Man Jailed After Using LimeWire For ID Theft

angry tapir sends along this excerpt from PC World: "A Seattle man has been sentenced to more than three years in prison for using the LimeWire file-sharing service to lift personal information from computers across the US. The man, Frederick Wood, typed words like 'tax return' and 'account' into the LimeWire search box. That allowed him to find and access computers on the LimeWire network with shared folders that contained tax returns and bank account information. ... He used the information to open accounts, create identification cards and make purchases. 'Many of the victims are parents who don't realize that LimeWire is on their home computer,' [said Kathryn Warma of the US Attorney's Office]."

anti-slashdot.org

Anybody know what happened to Cockbar and his band of idiots?

Re:anti-slashdot.org

ladies, get your pussies ready!

how dumb

How stupid do you have to be? Do people not understand how file-sharing works?

Re:how dumb

[CannonballHead]

Did you even read the summary, by any chance?

'Many of the victims are parents who don't realize that LimeWire is on their home computer,' [said Kathryn Warma of the US Attorney's Office]."

Re:how dumb

[orthancstone]

Do people not understand how file-sharing works?

Correct

Re:how dumb

[MightyMartian]

I don't know how they couldn't. The thing is so bloated and slow, and degrades system resources so much, you'd think people would go "Hey, WTF is going on here?" Unless of course they already have tons of malware, and their private info has been lifted by half a dozen botnets already, in which case Limewire is probably the most secure network app they're running.

Re:how dumb

[CannonballHead]

Many people from older generations that have not had the time to learn how to use the computer aside from e-mail and online news have no clue. And computers aren't as static as we geeks like to think they are, and they slow down or speed up occasionally, install updates, etc.

For someone who has really no clue how it works and isn't even used to using it, it's very easy to see how they could not notice.

Re:how dumb

[InsaneProcessor]

"Many people from older generations that have not had the time to learn how to use the computer aside from e-mail and online news have no clue."

Then why are these idiots letting their kids use their computer?.........No wait.......

Re:how dumb

[negRo_slim]

The thing is so bloated and slow...

Behold the power of Java!

Re:how dumb

[CannonballHead]

Then why are these idiots letting their kids use their computer?.........No wait.......

That would be a very large debate. But hey, if "parenting" consists of "taking kids to daycare" and when they are older "taking kids to school" and when they are older "buying kids a car," it's no wonder they let their kids use "their" computer.

Re:how dumb

[MrSmith0011000100110]

Ignorance is no excuse.. If someone came to town, handed me a strange object with no instructions and left me to myself then I in turn push a button that then wipes out a city. Yeah that's an oops, but my ignorance doesn't forgive me for killing thousands of people... It just makes me cool~

Re:how dumb

[mcgrew]

You're confusing ignorance with stupidity. Everyone is ignorant, nobody knows everything. Anyone who assails the intelligence of someone because they don't posess a certain bit of knowledge that they do is stupid.

Re:how dumb

[rantingkitten]

Well, no, most people barely understand how their computer works at all. They can kind of drag their way through Windows, but only because they only need to access a few things and they've more or less memorised where to click for those things are. Move their icons around and suddenly it's a huge crisis for them.

Additionally, many households only have one computer. Mom and Dad use the computer sometimes, then little Susie gets on and installs Limewire, accepts all the defaults, and next thing you know, Mom and Dad's files are being shared with the world.

Or maybe the person is just clueless, and doesn't understand the concept of folders and directories. They want to share their music, their music is on the hard drive, they know the hard drive is C:, so that's what they share.

Really there are any number of reasons this could happen, either from sheer idiocy, to ignorance, to total accident. Back in the the day, 2001 or so, I used to search for things like "resume.doc", or random Windows DLLs, in Kazaa, then I knew who was sharing things they probably shouldn't. Then you could do "More files from this user," or whatever the option was, and come up with all kinds of interesting stuff. Never occured to me to search for tax returns, but then, I wasn't really trying to do anything malicious either. The point is that people sharing practically their entire hard drive, without even realising it, has been going on a long, long time.

Re:how dumb

[InlawBiker]

For a bunch of techies on Slashdot it's hard to understand. It's like a car mechanic saying, "How could you not know your valves needed adjusting by how the engine was running? Now your motor is destroyed" and the customer's answer is "What's a valve?" I bet the auto mechanic web forums are full of people laughing at the "dumb" end users of expensive, ruined machines.

There are a whole combination of technical details to know with file sharing - Windows shares, file system permissions, why you shouldn't run applications as admin by default, IP, port address translation (if you have a typical NATing home router). Even if you think you understand the software, how can you be sure you're 100% safe when you install software that's DESIGNED to open up your computer to the world?

Re:how dumb

[clone53421]

I've posted on here a few times on this very topic, although I'm probably preaching to the choir. People are stupid like you wouldn't believe.

I've done this before, not for nefarious reasons but more as a proof-of-concept to convince myself that people really are this stupid.

Obviously I never did anything illegal – merely downloading the sensitive files isn't illegal AFAIK, since they're publicly sharing them (even if unknowingly). Attempting to log into someone's PayPal account (to see if the password had been changed or the account locked out) was probably somewhat borderline; I never tried to log into any of the credit or banking accounts. Most of the login details were no good, but I was able to log into people's e-mail accounts, several different instant messenger accounts, even a couple of RapidShare Premium accounts. (One e-mail account even appeared to be actively used – recent dates on messages, which I didn't read although I saw the subjects. As a gesture of helpfulness I sent an e-mail from the account to itself in which I informed them that their login details were being shared on LimeWire!)

So yes, this doesn't surprise me in the least.

Re:how dumb

[mrsquid0]

No, they do not. Many people think that they are searching some sort of repository of files that was set up specifically to be searched. They do not realize that they are searching other people's hard drives, and other people are searching theirs. Even when they realize that people are downloading from them many people think that the downloading is restricted to music files. The idea that their entire hard drive may be open for searching is alien to some people.

Re:how dumb

[Orion+Blastar]

Actually it is usually the children that install Limewire to get free music and video games. Most parents don't know what Limewire is, and share the computer with their children. When they notice a slow down on the Internet they think it is a virus or just Windows as usual. Not knowing that Limewire is sharing their "MyDocuments" folder including all of their personal documents and files in that folder.

My son, for example, uses a PC different from mine. So mine does not get infected with viruses or get all of the files shared via Limewire or some other program. But then I am Tech Savvy enough to know what Limewire and other file sharing programs are, and take them off of my system.

Re:how dumb

[JWSmythe]

    You'd be surprised the number of places I've seen Limewire up and running, where it shouldn't have been. I picked up a little work in a small office, and their manager's desktop was also the server for a few other things. They said "Oh, it's always a little slow", and it had been like that for years. Turns out a few years ago, Limewire had been installed and had been running ever since. They attributed it to someone who used to work nights, and downloaded music all night.

    Luckily there was no sensitive data on any directories it was sharing, but if I recall correctly the old behavior was to share all of C drive, or at least look for directories that had music files in them.

    I took it off (obviously), and cleaned up a few not terribly malicious malwares, and it was back up to a reasonable speed.

    Most non-technical people will attribute a "slow" computer to just being old, even if the specs of the machine are fine, it just has too much crap on it. One computer I worked on had a dozen or so toolbars, and other assorted privacy concerns. They weren't necessarily malware, but do you need the Yahoo, Google, AOL and Ask toolbar on your computer, if you never use any of them? :)

    There's a PC (2.8Ghz, 512Mb RAM, WinXP) that I'm working on now, that had so much crap installed that it was useless. Like, literally 5 minutes to open Firefox just after booting. After I removed the crap, it worked reasonably as long as you didn't have too many windows open. It's getting a memory upgrade today, and then getting delivered back to the customer.

Re:how dumb

"the old behavior was to share all of C drive"

How such functionality could ever get into a released product is beyond me. That is absurd, and incredibly insecure, and to be honest the creators of Limewire should be the ones going to court and to jail for releasing such shoddy software.

Re:how dumb

Also, all of the p2p software I have encountered only shares what you explicitly tell it to share, often defaulting to its own downloads directory.

Re:how dumb

[rrhal]

... Only if the button is clearly labeled "Do Not Press"

Most parents know that being computer literate is an important part of their childrens' education. They probably bought the computer in the first place for their kids to use so they would learn more about computers than their forebears.

Re:how dumb

[gparent]

I don't know how they couldn't. The thing is so bloated and slow, and degrades system resources so much, you'd think people would go "Hey, WTF is going on here?"

No, they won't LimeWire hardly uses any significant system resources unless your computer is from the 90s.

Re:how dumb

Ignorance isn't an excuse. I know what my kid does and I monitor her network and phone traffic carefully. It also helps that I'm the one maintaining her computer and to a lesser extent phone. That being said however, I also know her friends and even what televsion shows she watches. I know I'm in IT and most of the rest of the world isn't, but at the same time... It IS fairly easy to Google something and find out.

Re:how dumb

[KraftDinner]

Thank you for putting it in a way I could understand. I had no idea what this discussion was all about until you came along with a car analogy.

Re:how dumb

My cousin fought a constant battle with her son over this. "No, you will *not* install Kazaa on my computer. Yes, I know your computer is 'non-functional'. Perhaps there is a reason for this. If you 'knew what you were doing', your computer would not be pwnd and bot-netted by every script-kiddie on the planet. Again. STAY THE HECK OFF MY COMPUTER!"

Re:how dumb

[mrsquid0]

Many people have one directory (perhaps called My Documents) that they use for everything. The files that they download are mixed in with their bank statements, Christmas card lists, and everything else.

Re:how dumb

[masshuu]

This Post took 170 seconds, 270 Megabites of ram, and over 54,880,000,000,000 cpu cycles to post, all thanks to the power of JAVA!

Re:how dumb

[kdemetter]

You may have a point, but i still don't see how they could get their bank records , because , by default Limewire only shares the 'Shared folder' .

So , they either put their bank records in the Shared folder , or they changed the settings to include other folders.

What i mean to say is : Limewire already put effort into making sure you don't accidentally share files .

That being said , considering the amount of junk you get when typing 'tax return' , i must admire the persistence of the identity thief.

Re:how dumb

[Dalzhim]

I am ignorant and I do not know the difference between ignorance and stupidity. Although I know that your assailling of my intelligence because I do not posess this bit of knowledge makes you stupid!

Re:how dumb

[DrLov3]

Yes, but only with computers can you get away with your ignorance

If your car has the "break" light flashing in the dashboard for 2 years, and you don't get your car checked, and one day you're totally out of break fluid and you run over a pregnant mother, you will be held responsible and you won't be able to claim it's not your fault because you don't know anything about cars.(P.S.: I don't know anything about cars, but I know I'd be responsible )

If you steal a 52inch plasma T.V. from a home in broad daylight and you get arrested by the cops, ... the defense : "I did not know it was a crime to steal stuff before 9:00 P.M." will not work, because none should ignore the law.

If I get stomach pain, I get a doctor to look at me, because if I ignore the issue, I won't be able to complain to GOD that I am dead because I wasn't a Doctor posting stuff on doctor's forums and that it isn't fair, nor that it is not my fault cuz I didn't know and that he should give me my life back.

So...... When I don't know how to fix my car, I don't ignore the problem, hope for the best, knowing I can claim ignorance and ignore the safety threat that I am to other people out there, I get a mechanic to fix it

Why not the same for people using computers, don't know anything about them, call a tech. By making them accountable for their own ignorance it would solve a large part of the problem. Example : I bet there wouldn't be anymore SPAMS or almost none because people would no longer be part of large botnets if they we're prosecuted for sending the spams.

Re:how dumb

[mcgrew]

Isn't slashdot great? You never know what you'll learn.

Re:how dumb

[Dalzhim]

True! Keep up the good work.

Re:how dumb

[geekoid]

People are not stupid, they are ignorant.

Re:how dumb

[MightyMartian]

Then you'd best lock up Bill Gates and the Windows 95 development team, because it did pretty much the same thing.

Re:how dumb

[gobbligook]

You are still responsible for your sons use of his computer....

Re:how dumb

[krovisser]

Being a computer tech. and mechanic, I can say yes, we do.

Re:how dumb

Oh, hey hey hey! It's everyone's favorite FAT CAT, JWSmythe! Before you go raping the Slashdot-reading public with your Wall Street Journal politics, let's let them all know how fucking rich you are.

Dear EVERYONE: JWSmythe is a self-made millionaire who also posts on Fark.com. Still wanna listen to him? These fucking meds keep running out. What is WRONG WITH ME?!

Re:how dumb

I learned (from you!) that crack whores "fuck good". And that anyone who voluntarily stays in fucking Springfield, ILLINOIS, is an inbred, ignorant IDIOT. Congrats!

Re:how dumb

[MrCrassic]

Actually it is usually the children that install Limewire to get free music and video games. Most parents don't know what Limewire is, and share the computer with their children. When they notice a slow down on the Internet they think it is a virus or just Windows as usual.

No, it's even worse than that. Some parents, as the article explains, don't even know that it's *there.* While some see the program glaringly in front of them and ignore it as fodder, there are kids that install it *against* their parent's will. While they might not know *exactly* what it is, they do know about the illegality of downloading media from the Internet.

Frankly, I don't even tell the clients I've worked with that this is an option. I'd rather not promote software I'm vehemently against. Not that I have anything against P2P; I just hate LimeWire and it's ilk.

Re:how dumb

[MrCrassic]

NOTE: If that PC is a Pentium IV, it should run extremely well with those specs...unless their applications are somewhat resource-intensive. I used Photoshop on a machine spec'ed out like that with no problems.

Re:how dumb

[MrCrassic]

So you think that people are "stupid" because they don't know how to effectively secure their digital assets? This is akin to a security analyst calling you stupid for lacking knowledge of 0-day vuln's...and then rooting your box to exploit that lack of knowledge. (Maybe you do, but there are plenty of tech professionals that don't.)

i.e. the script kiddies (or criminals) that drop trojans and other nefarious oddities and do massive damage to people's computers daily.

Just sayin'.

Re:how dumb

[Orion+Blastar]

Which I monitor and use OpenDNS to block the bad web sites he shouldn't go to either.

From time to time he'll click on an ad, and then I have to remove the adware or spyware that it installed. He uses Opera instead of Firefox, and it still gets exploited.

Re:how dumb

[Orion+Blastar]

Well I tell friends and relatives not to let their children install file sharing programs like Kazaa, Limewire, etc.

Most of the time I have to clean up their system of malware is when their son or daughter downloaded a bunch of music files and software and then just ran everything they downloaded. Including a trojan infected antivirus software that doesn't find the malware because they downloaded it via a P2P network.

I just get a free AV software like AVG, Spybot Search and Destroy, Adware, Avast, BitDefender Free, etc because it is a home system and qualifies for free AV software and boot into Safe Mode and then scan in safe mode, or use MSCONFIG to disable all startup programs but the AV software and then scan using them. Usually I have to uninstall all of the crap their kids installed that they downloaded from P2P networks. I tell them not to let their kids use P2P networks anymore, but few listen to me and they get infected again.

I've tried to show them FOSS alternatives like OpenOffice.Org, GNUCash, GIMP, Paint.Net, etc which some of them end up using instead of downloading commercial versions from P2P networks.

But eventually it gets so bad, that I refuse to support them until their children stop using P2P networks.

Even music files can contain trojans and exploits in them, and most are in self extracting EXE files that contain a virus in them when run, some have ads for other web sites in them, and others require an unlock password for the RAR or ZIP file and they have to get it by a web site that infects them with a virus but gives them the password to the archived file to unzip or unrar it.

Re:how dumb

STaying anonymous this time to prevent getting arrested....

I used to do the same thing! It's amazing how much info you can pull and FAST! Sick really in all tenses of the word.

I think I was bored and looked for a *.ttf's(or something like that for Turbo Tax File) and *.xls & *.mdb because back then people who used access had no clue, and everyone just as today used excel like a db app.

Re:how dumb

I did this (search for .tax on Limewire), and (apparently) some accountants share their client's tax records.

So I called one or two, and said "I'm just being a Good Samaritan, and telling you that your tax records are online. To prove I mean no harm, you can see my phone number - I am not hiding anything or doing anything wrong."

And I got REEMED. CHEWED OUT. screw 'em. Shoot the messenger!

Geez, I would have helped them fix the problem! But noooooo.

Re:how dumb

[Tarsir]

Pointing this out is probably about as useless as pissing in the ocean to make the water level rise, but people are not stupid for not understanding how file-sharing works, they are ignorant.

Similarly, you seem to think you had permission to download sensitive files because they were shared publicly. Legally you did not, because, as you yourself pointed out, the files were possibly shared unknowingly. Using the standard of a reasonable person (for common law, at least. I'm playing the numbers and assuming you live in a common law jurisdiction), would a reasonable person conclude that your target intended to share sensitive information? No - like you, they would conclude it was an accident born of ignorance. Luckily, that does not make you stupid, just ignorant

Re:how dumb

[CSMatt]

No. Ignorance is not knowing how to do something right. Stupidity is not caring enough to do something right.

Re:how dumb

[Locklin]

Separate user accounts separating kids and tax information are about as basic as knowing when the oil needs changing or locking your car doors. Yes, if you do your taxes on a computer, you should spend enough time to learn the very basics.

Re:how dumb

A friend once mentioned how he saw somebody who was driving an exotic sports car down the street do something that made the transmission make a horrible grinding noise while bringing the car to a sudden dead stop, and rendered the car unrestartable (they probably tried to put the manual transmission in reverse while doing around 40km/h).

Re:how dumb

[JWSmythe]

    Dude, you are almost passively entertaining. Kinda off topic, and completely factually wrong, but entertaining.

    But if it will appease you, I've donated everything but my last $10 to Slashdot. That wasn't very hard, since I don't have $10 to my name right now.

    But hey, worship me as a multi-millionaire, I'm cool with that. We can discuss my newest business plan that I'd love to have you and your friends invest in. Because of the sensitivity of it, I'll need cash in small, unmarked, non-sequential bills. Meet me at the park bench at midnight. Be sure you aren't followed, or your investment is forfeit. You know, standard terms.

Re:how dumb

[nemesisrocks]

For a bunch of techies on Slashdot it's hard to understand. It's like a car mechanic saying, "How could you not know your valves needed adjusting by how the engine was running? Now your motor is destroyed"

I whole-heartedly agree. However, how many people are willing to tinker under the hood of their car, or make modifications to it? Most people don't even bother to perform basic maintenance, such as checking tyre pressure.

The difference with computers is that everyone with a little bit of knowledge thinks they're an expert. Installing an application is, conceptually, not that different to say, performing an oil change. Both aren't that particularly difficult, but they require some knowledge, and if you get it wrong, the results can be disastrous.

Re:how dumb

[JWSmythe]

    Along your theme, it's amazing how many cars have been brought to me in the last year by friends where a professional mechanic said it wasn't safe to drive, and presented with a quote of over $1,000 USD, just to find out that it was perfectly safe.

    One in particular, I went item by item down the list of "repairs" only to find that it needed new spark plugs. The shop had completely overlooked the rack and pinion being worn beyond use (i.e., unsafe to drive), and the brakes leaking (i.e., unsafe to drive). They would have repaired their list, charged over $1,000, and handed back a death trap.

    The real repairs were more than the value of the vehicle, and it now sits in a junk yard.

    I've noticed that women are well targeted for these repairs, but it's not exclusive to them.

    I went to have new tires mounted on my car. I generally do my own repairs, but I don't have a mounting nor balancing machine, so tires have to be done by a shop. I bring my own tires though. Last time I had two tires put on, they were very insistent that my front brakes were terribly worn. I thanked them for their advice, and picked up a new set of front pads on my way home ($35 vs $150). I did the front brakes at my leisure, just to find that the front pads weren't worn beyond 50%. Since I had already bought the pads, I went ahead and put the new ones on, and now the old worn pads (still 50% good) sit by my toolbox, in case someone needs them.

    Shops love people saying "Fix whatever is wrong.". That's an open invitation to rape the customer. It's better to become aware of how your vehicle works, or make friends with someone who is honest. My friends will usually come to me first. Sometimes I'll send them back to the shop with the ok to do the work, but not usually. The last "urgent" brake job, I told the person to come back to me in 6 months or so, and I'd re-evaluate their brake condition. With all new parts (new pads, new rotors, per the shop quote), the price would have been $250 and a handshake. The shop wanted $1,500. I know they'll come back to me in 6 months because I'm honest.

    My field is IT, but I've been working on cars for over 20 years. I don't charge for my work, but they always pay what they believe my time to have been worth, which has always been fair. It's a good way to make a few bucks on the weekends. :) It's not terribly regular work, but it's honest work for honest pay.

Re:how dumb

[shutdown+-p+now]

Then you'd best lock up Bill Gates and the Windows 95 development team, because it did pretty much the same thing.

Except, of course, that bit where it would require admin credentials to access...

Re:how dumb

[hairyfeet]

I concur, it still amazes me how many fall for that "old PC is slow" crap, when it is often their own or their loved ones total stupidity. I had a customer bring in a Toshiba laptop a couple of years ago. He wanted to know if we could "get it to run a little longer" so he could buy a new one. I thought it was a damned nice laptop, early Core Duo, 2Gb of RAM, 80Gb HDD, at least according to the specs.

When I began to fire it up I knew there was trouble when the thrashing began before it even reached the "WinXP" boot screen. My boss at the time refused to let me just wipe it, because he wanted to see if it would "beat his record" of 2378 viruses on one machine. Oh boy, did it ever beat the record. Final total before I gave up and wiped the thing was 3754 viruses. And that don't count the toolbars and all the crap he had in the taskbar.

It turned out this guy was what we at the shop called a "click whore" in that ANYTHING he downloaded or saw, he would click on. I mean anything. Mp3.exe, avi.exe, he had Limewire+Gnucleus+bearshare, all running at the same time, and especially if you added the word "lesbian" to anything, like a 5Mb "hot_lesbians.avi.exe" damned if he wouldn't click on it. Now I know that those that have that stupid "don't show known extensions" will get caught occasionally, but the P2P apps would show him ahead of time the .exe and damned if he wouldn't click anyway.

And you are SO right about businesses. I have walked into so many SMB shops that had P2P running and didn't even have a clue it was there. Like you some of these apps had been running for years without anybody even using them, just sitting there and sucking bandwidth. Many here would "blame the parents" but I have found that there are so many that use computers day to day that look at them as a "magic box" that it just ain't funny. As long as the "magic box" continues to run, they are just grateful and will put up with the slowdowns until it gets too much to bear. But for so many if the "magic box" works that is the only thing they care about.

Re:how dumb

[Falconhell]

Hopefully a small light swould pop up saying "Please do not press this button again"

Re:how dumb

[hairyfeet]

Uhhhh....he was talking about Win95. Remember Win95? The one that pretty much had no security at all? Pretty much any of the Win9X branch from Win95-WinME were a bad joke on security and permissions. I mean when you can bypass physical security by simply hitting the escape key i can't imagine their network security was any better. Plus with DOS accessible underneath I bet it would be trivial to simply feed it some DOS commands to bypass pretty much anything you wanted bypassed. IF he was talking WinNT I might agree, but Win95?

Re:how dumb

[shutdown+-p+now]

My apologies, I missed the 95 part of in. In this case GP is just plain wrong, since administrative shares are only available on WinNT-family OSes, and were never present in Win9x at all.

Re:how dumb

[shentino]

Simple.

Ground the kid for defying his parents.

Confiscate his computer and work it over with a sledgehammer.

Seriously though, disobedience should be a punishable offense. I had my computer "seized and forfeited" once, and I behaved better after that.

Re:how dumb

[Falconhell]

Network admins motto;

"Never underestimate the power of human stupidity"

Re:how dumb

[indi0144]

I see this every week, though I've never repaired more than 500+ on just one disk, do you have any screenshots to share? :), but makes me think, is it really hard to push for a "PC Driving License"? I mean, not because theres no kid harmed means there is no harm done, be it the interwebz bandwidth or the wasted energy on CPU cycles.

Re:how dumb

[mooterSkooter]

To make matters worse, it seems that 'the older generation' are being convinced into purcahsing lesss secure operating systems. Case in point: I built my mother in law a debian based desktop machine (she only wanted to use facebook). Yet, somehow she was convinced to purchase a laptop (she only uses the machine at a desk) with Windows Vista. She now has 'a virus' and has had to pay PC World money to fix it.

Idiot. And to think my son shares genes with her...don't tell my missus I said that.

Re:how dumb

[Idiomatick]

Many ppl on limewire share the c drive. I'm shocked this hasn't happened long ago. Honestly search for 'passwords' and you get people's personal pw list in a nice txt. The only thing protecting them is 1trillion other files named password promising porn.

Re:how dumb

[hairyfeet]

Sorry, never thought to take screens. I was just the poor schmuck that had to fix the damned thing, it was the boss that cared to see if it "beat the record". I just wanted to get the slow ass thing done. If I would have had my way we would have never seen how many viruses was on it, because I would have saved a few things with a Linux LiveCD and then nuked the OS.

Now as far as that "PC driver's license" thing? I don't think you've really thought that through. My neighbor, a retired NASA engineer, had something insightful about such a thing when I asked why he didn't just fix his own boxes. He said he did, during the days of his Commodore 128 ( he would love to have another one, if anybody knows where I could pick one up) when he could be confident that he knew what each piece of code would do along the path, but the things are just so complex now that he says it just isn't worth his time to keep up.

And I think that hits the nail on the head better than any 'teach the user" BS, because time is simply too short and too many attack vectors exist. I mean you got your 0 day, your driveby, your OS specific bugs, browser bugs, media player bugs, the list could go on forever. With a vehicle there are only x number of ways to screw up. With a networked computer the ways to get pwned is almost limitless, so having a license in the end really wouldn't do much, as no matter how well you educated the user they would get bit by something you never thought up.

That is why ultimately I go with a "don't think" approach, which I find works really well. That is I try to automate as much as possible, so thinking isn't required to be safe. Firefox with ABP (to cut down on ad related attack vectors) and Windows autoupdates, I have Comodo AV/Firewall set to do the same as well as scanning twice weekly on a schedule they can live with, same with Spybot, Kilte Mega to keep them from downloading dodgy codecs, etc. I have found by using this approach I can cut down a good 85% of the infections. Now they pretty much have to ignore the warnings and do it anyway to get hosed. And with Almeza I can have many of the installs automated so I don't have to waste MY time installing. All in all I would say this is a better approach than trying to educate the user enough that they can stop all of today's malware attack vectors. Because the PCs of today are just too complex for the average Joe to keep up with.

Re:how dumb

Your definitions are incorrect. If you make up your own definitions to words, you will have a hard time communicating effectively.

Re:how dumb

So what's the alternative oh great and wise one?

Home schooling?
Quit work and raise your kids in a homeless shelter?

Tell me, please. I'm in need of enlightenment.

-john

Re:how dumb

[lessthan]

I've noticed that women are well targeted for these repairs, but it's not exclusive to them.

My mother was an auto mechanic. Mechanics always get a surprise when they try that trick on her. (she has a very short temper.:P)

Re:how dumb

[JWSmythe]

    That's great. :) I love seeing women doing stuff that they're "not suppose to do". In the last few weeks, I've worked on several cars where the owners (mostly women) had been given huge quotes for "essential" work, yet found that it was unnecessary.

    The last one was a car that was occasionally overheating. It "needed" a water pump, where they would also replace the timing belt and thermostat. (the pump is behind the timing belt. Weird car.). I gave it a proper evaluation, which took more than the 30 seconds the others had given it, and found it to just be the thermostat. It does have other problems, but those were nonessential. So far it's been evaluated by 4 other mechanics, but she made the mistake of repeating what the others had told her. I not only evaluated the problem, but explained to her how the cooling system worked, and why it was happening.

    She happened to have the shop manual, so after explaining it, I flipped through the pages to where it talked about the thermostat, They not only talked about evaluating the symptoms and testing it in detail (cold water, then hot water, and monitor it's response), and how different behaviors would make the car behave. Basically, it's sticking partly open.

    Most of the others were hugely over priced easy repairs. I'm amazed how shops will try to take advantage of people. My friends appreciate having me around. Even if I can't do the work (time or equipment constraints), they can now go to another shop and say "I *ONLY* want this done."

    I used to get a huge laugh out of a local Sears. My mom would go down to get tires or whatever. I will have checked it over carefully first. They'd quote her $300 in repairs. She'd bring it home, and I'd check out the repairs that they said were necessary, and they weren't. Next trip (many months later), she'd get a new quote for $300 in repairs, but they were always for something different. It was pretty clear that they had already figured $300 was a decent price point, where most customers would pay without getting too nervous about the bill. Lately they've been over $1000. I don't know where they think the money is coming from, but I guess at least some people are falling for it. It's driven friends, and friends of friends, to me to check the quote first. But hey, I can honestly say once it was a legitimate quote. That was pretty easy though, the car was beyond it's life expectancy (and the duct tape was wearing out). They could have listed almost anything, and I would have agreed with it. I recommended a tow to the junk yard as the best option. The necessary repairs were more than the car was worth, and it would take me weeks to make it serviceable again.

Remove the buzzwords

[BadAnalogyGuy]

Man jailed for ID theft. This is a good outcome, I'd say.

The Limewire connection is only interesting because it shows social vulnerabilities inherent in the filesharing mechanism. As long as you make it simple to share files and folders, people are going to be lazy and end up sharing files that they never meant to share.

Re:Remove the buzzwords

[pha7boy]

A small change in Limewire should take care of problems like that (for example asking you to select/confirm which folders you share every time you open it up). I don't find the idea that parents who don't know what their kids installed on their computer is an acceptable excuse. If you have a kid, you better know what's installed on that computer... It's called parental responsibility.

Re:Remove the buzzwords

[John+Napkintosh]

That Limewire was mentioned at all is more of a "that's what you get" on the part of the user sharing his tax information, I'm betting. Though you can carry out perfectly legal file sharing through any such service, I'm guessing it's meant to taint the image of file sharing and P2P in general.

Re:Remove the buzzwords

[Hatta]

Their kids account should not have read access to important financial records in the first place.

Re:Remove the buzzwords

[TheLink]

With windows you can stick to "limited users" and don't share accounts, and make it harder for someone else's limewire to suddenly share your files without your permission.

I think that's the better approach, since it makes it harder for the kid to accidentally delete/corrupt/read your files.

Not impossible of course - since they have physical access to the computer.

Re:Remove the buzzwords

[Lord+Ender]

If you have a kid, you should NEVER SHARE A COMPUTER with it. It is not practical to expect parents to monitor everything a kid does on a computer, or to ensure any level of security on a computer used by a kid.

Get your kids their own computers and assume they are sharing that computer with a hacker and all of 4chan. Prohibit the use of the computer for any financial transaction. A kid's computer is only "safe" if there is nothing worth stealing on that computer.

Re:Remove the buzzwords

[sin1man]

When I was still at home sharing a computer I was the admin and my parents were the user non admin account. Considering the lack of tech savvy in some of these victims I would assume that it was the child who installed limewire and was the admin of the computer, if accounts were being used at all of course. In the families I knew it was always the child's computer which the parent used on occasion.

Re:Remove the buzzwords

A small change in Limewire should take care of problems like that (for example asking you to select/confirm which folders you share every time you open it up). I don't find the idea that parents who don't know what their kids installed on their computer is an acceptable excuse. If you have a kid, you better know what's installed on that computer... It's called parental responsibility.

Completely agree about parental responsibility. I don't buy the argument that the parents don't know what's installed...if that is the case, there should be a law precluding stupid people from owning computers. Oh wait....then the industry would tank, what am I saying????? 0-0

Re:Remove the buzzwords

[DaHat]

> for example asking you to select/confirm which folders you share every time you open it up

So you want Limewire to have it's own form of UAC? Or do you think that if you make it scary enough that the majority of users wont just click yes anyway?

Re:Remove the buzzwords

[Joe+Snipe]

I believe thats what separate user accounts are for.

Re:Remove the buzzwords

[Talchas]

Replace "kid" with "anyone who doesn't understand the basics of computer security". Grandma who clicks on anything is more of a risk than a kid who knows what they are doing.

Re:Remove the buzzwords

[uwnav]

lol ironically parent doesn't have any children, or he/she wouldn't refer to them as "it"

Re:Remove the buzzwords

[Lord+Ender]

...and that's what privilege escalation exploits are for. Seriously, with a "regular user" account, there are a hundred and eleventy ways to get root. Fake login screen, anyone?

On top of that, are you 100% sure you will log out when you step away from your computer? Are you 100% sure your kids won't just hop on face-space while you're logged in?

Your "solution" falls way short of the mark. In the era of $200 netbooks, only a reckless parent would share a PC with a child.

Re:Remove the buzzwords

[Lord+Ender]

You're only partly right. To non-experts, the Internet is like Tijuana. When you visit, you will likely be walking down the main tourist strip, with its lighting, and police. You will shop only at the mainstream shops which can afford the prime real estate. Still, it's not as safe as your home in the 'burbs, because you don't speak the language and the rule of law is rather limited.

When your kids visit Tijuana, however, they absolutely do not stick to the tourist strip. They go running down the side-alleys, gallivanting through the slums and chatting with strangers. If they run that route every evening, they are almost certain to get kidnapped, recruited for a brothel, or mugged.

So while you both may have similar levels of ignorance regarding security, your usage patterns mean that you're probably going to be OK, while they're certainly going to get pwnt.

Re:Remove the buzzwords

[Lord+Ender]

First of all, I'm a security expert (which is relevant), not a parent (which is not so relevant). Furthermore, I am not responsible for the fact that English has no gender-neutral, singular personal pronoun. Take that issue up with the British, if you're concerned.

Re:Remove the buzzwords

[gobbligook]

I would agree with this.

Get a kid a pc give him a unprivileged account on it and disable the NIC. Let the kid do his book reports and homework wordprocessing on it.

When the kid needs internet access to do research, enable the NIC and monitor his use. Give him a 1/2 hr or 1 hr per day for recreational use of the net while being monitored and afterwords disable the NIC. I remember growing up, my parents allotted me 1 hour of tv per day until I was in jr. high school, the internet is no different. There is no reason a child of 10 years old should need to be on the net, or carry a cell phone etc. We all got by without it.

I realized very early in life after cleaning out PC's at work that I didn't want to waste my personal time doing the same thing to my own machine.

Re:Remove the buzzwords

[uwnav]

geez it was a joke :S Furthermore, it seemed like it was parental advice you were giving. Also! it's completely practical to install a separate user for the kids that can't install software on the computer. It's quite simple to secure your personal/financial files. But I do acknowledge your point.. it's not a %100 secure, and if parents aren't tech-savvy enough to keep their docs out of limewire, i suppose this stuff isn't that practical.

Re:Remove the buzzwords

[Lord+Ender]

I addressed the fallacy of limited user accounts stopping malware here:

http://slashdot.org/comments.pl?sid=1333999&cid=29042757

You are correct that it isn't 100% secure. It's a speed bump, at best.

Re:Remove the buzzwords

[MBGMorden]

Your average parent who doesn't work in a technical field is unlikely to even know what tiered access levels are, much less how to set them up.

When we first setup Windows 2000 on campus when I was doing IT work for my college, 75% or more of the professors bitched and moaned that they had to now LOG IN to their computers and remember a password. Sure different services around campus had always needed them, but not the computer itself. Just the password seemed too much for them. The concept of multiple users and permissions on the system would have blown their mind. And these were people teaching economics and accounting. Your average construction/factory worker, janitor, waitress, etc is likely going to be even less tech savy, yet they still have kids, and they still have computers.

Making it into their web browsers and successfully pulling up a page is the limit of what many of these people can do. You can't start recommending things like setting up user security or disabling the router in certain time slots or things like that. They just don't have the skills to pull that off.

Re:Remove the buzzwords

A few years ago I was intrigued to know how careless people really are, and oddly enough I used the very same P2P network to try this myself. I searched for things like notes.txt and .pst files. It didn't take long before I got a notes.txt with someone's Paypal username and password in. I logged into it and it was holding over $3000 US dollars from eBay sales of digital video cameras. Needless to say, I logged straight out and didn't touch it again, but I was a little creeped out at what I was able to do and when I saw just how easy it would be for someone criminally minded to lift $3000 off of someone.

But It really is amazing how stupid people are when it comes to sharing their whole C drive or desktop etc. whilst storing sensitive information in the same place.

It's not a problem that's inherent to say BitTorrent though, because in that case you only share specific torrents rather than whole directories so not all P2P setups are vulnerable. That's not to say a special kind of idiot couldn't knock together a torrent with some sensitive data in through a massive stretch of incompetence, but I'd like to think people quite that stupid are mostly removed from the gene pool early on hence making it an unlikely occurance.

Re:Remove the buzzwords

[e4g4]

That varies with the value of "knows what they're doing". If "knows what they're doing" means "knows how to get warez" you're in much worse shape than Grandma ignorantly clicking on links.

Re:Remove the buzzwords

[Nefarious+Wheel]

You're only partly right. To non-experts, the Internet is like Tijuana...

You owe me a keyboard, LordEnder. And a new bowl of soup.

Re:Remove the buzzwords

[VoltageX]

Another argument for having a computer license. You can cause physical damage with a car, you can cause financial damage with a computer.

Re:Remove the buzzwords

[tnok85]

The way I'd deal with this...

Step #1: Install Linux.
Step #2: Set up a virtual box with a Windows XP installation on it, obviously with no access to the network. (And that's the ONLY thing his account has access to)
Step #3: Schedule that virtual box to re-image to the original once a week.

Step #4: Kid learns to circumvent all of this, and grows up to become a successful hacker, learning at a young age that Windows is something to 'circumvent' and Linux is where the power is.

Hopefully. :D

Re:Remove the buzzwords

Are we sure this is a hole in limewire? I recently fixed someones Vista install that had most of their documents folder including some real sensitive stuff, shared. No limewire installed, or any other P2P software. One user, no kids or pets. Unless the fish were trying to download darkside of the moon ( you should try it under water and watching charlie and the chocolate factory) there is no way that got on his system.

Re:Remove the buzzwords

[toadlife]

Privilege escalation? You've got to be kidding me. I challenge you to find an example of malware that attempts to exploit privilege escalation vulnerabilities. There might be a few out there, but based on my experience administering hundreds of windows boxes used by kids over the last ten years, they are not even remotely common.

In the real world where risk/reward ratio is considered, a separate limited account for the kids is an acceptable solution.

Re:Remove the buzzwords

[xtracto]

Privilege escalation? You've got to be kidding me. I challenge you to find an example of malware that attempts to exploit privilege escalation vulnerabilities. There might be a few out there, but based on my experience administering hundreds of windows boxes used by kids over the last ten years, they are not even remotely common.

In the real world where risk/reward ratio is considered, a separate limited account for the kids is an acceptable solution.

LOL at your experience.
Challenge Accepted.

Any kiddo only needs 5 minutes to insert those between your PC and your keyboard to get all your passwords.

Next challenge?

Re:Remove the buzzwords

[Thanshin]

If you have a kid, you should NEVER SHARE A COMPUTER with it.

If you have a kid, you should probably not call him "it".

Unless you want him to eventually become a scary clown, of course.

Re:Remove the buzzwords

[cbhacking]

THere's also the Encrypting File System (although I think it's not available on Home versions of Windows, which is too bad). Right-click a file or folder, select Encrypt, and no other user account (even other Administrators, unless the system is configured to allow this when the files were encrypted) will be able to read them. Of course, you ahve to make sure that your kids aren't running LimeWire on your account... but then, frankly you should brobably just be making sure that your kids aren't doing anything (with LimeWire or any otehr software) that's going to get you in *any* kind of trouble.*

* Yes, I realize the average parent isn't competant to do this. That's a problem that, aside from education, I'm not sure how to solve - the only other approach I can imagine is some kind of Internet license that, like a driver's license, you must be a certain age and have demonstrated a certain competancy to posess (and if you're found using the system without a license, you go to prison). Since I really doubt the second system is going to fly, something should be done about fixing the root of the problem.

Re:Remove the buzzwords

[cbhacking]

Not all people can afford even a $200 laptop, yet schools even 10 years ago required that some assignments be done using a computer. There are libraries and such, but realistically speaking, if you have a computer and your kid needs it "for school" you (the average parent) are going to let him or her use it.

Re:Remove the buzzwords

[cbhacking]

Oh, and "fake login screen" is a relativley easy one to deal with, that's why Windows used to require Ctrl-Alt-Delete before login. It's also difficult to script the creation of really convincing login screen without relying on having Admin privileges, although I'll admit I haven't really tried (some of the registry keys that I'm pretty sure you'd need aren't available to non-Administrators).

Sorry for the double-post.

Re:Remove the buzzwords

[toadlife]

LOL at your ridiculous strawman.

I challenged someone to come up with malware that elevates privilege, and you present a site that sells hardware based keyloggers.

Your next challenge is explaining how having a separate computer from the kids will protect it from a hardware keylogger.

Re:Remove the buzzwords

[phulegart]

In the situation you describe, if the child admin doesn't understand what they are sharing, and they are inadvertently allowing shared access to a directory with financial records, then that "tech savvy" child isn't all that tech savvy, and should not be using an Admin account either.

Simple.

Re:Remove the buzzwords

[L0rdJedi]

If you have a kid, you should MAKE SURE THERE'S A PASSWORD ON THE COMPUTER. Follow that up with simply not allowing the kid to do anything on the computer without supervision. When the kid is old enough, they can get their own computer.

There, fixed that for you.

Try actually being a parent instead of sticking them in front of the computer and then ignoring them for an hour or more. Yes, I have two children. No, they aren't allowed to use the computer unless I'm there. Yes, both my wife and I have passwords on our computers. When the kids are old enough that they need the computers for homework, they can do it and I'll sit in the room with them. It'll interfere with my game time, but so be it. Being an effective parent is hard work, especially in a connected world.

My parents didn't have to worry about this shit because the only way to "connect" with the outside world was to dial a local number (Q-Link back in the Commodore days) and go into a chat room (the good ones cost money). We knew two things 1) Do NOT dial a long distance number (anything outside of our area and we had to check the zum too) and 2) Do NOT enter any room with a + sign on it since those ones cost more. We had 5 kids in the house and no problem following those rules. Today all of that is pretty much free, so parents need to be more diligent.

This shit isn't hard to do. People would just rather let their kids do whatever they want on the computer instead of actually acting like parents. If you need help setting this shit up, contact your local neighborhood geek. I'm sure they'll be more than happy to help and you won't even have to tell them why you want it done.

Re:Remove the buzzwords

[Lord+Ender]

Well, for your sake, I hope your kids aren't that bright. Because what you described wouldn't have slowed me down at all when I was a kid. It's trivial to get your parents' password. It's no challenge to sneak downstairs at night while they are sleeping and do whatever you want. If dad's computer is the only computer and you want to get online, it will be used for exactly that purpose.

And if you're about to say "kids always obey their parents!" then you must have suffered memory loss since you were a child.

Re:Remove the buzzwords

[xtracto]

LOL at your ridiculous strawman.

I challenged someone to come up with malware that elevates privilege, and you present a site that sells hardware based keyloggers.

Your next challenge is explaining how having a separate computer from the kids will protect it from a hardware keylogger.

*sigh*, I am sorry we all are too fast for you.

1. Get a separate computer from your kids
2. Keep your computer with sensitive information out of reach of your children.
3. Let them buy their keyloggers
4. Avoid unwillingly sharing your work/bank/personal information on the last P2P pirating app that your kids install.

Re:Remove the buzzwords

[toadlife]

Some people don't have a bunch of extra rooms in their house you moron.

I can tell from your attitude that you either don't have kids, or your kids are incurious morons.

Another entrepreneur...

[Wireless+Joe]

...shut down by The Man.

ID theft

[anglico]

I know someone who did that by typing in *.qdb for the quicken database files, then he proceeded to call the credit card companies and alert them that they had people sharing their info. Although the credit companies were very grateful, he still didn't want to give him his name.

Re:ID theft

[unitron]

...he still didn't want to give him his name.

Wha?

Re:ID theft

[bhima]

Man, that should really be a huge black mark against someone's credit rating.

Crime was not accessing the data

[davidwr]

The crime was using it.

Here's a moral equivalent:

Imagine of lots of people left the same forms on their car dashboard for all to see and parked their cars on the public streets. Then I walk along and write that info down in my notebook. So far, I haven't done anything illegal. Or I should say, if I have broken a law, then the laws are broken.

But once I use this information, particularly if I use it fraudulently, then I've committed a crime.

Re:Crime was not accessing the data

[badboy_tw2002]

Apparently the prosecutor did not agree:

* Wood was sentenced Tuesday to 39 months in prison and three years of supervised release for wire fraud, accessing a protected computer without authorization
* to commit fraud, and aggravated identity theft. He was tried in the U.S. District Court for the Western District of Washington.

Key word is "protected computer". Not sure how something sharing *.* on limewire is considered "protected". Guy needed a better lawyer.

Re:Crime was not accessing the data

[drukawski]

This car analogy doesn't nearly meet the kind of quality and thoroughness I have come to expect from /.
Slashdot, you've really let me down this time...

Re:Crime was not accessing the data

[socz]

This is a good question for a legal expert. I am sure that in most personal cases accessing information might not be illegal. But when you do it to a company it sure is right. And with how crazy the laws have been changing in the last decade or so i wouldn't be surprised just getting into a PC by any means could be "illegal."

Re:Crime was not accessing the data

[bi_boy]

Or to fine tune your analogy: a kid has borrowed their parents car and placed a copy of the tax return, bank statement, whatever, in plain view on the dash or passenger seat and parked it on a public street.

Re:Crime was not accessing the data

[Aladrin]

But he -did- have permission. They have given permission by having limewire share their computer's contents.

If I put a sign in my front yard next to my lawn chairs that says 'Free chairs', even if I can't read the sign myself, I can't blame anyone for taking the chairs. I did give them permission, even if I didn't know I was doing it.

And as far as 'protected computer' ... Leaving filesharing open to the world is the opposite of 'protected'. Having a bulldog in your front yard and leaving your front door open does not mean your house is protected.

Re:Crime was not accessing the data

Well, if that's the case, Media Sentry's guys should be doing long terms, since this is exactly what they do, for fun and profit.

Re:Crime was not accessing the data

[DerekLyons]

If I put a sign in my front yard next to my lawn chairs that says 'Free chairs', even if I can't read the sign myself, I can't blame anyone for taking the chairs. I did give them permission, even if I didn't know I was doing it.

Which is why we have age-of-consent laws, and laws regarding the validity of contracts, and laws concerning disclosures and waivers... Because the (US at least) legal system does not believe that one can give uninformed permission or consent. (Not to mention that what you are doing here is blaming the victim.)

Re:Crime was not accessing the data

No. Taking stuff from an unlocked car would still be theft. You'd have to advertise "free stuff, help yourself" on the ouside to make a valid comparison. That's what a running P2P client does, it advertises what whoever configured it is willing to give away.

Saying he accessed protected information is utter nonsense but let's face it: people in the legal system won't catch up to yesterday's technology until they die and get replaced. Many judges come up with horribly idiotic verdicts because they have no idea how things work.

Re:Crime was not accessing the data

[DragonWriter]

Key word is "protected computer". Not sure how something sharing *.* on limewire is considered "protected".

"Protected", in this context, probably means "within the scope of protection of the particular law under which he was charged", not "protected by technical security measures."

Re:Crime was not accessing the data

[DarkMage0707077]

Doesn't quite work like that in the US:

If someone signs something which supposedly makes them give up their human rights (I imagine "freedom from theft" would be included in those), then the US courts declare the contract to be non-binding, EVEN IF that person does so willingly. The assumption being that basic human rights are things which NONE of us would want to give up, and which are required for any sort of life as a full citizen to be possible.

So it's only a small leap to assume that people who install Limewire, even though they've created a backdoor onto their personal property, still have a right not to have that property misused or stolen.

As another example, if I place a chair on my front porch because I enjoy sitting in the sun, and don't latch my gate or have a guard dog, does that give you the privilege of taking my chair from me?

Same deal here (though I admit that it's not that applicable since the article mentions that most victims weren't even aware that Limewire was on their computer in the first place).

Re:Crime was not accessing the data

[blackraven14250]

Nope, not really. He took this information and conducted fraud. It doesn't matter whether they literally told it to him or he found it in their dumpster or whatever. Fraud is fraud, plain and simple. You don't get away with giving a false driver license to a cop even if the driver gave it to you to use.

But, I totally agree on the protected computer part from the practical standpoint. It wasn't protected. However, if the law lets them in based on any loophole, it'll be exploited a massive amount. I don't want someone getting into my files because "Windows was already programmed to let them" or some shit like that, and being stuck with no recourse because of it.

Re:Crime was not accessing the data

If I put a sign in my front yard next to my lawn chairs that says 'Free chairs', even if I can't read the sign myself, I can't blame anyone for taking the chairs. I did give them permission, even if I didn't know I was doing it.

If you pass a house with a sign that says "free chairs", that does not give you authorization to remove property from the house. You have no knowledge that the owner of the chairs put up the sign, nor that the owner even knows the sign is there. In this case, you may not be criminally liable for taking the chairs because your actions are reasonable, but you must still return the chairs if asked. If you cannot return the chairs, you may be required to compensate the owner.

Geeks really fuck up this one: a computer does not have power of attorney. An openly accessible computer does not grant you any legal rights or protections. You don't have authorization to be there unless you have been explicitly granted it. You may escape criminal liability if your trespass is a reasonable error, but you won't escape your civil liability. The "hey, man, it looked free" defense goes nowhere in court.

Re:Crime was not accessing the data

[bandwannabe]

Aren't the "protected computer" owners responsible? The RIAA tells us that "making available" means any copying of that file is your fault.

Under the RIAAs rules, the computer owners have violated their own privacy by making that data available.

Re:Crime was not accessing the data

[TheLink]

The Courts could rule that he didn't really have permission. After all a reasonable person seeing those files being shared would realize that it is far more likely that someone has made a mistake than someone has intentionally given permission to the world to access those files.

Just because I leave my car unlocked with the keys in them doesn't mean you have been given permission to drive the car away. Now if someone naughty then puts a sign saying "free car" on it, and someone else drives it off, it should be a lesser charge (one should realize that to get the free car, some paperwork needs to done to transfer the ownership).

If I give you my credit card info it doesn't mean you can go around using it to do your online shopping.

I don't have the full details but another possibility is the "protected computer" is not necessarily the computer with limewire, it could be the _other_ computers (in banks etc) the guy accessed to commit fraud.

Re:Crime was not accessing the data

[CastrTroy]

The protected computer thing is just an extra charge they have on the books so they can put you in jail for longer, or fine you more. I remember a few years ago on the news, they reported somebody getting charged with a robbery, and one of the charges was "wearing a disguise while committing a felony". There's a lot of extra laws on the books just to increase the number of charges you get when you break an important law. I imagine that had he not actually committed fraud using that data, that there is no way he would have gotten charged, simply for downloading the information from the computer.

Re:Crime was not accessing the data

It's okay to blame the victim when the fault was established largely through their own negligence.

Just sayin'.... even if it isn't all their fault, they sure had a lot to do with it...

Re:Crime was not accessing the data

[bws111]

"Protected computer" means protected by the law, not technical measures. The computers that are protected by the law are mostly government and financial institution computers. Therefore the computers he was convicted of accessing without authorization are the ones at the banks, etc where he committed the fraud, not the computers he used to get the information from. Even if he had valid account numbers, password, etc he still did not have authorization, because any authorization was based on fraud.

Re:Crime was not accessing the data

[happy_place]

Just because I know someone's credit card number doesn't give me authorization to use it. That's fraud and is illegal.

Re:Crime was not accessing the data

[blackraven14250]

Well, if it could be proven that he accessed a computer that wasn't his through any sort of method to get this type of information, he could have been if the law doesn't say he needed to commit another crime. I do realize the point you're making about tack-on laws though. "Wearing body armor while committing a murder" comes to mind.

Re:Crime was not accessing the data

[BenEnglishAtHome]

Just because I leave my car unlocked with the keys in them doesn't mean you have been given permission to drive the car away.

Not always. Rural residents of the Dakotas will often winter in town. When they leave the country place, they may leave their house and cars unlocked and leave the keys in the car. The thought process is: Anybody who knocks on the door of this place in the middle of winter is in mortal danger. They certainly need shelter. They may need transportation.

Of course, over the last couple of decades with the rise of the cell phone, this sort of behavior has become far more rare. But back in the day, it was pretty common.

"And that concludes your trivia moment for today. Join us tomorrow for..."

Re:Crime was not accessing the data

[geekoid]

BS.

It's not a loophole and anyone who understands how computers communicate recognizes the fact that this person was invited on to the computer.

The only thing that happens is people get into truble for doing something they have been authorized to do. You or I, or anyone can't be standing around second guessing what people mean. In reality what would happen is people woudl step up and figure out how to not share there computer.

To use a broken house analogy:
If you put a big sign on your house that says come on in, and your door is unlocked, you can't claim I was trespassing because you didn't know someone would actually come in.

Re:Crime was not accessing the data

[gad_zuki!]

I dont like the characterization as these added charges as being superfluous or some kind of anti-justic conspiracy. Of course, all legislation can be abused but here in Illinois we tack on charges if you commit robbery with a gun as opposed to strong arm. Or if you beat someone half to death. Or whatever. It actually helps sentencing make more sense when applied correctly. The kid who ran into the Quickie-mart and stole a snickers bar after telling Apu he'll beat him up if he tried to stop him shouldnt do the time of the guy who pointed a loaded gun at Apu's head and then pistol-whipped him for a while.

If he got this information from a protected computer then he deserves the charge. If he instead got them by breaking into my house and going through my garbage then he would at least get criminal trespassing. I see no problem with this.

Re:Crime was not accessing the data

[GeorgeS]

I would think he was prosecuted and sentenced for actually using the information, that he acquired legally, to access the peoples accounts on other systems(online banking and such).

Re:Crime was not accessing the data

[TheLink]

Yep. The Golden rule applies- Do unto others as you would have them do unto you.

Which for the intelligent also includes wanting others to use their brains to understand that people have different tastes (not everyone is a masochist who likes being whipped).

Re:Crime was not accessing the data

[Sporkinum]

To use a broken house analogy:
If you put a big sign on your house that says come on in, and your door is unlocked, you can't claim I was trespassing because you didn't know someone would actually come in.

So by that logic a welcome mat at your door is a legal open invitation to strangers.

Re:Crime was not accessing the data

Here's a better analogy:

You are illiterate. Your literate child takes your chair, and puts it out in the lawn with a sign "Free Chair" on it. You just think your child is playing. Someone takes the chair. Regardless of how stupid you are to let things happen in the first place, can you prosecute the person who took the chair for not having permission?

Re:Crime was not accessing the data

The protected computer thing is just an extra charge they have on the books so they can put you in jail for longer, or fine you more.

True. However, this can now be used as precedent when the RIAA sues you- "Sorry your Honor, in this other case it was determined that accessing my share folder was an illegitimate system access, which means I never made the files available, they were stolen."

Re:Crime was not accessing the data

Too lazy to log in..

If someone crosses the road between 2 crosswalks and gets hit by a car, they are liable. Though the driver will "feel" liable because their car HIT the other guy, despite that they were not where they were supposed to be. The victim is not the guy crossing the street, it's the guy in the car. The guy crossing the street is a victim of his own stupidity.

Not saying that it's right or wrong in the file-sharing sense. It's far murkier there. But in a stripped away kind of sense where you are responsible for everything that happens in your house, then yes they are responsible for sharing the info. Just like they are responsible for following a TOS or EULA, not servicing a device w/ no user serviceable parts, or if little Johnny goes out and destroys 30K worth of property.

Do I agree w/ the way that works? NOT AT ALL (well a little bit when it comes to beign responsible for what your kid does). But it's how it works. From a state lawyers perspective: For instance, in WA, if the state is found remotely (.05%)or partially liable for something, then they are found wholly liable for it. Finding that what you did was right, but still questionable doesn't help you, the state gets screwed.

My dad was always paranoid about the trouble I'd get into, fearing he'd loose his house if I had to go to court. It drove me up the wall, but now that I have a + net worth at the young age of 32, I see what he means, so I insure myself to ridiculous amounts.

Re:Crime was not accessing the data

The problem is that "protected computer" doesn't mean what you naturally think. It is defined legally to mean something completely different. It a computer that is involved in commerce that crosses certain legal boundaries.

Re:Crime was not accessing the data

[Nefarious+Wheel]

Having a bulldog in your front yard and leaving your front door open does not mean your house is protected.

I love broken metaphors.

That depends entirely on the size of the anger in your bulldog and the equipment of the persons you are trying to protect your house against. Against a casual thief, it's good. Casual thief with a crowbar, it's maybe 50-50. Casual thief armed with mortar, go figure.

Re:Crime was not accessing the data

Many slashdot users come up with horribly idiotic posts because they have no idea what they are talking about. The "protected computer" he accessed was NOT the one running Limewire, it was the one at the BANK where he entered the fraudulently obtained information. It does not matter HOW he got the info (from Limewire, looking at papers in someone's car, etc). All that matters is he used it to log onto a financial institutions computer without authorization, for purposes of committing fraud. Is that so hard to understand? The judge got it exactly right.

Re:Crime was not accessing the data

[rantingkitten]

No way. When I was a waiter, dozens of people per day would hand me their credit cards. Printed on those cards is all the information necessary to make a purchase -- the issuing bank, the card number, expiration date, confirmation number on the back, hell, even their signature. And they just handed them to me! One might say they were giving me permission to view and possess all that information -- even to record it, since I had to run it through a computer that stored that information, or make an imprint of the card.

My having possession of those cards and their information was not a crime. A crime would have occured had I used that information to commit fraud, by making purchases with credentials that were not my own. There's a world of difference between having information that is not yours, and using that information.

Honestly, this type of argument is tiresome. In general if people are sharing out their entire hard drive, it is through ignorance, not because they meant to do that. Saying you had their "permission" when we all know full well that probably wasn't their intention is disingenuous at best.

This same argument gets rehashed every few months here on Slashdot when it comes to wireless APs. Some smartass invariably says "But my computer 'asked' permission by requesting dhcp and the router 'granted permission' by handing back an IP address!" Please. The owner's ignorance of proper security precautions cannot be construed as permission to run amok with their property.

Re:Crime was not accessing the data

[Idiomatick]

Where exactly in dakota? Could I have an address?...

Re:Crime was not accessing the data

[BenEnglishAtHome]

Funny. But there's unlikely to be an address. Maybe a rural route number, but that's about it. These are the sorts of places where mail is still sent to "General Delivery". Besides, during the times of year when you could get in, you couldn't get to these types of locations by any normal transportation method.

Did I just hear a loud "whoosh" sound?

Outrageous!

[wbren]

This is outrageous! Our rights have been trampled on for the last time! We must rise up and fi....

Wait, wait, wait... are we /.ers for or against doing illegal stuff on P2P networks this week?

Sorry, between defending one illegal P2P activity (music "sharing") and condemning another (ID theft), it's hard to know what's what...

Tip: The mod point you're looking for is "-1 offtopic"

Re:Outrageous!

[CannonballHead]

Wait, wait, wait... are we /.ers for or against doing illegal stuff on P2P networks this week?

I think it depends on whether or not we would like to be able to do said illegal stuff. If we think we'd like to be able to do it, we fight for said illegal stuff. If we think it's stupid or really TOO illegal for us, then we agree that it should be illegal.

It appears to really all come down to whether or not we see any value in the "illegal stuff." Apparently, most /.ers see value for themselves in being able to download music free, but don't feel the need to commit ID theft/fraud on P2P networks.

In other words, most people obey the laws that are convenient for them to obey?

Re:Outrageous!

[mcgrew]

Wait, wait, wait... are we /.ers for or against doing illegal stuff on P2P networks this week?

Some perfectly moral actions are illegal (e.g. smoking marijuana). Some abhorently immoral actions are perfectly legal (e.g. adultery). Sharing copyright files is illegal, but its morality is debatable. Defrauding someone of their hard earned cash is illegal, and its immorality is not debatable.

But I'm sure someone here will try to debate it anyway. :/

Re:Outrageous!

[vintagepc]

Damn right we do... See entries #4 and 5 here: [Cracked.com] - If sarcasm ruled the world

Re:Outrageous!

[Abreu]

Illegal does not necessarily mean "wrong"

However, this guy was doing something that was both wrong and illegal

Re:Outrageous!

[BobMcD]

So maybe go with your own opinion and worry less about what other people think?

Sorry, between defending one illegal P2P activity (music "sharing") and condemning another (ID theft), it's hard to know what's what...

You've lumped violating copyright in with identity theft. In my view they're not even in the same ballpark, even though I do not personally participate in trafficking of files online.

You can say 'the law is the law' if you'd like, but if that's the case I'd like to know where my legal right to own slaves went. Unless of course it is possible for some laws to be right and some to be wrong.

But then, that would require taking a position that may or may not be popular, wouldn't it?

Re:Outrageous!

[Drakonik]

Although technically what you present as an average slashdotter's mindset is true, it's an oversimplification. Music piracy is condoned or at least given more leeway because it's largely the symptom of a bigger problem, that being copyright and DRM asshattery where a user who pays for music ends up unable to use it for whatever reason.

ID theft, though, is simply theft and exploitation of others for profit.

At least, that's how I see it.

Re:Outrageous!

[wbren]

Sharing copyright files is illegal... Defrauding someone of their hard earned cash is illegal...

You just proved my point. Those two things are essentially the same thing.

The only difference is that you justify one and not the other by claiming it's alright to steal from a large company but not an individual. It's a Robin Hood mentality that, while romantic and popular, is still wrong. You're basically confusing "moral" with "popular".

You might feel better about stealing music from RIAA-affiliated labels, but it's still wrong (legally and morally).

Re:Outrageous!

I wouldn't so much say it's about defending P2P activity as it is admonishing the punishment for doing so, and the methods used in doing so. Identity theft immediately has an effect on the target. P2P activity itself "harms" the owner by depriving them of sales, a topic which is in itself debatable, but to fine someone for thousands of times the purchase price for doing so is outrageous. Not to mention the sketchy means of finding those guilty of P2P activity and the sheer number of false positives that have made headlines.

Re:Outrageous!

[jahudabudy]

Well, perhaps some of us decide what actions are and are not acceptable based on our own personal morality and don't really care what the law says (as far as determining right/wrong). In this case, identity theft vs. copyright infringement seem to me to have wildly different moral implications - direct harm vs. not so much any harm.

Re:Outrageous!

[mmaniaci]

The mod point I'm looking to give you is "-1 Flamebait." Since when is destorying someone's personal life akin to stealing an album? Get some perspective on life, please. Laws do not define right and wrong! Sorry for the flame, /., but people that are blind enough to believe laws are some sort of unchangeable and divine Truth need be burned.

Re:Outrageous!

[4D6963]

Replace "P2P" with "shotguns", "music sharing" with "illegal hunting" and "ID theft" with "homicide" and you get yourself a good firearms analogy showing how it's different.

Re:Outrageous!

Let's get our terminology straight. It's not identity theft, since nobody is being denied use of their own identity.

How about calling it identity infringement, which may be legal in some countries...

Re:Outrageous!

[wbren]

I'm not putting music theft and ID theft on par with each other, merely comparing our culture's attitudes towards each. My point is that we justify one thing which is clearly wrong (stealing music) and condemn another that is clearly wrong (ID theft). In no way did I trivialize ID theft or claim that it isn't a big deal.

And just for future reference, you lose all credibility with reasonable people when you call for the burning of an individual with a differing opinion. Grow. Up.

Re:Outrageous!

[ScentCone]

You've lumped violating copyright in with identity theft

Which is fine. They both involve the deliberate act of ripping someone off. Same ethical bucket, same direction on the moral compass.

Re:Outrageous!

[MiniMike]

If you call it "ID sharing" some people will rabidly defend it to the death.

Re:Outrageous!

[BobMcD]

Which is fine. They both involve the deliberate act of ripping someone off. Same ethical bucket, same direction on the moral compass.

Only where 'ripping someone off' is highly flexible.

Depriving someone of a potential song sale may or may not have the same value as taking out credit in someone else's name.

What if the copyright violation was over a product already purchased by the violator, just not in the format they wanted?

Likewise, what if the credit card is taken out, yet never used?

This only the 'same direction on the moral compass' if you mean an entire hemisphere is the 'same direction - e.g no difference between 91 degrees and 269 degrees.

Re:Outrageous!

[mcgrew]

What I said was it is debatable. Personally, I think infringing a copyright is wrong to a certain extent. IMO Infringing a ten year old copyright is wrong, enforcing a fifty year old copyright is just as wrong. Enforcing a dead person's copyright is even worse.

Nowhere did I say or even imply that it's ok to steal from a corporation. Don't go putting words in my mouth, mr strawman.

If you're not American your mileage will probably vary, but my concept of what copyright should be is based on the US Constitution, which says that authors and inventors can have a temporary monopoly; NOT ownership. I don't see fifty years as temporary, no matter what SCOTUS says (I agree with Lessig, who lost the case). And I don't see anywhere in the constitution that gives congress the right to pass a copyright or patent law that allows transfer of copyright. License, yes; that's the whole purpose. Sale, no. It isn't "intellectual property", it's a limited time monopoly on distribution.

The whole purpose of American copyright is to give authors and artists incentive to create works, so that they will become public property after a limited time.

I say this as a copyright holder, BTW. My registered copyrights on Artificial Insanity and HRG are almost thirty years old. If you can find a copy (and a machine to run them on), feel free to copy them. They should have been in the public domain by 2017 at the very latest, instead of long after I'm dead. I have no qualms whatever about sharing anything John Lee Hooker recorded.

Re:Outrageous!

Sharing copyright files is illegal... Defrauding someone of their hard earned cash is illegal...

You just proved my point. Those two things are essentially the same thing.

Not quite...you're making the assumption a person downloading copyrighted files they don't have permission to do so would purchase said files instead. This is the RIAA thinking that one copyright infringement download is the same as one lost sale. No evidence has ever been presented to show this is true.

Re:Outrageous!

[Wildclaw]

If anything it is current copyright and patents that are immoral. In the case of patents, they have been used to justify the deaths of huge amounts of people in the name of profit of the few. There is nothing moral in restricting the spread of information that can improve the quality of life for millions upon millions of people.

Current copyright and patents laws are among the most immoral laws on the books. Few other laws can compete with their destructive tendencies. Copyright and patents are about as productive as plan economy. It doesn't help if you encourage invention and creation when what is created is artifically restricted. In the end, end up with a societal negative, and even then, the distribution gets of resources gets skewed towards those that can afford to invest and market larger productions. (oh, and the occasional "lottery" hit production that keeps the creators in the lower classes happy)

I am all for discussing ways to reward people for creating and inventing, but copyright and patents isn't it. Especially the current versions.

Re:Outrageous!

[geekoid]

hell, it's not even akin for violating copyright.

Re:Outrageous!

The only difference is that you justify one and not the other by claiming it's alright to infringe on the copyright of a large company

There, fixed that for you.

Please change the definition you have for the word "steal" you seem to be using it where it doesn't apply.

When taking money from someone or using their identity to obtain credit thereby ruining the victim's credit (see TFA) you are denying them access to something (money or credit).
When infringing on copyright you are NOT denying the copyright holder access to the original work.

(please note, this post makes no argument for or against copyright infringement, it merely points out the difference between intellectual and real property)

Re:Outrageous!

How is obtaining music without paying for it not defrauding someone of hard earned cash? I know a lot of musicians (myself included) would bristle at this insensitivity.

Re:Outrageous!

[andre_pl]

And you lose all credibility when you refer to copyright infringement as stealing.

Re:Outrageous!

[wbren]

Let me get this straight: You're equating improperly labeling copyright infringement to saying someone should be burned alive? Both cause one to lose the same amount of credibility? Sorry, that's a bit... ludicrous.

Re:Outrageous!

[andrea.sartori]

You mean if I steal a CD from a shop I deserve the same punishment as if I go to somebody's house and take all his money? Both things are illegal, and both are wrong, but no way they are the same thing. It's not cultural attitude. It's there are different degrees of "wrong" and of "illegal".
I take the point people will be likely to defend the illegal things they do themselves, but you cannot mix everything into one big bowl and just call it "cereal".
...oh, wait.

Re:Outrageous!

[andre_pl]

Well lets assume that your credibility in my eyes currently sits at 5% (which it doesn't). regardless of how ridiculous your comment was, you didn't have a long way to drop, so yes, in both cases, "all" (5%) of your credibility is gone.

(of course this assumes that you can't have negative credibility)

FWIW, I wasn't in any way referring to the burning comment, or your reaction to it, only pointing out the fact that constantly referring to copyright infringement as theft doesn't sit well with many people.

Re:Outrageous!

[Chapter80]

but people that are blind enough to believe laws are some sort of unchangeable and divine Truth need be burned.

Can't we pass a law for that?

Re:Outrageous!

we are *FOR* breaking civil laws on p2p networks and *AGAINST* breaking criminal laws on p2p networks.

Re:Outrageous!

[selven]

laws are some sort of unchangeable and divine Truth

No, that's only if the law has a catchy name written in Latin.

Re:Outrageous!

[mjwx]

Some perfectly moral actions are illegal (e.g. smoking marijuana). Some abhorently immoral actions are perfectly legal (e.g. adultery).

For varying definitions of "perfectly".

So smoking marijuana is absolutely OK and sleeping with someone outside of marrige is absolutely unacceptable.

You are wrong and let me explain why.

Marijuana is a drug, it is less dangerous then cigarette's and alcohol but it's still a drug and can lead to a variety of smoking related illness if used too regularly (emphysema) and mental illnesses in later life. This is dependent on the person and the dosage much like other drug related illnesses, I do admit the risk is lower for marijuana and the cost of treatment in 9 out of 10 cases is significantly lower.*

Adultery on the other hand is an artificial restriction on a natural (biological) process. People get horny and sleep with each other, wedlock is an artificial (read: social) construct compared to the biological process. Once we get away from the Abraham religions it becomes perfectly acceptable to have a mistress. Mia Noi (Minor wife or Mistress) in Asia are not uncommon for men who can afford them but they also have their own social contsrtucts around marrage such as the Mia Luang (major or first wife) has priority and can in many cases force the husband to get rid of or change the Mia Noi.

You picked grey area's which may be well defined in your mind and masqueraded them as absolute truths. This is not the case as both of these examples are morally ambiguous at best.

* - I agree with Marijuana decriminalisation (not the same as legalisation mind you) but we have to accept that Marijuana is a drug (Opiate) and has a strong psychoactive effect, this can cause damage if used incorrectly or excessively. Decriminalisation helps to control the quality of the substance and makes it easier for those who need help to find it. Marijuana has a psycological addition but not a chemical addition, so it's still an addictive substance but far easier to quit then Tobacco or Heroin.

Re:Outrageous!

[TheVelvetFlamebait]

Sharing copyright files is illegal, but its morality is debatable.

In the same way that an infant could 'debate with' Mohammed Ali...

Seriously, it's only ends up being a debate if you ignore simple economic truths.

Re:Outrageous!

[TheVelvetFlamebait]

Laws do not define right and wrong!

Exactly. It's the other way around.

Re:Outrageous!

[mjwx]

You just proved my point. Those two things are essentially the same thing.

No, no they are not.

Theft is taking (deprivation).
Fraud is deceiving.

The RIAA/MPIAA do not want copyright infringement classified as fraud (which it is) is that they then have to prove that an act of fraud directly resulted in financial harm. With big media making money hand over fist any non-corrupt court would throw them out immediately. This is why the RIAA/MPAA want the definition of copyright infringement changed from fraud to theft, this also means changing the definition of theft.

I oddly enough agree with the harsh punishment for copyright infringement, I disagree with the implementation. The current copyright infringement laws are there to target production and distrobution operations, operations with a clear motive to make money from someone else's work. But the law is being used as a cudgel against ordinary people without such malicious intents. The punishment does not need to be lessened, just the conditions that it can be handed out as. To rectify this we need to make copyright infringement payouts a multiple of what an entity profited from the distribution of infringed works. 2x, 3x or even 10x the amount of money they made from the distribution, even an estimated revenue so long as it can be proven beyond doubt that they made money from it. A person downloading from bit torrent is not the same as a cabal who runs a DVD press and sells a thousand copies of latest movies on the street for A$5 a pop and should not be treated the same in a court of law.

but it's still wrong (legally and morally).

Laws are not meant to be moral. Morality and legality are two separate issue for very very good reasons. To see the effects of making laws based upon a moral code, have a look at the society created by our good friends in Iran, also have a look at our even better friends in Saudi Arabia.

Legal has absolutely nothing to do with moral.

Re:Outrageous!

Thats only because you have applied a moral certainty to an action irrespective of its circumstances. You seem to think stealing is always wrong - even if it means taking a loaf of bread from an affluent merchant who is taking advantage of people's poor circumstances to increase his profits, just to feed your starving family?*

*not a comparison to file-sharers but to the Robin hood mentality.

It probably doesn't matter to you if the family in question were partly responsible for said merchants wealthy status in the first place or that the merchant knows the family will die without said loaf bread and still charged over the odds for it.

In all honesty if you really are capable of looking at each act on its individual merit, regardless of any circumstances, and apply a moral absolute to it, you're probably a total nutter or some religious extremist. More likely you just like applying these moral absolutes to activities you don't participate in, but feel no need to apply to them to your own daily life and methods of living. Would be interesting to dissect every action you've ever taken and see how many rationalisations you need to make....

Just for completeness sake, I don't agree with you. I don't think stealing is always wrong. But then I probably have a different outlook on property rights in general - odd that a different person in a different country thinks that "its just wrong!" doesn't quite cut it as a reasonable argument isn't it?

Re:Outrageous!

[mcgrew]

Why do you say that an activity that harms nobody but yourself is immoral? By your logic, drinking alcohol and eating Big Macs are immoral.

I didn't say "sleeping with someone outside of marrige", I said adultery; cheating on your partner behind their back. Polygamy is not adultry. Adultery has victims - the cheated-on partner suffers greatly, as I can tell you from painful experience, having been married to an adultress. Do you know what it's like to have your daughter ask "how do I know if you're really my dad?" And if one of your parents committed adultery, there is the possibility of marrying your sibling.

Hurtful actions are immoral. If it doesn't hurt anyone but yourself, it isn't.

Marijuana is a drug, but it is not an opiate, as you'd know if you read a few books on the subject. The internet is unreliable, and also harms your spelling and grammar skills. Here is a little unwanted education.

Ewe shout knot truss you're spill chucker.

Re:Outrageous!

[mjwx]

Why do you say that an activity that harms nobody but yourself is immoral? By your logic, drinking alcohol and eating Big Macs are immoral.

I didn't. Please point out where I said that or stop putting words in my mouth.

I didn't say "sleeping with someone outside of marrige", I said adultery;

That is pretty much what the religious definition of adultery is and the concept is one pretty much limited to Abraham religions. Many Eastern cultures do not have the stigmata against sex with another partner whilst in wedlock. Your concept of morality will be vastly different to another's concept of morality, how can I be sure that your concept is the absolute truth and their concept is wrong.

Hurtful actions are immoral. If it doesn't hurt anyone but yourself, it isn't.

This appears to be based upon an idea I didn't say but I'll run with it, should we make any action harmful to another illegal? Smoking, consensual S&M, intercourse that results in an unwanted pregnancy? Not all actions that can be considered "harmful" are actually wrong. This is the problem with black and white definitions.

The point was that morality is relative and cannot simply be defined in such black and white terms. To say without any doubt or thought that adultery in our western definition is wrong, immoral and should be illegal is frankly stupid (and I don't mean this as a personal insult). Adultery is an act against the artificial (social) construct of marriage, the cause behind adultery is biological, to make adultery a crime means that we have to work at suppressing the biological imperatives that cause it and that is just a little to close to 1984/Brave New World for me. The Biological imperatives will normally override contradicting social constructs, when it doesn't people start to develop problems (the body has ways of fighting back).

As for my point on Marijuana, it is a drug with strong psychoactive effects and should be treated as such (BTW, that doesn't mean banning, we have many legal psychoactive drugs). Saying it's harmless is as much of a misnomer as saying it's inherently harmful. That whole reefer madness thing never made it over here to Australia so there isn't so much of a social stigmata against Marijuana, in fact Marijuana is decriminalised in two Australian states (out of 9 states and territories).

As a final point I'd like to say that "morality" should never dictate "legality". When we allow a "moral" authority like a church to start telling us what is legal or illegal we will only end up with a theocracy.

Ewe shout knot truss you're spill chucker.

Marrige != Marriage
Thou doest protest too much (I know my spelling and grammar aren't perfect, I normally don't call others on it).

Good but not Great

[Monkeedude1212]

I mean the guy should go for jail for it, no doubts there - but the fact that it can happen is the real issue that needs to be addressed.

I mean it's not the victim's fault, they probably don't even know what Limewire is, let alone how to use it or how it can be dangerous. It's not Limewire's fault, I mean any method they put in to prevent this will either detract from their service or will just spawn more problems.

And little Billy Downloady just put My Docs as the shared folder so his music goes into the music folder and the movies go into the movies folder. Having no idea that his parents happened to keep sensitive info in there.

I Guess the solution... Encrypt your Data regardless your situation?

Re:Good but not Great

[CannonballHead]

Encrypt your Data regardless your situation?

I wonder how many people, if they don't know that LimeWire is installed and running, are going to know how to encrypt their data....

Re:Good but not Great

[Monkeedude1212]

I sure do have some real blonde moments sometimes...

Re:Good but not Great

[Otto]

I still blame the parents for not creating a decent separation of their data vs. their kids. Why does little Billy Downloady have the equivalent of root access, so he can install the software to begin with? Why does he have access to the tax records in the first place?

You don't need to resort to hard core encryption. Simple user separation would have prevented this sort of thing. Heck, even Windows rather lame user system would work just fine to prevent this.

Family members should have separate accounts on the local PC. It just makes sense.

Re:Good but not Great

[geekoid]

It's the victims fault that they had a system that specifically gave permission for people to connect to their system.

The parents are responsible for the kids action.

They aren't at fault for the misuse of the gathered information.

You aren't a victim of trespass if you tell people there allowed onto your property.

The solution is to understand what goes on with your computer.

Re:Good but not Great

[gobbligook]

I agree the parents are 100% responsible for the child until that child is considered an Adult by whatever region governing body.

Re:Good but not Great

I still blame the parents for not creating a decent separation of their data vs. their kids. Why does little Billy Downloady have the equivalent of root access, so he can install the software to begin with? Why does he have access to the tax records in the first place?

I don't agree with you there. Yeah, there should be separate accounts and private folders (just in case) but honestly...

It shouldn't be a massive problem if a child has access to tax records. Hell, my parents kept them in an unlocked closet. I didn't probably specifically know that there were tax records - I didn't care about any such - but I knew that there were lots of important papers. (Insurances, etc. kind of documents)

It was anecdotally never a problem but... It shouldn't even have the risk of being. I mean, parents shouldn't have to think "If my child - who lives in the same house as I do - gains access to some of our documents... We are screwed!"

Re:Good but not Great

[Fred_A]

I Guess the solution... Encrypt your Data regardless your situation?

At least not letting everybody use the same account would help a lot in such cases. Assuming Windows by default doesn't let a user read another user's files (I suppose it doesn't, but its defaults are sometimes weird).

But of course I don't think I've ever seen this setup in use in any of the families I know.

Re:Good but not Great

I may let them on my property, but that doesn't mean the can cut down my trees.

Re:Good but not Great

[Otto]

Somebody with access to a thing can grant others access to that thing. So yes, giving your child access to things he doesn't need to know about is a bad idea.

Interesting

[geekoid]

Clearly using the information is wrong.
I don't think getting data from a folder someone has publicly shared is wrong.

And before someone uses that lame ass house analogy, it doesn't apply becasue that's not how computer communicate.

Re:Interesting

[amorsen]

I don't think getting data from a folder someone has publicly shared is wrong.

Around here, if you get an email by mistake (e.g. the wrong address was entered, or someone sent a private email to a work account which you are legally monitoring), you have no right to read it. You have to stop reading as soon as you realize that the email isn't for your eyes, and you have no right to share or use the information you received by mistake.

I think that analogy is quite close to the case of opening someone's Quicken file.

Re:Interesting

[Aladrin]

Cripes, with some of the crazy emails around here, I -have- to read the entire email to be absolutely sure it wasn't for me.

Re:Interesting

[qwijibo]

There's a subtlety in that the mistake isn't on the part of the email or the receiver, it's that the sender addressed the email to someone other than the intended party. While it's lame and unethical to exploit such a mistake, I doubt there would be any legal recourse if that person were to do anything they wanted with the information they received. The sender could be penalized for disclosing information to an unauthorized party, but there's no obligation on the part of the receiver of the email.

The legal distinction between incorrectly addressed email and shared files is one that I'm sure the courts will interpret in a way that makes no rational sense and can't be applied consistently. However, this guy then took that information and used it to open accounts. He clearly committed fraud and was prosecuted for it. This is the part where the legal system is actually working well since someone who caused harm is being punished, not just any random person who queried for files that could potentially contain sensitive information.

Re:Interesting

[amorsen]

Cripes, with some of the crazy emails around here, I -have- to read the entire email to be absolutely sure it wasn't for me.

Well, you aren't obligated beyond your abilities...

Re:Interesting

[geekoid]

Can you cite the law?

I know a lot of people put those disclaimers at the bottom of their emails, but I don't think they have any real legal weight.

Re:Interesting

[amorsen]

While it's lame and unethical to exploit such a mistake, I doubt there would be any legal recourse if that person were to do anything they wanted with the information they received. The sender could be penalized for disclosing information to an unauthorized party, but there's no obligation on the part of the receiver of the email.

I have limited knowledge of US laws, but under Danish law the recipient of the mail is not allowed to pass the information on, or even read further when they realize the mistake.

Also, if you search for Quicken files on a network with the intention of publishing statistics on how many files are shared by accident, that would be entirely legal. On the other hand, if your plan is to defraud someone, you can be prosecuted for that from the time you take the first step in that crime, even if that step is exactly the same step the researcher was doing, and even if the police stop you before you get the chance to actually cause any harm. Proving that was the intent can be difficult, of course.

Re:Interesting

[amorsen]

 263. Med bÃde eller fængsel indtil 6 mÃ¥neder straffes den, som uberettiget

1) bryder eller unddrager nogen et brev, telegram eller anden lukket meddelelse eller optegnelse eller gÃr sig bekendt med indholdet,

"With a fine or with imprisonment up to 6 months is punished the person, who without authorization

1) break [the seal of] or deny someone a letter, telegram or other closed message or record, or acquaints themselves with the contents,"

Sorry for the lousy translation, the original is in legalese. In particular, "without authorization" is bad translation, but I don't have a better one.

You probably want a commented version of the Danish Criminal Code if you want the subtleties explained, and I don't have one. There has of course been discussions about whether emails are "closed messages or records", but this has been decided by the courts, and they are.

Re:Interesting

[amorsen]

Yay, Slashdot still can't handle Danish characters. Slashdot will probably be stuck in the 80's forever.

Similar problem with Kazaa

[MillionthMonkey]

[Reposting this little gem from a few weeks ago]
People kept settinng the Kazaa upload directory to C:\ and you could find anything. Everyone was searching for MP3s, but you could find DOC files in "Documents and Settings".

I forget what I searched for but I got a listing of Word Documents that included "Penis Enlargement Instructions.DOC" or something like that. So naturally I clicked on that one and downloaded it. Figuring, it might be real, because a moron dumb enough to let Kazaa index his documents folder would be the sort of person who responds to spam and shells out money for penis enlargement instructions. And once he's paid for and gotten actual instructions that are obviously bullshit, even if he felt he'd been suckered, he'd at least hold onto the file. Maybe for psychological reasons, or to prove he'd been scammed, I don't know. So they might have to be just barely plausible. And hey, if they are, free penis enlargement instructions, right?

IIRC the dude gives his testimonial, it's so incredible, it will work for you too etc. and then he goes into this procedure where you basically yank on it repeatedly.

Re:Similar problem with Kazaa

[vintagepc]

IIRC the dude gives his testimonial, it's so incredible, it will work for you too etc. and then he goes into this procedure where you basically yank on it repeatedly.

If that really worked, wouldn't every single guy have to tuck it in to his sock in the morning? (Yes, off-topic, but I couldn't resist!)

Protected!?

[SendBot]

Wood was sentenced Tuesday to 39 months in prison and three years of supervised release for wire fraud, accessing a protected computer without authorization to commit fraud, and aggravated identity theft.

What chain of idiocy determined the computers he accessed to be "protected"?

Wood: Hey, do you have any files with names like this?
Computer: Yeah, I do.
Wood: Can I have them plz?
Computer: No problem - here they are for you.

Re:Protected!?

[wbren]

What chain of idiocy determined the computers he accessed to be "protected"?

The U.S. Congress -- More specifically, the Identity Theft Enforcement and Restitution Act expanded the definition of "protected computer" to include basically any computer with a network connection. More information is available at:

• Wikipedia
• Cornell Law School -- Relevant info is in paragraph (e)(2)(b)

Re:Protected!?

[BobMcD]

Is it a bad-faith argument? That the LimeWire users only intended to share media, and not sensitive data?

IANAL, but it seems possible that Wood knew what he was doing was not the intended purpose of the product, and thus is culpable for any damage caused through his own actions.

It would be morally, if not legally, similar to exploiting a vulnerability in Windows to gain the files. I mean, the user CHOSE to run Windows, and they CHOSE not to patch it, so they should expect to get breached, right?

No, probably not. Not in a legal sense, anyway. And this is likely the method used to convict here.

For bonus points, the right thing to do would have been to notify someone that this breach was possible, and help them stop it. He did the opposite of that, even if it were an incidental exposure to the information, which, from the summary, it was not.

Re:Protected!?

[herksc]

Agreed.
This is from the The Computer Fraud and Abuse Act that states it is a criminal offense when: "Knowingly accessing a protected computer with the intent to defraud and there by obtaining anything of value."

Poorly written law if you ask me. What if the computer is protected but some of the files are not? How do you define a "protected" computer anyway? What if it is locked in a safe, but connected to the internet with no safeguards? By definition of this law, if I retrieve national security information that someone posts on a /. comment, then I break this law, because the computer that hosts /. is "protected" in a co-lo.

Of course in this case, they had him on the Wire Fraud and Aggravated Identity Theft also.

The good thing about this law is that it does not state it is a crime to "Knowingly access a protected computer with no intent to do harm".

Re:Protected!?

[herksc]

Some corrections:

This law actually states it is a crime when "Knowingly accessing a computer without authorization in order to obtain national security data". So even if the computer is not protected, it is a crime if you access it knowingly without authorization to to retrieve national security information. That part's not so bad.

It does state though that "Knowingly accessing a protected computer with the intent to defraud and there by obtaining anything of value" is a crime. So using a computer to commit fraud is worse than stealing the information another way? I don't get it.

Sorry for the inaccuracies in the first post.

Re:Protected!?

[bws111]

A protected computer is defined very precisely in the law:

(2) the term "protected computer" means a computer-

(A) exclusively for the use of a financial institution or the United States Government, or, in the case of a computer not exclusively for such use, used by or for a financial institution or the United States Government and the conduct constituting the offense affects that use by or for the financial institution or the Government; or

(B) which is used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States;

In other words, your home computer is definitely NOT a 'protected computer'. Similarly, the computer that hosts /. is not protected.

The computers he was convicted of accessing without authorization were the computers at the banks, etc where he opened accounts. If he did ANY online transactions on those computers, he accessed without authorization, because any authorization he had was based on fraud.

Re:Protected!?

[Inda]

The folder containing the tax return spreadsheet was actually hidden. And named "secret". Probably.

Re:Protected!?

[herksc]

Insightful and informative, thank you.

I hadn't thought of the fact the computers they mentioned might be the banking websites themselves.
After re-reading TFA, it seems that he got online login credentials that were in documents on the victims computers, then logged into those accounts.
Definitely definable as accessing a "protected computer" by the definition you provided.

If you have a citation for the info you provided, please provide that also, thanks.

Re:Protected!?

[bws111]

Sure. The info about the definition of protected computer came from Fraud and related activity in connection with computers section e.2

Re:Protected!?

[shutdown+-p+now]

So using a computer to commit fraud is worse than stealing the information another way? I don't get it.

Duh, everyone knows that terrorists use computers!

Re:Protected!?

I don't see how you can read the Cornell link (the actual law), and say that the law applies to any computer with a network connection. I guess maybe you are claiming that if you buy something on the web with your computer that it is being used in interstate commerce, but that is not correct. Your computer is not performing any transaction, it is just instructing the computer on the other end to do it.

Ouch

[pak9rabid]

Yet another damn good reason not to let your kids have free reign on your computer that you also use for banking and filing your taxes.

Got to agree

[SmallFurryCreature]

the guy's sentence had nothing to do with limewire or even downloading. If he had downloaded said tax records for just a laugh, he would be free. He has been jailed for fraud pure and simple.

Don't we hate "X but on the internet" patent claims? Then why are "X with a very loose connection the internet" stories okay?

Re:Got to agree

Well, for one thing, the RIAA is claiming that a lot of people were intentionally sharing files in the share directories. This would seem to indicate that, in all reality, most people using Limewire don't have a clue what is being "made available" or not.
Which just throws more doubt onto the pile of lawsuits they are levying against people for illegal "uploading"... we might even see some cases where the defense of "I was essentially hacked- not only is my limewire uploading music illegaly, but it's also uploading all my private financial information".

Kind of hard to convince a jury that a directory was intentionally shared when it has your personal tax records next to your mp3's.

Nobody in this article has any common sense

[schwit1]

Frederick Wood: did he think passing off boxes of junk as computers would never fail?

First craigslist victim: you wrote a check without checking the product?

Prosecutor: what 'protected computer' was accessed? Do you have a different definition of protected?

ID theft Victims: what are you thinking putting sensitive information on a computer used by teenagers?

I found the hidden agenda.

From the article: "Warma's advice to people who want to avoid becoming victims of this kind of identity theft was to "get Limewire off your computers." Even the added security features in the most recent version can be circumvented, she said.

"I think it's a horrible idea for people to have peer-to-peer software on their computers unless they're a very sophisticated user," she said. "

Next story please.

PS: Captcha is "audited". I encourage everyone to contribute the the research of the development of /.'s AI, data-mining, captcha generation algorithm.

Free penis enlargement tease.

[Capt.DrumkenBum]

You are truly a horrible person! Teasing all of us with a long post, referring to free penis enlargement instructions, then not posting up the said instructions. You sir, are pure Evil!

Re:Free penis enlargement tease.

[MillionthMonkey]

You asked for it.

First off, this work out DEMANDS your total devotion, and needs to be performed at least 5 times a week. No exceptions. If you really want to enlarge your penis, you will make a good habit of following this plan daily. I do it 6-7 days a week, but I have worked my way up to it. If at any time you feel real pain or discomfort, ease up. There's no need to hurt your penis in order to enlarge it. You will find after about 2-4 weeks, your penis will begin to feel and look larger and thicker, as well as harder. First off, lets start by using a hot wrap:
The Hot Wrap: Take a wash cloth and soak under hot-warm water for several seconds, wringing out excess water. Wrap around your penis and testicles and hold for several minutes. Repeat 2-3 times, making sure your penis is good and warm.
After you have Hot wrapped, dry of your penis well to ensure a good grip for the following exercises:
1.) The Length Xtender: Making it longer!
This exercise I call the Length Xtender for obvious reasons. This exercise stretches your penis out, stretching the erectile tissue. Your erectile tissue is kind of like your penis's central tendons that engorge with blood, which give you an erection. While this exercise will lengthen your penis in its flaccid and erect state, it will not thicken it as much as lengthen. I find this exercise much healthier and safer than using weights for penis enlargement. This exercise should be performed sitting on an edge of a chair or couch, but can be performed standing if preferred.
1. Make sure your penis is in its flaccid (limp) state. Take one hand and grip around the head of your penis. Grip firmly, but not hard enough to feel discomfort. Take your other hand and grip around the hand gripping your penis. This will ensure a firm and tight grip.
2. Pull out directly in front of yourself, pulling with enough force to feel a good stretch in your penis. Hold and count for 30 seconds. Repeat 10 times, adding a little extra force each time, but not too hard to cause pain.
3. Relax, and slap your penis against your leg about 75 -100 times to get the blood flowing again. Rest for a minute.
4. Repeat step 2, except pulling to the left this time.
5. Repeat step 3.
6. Repeat step 2, except pulling to the right this time.
7. Repeat step 3.
8. Repeat step 2, except pulling up this time.
9. Repeat step 3.
10. Repeat step 2, except pulling down this time.
11. Finish by slapping your penis against your leg 75-100 times.
Next, Repeat step 2 as stated above, except this time rotate your penis in a circular fashion to the left about 30 times. Now rotate your penis to the right about 30 times. Keep alternating left to right, until you have completed this exercise about 5 times to each side. End by slapping your penis against your leg 75 -100 times.
This exercise will ensure a longer penis within as little as 2 weeks, but within 3-4 months will really be noticeable. We encourage you to take a notebook and log your measurements are each week. This way you will know exactly what your progress is, and will also encourage you to keep up the exercises.
This next exercise is called "jelq". Jelqing has been done for centuries by many tribes, cultures, and as a family secret. Passed down from father to son for generations, it has been held in the highest regard as the most effective method for enlarging your penis. This milking exercise forces blood into the penis, repeatedly engorging the penis with blood. Over the course of several months, the blood spaces in the penis becomes larger, being able to hold more blood, which in return makes your penis larger. This exercise requires 20-30 minutes of your time, and should be performed sitting on the edge of a chair, but may be done standing if desired. You will need a teaspoon of Vaseline or a healthy dousing of baby oil to perform this exercise.
Note: Sitting vertical is better than laying down due to the fact that gravity will aid in your milking sessions by keeping blood within your penis.
2.) Jelq - (Milking the Penis for Enlargement)...

He goes on to describe other exercises- if you're really interested in this sort of thing, try searching for "Jelq" on Limewire.

Not Surprising

[Dekks]

I'm still amazed how many people think it's a great idea to have their resume on their personal website, along with their date of birth, address and believe it or not I've actually seen people put their SSN on their resumes.

Re:Not Surprising

SSN is required for applying to the Federal Government

Re:Not Surprising

[ScytheBlade1]

That's no reason to toss it on something like a resume, which is designed to be shuffled around like the cheap paper it was printed on. Sure, some companies shred resumes when they're done, but considering the sheer amount of private information that can be found dumpster diving is impressive....

I don't put my address, date of birth, or SSN even on my resume. Just because these types of things is needed information at the end of the day doesn't mean that they need to be put on something as obviously public as a resume.

Re:Not Surprising

[Chapter80]

I'll post mine right here on Slashdot. It's 078-05-1120

- Hilda Whitcher

I Blame the System Tray

[AtomicDevice]

With all that crap in the MS system tray, it's a wonder anyone has any idea when new things appear on their machine.

I didn't mean any harm, it was all in fun.

[westlake]

If he had downloaded said tax records for just a laugh, he would be free.

I've heard this argument on Slashdot before.

Like every time a geek is sentenced to do hard time after being caught poking his nose into somewhere it didn't belong.

There are a bare handful of reasons why you could claim to be legally in possession of a someone else's tax records - and none of them are likely to involve a download over the P2P nets.

Re:I didn't mean any harm, it was all in fun.

[Falconhell]

"Like every time an INCOMPETENT geek is sentenced to do hard time after being caught poking his nose into somewhere it didn't belong.'

Anyone with any real knowledge would do this from an anonymous location/computer.

Copyright Infringement != Stealing

Those two things are essentially the same thing.

The only difference is that you justify one and not the other by claiming it's alright to steal from a large company but not an individual.

No, they are -not- essentially the same thing. The victim of fraud's loss is concrete/real, but it's hard to make the same argument for the record labels, where the item in question is not actually taken away from the victim.

Re:Copyright Infringement != Stealing

[gobbligook]

humm...
so if I walk into a music store and walk out without paying for my copy of xyz music - I am stealing from the retailer since the retailer has already paid for the music from the distributer.

If I download said music from a P2P network - I am not stealing from anyone?

Just because one of the two examples was a physical tangable item has no bearing on the legality of the situation. You could say the same about a book. I argue that the majority of the value of a book is in the words and concepts in the book, not the physical paper it is written on eventhough the physical material has some value.

The item that is taken from the corporation is the value (read $) of the licence to use the work (in the case of music as ownership of the music is not transfered). I would say that the victim of copyright infringment's loss is concrete/real because the victim spent actual dollars creating (or purchasing licenses to use) the work.

What about Slashdot? Reasonable man rule

[davidwr]

Geeks really fuck up this one: a computer does not have power of attorney. An openly accessible computer does not grant you any legal rights or protections.

So, what person gave you the right to use the Slashdot server, Mr. Anonymous Coward who didn't log in?

There is little technical difference between a web server that openly says "please come in, look around, and make changes" to a Limewire service saying essentially the same thing.

The only "legal" difference I can see is the "reasonable man rule:" What conclusion would a reasonable person who had a working knowledge of Limewire, as this person did, and a reasonable layperson-level knowledge about what information most people consider sensitive come to if he saw this information in an "open" area of a computer with Limewire on it?

In most cases, and probably in this one, the answer would be "this guy is an idiot, he probably didn't mean for me to see that, I better not use it, forward it, or publicize it or its existance, and I better make reasonable efforts to make sure I don't keep a copy myself. I might also be courteous and let the person know he's left the barn door open."

It's the same conclusion a reasonable person would make if he saw the same information on a car dashboard in a public street.

copying stuff from an unlocked car

[davidwr]

No. Taking stuff from an unlocked car would still be theft.

The car analogy relies on copying information, not taking physical property. It also relies on the information being "in plain view" from "a public street."

Merely copying the information is not a crime. Using it might be. Using it fraudulently almost always is.

By definition

[symbolset]

By definition, half of all people are dumber than the median. From your post I'm guessing you don't realize how much that, and an understanding of where the median is, and what the curve looks like, horrifies some of us.

Can't sleep. Clowns will eat me.

I know the answer to this one...

[Youngbull]

don't give your children administrator privleges on your 'puter!!!!!!! I mean come on, you might aswell entrust them with your carkeys and credit information, and stikk them in a room full of strangers. give it they might still be able to install some programs, and not all of them that good but from what I remember this is not the case with limewire. and while your at it why not put up a firewall and restrict the internet access for all users. Maybe even turn of the port that limewire runs on, if the kid is smart enough to jump through all the hops to get limewire installed and running, he also knows how to restrict the sharing. Don't get me wrong I am all for letting kids to dangerous things ( http://www.ted.com/talks/gever_tulley_on_5_dangerous_things_for_kids.html) but teach them why it's dangerous, lay down some rules and do it with them.

Ultimate RIAA defense!

[lordofthechia]

This is great new *feature* in Limewire! If you're ever sued by the RIAA you can just claim "Your honor, I was just using Limewire to share my tax return information! I had no idea it would scan my other folders and share my music and movies too!"

Let this be a lesson

[Nonillion]

Let this be a lesson to the in-numeral clueless computer users (appliance operators) who share the entire contents of the hard drive to "file sharing" software, you got what you deserved.

No, but still

(I am not the GP)

I can't cite the law at where you live, mostly because I live in a different place (I live in Finland and here it is illegal too), but think of it like this:

The mailman accidentally gives you mail that was supposed to go to your neighbor. I am pretty sure that where-ever you live, you aren't allowed to read it even though you yourself acquired it without breaking any law. It's the same thing, only that you accidentally now opened the mail... You still aren't allowed to read it. Of course, if you did it by accident, it happens. But when you realize "I just opened my neighbor's mail", you should stop reading.

Fair enough

[coryking]

But that doesn't make it okay for somebody to aquire bank information and impersonate whoever owned the computer. Only sociopaths would think that the dude who is gonna be locked up should be set free.

P2P = Honeypot

[SavvyPlayer]

1. Legal interpretation aside, this guy practically turned himself in leaving such an obvious digital trail. Had he been intercepting the mail he would have been much harder to track down. Unless it can be shown that making the act of viewing documents illegal will reduce the incidence of identity theft, it would seem the preservation of freedom on this topic remains in our best interest.

2. Before grabbing document x (most likely shared by mistake), ask yourself whether you want to be on the shortlist with morally-challenged folks like this guy.

Outrageous boundaries!

"Sorry for the flame, /., but people that are blind enough to believe laws are some sort of unchangeable and divine Truth need be burned."

"Thou shall not murder" Except when one will not get caught.

"Thou shall not commit adultery" As long as Hilary's in town.

"Thou shall not steal" Unless it's the RIAA.

"Thou shall not bear false witness against thy neighbor" Yes I did see mmaniaci dipping from the till.

"Thou shall not covet thy neighbor's possessions" Hmmm nice tools. He won't mind if I "borrow" them.

it amazes me how many lame disclaimers come off /.

Is it up to parental responsibility now?

McHammer: I'm pointing at you! Angelina Jolie, Keano Reeves, Laurence-Curtis "Cowboy" Fishburne, STAND UP! Let me go on record as saying that there is no place in decent society for fakes, charlatans and tricksters like you who prey on the gullibility of innocent people. You're beneath the contempt of this court. And believe me, if my hands were not tied by the unalterable fetters of the law, a law which has become in my view far too permissive and inadequate in it's standards of punishment, I would invoke the tradition of our illustrious forebearers, reach back to a sterner, purer justice and have you burned at the stake!"

>Everybody is silent now as the rumbling increases. All eyes turn to the
exhibit table. Then suddenly all Hell breaks loose as TWO FULL-TORSO
APPARITIONS explode out of the semen jar.

McHammer: Oh, my God! The trolls of Goatse and GNAA!
Stantz: Friends of yours?
McHammer: I tried them for phile shar1ng. I gave them The Giver and a court-ordered denial-DNS remedy of their domains.

mom and dad? what if their children are 35 YO?

Families live together longer than they ever did before. The New World Order tries to keep everyone stuck together to restrict their travel by means of economic warfare and commercial sham markets.

I am apauled at how a bunch of self-knighted nerds could get on slashdot and troll their filth that anyone that uses a computer is stupid. Legislators are stupid and put the blame on people that are blameless, and that is the reason this discussion has eschewed blame because they want to conceal the fact that any data that is Government-important should not blame the people that didn't know.

I don't make any sense. Taxes are private law, issued from a cloaked king's bench, not public. Taxes are proprietary and limit propert rights, and decided by whomever has a controlling interest in the property at question. Most taxes today are unlawful because nowhere was such present at the signing of a contract to agree to convert lawful use to any such taxable event. Good Day, sir.

Parent much?

[geekmux]

If you have a kid, you should NEVER SHARE A COMPUTER with it. It is not practical to expect parents to monitor everything a kid does on a computer, or to ensure any level of security on a computer used by a kid.

Get your kids their own computers and assume they are sharing that computer with a hacker and all of 4chan. Prohibit the use of the computer for any financial transaction. A kid's computer is only "safe" if there is nothing worth stealing on that computer.

Er, share a computer with "it"? Your compassion in reference to gender is stunning. It can be practical for the critical younger years to monitor what is done, and I sure as hell would not allow rights to install or even execute from an external source the software in question. Sorry, but my kids don't need Limewire to finish their homework, which is 99% of my justification for them even having a computer at all.

On top of that, (besides me) who is going to take the time to properly internally firewall off "4chanNet" running in your kids bedrooms from "ParentNet"? Average Linksys noob barely gets past the wifi config, let alone DMZ segments. If you're telling me to assume, then their machine has already been malwared, infected, trojaned, zombied, and added to a botnet, and I sure as hell ain't gonna share the same LAN segment with that shit..

Just control what is installed and running everywhere in your home, that's all. It's not that damn hard to control and configure user and access rights, nor is it that hard to show your children iTunes and instill some sense of morality and actually pay for shit by earning it.