
Business casual attire
Small and growing company (currently 75 employees)
Lunch provided daily
To respond, e-mail resume to jobs125@hmsonline.com, citing "Software Developer" in the subject heading.

Re:Job Posting (SCO Employees Apply Now!)

[unitron]

If you'd used bold or italics tags on the lines

Experience in abuse of open proxy servers
Complete lack of ethics

youo'd probably be up to +5, Funny (with at least one Insightful in there somewhere) by now.

You think THAT's bad...

[argent]

Hah! First job I worked after college we had 3 developers sharing a Polyforth development system running multiuser in 12K of RAM with no memory protection. When you dropped out of the editor to test something you yelled "save your buffers"... because Polyforth didn't even use stack sentinels so just about any syntax error meant the system crashed and had to be rebooted.

Re:You think THAT's bad...

[mikael]

In my final unversity year, the license fees for a HP-UX system with more than 12 users were so high, that our engineering department assigned login names on a per class basis only. So everyone in Computer Science year 3 studying embedded systems would be assigned the username 'cs3es1', and so on. In order to do assignments you had to run the cross compiler then the emulator. Unfortunately, from time to time, the emulator would lock and son the only way would be to kill the process from another window. Unfortunately, you'd sometimes forget which ttyp you were logged onto and kill the wrong process...

Re:Have you been charged with a crime?

[Frank+T.+Lofaro+Jr.]

The idea isn't to escape forever, it was just to buy time until you can ensure you have chance of beating the rap or getting enough influence (using money from a public defense campaign) to get locked up in a "safe" place.

(Plus if you were truly being railroaded they'd might deny extradition in those cases - I know Canada will deny extradition if someone faces death - they might also deny extradition if the case is baseless).

It is far easier for the US to accept a voluntary surrender with conditions (like don't put me in Beto unit in Texas, send me to Nellis AFB Federal prison in Las Vegas, Nevada) than to pursue extradition.

The US Atty can tell his boss he won, you buy time to build up a defense and any time you spend might be far more pleasant.

Doing the original sentence plus a couple extra years at Nellis would be better than the original sentence in Texas for sure.

As for me - I hope it never happens - I am a law abiding citizen - but who knows what may be illegal next week - I'd just surrender to the authorities and take my lumps, but I have a Christian faith that things will eventually (even if it is after my death) work out.

I'd get my affairs in order however. And hope to God they'd send me to the local Fed prison (Nellis).

Re:Spammer gets a moral wake up call

[servicepack158]

So you guys all think they employed a perl coder to do legit things? He probably designed all of these techniques for evading blocks. I stated I don't know the guy or the situation, but it seems a little convienient that someone with some serious perl skills suddenly has a moral moment of clarity after the termination of his employment about what it was he was doing there.

They're not wasting any time...

[rnturn]

They have a job opening for a software developer that sounds like it was Chip's old job.

Here's hoping they have a hell of a time finding the right candidate.

Chip, if you reading this, I want to know.

[Etyenne]

Why the fuck where you working for such a bunch of lowballs in the first place ?

So this is the right formula? almost a synopsis 8)

[da5idnetlimit.com]

How to get the Hero Lose At The End :

1/ Discuss terribly important matters that can burn your boss with ... your boss. - Ok, honest to god chivalrous move.

2/Issue an official letter that is the corporate equivalent of going to war - Without covering your back...against, sort of chivalrous reflex of only dealing with the thing in front, and damn the backstabbers

3/Gets a beating, quite serious, but he survives...-Please, remember we speak about the hero here.

4/Hero finds master, changes is name and learn how to fight...lets say he learns Python instead - Very dangerous Technique, Python. Sad the old Assembly master is dead, or he would have been glad to contribute to the techniques Little Perl learned

5/The hero - Little Perl - comes back, kills the evil CEO with the martial equivalent of the infinite loop (aka head in the ass) and flees to she sunset with the nice, and finally innocent lawer.

Yeah, almost boring, seen it a thousand time already...
BTW, do you still have my vhs of Shaolin Mountain, the Revenge of the Come Back part 2 ?

Be Careful, The Ice is Thin

[BFlatSeven]

While I certainly can relate to Mr. Salzenberg's predicament, and I applaud him for taking a strong stand against unsavory business practices, I have been unable to substantiate some of the legal claims that he makes in his letter. For instance, he writes that "Federal courts have held that web spiders must obey the established ROBOTS.TXT mechanism by which web site owners limit automated access..." As a developer who has been asked to write harvesting applications, I was very concerned when I read this sentence, so I decided to do a little research. After several hours of research I have been unable to uncover anything that would support this claim. I did, however, manage to find a document published by Berkley that states exactly the opposite: "Website operators who do not wish to avail themselves of the publicity that spiders provide may invoke the Robot Exclusion technical standard, which, like most of the standards on which the Internet is based, is open and voluntary [emphasis mine]". While I agree that harnessing legions of zombie machines is wrong in every sense of the work, let's be careful before we get too carried away - there's a big difference between unsavory and illegal.

Re:Spammer gets a moral wake up call

[GooberToo]

You are one stupid idiot. He claims he only recently realized that they were using illegal tactics. Until such realization, he had zero reason to assume they were anything other than a good havister, exactly like Yahoo and Google. Once he found out bad sutff was going on, he tried to get it corrected; for months now. In other words, for your that dumb statement to have any merit, we must all immediately assume that the likes of Yahoo and Google also ignore ROBOTS.TXT. Unless you can prove they ignore it, your position is 100% BS flawed!

As I said, and the moronic mods missed (pea sized brains), it's obvious that the BS statement you are supporting is with 20/20 hind sight. How stupid do you have to be to not understand what I said? Obviously, with hind sight, you can see that they are scum bags. Since you were not in his shoes and he implies that the company is thought to be repuatable, claiming he's stupid for not "know-all" is nothing but BS.

I'm sure I'll be modded to hell for this posting but the stupidity that roams here is just sometimes too much. Go back and re-read my original reply. I never once said that Yahoo and Google did not obey ROBOTS.TXT. And you have zero reason, as posted, support your position, other than a BS statement with hind sight on your side. BS.

Informative my tail. Try -1 stupid.

Re:Spammer gets a moral wake up call

[GooberToo]

Wow! Once again I'm dazzeled b ythe brillance here. YOU only know that because YOU read the article AFTER he TOLD you that THEY used zombies. If HE hadn't told you, you would be in the dark; just as the author claims he was. Which means, until such time you knew what was going on, they would be EXACTLY like Yahoo and Google in eyes of all that remained ignorant!

DIDN'T YOU RTFA!!!!!!!

Had a similar situation

I moved out West in 1997 to work for a company (heading up a software division for Windows) that a friend had bought into. Long story short, he and I found massive corruption (embezzlement) within weeks. He brought it up at a board meeting, and the next day was kicked out of the building, voted off the board (illegally it turns out) and his stuff left on the curb. I quit the same day.

At 7 AM the next morning, the sheriff was at my door with their lawyers in tow. Fortunately for me, they screwed up the warrant and were unable to seize my hardware, but they took a very detailed inventory of everything. Even more fortunately, my friend HAD consulted a lawyer before confronting the board and he (the lawyer) had the whole thing search/seizure suspended. The courts finally found the company's motions meritless (and fined them!!) They ended up with a huge lawsuit against them from several board members once the whole picture came to light, the BSA came down on them like the wrath of God (thanks to a cover your ass maneuver by the CIO) and the whole thing went into the crapper within 8 months.

ALWAYS consult a lawyer when doing any sort of confrontation with your employer. You need something to back you up. If they are doing something scummy, there is NOTHING that will stop them from doing something scummy to you in return. I should have done so before the board meeting, even though I wasn't directly involved. But my friend saved my ass. He lives 2000 miles away now, but I still send him thank you notes.

Federal Law

[Veteran]

Anyone who has knowledge of a Federal Felony is REQUIRED by law to report that information to federal law enforcement.. Failure to do so makes the person having the knowledge an indictable co-conspirator.

I found out about this several years ago when the company I was working for attempted to get me to file a fraudulent patent application.

Never complain to a company CEO about something like this; they will simply fire you. Always go directly to the Feds. If you do so you are protected by the Federal Whistle blower statutes. Company CEO's involved in illegal activities start gasping for air when they find out the Feds are involved.

Re:Federal Law

[schatten]

So where to go from here?

Why doesn't the feds get alerted to the practices, step in, shut it down and make it very difficult for the company to exist and for the company to press this case at all?

Re:Spammer gets a moral wake up call

[GooberToo]

Correction..."for your" should be, "his". so on and so on...

RTFC

[JLF65]

Did you even bother to look at the dates? The table is upside down - the events at the top of the list occured MORE RECENTLY. The events at the bottom occured FIRST.

Accomplance after the fact?

[coyote-san]

Excuse me, but aren't you an accomplance if you are a party to a criminal act? It can even be after the original crime, if you knowingly provide ongoing support to the criminal act, explicitly work to cover it up (e.g., by destroying logs), etc.

Then there's conspiracy.... You can be convicted of conspiracy if you knowingly commit just one express act in furtherance of a crime. Even if it's otherwise legal. E.g., it's legal for you to buy a lighter. It's legal for you to give it to another person. It's not legal for you to do this if you know that person plans to use it to commit arson. His prior code would have been safe (since he had no reason to believe it would be used to commit a crime), but ongoing software development when he believed it would be used for criminal acts....

Anyway, to my non-lawyer mind it's easy to see the letter as an attempt to protect himself from a shitload of legal trouble if/when the company's bad acts came to light, not to threaten them unless they coughed up something in exchange.

BTW, by the same analysis they may have just bought themselves a world of pain. An aggressive DA might make a case for witness intimidation, something that might stick even if they're cleared of any other illegal activity.

(P.S., I wouldn't have called the activity "illegal" in the letter. You can raise concerns without making judgments.)

Re:Accomplance after the fact?

[DerekLyons]

Anyway, to my non-lawyer mind it's easy to see the letter as an attempt to protect himself from a shitload of legal trouble if/when the company's bad acts came to light,

And that's just the thing - this letter provides no such protection - in fact it provides evidence that he continued to work at the company after becoming aware of the illegal/unethical acts. He names himself as an accomplice and conspirator. He admits to writing the a portion of the code while in the companies employ. He admits to continuing his employment and participation after becoming aware of the illegal/unethical acts. A DA would call this letter a confession.

BTW, by the same analysis they may have just bought themselves a world of pain. An aggressive DA might make a case for witness intimidation, something that might stick even if they're cleared of any other illegal activity.

He's an employee who made threats against the company and refused to perform his assigned work. It's not witness itimidation, it's protecting the company from from potential harm by a hostile 'insider'. It's hard for some people to believe, but geeks can be wrong.

(P.S., I wouldn't have called the activity "illegal" in the letter. You can raise concerns without making judgments.)

He could hardly have made the letter less professional and more immflamatory - not a good sign if/when this goes to court.

Re:Accomplance after the fact?

[snorklewacker]

My legal schooling isn't really up to snuff, but I don't believe it's actionable blackmail to issue a threat of going to the proper authorities.

HMS is screwed. They'll never get another contract again. They're just going to screw Chip and his family along with them.

Re:Accomplance after the fact?

[tricorn]

Working for a company that is doing illegal things is not illegal if you're not participating in those acts. Otherwise, everyone at Enron would be in jail now. Writing code that is used by someone else to do something illegal is also not illegal. Refusing to do something illegal is good evidence that anything that happened earlier was not with your knowledge.

Calling it illegal is necessary if you're going to refuse to participate. Firing him for refusing to do something illegal is going to get them in trouble. Firing him for refusing to do something he "thought might not be very nice to do" wouldn't.

Re:Better yet -- contact the customers -- NOT!

[Sharkeys-Day]

Their customers are major pharmaceutical companies. You know, the people who brought you Botox and Olestra.

I don't think they will blink at a bit of spam. It's driving their Viagra sales.

Homer says ...

[coyote4til7]

HMS... DDoS... droool.

Re:Homer says ...

Well, Tim Wood of Richardson, TX, I imagine their lawyers would be knocking on your door first, subpoena in hand, just a few seconds after a DDoS hit thier routers. Childish maroon.

The threats in Chris's letter contributed

[baddogatl]

The company's staff lawyers probably recommended a pre-emptive strike after receiving Chris's threats of a lawsuit. By filing first, they control much of the initial investigation and proceedings.

This allows the company to bankrupt and discredit the smaller guy while strengthening their defenses.

A better option would have been to consult with a lawyer up-front. He may have recommended different communications, a change of job, or other strategy to protect Chris from the onset. A retainer fee is much less expensive than a full-blown lawsuit.

Re:The threats in Chris's letter contributed

[Lew+Payne]

|| The company's staff lawyers probably recommended a pre-emptive strike

BINGO... and of course, the typical slashdotter (and Chris) will begin by saying IANAL, and
then proceeding to act like one. Well... guess what... if you're not a lawyer, shut the **ck up
when it comes to dispensing legal advice (or an opinion smelling of legalese). Above all, do not
threaten others (especially others who have more wealth than you) with your armchair legal opinion.

I'm surprised that Chris is surprised about what happened, and about suddenly finding himself in a
position where it's costing him $20,000/month in startup legal fees. That's an expensive lesson.

Re:The threats in Chris's letter contributed

[INetUser]

It pains me, and cencerns me, that the legal system has degenerated into this. A system where it's not the legalities of your position, but how much money you can spend of legal manuvers that determines the outcome. Of course, I guess I already knew that since the Simpsom verdict. (sigh)

Re:The threats in Chris's letter contributed

[Lew+Payne]

|| It pains me, and cencerns me, that the legal system has degenerated into this. A system where
|| it's not the legalities of your position, but how much money you can spend of legal manuvers that
|| determines the outcome. Of course, I guess I already knew that since the Simpsom verdict. (sigh)

Most people have a pollyanna bromide view of the legal system. It's a shame.
By the way, what is the Simpsom verdict? I don't think I've heard of it.

Vote with Your Feet

[chezmarshall]

I've been thinking about Chip's circumstances since someone sent me a link to it the other day.

Here's my take: sending such a letter to an employer who is acting illegally and/or unethically is basically saying, "I am thinking about crushing your shit, would you like to crush my shit first?" Not surprisingly, such employers will proceed to crush the employee's shit.

Yourdon once gave excellent advice about dealing with employers whose software development practices sucked: vote with your feet. One person alone cannot fight an entire company's inertia. Make a bona fide effort to get them to change, and then move on.

It goes multiply so for employers who are doing Wrong Things. They aren't going to come to a moral awakening just because the Noble Programmer has pointed out their failings.

If your employer is doing something wrong, illegal, immoral, or whatever, you have two choices: live with it and become party to whatever it is they're doing or Get. The. Fuck. Out. If you leave, you can either be quiet about what you know or rat them out.

I wouldn't blame anyone for keeping quiet about such things -- it's for everyone to decide on his own. In Chip's case, I think a sober analysis should have led him to stay quiet. The upside of rocking the boat was that HMS would stop being mean people about scraping data. The downside, as he has unfortunately discovered, is $40K in legal bills. I'm sure the owners of open proxies will someday thank you for your sacrifice!

But if you do decide to rat the bastards out, you've got to get ready for all-out war. They're going to come after you hard. Make backups of all your data. Get your computers out of the house.

[If you're really bored, find some broken hard drives and put them in your computers in place on the real hard drives. The computer foresnics guys will have loads of fun racking up many hours at your former employer's expense trying to make them work.]

Practical example: I worked for about a month for a particular company, first as a contractor and then as a W-2 employee. They wanted me to do something unwise and risky that had the potential of considerable civil liability. The moment I saw what was going on, I stopped what I was doing, appraised them of the risks, and told them I wasn't willing to accept personal liability for what they wanted me to do. The outcome of that discussion is that I became a full-time employee which gave me a little bit more protection from any fallout. After a few days of this, however, I decided it was all too stupid for this to be going on. I knew they didn't share my opinions about the (un)wisdom and risk about this, so I just quit. No threats, no angry retribution, no reason for anyone to crush my shit.

The corruption is extremely widespread.

[Futurepower(R)]

It's all part of a wider corruption. Large corrupters spend huge amounts to get lazy judges elected, and work for the defeat of judges who do a good job.

Part of the way corruption of the courts is accomplished by not giving the courts enough money to operate. A 2003-06-24 op-ed article by Charles Williamson, then president of the Oregon State Bar, in The Oregonian, the Northwest's largest newspaper, said, "The crippling loss of nearly one-third of their staff have left our courts unable to hear criminal cases such as car theft, shoplifting, prostitution, fraud and identity theft."

The corruption of the patent office is part of the same thing. Large corrupt corporations want stupid patents because they can scare others away from coming close to their technology. They don't care if they lose a few court cases. Taking something to court is so expensive that they win just because of the threat.

The book Other People's Money discusses corporate corruption. It's excellent.

35 Books and 3 movies say the Bush administration is the most corrupt the U.S. has ever had: Unprecedented Corruption: A guide to conflict of interest in the U.S. government.

Many Americans don't want to know that their government has become corrupt, so you can expect hostile comments if you try to talk about corruption.

Re:The corruption is extremely widespread.

[zero_offset]

Part of the way corruption of the courts is accomplished by not giving the courts enough money to operate. ... "The crippling loss of nearly one-third of their staff have left our courts unable to hear criminal cases such as car theft, shoplifting, prostitution, fraud and identity theft."

...

35 Books and 3 movies say the Bush administration is the most corrupt the U.S. has ever had

OMG! TEH PRESIDENT WANTS TO STEAL MY CAR!!!1!

Seriously, what the fuck does your tired and dull anti-Bush rant have to do with the topic?
(n.b. This is a rhetorical question.)

Re:The corruption is extremely widespread.

Do you notice that Bush supporters often have an anger problem, as Bush does? Do you notice that they often have a very weak grasp on logic, as Bush does?

Re:The corruption is extremely widespread.

[humoly]

Not to mention the spelling errors and indescent language... Still, as the US foreign policy still is and always has been quite prone to wage war, a guy like Bush and the likes are excellent US representatives.

Re:The corruption is extremely widespread.

[Hal_Porter]

Many Americans don't want to know that their government has become corrupt, so you can expect hostile comments if you try to talk about corruption.


Many Michael Moore fans don't want to know that he's a lying bastard. So I'll expect hostile comments when I post this.

See, ad hominem attacks are not too helpful are they?

"Hey I'll just post my web page with my world view. If you agree then you're obviously a good person. If you disagree then it's because you don't want to know the truth, or have been paid off by big business, either way I don't need to listen to you"

Re:The corruption is extremely widespread.

[Dobeln]

Powerful indictment, that - a list of 3 (three - count 'em!) anti-Bush movies (Including F/911, no less!), and every anti-Bush screed published. Who could possibly fail to be swayed by such an authoritative argument? There is one good point in there - the Bush administration committed a huge fuckup with regards to Iraq. (Read: WMD, WMD, WMD) It alone should have been enough to warrant a change of administration, but alas... The rest is the usual conjecture, and it hardly makes much of a case for "widespread corruption" or the like, as the term is usually understood.

Re:The corruption is extremely widespread.

[zero_offset]

Not to mention the spelling errors and indescent language...

*sigh*

Re:The corruption is extremely widespread.

How many of the 33 books did you read? My guess is: None. The authors are generals, republicans, Pulitzer Prize winners, administration officials, and well-known writers.

Re:The corruption is extremely widespread.

[webfiend]

OMG! TEH PRESIDENT WANTS TO STEAL MY CAR!!!1!

Dude, where's my car?

And tell me who those guys are in black suits spraypainting "Teh Bush Roxxorszz!!1" on the wall. Damn kids.

Re:The corruption is extremely widespread.

[Sj0]

I'd say a major problem is that anyone who isn't a lying bastard can't get any airtime. It's really easy to beat your opponents into submission when you don't have to speak facts. The day I saw Cheney flat out lie and deny that he ever made the "pretty much a sure thing" comment, I've realized that the lying has reached such a critical mass that it's more real than the truth.

Re:The corruption is extremely widespread.

most corrupt?

hahahaha
thats adorable.

Re:The corruption is extremely widespread.

>50% of the votes went for Bush, but >50% of the US mass media is against Bush.
This would imply that more advertising is targeted to people that voted against Bush.
In turn there is the implication that advertising works better on people that didn't vote for Bush, because businesses prefer to invest where there is more expected return.
Thus it is not unreasonable to suppose that the people that voted against Bush are more gullible.

Meshing very well with this argument is the current circumstance: The idea that Bush supporters are more gullible is commonly disseminated in the mass media, including the internet, and non-supporters of Bush so easily believe it.

Re:The corruption is extremely widespread.

Other explanations off the top of my head:

• Bush opponents tend to have higher incomes and fewer children, making their outlets more valuable for marketing luxury products. Marketers can just post a sale price at Wal-Mart to reach Bush supporters, they don't need media for that.
• Bush opponents are more nuanced and discerning and seek a variety of viewpoints (thus they'll support several outlets), while Bush supporters will simply watch Fox News for an hour and think they're done.
• The media hire young college graduates almost exclusively, who are almost always more liberal than their less-educated or older peers.
• "If it bleeds, it leads." Fear and controversy bring a bigger audience than smug satisfaction, so opposition to whoever's in power is in their own interest. They didn't take it very easy on Clinton either.

As for "gullible", I don't think anyone is immune to the psychology behind modern advertising. Haven't there been studies showing people were affected by the message even when they claim they weren't?

And haven't those who believed Bush's war rationale du jour demonstrated they're more gullible than anyone who didn't?

One other thought

(Replying to my own post here.) One thing that would go a long way to preventing companies from using criminal law in such abusive ways would be to change the way NDAs work. The problem is that whoever has the connections or money to get law enforcement involved in these business disputes wins before the victim even has a chance to fight back. The trade secrets criminal law is over-broad and is wide open to misuse in "getting even" in business disputes. I suspect that criminal trade secret laws are primarily used for revenge, settling scores, etc, rather than actual legal violations. I know that in my case, this "customer" just didn't want to compensate me for the work I did, and it didn't cost him anything to get law enforcement to come after me, and obviously if I'm dealing with an investigation I won't be able to put any effort into a civil suit against him... so there you go, he did it!

A possible solution would be to start putting clauses in NDAs to neutralize the threat. I'm not a lawyer, but some options would be:

• A clause where the discloser specifically agrees not to file a criminal complaint for trade secrets
• A clause where the discloser agrees that any disputes arising over the disclosed information are civil disputes
• Best of all, a clause where the discloser agrees to pay up to $1mil in criminal defense legal bills to the receiving party if the receiving party is criminally investigated under criminal trade secrets laws

This last clause especially would make it pretty clear that no one can use the NDA as the basis of revenge tactics that I have experienced and that the author of TFA has experienced. My fear level would have been a lot lower if I knew that I had a $1mil retainer to defend myself against my former contracting customer.

Note that all of this would still give the disclosing party plenty of protection. Criminal copyright law is a lot clearer and easier to defend (if the defendant is actually innocent). Putting those clauses into an NDA would not lessen the discloser's remedies on copyright issues, and that should be the legal area where these disputes are held (if there is any basis). Clearly in the case in TFA, they chose trade secret law, not copyright law, because trade secret law is so much more vague and difficult to defend. Crim. trade secret law is also more difficult to prosecute; it's enormously more complicated and subtle than straightforward copyright law. The bills are huge for both parties (prosecutor and defendant) but the defendant is paying out of his own pocket, whereas the prosecutor is paying out of the taxpayers' pocket and the company that filed the complaint doesn't have to pay anything at all.

Re:One other thought

[Mycroft_VIII]

IT occures to me that falling prey to such a practice could leave a man with nothing to loose, and it's failure to notice this (and/or think it through) that causes people to start this sort of thing.
IF threatened with something like this maybe a person might point this out to the boss making the threat, and quitely suggest said person rent Falling Down or any such movie about what can happen when someone has nothing more to loose, or at least thinks so, and snaps.
However this is not advice I'd follow lightly if at all, one could wind up being accused of threatening violence. The real point of such of discussion would be to try and shock the other person into realizing just how such an action could harm another (build empathy) and how BADLY that could backfire (fear of real consequences). If they should somehow come to the concluesion that that such a backfire would be extreemly likely that's just thier own guilty concience.

Mycroft

Help the guy out!

Slashdot Health Market Science. http://www.healthmarketscience.com/

Re:Unions & comments on the forensics guy, etc

I agree with your second sentence - "I personally loathe unions as outdated overly powerful groups, that promote lazy workers and wasted money."

Join a union and work to support your union leadership who won't do anything for you other than to make sure that you remain loyal to the union.

More specific to your comment: There is no way that a union would/could help in this case.

While I feel very sorry for Chip, He was naive. His letter is an invitation for some type of retaliatory action by the company. Especially, when you consider that he's calling out Mr. Ferris who is a company founder. There is no such thing as the right of free speech or the presumption of innocence in the corporate world.

Companies will pull a variety of devious stunts, including document destruction and forgery and coercion of co-workers, to protect themselves.

Who says that HMS didn't doctor their logs and muck with his office machine before they called in the "forensics expert". Of course, we know that can't be possible because Mr. Forensics checked the Dynamic Host Control Protection(DHCP)logs.

Who according to the chain of custody form gave the forensics company the machine - it was the CEO. Personally, I find that a little odd.

Also notice that the forensics guy's affidavit doesn't include any netadmin, sysadmin or security credentials of significance (it does have a vague reference to significant training, but there aren't any specifics) and the past employment that is mentioned isn't very impressive either - 12 years in IT with 10 of those spent at or above the Director level - musn't have been very large organizations.

Yikes!

Bah...We're with you. Really we are. I learned my lesson going up against someone I had literally no recourse. Some crap about 'soveriegn nation' - they ruined my life for 2 years, and my back forever. But ya know - life runs in circles, and it all comes back around. At least I know the right steps, have documented my ass off in any way I could think. All cuz I'm good... great at what I do. :| Whatever happened to professionality? Screw this ITIL crap! Teach managers to treat people like human beings.
Hang in there AC .. you are not a coward, and you aren't alone.

Re:Spammer gets a moral wake up call

[EugeneK]

You're just engaging in speculation - according to your reaoning, anyone with "serious perl skills" is automatically suspect of doing illegitimate work if he's doing perl professionally.

Hey look at that guy...he's a perl coder. And you KNOW what that means...he's gotta be up to something shady!

Re:Question: what are open proxies and web harvest

They were cracking into other peoples' unsecured computers (using "open proxies" like that is illegal, for a good reason) and using them to download off-limits material from websites (from robots.txt), which is also illegal, but for stupid reasons.

At least, that's what this Chip guy is claiming. I don't really care what he did, or how poorly he went about solving the problem...or even if he were lying about the whole thing. They still shouldn't have taken his computers like that, period.

If I had any money, I'd send him a few bucks.

wget -m http://www.healthmarketscience.com/

I need a mirror of their website...

wget -m -erobots=off
http://www.healthmarketscience.com/

Were any of those open relays in New York State?

Call Eliot Spitzer. Maybe HMS is just one of a number of data aggregator companies that play like this.

Serious Question

[blue_adept]

How is it illegal or even immoral to use proxies? I've seen lists of machines (ip addresses and ports) that can be used as http proxies. They are machines on a public network, running software specifically for acting as http proxy. How/why is it immoral to use them?

I don't understand the idea of getting "permission" to use these machines either... do I have to ask for permission before I access a web server too? How can anyone get upset that a machine running a public service on a public network gets used by the public??

Re:Serious Question

[gerardrj]

Because most of those proxies are running without the machine owner's permission or even knowledge.

Re:Serious Question

[ArtStone]

Your statement of fact is based on what?

As just one example, PlanetLab.org runs an entire network of open proxies.

http://codeen.cs.princeton.edu/

Because I run a web server with a database that everyone wants to "scrape", I see this kind of rogue spider hiding behind proxy servers that don't read robots.txt and try to hide every day.

I now ban every known -open- proxy IP and aggressively gather lists in order to block access.

However I think his claim that ignoring robots.txt as being "illegal" is unfounded. Civil suits are not the same thing as criminal matters.

In the same paragraph in the letter he both says:

"None of HMS's harvesting source code even mentions the ROBOTS file, let alone obeys it." and

"Yet at least one of the authors of the harvesting system did know about it, since the "RequestDistribution.txt" document in the harvester source code actually contains a reference to the W3C standard for ROBOTS.TXT."

Your honor, I would submit that one or the other of those statements is not true.

And robots.txt is -not- a W3C standard. It is a voluntary agreement among web spider authors.

From:
http://www.robotstxt.org/wc/norobots.html

"It is not an official standard backed by a standards body, or owned by any commercial organisation. It is not enforced by anybody, and there no guarantee that all current and future robots will use it. Consider it a common facility the majority of robot authors offer the WWW community to protect WWW server against unwanted accesses by their robots."

If fact, WC3 -explicity- says on their web site that robots.txt is not a compulsary standard:

http://validator.w3.org/docs/checklink#bot

"Note that /robots.txt rules affect only user agents that honor it; it is not a generic method for access control."

If you're going to accuse your employer of illegal activity, you sure better have your facts right.

Re:Question: what are open proxies and web harvest

A proxy is a computer that lets you make HTTP requests indirectly, by going through it.

Normal HTTP requests look like this:

GET /forbiddenFile.html HTTP/1.1
Host: example.com

...and the server returns that file.

Proxy'd HTTP looks a little different, because this sort of request is sent to the proxy, which then sends a normal request to the server:

GET http://example.com/forbiddenFile.html HTTP/1.1
Host: some-open-proxy.ru

Good for goose, bad for Gander.

Funny how people call for federal help when it's their individual bacon in the fryer, but when it's a company exercising their legal rights then there's a double standard (Waaa! Doesn't homeland security have anything better to do?)

Perl is my favourite language...

[Mensa+Babe]

...and yet because of scandals like this one or that involving Randal Schwartz (see: State of Oregon vs. Randal Schwartz, Washington County Circuit Court C94-0322CR) to name just a few, I have a hard time convincing the management that we should rewrite all of our Java backends in Perl and I'm sure I'm not alone who faces such ridiculous obstacles on a daily basis. I know with no doubt that both Randal and Chip are completely innocent. But they are also very naîve and shortsighted. I don't think we need such scandals in the Perl community. It is harmful for Perl, it is harmful for CPAN and it is harmful for us, the Free Software movement. So please, let us all help Chip with legal actions and do everything we possibly can to save the reputation of the core Perl hackers, even if that means excluding certain irresponsible individuals from the circle of trust. We owe that to Larry.

Re:Perl is my favourite language...

I can't figure out why you're not getting any bites on this one. My condolences. Maybe you just got in too late.

Re:Perl is my favourite language...

Guess what? I am a member of the Triple Nine Society. But I don't go around with it in my screen names. If you are going to brag about your IQ, at least post more coherently.

But I think it is more likely that you are a troll.

P2P Justice.

"I think a legion of slashdot readers blasting these contact details and sending trollish e-mails will only worsen this guy's situation: "Then he got his legion of goons to come to his defence, causing massive problems with our e-mail infrastructure and bringing our website to a crawl, before this had even got to court." That cannot be good.
"

Hey! Vigilante justice works. Just look at how it's brought the MPAA/RIAA to their knees.

overlawyered USA!

[EvilStein]

Gotta love it when the lawyers can basically bankrupt you with total bullshit lawsuits by charging ridiculous "legal fees" for pushing some papers around. (Yes, I know some lawyers, a lot of them charge $400/hr to go drop off papers at a courthouse. Ridiculous.)

Fuck you, o1 for doing the same thing.

Curious

Somebody in here must live in PA and have a spare windows box... Why not setup and install a nice little open proxy, and log the activities for a connection from their IP address after posting a suitably prohibitive banner...

Take the logs to the friendly local DA and prosecute. If they aren't going to stop it, one can at least have the CEO's arrested right?

Lesson to be learnt!

[threaded]

I have many years experience in the IT industry. I have found illegal activity at several places I've worked. I have with experience learnt this: if you ever ever find any illegal activity going on at the company/government department you work for and it bothers you:

1) The higher management do not need to be made aware, they already know.

2) Destroy any evidence you may have gathered on you own machine(s).

3) Say nothing.

4) Find a new job, contract or go unemployed ASAP.

Re:Lesson to be learnt!

5) Anonymously tip FBI.

Re:Spammer gets a moral wake up call

[Trepalium]

No, he was insinuating that someone with "serious perl skills" employed by a shady company must be partaking in that shady behaviour. It's still defective logic, but it's a bit more reasonable than what you posted.

Besides, even very, very smart people can delude themselves into thinking their work, which could use used to harm others is only being used for helpful purposes.

What were HMS doing?

[1u3hr]

Salzenberg was working for a company that started using some seriously shady practices.

Having read most of the docs, all I can see is that HMS were spidering websites, using proxies and ignoring robots.txt. But why did they do this? They're not a search engine. What were they looking for? Addresses for spam? Personal data to correlate with their medical records?

Re:What were HMS doing?

They were searching for the answer to the question, "What is the Matrix?"

Re:What were HMS doing?

[darkonc]

I'm not clear as to what they were doing with the collected data either -- but ignoring robots.txt and using other people's open proxies have both been found illegal in court -- and our hero friend saw this as 'bad and wrong' enough that he had to do something.

I will agree with one point -- When you send an open challenge to the CEO like that, you expect one of two choices: Either he turns over a new leaf, or you get fired. I don't think, however, that he expected to find the cops breaking down his door and carting away everything other than the furniture and clothing.

I would, however, point this out as another reason to do regular off-site backups.

Re:What were HMS doing?

[brainerd]

They're not a search engine.
Not in the 'public, for zip' sense. But for their customers, yes, they are a search engine.

What were they looking for?
(My interpreteation of their web site here:)
Health = Their customers are in healthcare,
Market = They provide services for marketing,
Science = They say they're using scientific methods.

So if you're in healthcare and you need info for marketing something, they might have something to offer. For example contact persons in your target organization, 'complete' with name, position, ethnicity, age etc.

BSA...

[Barbarian]

He should call the business software association.

12K of RAM? Ha! you were lucky...

[nut]

In my first job we had 132 developers working on a 128-bead abacus. If you had to leave the room, you gobbed on the abacus first so that noone else would touch it.

In the evening we used to sit round and play frogger with real frogs.

Re:12K of RAM? Ha! you were lucky...

[MattWhitworth]

I'm guessing you were developing Windows 3.1 software?

Re:12K of RAM? Ha! you were lucky...

[argent]

Was that a real roman abacus? I've got a 10-column suanpan with 56 beads, and a 21-column soroban with 126 beads.

I've never played live Frogger. We were too poor to afford the alligators, you swish bastid.

Re:12K of RAM? Ha! you were lucky...

[eeyore]

You can't run Windows 3.1 in 12K of RAM. DOS 5.x alone needed about 256K. To run well (in the Win3.1 sense of the word, you required about 2-4M at least.

Were you thinking of Cave Opening 1.0, rather than Windows 3.1??
--
Old Fart
(eeyore let me use his account -- thanks dude!!)

Re:12K of RAM? Ha! you were lucky...

[MattWhitworth]

I was talking about the abacus.

Redirects to Google?

[Joseph_Daniel_Zukige]

Hmm. Right now, the URL given for the employer, http://www.healthmarketscience.com/ gets redirected to Google.

So I looked it up on Google and got this URL:http://www.hmsonline.com/.

And it is redirecting to Google as well.

Whatever could it mean?

Re:Redirects to Google?

[turk182x2001]

Here is the answer..
nslookup www.hmsonline.com
Server: 68.2.16.25
Address: 68.2.16.25#53
Non-authoritative answer:
www.hmsonline.com canonical name = mosquito.hmsonline.com.
Name: mosquito.hmsonline.com
Address: 64.233.161.104

WHOIS results for 64.233.161.104
Generated by www.DNSstuff.com

Location: United States [City: Mountain View, California]

NOTE: More information appears to be available at ZG39-ARIN.

Using 10 day old cached answer (or, you can get fresh results).
Hiding E-mail address (you can get results with the E-mail address).

OrgName: Google Inc.
OrgID: GOGL
Address: 1600 Amphitheatre Parkway
City: Mountain View
StateProv: CA
PostalCode: 94043
Country: US

NetRange: 64.233.160.0 - 64.233.191.255
CIDR: 64.233.160.0/19
NetName: GOOGLE
NetHandle: NET-64-233-160-0-1
Parent: NET-64-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.GOOGLE.COM
NameServer: NS2.GOOGLE.COM
Comment:
RegDate: 2003-08-18
Updated: 2004-03-05

TechHandle: ZG39-ARIN
TechName: Google Inc.
TechPhone: +1-650-318-0200
TechEmail: ************@google.com

OrgTechHandle: ZG39-ARIN
OrgTechName: Google Inc.
OrgTechPhone: +1-650-318-0200
OrgTechEmail: ************@google.com

The scumbags are having Google absorb the cost of the Slashdot effect they are receiving.

Capricious?

[Joseph_Daniel_Zukige]

A letter to his superiors pointing out the legality issues is capricious?

When They Kick In Your Front Door

[iamnotanumber6]

When they kick in your front door,
How you gonna come?
With your hands on your head,
Or on the trigger of your gun?
--The Clash

I used to think of these scenarios in terms of 'in Soviet Russia'... but nowadays, my mental picture of someone getting their front door kicked in is situated usually right in the ol' US of A.

And nevermind terrorism, but in the name of fscking trade secrets and Copyright issues?

Seriously, what are people smoking (or not smoking) there, that you can put up with this?

In the past few years, I've heard so many things that make me afraid for the security of my person in the U.S. - even though my biggest crimes are only copying DVDs I rented so I can watch them later, and downloading software I don't own to test out from bittorrent - that I won't even make connecting flights through the U.S. anymore.

Yes this guy wrote a really stupid letter to his employers. But this justifies a total jackboot search and seizure of all his personal stuff, private letters, diaries, and the like? I would feel so violated.

Mod me troll if you like, but, assuming he is innocent of these fairly obviously fabricated accusations, what happened to him is a crime bordering on assault or rape.

And if this happened to me, and the perpetrators weren't thrown in jail, I'd be out shopping for ammunition^H^H^H^H^H writing my congressman.

I sure think it's time that people started making a REALLY BIG NOISE that accusation of intellectual property infringment brought by a wealthy corporation does not override basic human rights to personal security of the average citizen...

Re:When They Kick In Your Front Door

[Thondermonst]

my feelings exactly. When is the world going to learn that large economic molochs have no ethics so all means are OK to achieve their goal, including lying, abuse and forging evidence. These big companies are probably thinking "Hell, why not? It works for the American governement." Yep, I guess the shit has hit the fan.

Re:When They Kick In Your Front Door

[dnoyeb]

Yea the part i don't like is that the police/fbi dont work for his company. So why would they participate in this? They certainly are not compelled to and should have been able to find many flaws. Why should they be the puppet for some random corporation?

Why do folks do shit like this? If i were a police officer I would scoff at this. Or at least get someone qualified to evaluate.

Re:When They Kick In Your Front Door

[thuh+Freak]

i agree with you generally, man. except this ain't rape or assault. forcing another person to be sexually violated; that is rape. this is a gross injustice.

Re:When They Kick In Your Front Door

[Decker-Mage]

Now you know why I'm looking around the world for a new place to live. Unfortunately, it doesn't look so good anywhere else.

Re:When They Kick In Your Front Door

[Thomas+Shaddack]

For the cops, it's just "another day another raid". The excrement happens in slightly higher levels of hierarchy.

Re:When They Kick In Your Front Door

[Hal_Porter]

Mod me troll if you like, but, assuming he is innocent of these fairly obviously fabricated accusations, what happened to him is a crime bordering on assault or rape.

And if this happened to me, and the perpetrators weren't thrown in jail, I'd be out shopping for ammunition^H^H^H^H^H writing my congressman


Yeah, hope the perpetrators get sent to a federal take-away-wireless-router-and-cable-modem prison.

Re:When They Kick In Your Front Door

[pzampino]

+1 for ignorance; Do you think a cop or even a Judge knows what is typical/acceptable use of ssh and/or CVS?

Re:When They Kick In Your Front Door

I used to think of these scenarios in terms of 'in Soviet Russia'... but nowadays, my mental picture of someone getting their front door kicked in is situated usually right in the ol' US of A.

In Australia about 20 years ago, a group of special police then know as the TRG (Tactical Response Group) accidentally knocked on the next door neighbours door to the person they were actually after.

When the innocent neighbour answered the door, they shot him in the face with a 12 gauge. Amazingly he survived, but with major jaw reconstruction, etc.

what happened to him is a crime bordering on assault or rape.

My opinion on rape, is that there is never an acceptable reason to do it. And therefore, given it's extremely violent nature, is consistently one of the worst crimes a person can commit. As opposed to assault or even murder, which do have extreme cases where it is understandable why someone might explode into those acts.

Please don't degrade the incredible pain people who have been victims of rape have gone through, by comparing this to it.

Re:When They Kick In Your Front Door

>Do you think a cop or even a Judge knows
> what is typical/acceptable use of ssh
> and/or CVS?

If they Don't then they Shouldn't be allowed to sign the warrant!

Re:When They Kick In Your Front Door

[AmericanInKiev]

Yeah - spent seven days in jail for picking up litter - apparently violates a law written in 1885 - mostly by the KKK.

Re:When They Kick In Your Front Door

[bladesjester]

If a judge is unaware of what is typical or acceptable use, they should not be allowed to rule on it or issue a warrant concerning it until they *do* know.

Any judge who does issue a warrant or pass sentance without knowledge of what is typical or acceptable (assuming that the judge, and not a jury, makes the ruling) should loose his or her job on the spot, be disbarred, and subject to prosecution him/herself.

If you think that sounds harsh, think about the boneheaded and, frankly, illegal rulings which have been made concerning computers and "computer crime".

There is no shame in saying "I don't know *yet*." However, "authority figures" tend to loathe saying that they don't know everything.

Redirects to Google.

[Joseph_Daniel_Zukige]

Yep.

http://www.healthmarketscience.com/company/jobs/de veloper.html

That link redirects to Google now, too.

I wonder why?

Re:Redirects to Google.

[rpresser]

Link is working fine now. Maybe they just took their whole site offline to survive the slashdotting.

Re:Have you been charged with a crime?

[dbIII]

Real smart, when charged with a crime flee to countries the US has extradition treaties with.

Australia is currently trying to get a guy from the USA to come back and be tried for murder - but the best the government can do is ask him nicely or to try to destroy his reputation in the hope he'll face charges to clear his name, they'll never get the US legal system to hand him over. It's funny how copying software in Australia is enough to get you extradited TO the USA, but murder isn't enough for the other direction - extradition appears to be complicated so even going somewhere with a treaty may not be a stupid thing.

Running probably is a stupid thing since it will be taken as an admission of guilt.

Can anybody get the employer's site?

[Joseph_Daniel_Zukige]

I've tried from the links here, I searched from Google. Everything redirects to Google at this point in time.

You know, I can think of better was to fend off a slashdotting.

robots.txt

[An+Ominous+Cow+Aired]

I tried to get the page with archive.org... http://web.archive.org/web/*/http://www.healthmark etscience.com/customers/customers.html: Look at this!!!!

"Robots.txt Query Exclusion.

We're sorry, access to http://www.healthmarketscience.com/customers/custo mers.html has been blocked by the site owner via robots.txt"

If you read http://geeksunite.net/outrage.pdf, his letter to the company, robots.txt is NOT used by their software. It IS on their site, so yes, they know about it.

That was inexperience on your part

[blang]

This company is still more or less a startup.

By necessity startups will have to hoodwink quite a few people. They need to exaggerate their business plan to get money from VCs. They need to market products before thay have the time and money to write them. It doesn't matter, because the featues will be whatever he first cstomer decides on.

If they interview, it might be because they are close to landing a customer. If the deal falls through (it usually does) , they might string you along for the next potential customer.

Of course, they won't tell you such things in an interview. "We'll hire you, if we get a customer".
Nobody would sign on to that.

When interviewing with these kind of companies. you must ask about their revenue, funding, burn rate, customers etc. If they try to BS you about that sort of thing, just move on.

Offtopic: Wandering Pumpkin

[Sique]

The system with the pumpkin is quite old. In Berlin (built between 1895 and 1899) there was a tunnel for a streetcar crossing the Spree river between the Stralau peninsula and Treptow park. It was a single track tunnel, so they needed a foolproof signal system to avoid crashes in the tunnel.

Thus they got a wooden stick. Only the streetcar with the wooden stick aboard was allowed to enter the tunnel. At the other end the wooden stick was put somewhere for the next streetcar to pick it up.

Re:Offtopic: Wandering Pumpkin

A normal system on railways all over the world.

Re:Offtopic: Wandering Pumpkin

They have had something similar on almost every single track railway in the world. Visit your local steam railway museum for more information.

Re:Offtopic: Wandering Pumpkin

[Sique]

In Germany they use semaphores, not tokens ;)

Re:Courts do nothing to stop unethical co. behavio

[gartogg]

"The courts have it in their best interest to make sure lawsuits keep happening and go on for extended periods of time. It's job security for them, and they just don't care that it's a drain on the rest of society."

Are you joking, or simply stupid enough to think no one will call you on this?

Courts, as in judges, have positions that pay them regardless of how many hours a case takes; Lawyers get paid by the hour, but the judge has no vested interest either way; he has job security whether he spends more time on the case or none at all.

In fact, the only judge I had the experience opf meeting in relation to their work, when the case came up, simply said, to paraphrase; "Why don't we just sit down for a couple minutes, discuss this, and see if everyone can't just go hame." The discussion took 5 minutes, there was an apology, a suspended sentence and parole, and everyone left in less than half an hour. Maybe, just maybe, the "runaround" you got was the cause of, not the courts, but the employer, the other litigant in this case, who, for some strange reason, was given a right to defend itself.

Of course, normally in these situations, a criminal trial, run by the government against a company, is the way to deal with companies that deal with large numbers of employees in blatantly illegal ways. The civil suits that follow are also made simpler by the precedent set thereby.

Health Market Science offline

HMS's website is apparently offline. It shows only the Apache Test Page. But they're still open source friendly. They've thoughtfully place the Apache Documentation online.

HMS does what?

[ShawnDoc]

Can anyone tell me what they do? I visited their web page (via google cache since the site is down), and can't figure out why or what they were harvesting.

It's amazing..

[hyfe]

It's amazing how stories like this crop up so often in the US, and how no-one seems to draw what seems (for me atleast) to be the evident conclusion.

The company gets away with this behaviour because it's damn more powerfull than it's (ex)-employees. However, a company is nothing without its employees. Any sort of collective defence against this sort of behaviour is going to hurt the company like hell. I mean, ever heard of actually sticking up for eachother?

If you're too afraid of unions etc, just call it something else. Bottom line is that it's in the other workers self-interest to insure nothing like this happens ever again.

Individualism is all fine and all, but it kinda breaks down when a much larger individual comes along wanting to use you as a doormat.

Website removed, mail still live.

Looks like they removed their web server from the line of fire.

N:\>nslookup www.hmsonline.com
Non-authoritative answer:
Name: mosquito.hmsonline.com
Address: 127.0.0.1
Aliases: www.hmsonline.com

Mail is still there though, if you have an address for them.
N:\>nslookup mail.hmsonline.com
Non-authoritative answer:
Name: llama.hmsonline.com
Address: 67.132.206.13
Aliases: mail.hmsonline.com

Looks like they got twitchy with the FTP service as well.
N:\>nslookup ftp.hmsonline.com
Non-authoritative answer:
Name: packrat.hmsonline.com
Address: 127.0.0.1
Aliases: ftp.hmsonline.com

Outsourcing is usually corporate corruption.

[Futurepower(R)]

Additional comment:

Note that outsourcing is the same kind of corruption as is thoroughly discussed in the book about corporate corruption mentioned above. Programmers in India can produce good work, that's not the issue.

The issue is that the corrupt corporate manager wants to put a distance between himself and managing programming. Managing programming is time-consuming and requires serious concern and considerable technical knowledge and teamwork. If the programming department remains inside the company, the corrupt manager will be responsible. If the programming is outsourced, a level of deniability is introduced.

That extra level of bureaucracy and distance has four results:

1. Any serious project will be at least a partial failure, because no project plan defines everything. In serious progamming projects, there is a need for additional research and creative decision-making every few hours, and usually much more frequently.
2. The corrupt manager can avoid responsibility, and can easily find a job at a new company by the time the low quality of the software becomes generally known.
3. The contracting company has assured that they will have an Indian competitor (if the outsourcing is to India), because the outsourcing defines for another company what is needed for that particular application.
4. The Indian company can be blamed.

Re:Outsourcing is usually corporate corruption.

[ghjm]

What you're describing may be laziness or incompetence, but how is it corruption? Where's the conflict of interest?

HMS isn't exactly a model company(ie SCO)

From my understanding of HMS, it is one of the worst abusers of various laws(animal cruelty comes to mind, plenty of footage to back that up). I am not terribly suprised that an employee got screwed over by an unscrupulous company with an overactive legal department.

If a SCO employee got sued in a similar manner, nobody would be suprised. Around the PA area, some of us have a similar distain for HMS. Other companies in the same field think that HMS makes them look bad due to their unethical behavior. Outside companies(ISPs, clients, etc) tend to agree and regularally break off business relations with them as a direct result.

I know that we all have to make a living, and I am saddened that a prominent and intelligent member of our community worked for them. Nobody deserves such treatment, but when you lay down with dogs... you should know if they have fleas.

Re:HMS isn't exactly a model company(ie SCO)

[CynicalGuy]

Thats got to be the most retarded thing I've ever heard. The ACLU doesn't get involved in cases like this.

Health Market Science - Name of a shady biz

Health Market Science

Come on.. Really. I didn't need this story to tell that firm with such name needs some shady ways to get $$$. It sounds just like every other shady (spam) biz by the name alone.

What a load of crap...

If you are pro-'the company' you write.

Dear Boss,

Some of the stuff we're doing might get us into trouble. I've got some work arounds. We should talk.

otherwise you shouldn't be working there in the first place...

Mirror of site if /.ed

[Leffe]

Test Page for Apache Installation

If you can see this, it means that the installation of the Apache web server software on this system was successful. You may now add content to this directory and replace this page.

Seeing this instead of the website you expected?

This page is here because the site administrator has changed the configuration of this web server. Please contact the person responsible for maintaining this server with questions. The Apache Software Foundation, which wrote the web server software this site administrator is using, has nothing to do with maintaining this site and cannot help resolve configuration issues.

The Apache documentation has been included with this distribution.

You are free to use the image below on an Apache-powered web server. Thanks for using Apache!

Re:SLAPP BACK

[mikelieman]

And everyone is trained that they, themselves cannot JUST FILE YOUR OWN DAMN CRIMINAL COMPLAINTS.

Sometime the court clerks don't KNOW that they're supposed to accept your filing. But a quick letter to the supervising judge's office usually gets a letter back saying "Your filing will be accepted".

Y'all can trace code out. Think of Criminal Procedure Law as just another set of shitty documentation, and you'll soon get the idea.

Remember, how hard can it be if LAWYERS do it???

Cops in king of prussia

The cops in king of prussia have a huge hard-on for busting "computer hackers". They'll come take (digital) pictures of your log files, cuz theyre teh leet.

Re:Spammer gets a moral wake up call

[Bloater]

> You are one stupid idiot.

The post you replied to was modded down, so it went under my radar. It didn't appear to me that you were making that particular point, if it did I would not have made my post.

But one thing I am not is an idiot. If you can't cope with replies like that, quote the post you are replying to.

In reality, all court business was degraded.

[Futurepower(R)]

Since it may not be obvious to those who are reading fast, the quote above, "The crippling loss of nearly one-third of their staff have left our courts unable to hear criminal cases such as car theft, shoplifting, prostitution, fraud and identity theft" contains an (obvious) lie. The courts represented that losing one-third of their staff caused them not to be able to handle the "less-important" cases. In reality, all court business was degraded, and court employees at all levels, including the Oregon Supreme Court, often complained of not being able to do a sufficient job.

Here is a better link to the book about corporate corruption, Other People's Money. At Powell's: Other People's Money.

Re:Spammer gets a moral wake up call

[GooberToo]

Once again the mods prove how worthlessly stupid they are. Too bad simple reading and comprehension skills are not required to obtain mod points.

He should have just quit...

[helix_r]

Instead of launching a hot letter, he should have simply quit. In the real world, any type of litigation is a frustrating and expensive nightmare. Now he has to hold out a jar and collect money to save his ass.

The other moral of the story... don't work for smarmy companies and expect to them to get ethical. "Health Market Science??" What the hell is that?

Re:Spammer gets a moral wake up call

[GooberToo]

What a worthless, idiot, mod! That post was nothing near flaimbait! Yet, once again, the mods let the world know how stupid they can be.

Com eon mods, pull your heads from your tail pipes and mod they way you're supposed to mod... Stop moding emetionally! Do your dang job properly already!

Mod Parent Up

[danknight]

Sigh, wish I had mod points,

Government revenue?

[Gruneun]

Well, his letter mentions that several state government computers were illegally accessed and used as proxies. I would think one could easily argue the company did receive revenue from the government, however indirectly or illegitimately that may have been.

Re:Government revenue?

[jbolden]

That's not going to be enough. Every company gets some money from the governmet. The question is whether their revenue is primarily from the government in the sense that one could almost consider their employees to be public agents. No way is that the case here.

Re:Spammer gets a moral wake up call

[Cylix]

Where does this come from?

Those are certainly the accussations at hand.

another level of indirection

can solve anything in computer science. dont you remember?

jaded

cynical

If he had proof?

[tjstork]

Surely he could have put that proof in multiple places on the open internet. Rather than going in guns a blazing demanding a confrontation with the CEO, he could have stashed his proof everywhere, notified the FBI, and been anonymous about the whole thing. He could have certainly contacted DA's in states like such as New York. Trying to be a solo cowboy against a big corporation is stupid.

I empathise with his position. If the cops came and took all of my computer stuff, and left me with 40k of legal bills, and my employer was trying to destroy me, I would be tempted to a violent response. After all, logic dictates that if your employer is that evil and your life is ruined, maybe the best thing to do is to take one for the team so that the evil is at least checked.

And here's the posting that got Chip hired in 2003

[rpresser]

http://groups-beta.google.com/group/perl.jobs/msg/ 3a7db16ee21b460a?hl=en

Mod parent up

[Hal_Porter]

Only on slashdot would this get modded down. You're right, he expected that he could send a letter to the CEO and they would see the error of their ways. Unfortunately, he also mentioned that he had


I have also confirmed that the Harvester source code - which I, as a Senior Programmer, am authorized to access - includes Java code which collects lists of such vulnerable computers, called "open proxies," from web sites that maintain lists of them. I have also found the Java code which uses such proxies, without the permission of their owners, to connect to the sites that HMS harvests. The offending source code was written by Rob DiMarco, Tim McCune, and Jason Franklin. ...
Therefore, I cannot proceed with my current project, which has as its primary purpose facilitating the loading of harvested data into the Data Pump. And in order to protect myself from the repercussions of HMS's illegal and immoral activities, I am carefully considering my legal options, including notifying the appropriate authorities.


I.e, I may tell the police that you are breaking the law, and the proof will be the copy of the code I have.

Now if you're an unprincipled scum bag, do you back down and stop your illegal money making scheme and hope that Chip doesn't go to the police, or do you zap him with legal action? That's right,legal action

Note, I'm not saying it's right, just that Chip should have expected this sort of thing. Why the hell did he work with these people anyway, I'd have been more concerned that they would stiff me on my last invoice than that someone may manage to sue them in future, or tarnish my reputation.

They freaking BOAST About web harvesting

[rpresser]

http://www.healthmarketscience.com/company/press/e dison.html

About Health Market Science

Established in 1999, Health Market Science (HMS) is a privately held growth technology and information services company that provides innovative sales and marketing business intelligence solutions to the healthcare and pharmaceutical markets. Utilizing proprietary matching and data consolidation software with integrated web harvesting technologies, HMS scientifically manufactures the most comprehensive and upto- date census of U.S. healthcare providers. HMS healthcare solutions span licensing of databases, building custom data sets, and providing flexible data integration and validation services.

Re:Spammer gets a moral wake up call

[Marc2k]

While I agree with you that sliding-scale morals are pretty messed up, the fact of the matter is that simply put, Chip Salzenberg is not a spammer; the grandparent must have seen "open proxy" and assumed immediately that he was using it for spoofing/spamming.

Re:Spammer gets a moral wake up call

[Bloater]

I was referring to google and yahoo, didn't quote properly, sorry.

Check out HMS's corporate registration info

http://malfeasance.50megs.com/

IANAL But Even I Know...

IANAL but even I know that what Chip did was pretty darn stupid! You don't send a threatening letter to your employer because you are frustrated with red tape and a fraudulent management! That's like walking into Tony Soprano's office and telling him you are going to the Feds! It's really really really stupid... He's lucky they didn't fly him to Vegas for a 'business' trip and bury him in the desert!

If you ever find yourself in such a moral dilemma you should just quit and walk away. From his own account, he was aware of the companies 'issues' shortly after being hired. He should have quit right away.

Granted, it's not as simple as all that. Chip may have a wife and kids to provide for and the job was probably paying rather well. He didn't want to go back into the job market and lose his high salary as the pay scale has dropped a bit. He was caught in a true paradox.

Chips moral and ethical standards forced him to pursue this course of action; but he should have contacted an attorney to approve the letter he wrote and if his memo was ignored be prepared to leave the company and pursue legal action.

One can talk about 'whistle blower' laws all you want. Fact is, people are held accountable for their actions. You have freedom of speech in this country but that doesn't shield you from repercussions. Remember, Martin Luther King and Malcolm X both spoke out and they both experienced retribution and martyrdom.

Don't be a martyr unless you are sure of your salvation. Was it worth it to take on HMS over an ethical matter that did not involve life or death but merely an irritation to webmasters? Was it worth it to violate one's own ethical standards to be employed by such a company?

No offense intended Chip, this is in response to the Slashdot crowd running to your defense (which I support). I just think you could have avoided all this trouble had you stopped yourself from sending that memo in a heated moment.

High pay for poor performance

[Futurepower(R)]

The executive gets high pay for poor performance. He or she escapes responsibility for the poor performance, because it is arranged that the poor performance won't be noticed until the executive has had a chance to get a job elsewhere.

Americans know little about U.S. Gov. activities.

[Futurepower(R)]

Slashdot comments have made me aware of how little Americans know about the activities of their own government. Yet surprisingly those with little awareness often have extremely strong and angry opinions.

Michael Moore's information about the involvement of Saudis with the Bush family came from this book:

The Iron Triangle: Inside the secret world of The Carlyle Group by Dan Briody, Wiley, 2003, Hoboken, New Jersey, USA. Reviews: Powell's Barnes & Noble Amazon

With what don't you agree concerning this book? Do you doubt that both the rich Saudis and the Bush family have investments in oil and weapons companies? Michael Moore's movie showed network footage of George W. Bush and a Saudi holding hands. Do you doubt that Bush holds hands with Saudis? Then read these articles from The Christian Science Monitor and CBS News. The Bush family calls one of the Saudis "Bandar Bush", and believes that he is their friend; that's completely untrue of course. Fifteen of the 18 attackers of the 9/11 bombings were Saudis, and some rich Saudis have supported al Qaeda.

Unocal, and many other oil companies, want to build a pipeline across Afghanistan, because that is the shortest route from rich oil fields to Pakistan and the ocean, with the exception of through unsafe Iran. Do you doubt this?

Notice: The links to the book are tied to my accounts with the booksellers. If you buy the book and don't want me to have a commission, do a search for the book to get a link that is not connected with me. After a year, I have made exactly $0.00 from these arrangements. I spent months reading the books and writing short reviews of them for my article Unprecedented Corruption: A guide to conflict of interest in the U.S. government.

Re:Spammer gets a moral wake up call

[GooberToo]

Wow! The mods have proved that they are absolute idiots! My post was topical and exact. Offtopic?! How stupid are these moderators these day?!?!

What morons!

Better yet

[Our+Man+In+Redmond]

Have the lawyer send the letter for you. I'm sure he was trying to work within the structure of the company; in hindsight, that seems to have been a mistake, but hindsight is both very accurate and almost completely useless.

Sigh. What the hell was he thinking?

[Safety+Cap]

1. Uncover evidence that your employer is doing something illegal, or---at least---morally questionable.
2. Tell your employer that you have evidence that they've been doing something naughty, and threaten to go to the cops.
3. ???
4. Profit!

Uh, no - the real answer is your employer strikes first and strikes hard, kicking your arse all over the block.

C'mon people, it is not that hard. You have two choices:

1. Resign and go find other work, never breathing a word to any other soul, or
2. Call your lawyer and find out what your options are.

Remember, that in either case, you will need to find another job, and you can never use the current one as a reference. Ever. Also, don't expect to continue to be employed at that place.

Friggin n00b.

I think I've had a tangential run in with them...

[Mabonus]

I once had an on-campus proxy, so I could use our online campus directory. Worked like a charm for me, but when I checked out the logs I found a company going through hundreds of PDFs and things via the proxy. I emailed them with a longer form of "wtf?", and when I didn't hear back I just shut it down. From what I recall, it was a pretty legit, slick looking company too, so I was a tad curious what they were doing. Guess I know now eh?

Moral is, don't work for corrupt employers

Someone of Chip's calibre certainly didn't need to remain there with those morons, even if they were paying him a fortune in salary.

It's just not worth the hassle, no matter how convenient it may appear.

The system works amazingly well

[AlphaSys]

our legal system does not work.

No, this is not looking at the big picture. The system works amazingly well. The problem is that the system has been repurposed and now performs a function nearly diametrically-opposed to its previous role. Point of origin: the day corporations were provided equal protection [as compared to individuals] under the law. Human beings have god-given rights... all theist systems generally accept this and even the atheist systems tend still to value the right of the individual person. But coporations are not persons and they are most certainly not citizens. At once the bad guys use the facade of a corporation to:

• Garner protection under the law which individuals do not easily obtain
• Abstract their own personal responsibility and liability

just hide a laptop

[steve_l]

My home music/cvs server is a laptop, which can live anywhere. It is currently hidden up my attic, not through fear of the police, but through the fear that anyone who broke in to my house would steal a laptop without knowing that a 1999 PII unit is effectively worthless.

If I were worried about data-on-site, I could leave the laptop with my neighbours, in coverage of the WLAN. As far as the net is concerned, it is in my house, but as far as warrants go, well, it would be harder.

Serious question for the author.

[gatkinso]

In the very best case scenario: what were you expecting to happen?

Could it be that you're a furry?

I wouldn't hire a furry. Why should they?

F*ck-up frog; Sombrero of Shame

[Old+Man+Kensey]

A couple years ago at one company I worked at, we had a theme Cinco de Mayo party, complete with cheap straw sombreros with bands of various colors. After the party, one was left over with a hot-pink band. Later that afternoon somebody committed an egregious screwup and I said "You get the Sombrero of Shame". I got the pink-banded sombrero and hung it in his cube.

After that it became tradition that if you committed a really stupid blunder, you had to go claim the sombrero of shame. (It was considered more honorable to claim it oneself than to have it thrust upon you by acclamation at the weekly status meeting.)

A little back story

Just a little bit of back story that any of you still following this thread may find interesting. Chip referred his "friend" Lisa to HMS for an open position about a year ago. Only after she was hired did he reveal to the company that they were living together. That's her in the picture on his web site, and her kids (not his). After a few months, she was fired for incompetence. As a favor to Chip, the official explanation was that her position had been eliminated. So Chip already had an axe to grind with HMS over that situation. As time went on, it became increasingly clear to Chip that his role at HMS was being marginalized because all new development was being done in Java, with Perl and Chip relegated to maintenance of existing apps. Chip knew about the web harvesting going on at HMS for many years before his letter. Funny how a person's morals can change so conveniently. Chip is bascially a nice, (book) smart guy. But he lacks a lot of common sense and has a real hard time interacting with most people and the real world, which has led him into this sad, desperate situation.

Re:Americans know little about U.S. Gov. activitie

[Hal_Porter]

With what don't you agree concerning this book? Do you doubt that both the rich Saudis and the Bush family have investments in oil and weapons companies? Michael Moore's movie showed network footage of George W. Bush and a Saudi holding hands. Do you doubt that Bush holds hands with Saudis? Then read these articles from The Christian Science Monitor and CBS News. The Bush family calls one of the Saudis "Bandar Bush", and believes that he is their friend; that's completely untrue of course. Fifteen of the 18 attackers of the 9/11 bombings were Saudis, and some rich Saudis have supported al Qaeda.


They also supported the Taliban (along with the Pakistani SIS), and kicked the Americans out of Saudi Arabia before the Iraq invasion. They obviously shared an enemy in Saddam, and a common interest in the oil business, but it was always one of those pacts with the devil since they were also supporting fundamentalism all over the world. Which is now pretty much over, hopefully.


Unocal, and many other oil companies, want to build a pipeline across Afghanistan, because that is the shortest route from rich oil fields to Pakistan and the ocean, with the exception of through unsafe Iran. Do you doubt this?


No, but so what. Getting capitalism running properly in Afghanistan and Iraq is something that needs to be done. The fact that American companies get contracts isn't evidence of corruption.

I'm not saying that there isn't corruption inside the US - the relationship between Cheney and Haliburton is definitely too close for my tastes, but I haven't seen evidence that anything unethical has occured. And if Cheney's smart, he'll be careful - evidence of corruption would destroy him both politically and financially since the two are so tangled.

Re:Have you been charged with a crime?

Why the Troll moderations?

Some Slashdot mods former prison rapists or something?

Defense Fund

[charles-m]

There is reasonable solution to these problems, and that is to organize a national software contactors union. The union would help structure contracts and help providing bonding and indemification for its workers.

THESE ARE THE PEOPLE TO CONTACT

[drDugan]

DAVID S. LIPSON

Carl Witonsky
St. Paul Venture Capital

Stuart Samuels

John Martinson
Edison Venture Fund, Managing Partner

and ... possibly a few more -- dig and call.

I'll leave it to the rest of us geeks out there to figure out why and how. These are the ones who stand to lose from stupid management decisions.

U.S. taxpayers pay for pipeline security.

[Futurepower(R)]

"No, but so what."

Since the 40s, and maybe before, but it really got started intensely in the 1940s, the British and U.S. governments have accepted the idea that they can act in secret, break laws, and kill people in order to protect the profits of companies doing business in foreign countries. This has caused enormous corruption, because many, many companies want such secret action. The original idea was to protect the profits, but now the idea has become to act in secret to increase the profits.

The issue in Afghanistan is that, to put in a pipeline, there must be security. But Afghanistan is an insecure place, partly because the USSR and the U.S. government's secret CIA fought each other there for years. So, the pipeline would not be profitable because the security would cost too much.

However, if the U.S. government could be persuaded to tell the American people that they need to support a lot of killing there, the pipeline would become "profitable". Not profitable, but "profitable". Profitable is when the expenses are less than the income. "Profitable" is when U.S. and British taxpayers can be convinced to give free money to the project, so that the oil companies don't have to pay all the costs of the project.

Re:A little back story-let's mix lies up w/ truth

[Geekgirl2005]

Let's mix the truth with the untruth.
1. The fact is no, Lisa Perdichizzi was NOT terminated for incompetance. There is tons of proof for this that will eventually come to light. Brosso gave credit of her work to the young marketing director, This proof is in very tangible form, email and witness testimony.
2. Lisa had got a nice new job with a very nice company and was making twice as much $$ as HMS...her contract was even renewed with this company. So why would Chip or Lisa care about her position at HMS?
3. HMS is a perl company. The major applications run on perl and they are continuing to hire perl programmers.
4. Web harvesting was definitely happening at the company for years. Just not the way Chip thougt. He found out just before the uproar that the methods weren't what he had expected. Again there is proof of this.
5. I think the Anonymous Coward that wrote this posting needs to put his name up there because it sounds like the same story Brosso told Lisa's new employer, after she had been on the job for 4 months.

Watch the court documents...

Re:A little back story-one other thing

[Geekgirl2005]

Oh and one other thing... Thank you all for all your help! Don't let this guy spread lies! Everything think I've said can be verified with hard evidence..and more...

I went to Capsicum and took an inventory of everything, down to what was imaged and what wasn't. It better all still be there too. It was surreal seeing all my equipment and the children's equipment sitting in a giant conference room.

Yes, most of the inventory is on the search warrant is mine. The kids have been without their computers for months. They are now scared when they see strangers in the house because it reminds them of the police raid.

regards, Lisa Perdichizzi

Chip did NOT steal Trade Secrets

[Geekgirl2005]

This is just too early in the morning...the last point I forgot to address.

Chip does not hold grudges against anybody. Not against HMS, not Brosso. Not anyone. It's not in his character. He is sooo honest he gets himself into trouble...as we can see. He would easily help somebody to his own detriment.

Chip did NOT take "trade secrets" from HMS. Again this is not possible...it's just not in his character.

When the cowards give back the evidence they took from us we'll all have a look see.

Thanks for all your creative help and your financial support! We appreciate it and will continue to fight.

Lisa

Why didn't the cops pursue the criminal thing?

[Geekgirl2005]

If there was truly theft of trade secrets why didn't the DA prosecute the case? Why did the DA announce that he was releasing the computers back to Salzenberg?

Why cant they copy onsight?

Can't the FBI and other enforcement agencies build the equipment and expertise in order to make copies of everything instead of taking everything? I sure there are cases where leaving the data with the "offender" is dangerious and so you *must* take everything. But certainly there are many cases, such as this, where the evidence given for the search warrent doesn't justify taking everything but instead just getting a copy of all data.

I would think it is not dificult to make a byte level copy of all disks, make note of the types of computers, network cards, video cards, so that when they take the disks somewhere if they *must* boot to the original system they can do so with little effort. Even still, in most cases they will not want to do this and only want access to the data from the disk itself, without the OS env. So, jesus, when will they grow up and learn how to do this stuff so that the people they raid can continue to work after they've left.

Chip got a new job *before* he left HMS

See here. Basically, before this all started, Chip got tabbed to be lead Perl 6 developer, and got a paying job to do it. He then decides to burn his bridges at HMS by writing a big F-U letter on his way out the door. If he wanted to leave, he just should have said so and not brought this down on himself by provoking a necessary response from the company.

Re:Question: what are open proxies and web harvest

A proxy is a webserver which allows you to forward requests for webpages through it. There are many benifits to this. For instance, if you cache the content returned than future requests for the same content will not require use of bandwidth. this is often used in companies and universities for the exact purpose.

Proxies can also be used to hide the source of the request. In the university example a request for slashdot.org will appear to come from the university proxy, not the computer of the student requesting the site itself. So, proxies can be used to hide the source computer.

by "Open proxy" I beleive they mean a proxy which is setup on the internet but not restricted. In the university example the university would likely restrict the use of the proxy to only students on the campus. "Open proxy" I take to mean a proxy without restrictions. More often than not companies and even universities setup proxies without realizing the are open. But there are also "open proxies" that are setup intentionally, expecting people to use them.

For this reason I disagree where Chip claims the company was "hijacking" computers. Perhaps what they are doing is somewhat shady, but not as bad as hijacking, imo.

Re:Spammer gets a moral wake up call

[Frodo+Crockett]

Is that you, Merton?

Re:Spammer gets a moral wake up call

[GooberToo]

Once again we find a retard has a web browser and some moderation points. How fucking domb have the moderators become? Don't answer that, we all already know.

Fucking idiots.

Time for Tort Reform

Summary of actions: company is run by people who have no problem violating the law to achieve their goals. Suddenly they discover that one of their employees is more ethical than they and may thwart their aims. Unsurprisingly, they take unethical and illegal action to discredit and immobilize him.

Folks, in the USA, there is no such thing as equal protection under the law. If someone with enough money decides they want to screw you, they can use the law to do it. Your only recourse is to not come to their attention in the first place.

"Oh but you can defend yourself with this-and-such constitutional protection..." Yes, and it will only cost you everything you own and then some to do it.

One of the things that's wrong here is that when you do successfully defend yourself against a legal action, you don't get your legal fees back. You should be able to recover those from the other side. That's what the system is in Canada and the United Kingdom. Whenever tort reformers suggest change, apologists for the current system whine about how it would make it harder for little people to sue Big Nasty Companies (BNCs) because they couldn't afford to lose. Let's see... out of Canada, the UK, and the USA, which one most comes to mind when thinking about BNCs abusing their power? And how about cases like McDonalds getting their butt handed them on a plate when they tried legal intimidation of protestors in the UK? Study that case and see if you think it could happen that way in the Land of the (cough) Free.

Losers should pay winners' court costs; it's only fair, and the alternative is cases like Chip and numerous others.

Capsicum

Something is just wrong with the police giving the only thing he can use to defend himself with to a forensics group that doesn't even look quite qualified to me - not to mention is PAID by the accusers.

If there is a criminal investigation, surely all the 'evidence' will be thrown out or easily disputed.

I gave what I could to his defense fund. IF everyone would just give a little bit, he might have a fighting chance.

Re:A little back story-let's mix lies up w/ truth

[funkwater]

funkwater loves it when people post discussing themselves in the thrid person, and then later admit to being themselves. It shows funkwater what kind of dishonest person they are in the first place.