Slashdot Mirror
Randal Schwartz's Charges Expunged
After 13 years, Randal Schwartz has had his conviction expunged. In effect, legally it never happened.
If you haven't heard about this one before, my take is that as a contractor at Intel, Randal did some over-zealous white-hat cracking free-of-charge; this embarrassed some people in management (he pointed out that their passwords were terrible) and management then chose to embarrass themselves further by having him convicted of a felony under an 'anti-hacking' law. More info can be had from the Friends of Randal Schwartz.
Congratulations to Randal - it's nice to actually read a good news story with regards to the legal system.
BlackNova Traders
Congratulations Randall, its great news to hear that the legal system actually works once in a while.
--
Cheers Gene
"I've started the process of removing "I'm a felon" from my natural vocabulary"
Ouch....that's no fun. I wonder how much was paid in legal fees for nothing to happen. Over 13 years, that's sure to be a lot.
This sig is neither interesting, nor humorous. Including meta-humor.
The terrible thing about character assassination is that the event never had to happen. All you have to do is start a rumor about travel expenses and the victim is as good as blacklisted at big dumb companies where lip service is given to leadership but obedience and conformity are valued above all else.
Friends don't help friends install M$ junk.
Except that it did.
And all the effects can never be erased.
For example any "lists" he's been added to over the last 13 years will not be updated to reflect his new 'never was a criminal' status. Be it terrorist watch lists, no fly lists, FBI persons of interest list, or whatever else, not to mention his prints will remain in the system, etc, etc.
The former CEO of aforementioned computer company actually wrote a business book with the word "paranoid" in its title. A bad match for top shelf Perl hackers, who are some of the quickest, wittiest, and down-to-earth people in our business.
Congratulations Mr. Schwartz.
I vaguely remember the details of this from a while back. I am glad this whole incident is behind him. And to everyone that thinks he's guilty and continues to cast stones. Aren't there are bigger problems in the world to get worked up about? The justice system isn't always just or fair, and it's not always to be trusted. People make mistakes (although in this case I am not sure a mistake was made on Randal's part).
Regardless, sorry about the problems you had to endure and good luck in the future Mr. Schwartz.
Oh yeah, and thanks for Perl.
...did he get his $68,000 back from Intel?
The best way to pass out embarassing information is anonymously. Burn some CD's with the info and leave them around randomly, in places untraceable to you.
Don't touch the CD's with your fingers.
Destroy the CD burner when you're done.
Buy the CD burner secondhand at a garage sale. Pay cash.
Steal the CDs from a college student.
Don't leave the CD in a place where there's a camera.
What else. Help me out here.
Rely on someone else to find the data and spread it around. No need to get yourself into trouble. Have some Common Sense. Do you know what I am speaking of?
Fascism trolls keeping me up every night. When I starts a preachin', he HITS ME WITH HIS REICH!
In other news:
Paleotechnologist and connoisseur of pretty shiny things.
Read:
Ralph Nader, No Contest: Corporate Lawyers and the Perversion of Justice in America
and Randall still can't get a clearance without being upfront about it.
... Good on ya, Randall!
Basically it means he can tell a police officer he's never been arrested and doesn't need to disclose it on a non-clearance employment application or any "low grade" background check like rentin an apartment.
With that out of the way, Randal has helped me out on comp.lang.perl (right before it went moderated) so
In the future, I would want to not be isolated from my friends in the Space Station.
Expungement is the sealing of a criminal record so it is not publicly available. The consequence might be that you can deny you have a criminal record, but it is quite different from a pardon, which is forgiveness of a crime and the penalty associated with it.
don't cut it off www.mgmbill.org
The independent contractor shall...
The in-house employee shall...
May not seem a good use of time, unless you consider the value of staying out of the criminal legal system.
Luke, help me take this mask off
A. The Federal Bureau of Investigation, and
B. The Oregon State Police, and
C. The Oregon State Corrections Division, and
D. The Arresting Agency, Portland Police Bureau. So the FBI can't use it against him. The PDF file is a copy of the expungement order from the court.
This charming example of Perl programming appeared in the first two editions of Schwartz's book "Learning Perl", published by O'Reilly. It serves as an introduction to Mr. Schwartz as well. I kinda wished they'd left it as an appendix to the book, which is now in its fourth edition.
I'm really tired of the failing justice system...
So when is he getting the 13 years he wasted on legal battles back?
I just read 1984. Yeah, I know it's a little late in life for some old bugger to read it, but gimme a break, I come from a country where everything but the kitchen sink is either overtly censored, or made otherwise inaccessible, ok?!
The "Never Happened" part reminds me of the black hole and the spinsters in the ministry. Just because some paper is being produced to say it never happened, it's as if there is an attempt to modify reality and remove the entire event from reality. I mean, come on, all that wasted time, money, emotional stress, and it's consequences... it all just "didn't happen"?!
This isn't an example of a justice system that works, it's an example of how the whole system is corrupt and has made ridicule of the lives of the people it damages and destroys.
Like, sometimes I wonder, I left a 3rd world country constantly submerged in violence and caught on the verge of a war, always under a strict and corrupt regime... to come here, immigrate to America, among the 1st world... what is going on here? Is this not also the same thing in a different guise?
Well, I just wonder sometimes, you know...
Randal Schwartz is also locally known at the Hillsboro (Portland, OR) Intel campus as "Sparky". See, Intel Hillsboro is right across the street from a local airport, mostly used by enthusiast fliers. Randy decided to land his plane one time without extending his landing gear!!!
Whatever happened to Chip Salzenberg? He seems to have pretty much vanished since mid-2006.
Done with slashdot, done with nerds, getting a life.
#!/usr/local/bin/perl -w
no strict; local $laws;
join qw(we wish Randal well);
__END__
Zen tips: Pay attention. Don't take it personally. Believe nothing.
The slashdot crowd has a short memory.. This is not a simple issue of "embarassing the management", as the summary states. In fact, in all the original writeups, I don't remember ever hearing executive passwords being an issue. The issues were egregious violations of corporate security policy, and basic logic:
- His position at Intel was not involved in security, intrusion detection, or other areas that might actually call for "white hat hacking" as part of the job function. He was a contractor, not an Intel employee, which I'm sure made Intel even more concerned about his security violations.
- He had installed backdoors on Intel machines, which allowed him to access the Intel network from outside the company.
- He took passwd files and ran cracking tools against them to break other users passwords.
- Not only was he cracking password files from Intel organizations, he was using Intel systems to crack password files from other companies, including O'Reilly and Associates.
See this writeup for information from the person involved in shutting him down.
Whether this was "white hat" hacking could be debated. In any case, it was fucking stupid. Bypassing network security for an inbound back door?!? Cracking password files from other companies on Intel computers?!? These are just stupid moves, which anyone should expect to get fired for doing.
That's nice in theory, but I'm not sure it works that way in practice. I've heard anecdotal accounts that these records, in practice, live on in effective perpetuity.
That's great. Coincidentally enough, I just became aware of Randall Schwartz the other day when I listened to the FLOSS Weekly podcast where they interviewed him. It was a good listen (as always) - he talks about this case if anyone's interested.
Recruiter: Have you ever been convicted of a felony?
Bill Murray: Convicted? No, never convicted.
So..
Where are the guys who did this to him? Who are the kingpins that felt it necessary to take him down because of their own stupidity?
Where are they now?
I'd like to think that they learned a hard lesson, but my money's on them chortling over caviar at an all-managers meeting.
A lot of the time, agencies (and even the courts) don't follow expunge orders. They conviniently "forget", so you have to hire a lawyer to follow up and make sure the court order was actually followed.
Everything I need to know I learned by killing smart people and eating their brains.
SCO is being drained to death by the unfair legal assault by IBM. I hope that SCO wins $2-3 billions in the end. They certainly deserve it.
Intel demands procedural thinking and operates with a Borg-like group think. I believe this is due to the extremely vertical nature of management and the existence of powerpoint and netmeeting. Employees that "march to a different drummer" are shown the door. Randal did not follow the rules and was beaten down as an example.
and Randall still can't get a clearance without being upfront about it.
As someone who has gone through a security background check, worked at Intel and read the decision of the appeals court: I would be fairly surprised if Randal was able to get a security clearance even even if no conviction had occurred. The undisputed portions of the case suggest that Randal lacked an ethical barrier between him and either his curiosity about things for which he did not have access or his desire to gain respect by demonstrating his skill. This was 13 years ago maybe he has changed, I don't know.
Whether his intentions at the time were noble or not: he logged onto a system for which he knew his account should have been deleted; he ran a gate program on the system (after previously being told to stop running a gate on other systems); he cracked one of the passwords to someone with higher access on the system; he then logged on to the system using the cracked user's account; he transferred the password file to another machine; he ran crack on this other machine; he turned up 35 weak passwords; he said nothing; he left for a while to teach a class; he came back; he still said nothing; he re-ran crack on another faster machine (this is apparently what eventually got him caught).
Randal claims he did all this to re-gain respect at Intel's supercomputer division. I have no reason to doubt this is honest. The fact that he so freely gave so much information to the police suggests to me that he was trying to convey that he had no intention of harming Intel's business. However it is very, very bad judgment. Now if you were the agent assigned to his security background check, looking to see if his character demonstrates a likelihood of compromising sensitive information, even unintentionally, what would you think?
Education is a better safeguard of liberty than a standing army.
Edward Everett (1794 - 1865)
have you rehabilitated yourself?
parturiunt montes, nascetur ridiculus mus
I was once working as an engineer at a secure facility, where one of my friends explained to me that he had never actually planned on working there. He figured he'd let them pay them while the background check was in progress, but never expected to actually be cleared (the interview with the Feds went something like Q: "So what about all these hits of acid they found in your refrigerator?", A: "Well, they were there.")
But they did indeed give him a clearence, I would infer because they concluded he wasn't vulnerable to blackmail on the point, and so on.
And I have to say that the opinion of "someone who has gone through a security check" isn't terribly authoritative, unless you were turned down for having a similar background to Randal's.
Yeah, so a copy of the order was issued. Then what? They're all going to meticulously remove their records on him. Hardly, this will just get added to those records. So, yeah, when they pull up his file which will still exist, they'll see his past, and the fact that they won't be allowed to use it.
Sort of like instructing a jury to disregard testimony. They might be able to try, and I'm sure they do their level best, but its never really gone.
did they also expunge all the semen from his ass after those niggers made him a fuck toy?
I think at least he'd be in jail and therefore an "un-person" so far as publicising his plight.
He'd definitely not have written his book or any of his articles. Apart from his personal plight, Perl (and therefore the internet) would be greatly lessened.
We should all thank him for his work and reflect on what might have been
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
At a sufficiently high level, a security check is not something you 'fail' or 'pass' - it's simply a risk assessment that clarifies to those that are planning to use your services which areas of risk they need to manage. It's not a tick box process that HR does over lunch - it takes months of investigative work. There is a simple way to get through that: do. not. lie.
Insert
Which would explain why the US has no talent in the gov security circles and have had systems supposedly hacked repeatedly, from within and from the outside?
Not to mention, as you pointed out then glossed over, people change. Just as there are people with security clearances now that shouldn't have them or who have lost them, there are people who wouldn't have passed that have grown up, evolved, found different interests, moved on, developed as people.
Funny how he who put up a defense shouldn't pass in your opinion, yet the FBI and the like blackmail and hire found, talented hackers as a matter of course...so it's still better to get your job at the FBI or state department by proving your mettle first and doth not protest when you are caught? What a great standard.
Are your machines Opteron or Xeon?
From the article:
I don't have my gun possession rights restored yet, but apparently that's
merely a formality with the BATF, and I'll be taking care of that soon.
(sarcasm on)
Well Thank God because it's a miracle that you survived these past 13 years without a gun. Certainly this is the most important part of getting your name cleared.
(sarcasm off)
Dear Upper Management:
Would you please give me written permission to read slashdot during my breaks, so that I can better understand the current issues with computer security and unauthorized use of company computers. And would you mind signing that with a blue pen and giving me the original and you can keep the photocopy.
Thank You.
I look forward to following it. Then again, anyone would have to be insane to hier you wouldn't they?
I new that would catch your attention Randal .
Gratz on..er.. nothing happening.
Release the Hounds!...I mean Lawyers.
In many countries to this day once you are in the legal system you are trapped forever.
The US legal system is one of the best in the world. remember, it's not some all knowing God sitting on a throne, it's a system with people. Yeah, it's not perfect, it's just better then anything else.
The Kruger Dunning explains most post on
From their comments, a lot of people think that expungement is vindication. It's not.
After a certain time passes many crimes can be expunged if you apply to do so. Requirements and eligibility vary from state to state, but essentially you're saying, "I've been a good boy, so let me out of the corner." It's not the court saying you weren't guilty. It's the court saying they won't hold it against you any more.
What expungement is:
The removal of a discipline from a person's disciplinary record so that it is as though the discipline was never imposed. Link.
An order of the Court to seal the record of certain convictions if statutory criteria are met. The defendant must initiate the process by filing a petition through the Probation department. Link.
Official and formal erasure of a record or partial contents of a record. Link.
What a pardon is:
Action by an official of an executive branch of government relieving a criminal from a conviction. Link.
So yes, it's different from a pardon, but it's not just sealing the record, it's official forgiveness.
This is the guy who created the "Useless use of Cat Award", right?
I'm glad that my co-workers and my management saw now to prosecute me. I did get called on the carpet once and had to explain that I had just finished Cliff Stohl's excellent book "The Cukoo's Egg". The last chapter points out that the biggest weakness in computer security is the user. I was able to "crack" 20% of the unix passwords (including root). I pointed out the weak root password to the admin for that subnet and he just shrugged it off. He knew that I was an admin for a different network and was a trustworthy individual. He completely missed my point; If I could crack it, then anybody else with the proper tools and know-how could do the same.
Anyway, if things had gone differently I may have been in the same position as this poor soul.
JSL
I'm unaware of any accusations of sexism against Randal Schwartz. Perhaps you could enlighten me? Or did you just get on a roll with the adjectives and not want to stop?
Laws do not persuade just because they threaten. --Seneca
>So the FBI can't use it against him.
"can't" != "won't".
Nostalgia's not what it used to be.
No examples of Schwartzian transform? I'm disappointed in you all.
I still have mine from my previous position (they're a DoD contractor)... the SSBI only goes back 7-10 years, depending on the level of clearance you're after (e.g. a civil IT-3 rating only requires a light background check, IT-2 was something like 5-7 years back, and IT-1 was 10 years back). That said, IIRC I remember the SF-86 asking if you had ever had a felony or other conviction that wasn't, say, something little like a traffic ticket. If his conviction was expunged, I believe he can put that in there too... but he'd better be damned ready and able to explain it. Wouldn't kill his chances outright, but it would certainly make things damned tough. Big fat disclaimer: I'm keeping way the hell away from voicing any opinions as to the wisdom (or any lack thereof) of what the guy did, Intel's reactions to it, and suchmuch. Cheers, /P
Quo usque tandem abutere, Nimbus, patientia nostra?
And I have to say that the opinion of "someone who has gone through a security check" isn't terribly authoritative, unless you were turned down for having a similar background to Randal's.
Or unless I read through the appeals proceedings of those who were denied and appealed the decision. They mask the names of people and companies involved and make that material freely available. But you didn't check that, did you? I have a pretty good idea of what disqualifies you. If they didn't give a clearance to anybody who has done drugs, we'd have barely any Ph.D.'s with a clearance. As long as it wasn't recent use, they don't care as long as you don't lie about it.
Education is a better safeguard of liberty than a standing army.
Edward Everett (1794 - 1865)
I once was in the jury pool for someone caught with a bit of weed.
Several Mormons got themselves excused by saying something to the effect of "I'm very intolerant of drug users." However, there was one hippy woman who managed to answer one of the questions with a tirade saying that weed should be legalized.
Both she & I were passed for cause, leaving the prosecutor and defense attorney to finalize the selections. She ended up on the final jury. I did not.
Go figure?
Speaking as someone who:
1) held a top secret/sci clearance
2) knew and worked with hundreds of others who did
3) has conducted background checks for clearances
Some people are just astounded by what will and what won't be cause for denial of a clearance. In my experience it is really quite simple: did you lie.* The story about the "acid in the refigerator" is believable to me because I know first hand of people who most would think would never be given a clearance. And yet the poor dumb schmuck who smoked dope a few times and then lied about the entire affair gets denied.
*There are other significant factors but on the whole these are not as significant to the eventual granting/denial of a clearance as simply lying to on an application form or to an investigator. To get a clearance faster don't travel overseas, don't have interesting friends and don't do interesting things.
IMHO, Intel should admit they made a mistake and pay him for his legal fees. Ever since I heard about this case, I have always steered any purchasing I could toward AMD simply because of the case. If enough people did that, and told Intel about it, maybe they would do the honorable thing. Or at least make a donation in the same amount to the perl foundation or whatever.
:)
blogosphere: go
Liberty uber alles.
I don't think so. Anyone who isn't at making least six figures or in possession of world-class charisma, has a better chance of making it to Tijuana on an airplane wearing an "I have a bomb" t-shirt.
This discussion has long dropped off the front page, so this comment is mostly "for the record".
But perhaps Randal, nee merlyn, can help us all recall exactly WHY his employment at Sequent Computer Systems ended by him being escorted out the door.
Hint: it was for the general sort of activity that got him into so much trouble at Intel.
And IIRC there were similar problems at an employer before Sequent.
He had good lawyers, because those previous activities were apparently never raised at his trial.
Hopefully the "third time" was the charm, and merlyn has truly changed his ways. But from his postings here it seems like he's still playing the "innocent hacker" card for all it's worth.
For security clearance, they pretty much want to see if you are vulnerable to blackmail, dishonest, willing to take a bribe, etc.
So you see some weird things: a current drug addiction might be a problem, whereas a previous illegal drug use would not be. Having an affair with the neighbor's dog might be a problem, but not if your wife/priest/minister/rabbi already know about it and don't care. A felony conviction for money laundering, misuse of company resources, corporate espionage, etc., might be a problem while a felony rape conviction might not. If you lie to your interviewer, you are definitely denied.
Secret clearance is basically a credit and criminal background check. Pretty hard to get denied. Once you get into the higher levels, that's when they start interviewing the neighbor's dog.
They don't grade fathers, but if your daughter's a stripper, you fucked up. --Chris Rock
Look, I was sympathetic toward you until I read that last comment. What you did was wrong and it was certainly not part of your official duties. Obviously the punishment meted out was excessive in proportion to the "crime", but please do not try to claim that you were somehow fscked while doing the job Intel hired you to do.
They don't grade fathers, but if your daughter's a stripper, you fucked up. --Chris Rock