EBay Hacker's Conviction Upheld
An anonymous reader writes "The 9th Circuit Court of Appeals has ruled in the case of Jerome Heckenkamp, the former University of Wisconsin student convicted of federal computer crime charges in 2004 after hacking into Qualcomm, Cygnus Solutions and other companies, and defacing eBay. Heckenkamp was caught after a system administrator at the university hacked into his Linux box to gather evidence that Heckenkamp had been attacking the college mail server. The court ruled today that such counter-hacks are allowable under the 'special needs' exception to the Fourth Amendment, and upheld the warrantless search."
Now I don't feel so bad about killing those zombies that keep trying to ssh into my box.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
XXX#######
You forgot to add that Odds are that the 9th Circuit will get overturned...AGAIN!
Can you guarantee that the System Admin didn't plant the evidence or the evidence was otherwise compromised? Well, now here is the problem, since you said you can guarantee it, that anyone that is called a System Admin is now allowed to plant evidence and vigilantism rules the internet.
> Using the typical logic, he apparently didn't protect his machine well enough, so it's okay, right? Oh, but he's on the malicious side, so he's right, and the University trying to protect itself, from someone violating just about every University policy with no expectation of privacy on the network of a public research university, is wrong?
Problem with your logic there. If the University thinks being hacked is wrong, then why do they think hacking someone else is right? Two wrongs don't make a right. The hacker is a criminal, and the University (employee that did the hacking) is a criminal. It's that simple.
My other car is first.
Whether there was sufficient evidence for a warrant is irrelevant -- as you yourself noted, the University is not a law enforcement entity, nor were they working in that capacity.
Additionally, whether the University had the means to sufficiently control its network is also not relevant to whether they had the right to break the law -- unless the man in question specifically allowed hacking into his computer by agreement. Did he do so?
IANAL, but I wouldn't be terribly surprised to see a lawsuit against the university over their actions. Frankly, I'm rather surprised no one has been charged with hacking the man's computer. Perhaps it's being "overlooked" due to the obviously bad actor involved -- but IMHO it shouldn't be. OKing this sort of vigilantism is a pretty dangerous thing to do, on many levels.
Kythe
How does browsing through tmp block an account? He had verified that the computer was the same one that had been previously blocked but decided to give the hacker an additional 15 minutes of time which could have been used to cause additional damage on the university's network. Since the sysadmin was taking the time to snoop it should be clear that he was going beyond what was necessary in the emergency situation. A cop kicks in a door because he hears a scream and finds a woman bleeding to death on the floor. Instead of calling an ambulance or otherwise rendering aid he takes 15 minutes to wander through the house to search for drugs. Proper action?
If the g'vt kept the data on you that google does you'd better believe you'd be calling it "doing evil"