Man Convicted For Helping Thousands Steal Internet Access

angry tapir writes "An Oregon man has been convicted of seven courts of wire fraud for helping thousands of people steal Internet service. Ryan Harris, 26, of Redmond, Oregon, was convicted by a jury in U.S. District Court for the District of Massachusetts. He faces a prison term of up to 20 years and a fine of up to $250,000 on each of the seven counts."

he got rich from fraud

[ozduo]

don't to the crime if you cant do the time

Re:he got rich from fraud

[MacGyver2210]

I would agree with you on that if corporate CEOs and pretty much everyone who makes over a million dollars a year hadn't set the precedent that defrauding thousands of people at a time comes only with a slap on the wrist and a meager fine despite a huge profit margin.

Shit, that's the definition of how corporate America works. Why aren't they jailing the CEOs of the cable companies instead for charging >5000 times the amount they pay for bandwidth for the average user? Why aren't they jailing the AT&T and Verizon execs for bait-and-switch with the 'Unlimited' plans which are actually limited to single-digit bandwidth amounts?

It's all ass-backward, and this guy just had the balls to do something about it. Do your time, but do it proudly.

Re:he got rich from fraud

[dintech]

Information wants to be free and so does Ryan Harris.

Re:he got rich from fraud

[0100010001010011]

Why aren't they jailing the CEOs of the cable companies instead for charging >5000 times the amount they pay for bandwidth for the average user?

I bet it'd be a different story if this guy had significant campaign contributions. It'd be a "Misunderstanding" of some sort.

Re:he got rich from fraud

[Corbets]

I would agree with you on that if corporate CEOs and pretty much everyone who makes over a million dollars a year hadn't set the precedent that defrauding thousands of people at a time comes only with a slap on the wrist and a meager fine despite a huge profit margin.

Shit, that's the definition of how corporate America works. Why aren't they jailing the CEOs of the cable companies instead for charging >5000 times the amount they pay for bandwidth for the average user? Why aren't they jailing the AT&T and Verizon execs for bait-and-switch with the 'Unlimited' plans which are actually limited to single-digit bandwidth amounts?

It's all ass-backward, and this guy just had the balls to do something about it. Do your time, but do it proudly.

Why aren't they also jailing each of the individual loan officers who sold mortgages to customers who couldn't pay them back? They were, perhaps, more directly responsible than the CEOs, and yet also directly benefited (commissions or bonuses, depending how such things work at each institution).

That question is also your answer. There is a very large chain of people involved in the financial crisis, and it's unlikely that any single one of them can be apportioned enough blame to go to jail.

Re:he got rich from fraud

[philip.paradis]

I would agree with you on that if corporate CEOs and pretty much everyone who makes over a million dollars a year hadn't set the precedent that defrauding thousands of people at a time comes only with a slap on the wrist and a meager fine despite a huge profit margin.

Two wrongs make a right. Gotcha. You must be some kind of rebel freedom fighter.

Shit, that's the definition of how corporate America works. Why aren't they jailing the CEOs of the cable companies instead for charging >5000 times the amount they pay for bandwidth for the average user?

They aren't being jailing them because nobody has proven in a court of law that they've broken any laws. Please feel free to demand charges be pressed if you feel they're warranted. Maybe a few desperate law students can help you figure out a way to trump some charges up.

On a related note, I was born in 1981. I probably grew up in the same culture you did, and still have admiration for things like The Conscience of a Hacker. That said, you sure as shit ain't the guy that wrote that, nor are you really anything to write home about in terms of that culture. I ran a BBS here and there from the time I was a kid into my teens, and did some stuff that I'm pretty glad the statute of limitations has run out on around the same time. Looking back, the shady side of the stuff I did was utterly fucking stupid.

It's all ass-backward, and this guy just had the balls to do something about it. Do your time, but do it proudly.

Nobody does their time proudly, you dumb fuck, aside from people who have legitimately dodged grenades and slit throats for their country only to get locked up in some overseas shithole because they had the bad luck to get caught in the process (or similar scenario; go ahead and try to equate that to the crap you're defending here, I dare you). Have you ever been to a county jail, let alone served a prison term? I've got a brother who's done both; I'll be going to pick him up again when he gets released (again) next month. He's a tough son of a bitch, literally did UFC trial fights and failed to lose before getting his ass locked up again and screwing that opportunity (one of oh so many) up too. He'll be happy to demonstrate the finer points of correctional living to you if you need some help understanding it. I'll bet dollars to your nutsuck you wouldn't last 15 minutes in a drunk tank. Shit, put me in there with you, let's find out just to get it over with.

In short, I think you most likely fall into the wannabe vigilante category, and you probably stopped maturing around 14. Get a fucking life, and go do something about the stuff you're bitching about. Namely, go do something innovative to improve the situation, or shut the fuck up.

Re:he got rich from fraud

[TheVelvetFlamebait]

It depresses me that people think that some people it takes material profit in order to make fraud and theft of service immoral. Apparently you can't commit a crime against a rich person, unless you become one in the process.

Re:he got rich from fraud

[Richard_at_work]

Why aren't they jailing the CEOs of the cable companies instead for charging >5000 times the amount they pay for bandwidth for the average user?

Because thats neither fraud nor any other crime - its not illegal to not base your prices on your costs. The cable companies can charge what they like for their product.

Why aren't they jailing the AT&T and Verizon execs for bait-and-switch with the 'Unlimited' plans which are actually limited to single-digit bandwidth amounts?

Now that's a better example, and one I can't give an answer to.

It's all ass-backward, and this guy just had the balls to do something about it. Do your time, but do it proudly.

Sorry, but that's just a pathetic excuse for this guys actions, he didn't do anything justifiable or the be proud of.

Re:he got rich from fraud

[andsens]

don't to the crime if you cant do the time

I know, but 20 years?!?! Are they serious? That is an insane amount of time for a non-violent crime!

Re:he got rich from fraud

[erroneus]

It just means he should have incorporated and created a ficticious "personhood" to take the fall.

Re:he got rich from fraud

[Cat_Herder_GoatRoper]

20 years for each count he could do 140 (a death sentence) for a non-violent crime.

Re:he got rich from fraud

[flyneye]

Because Mr. Harris didn't make any "political contributions" and Cable companies are on a first name basis with Repubmocrat legislators.
Further Mr. Harris charged a fee for helping gain free internet access. Hackers put up this info for free on the internet. I notice they aren't being charged either.
Nope, this was a case of regulating commerce and example making. Have your contribution ready 'cause you have to buy the right to make money here in the U.S.

Re:he got rich from fraud

Just Rebuplicans?

Corporations firmly control both parts of the one party system.

Re:he got rich from fraud

[turing_m]

A parasite on the cable companies is not going to be able to match the magnitude of the campaign contributions of said cable companies. Whoever makes a decision by looking at such things is going to say "Hmmm. Campaign contributions from cable companies >= Gross amount of your theft... kthxbye."

Re:he got rich from fraud

[JoeMerchant]

That question is also your answer. There is a very large chain of people involved in the financial crisis, and it's unlikely that any single one of them can be apportioned enough blame to go to jail.

I think there's plenty of blame to go around to justify jail time for the lot of 'em, just not enough space in the jails.

Re:he got rich from fraud

[flyneye]

Republicrats, REPUBMOCRATS!
I hold no delusions that this is a two party system, rather a one party system pretending to be at odds by highlighting and playing up minor differences, they have created the illusion of two parties at odds. Jointly they have been chipping away at our most valuable freedoms for around a century now, and monopolizing the political arena through disinformation and info manipulation.

Yes, as I was saying as a corporation, just drop the envelope with the cash into the congressman/senators box and you too can do as you please until you breech the press who can connect you to your benefactor.

Re:he got rich from fraud

[bws111]

Yeah, right. Let's examine your claim that "defrauding thousands of people at a time comes only with a slap on the wrist and a meager fine".

Bernie Madoff - 150 years
Bernie Ebbers - 25 years
Dennis Kozlowski - 25 years
Jeffrey Skilling - 24 years, 4 months

Yup, just 'slaps on the wrist'.

Why aren't they jailing the CEO of cables companies? How about: because they aren't doing anything illegal. What laws do you imagine they have broken? If we take your ridiculous assertion that they are charging >5000 times cost, then their profit margins should be about 99.999%. They aren't anywhere close to that (TWC is 8.5%, Comcast is 8.56%), so clearly you are just plain wrong on that one.

Why aren't they jailing the CEOs of AT&T and Verizon? Again, what laws to you suppose they have broken? At most they have breached your contract. So sue them. Oh, you signed a contract saying you wouldn't sue? Well then that's your problem, isn't it.

Re:he got rich from fraud

[Taty'sEyes]

No he is not a "life long Republican." He is a libertarian Republican and ran for president as a Libertarian in the past. He does kowtow the party line of the Republicans... of the early 1900's.

Re:he got rich from fraud

[steelfood]

No, you just can't commit a crime against a rich person in general. Now, poor people, you can bend them over backwards and fuck 'em however you like. At worst, you'll get a slap on the wrist. At best, you'll get a pat on the back for a job well done. Either way, you'll be filthy rich.

Re:he got rich from fraud

[trevelyon]

And his crime was the worst you can make: not respecting big, rich monopoly corporations. If he just stole from people that would be no problem but he had the audacity to help people steal from the likes of Comcast and other sacred cows. From the article it sounds like he didn't even steal anything just basically sold a lockpick set and showed people how to use it. Gotta love the face of modern business/politics and yes there are basically one thing now.

seven courts

Courts are an odd unit to measure instances of wire fraud.

Re:seven courts

I believe 1 court = 1/8 Library of Congress.

Re:seven courts

[Mitchell314]

Close, 1 Court ~ 0.1248859302 Libraries of Congress. The SI system never lines up nicely with the US's.

Re:seven courts

[MobileTatsu-NJG]

That typo was in the article, too. I'm not sure whether I should snobbily deride the editors for not correcting the mistake or fashionably praise Slashdot for finally reporting on a article accurately.

Re:seven courts

[MobileTatsu-NJG]

Thank you for quoting me accurately!

Bad design

[xenobyte]

If this guy could build a business, complete with websites, forums and so on, it must have gone on for quite a while (6 years it turns out), so it is obvious that:

1) The ISP didn't know enough about their business to realize the giant holes this guy was exploiting.
2) The ISP was incompetent enough to let this guy and his customers steal service (which the ISP's other customers paid for) for a long time.

Any sentencing here should include a heavy fine to the ISP for technical incompetence.

Re:Bad design

[Dexter+Herbivore]

Any sentencing here should include a heavy fine to the ISP for technical incompetence.

Theoretically it already has, it's paid the fine in lost customers due to their service being so crappy. I can't imagine that you could pull something like this off without massively degrading the hijacked service.

Re:Bad design

[SuricouRaven]

Worse, actually. He was impersonating modems using sniffed MAC addresses, which is only possible if the network is running without encryption - a feature that should be easily supported by DOCSIS (BPI has been in there since version 1.0), if the ISP were willing to fork out for the equipment. Coax is a shared medium, which means that every customer's data was being sent to every other customer on that segment, in cleartext - the only thing to stop someone from sniffing all the facebook accounts, emails, MMORPG logins and other non-SSL data they could desire would be the firewall in their modems, which is easily broken with a hacked firmware. That's a massive security worry right there - the ISP were lucky he only exploited it for theft of service, rather than sniffing all traffic and selling details to scammers who might use it for ID theft, spam and the looting of World of Warcraft accounts.

Re:Bad design

[Asic+Eng]

Well, from the description it appears the guy was selling modified cable modems to sniff data on the coax line and enabling the user to change MAC addresses etc. This would seem to indicate that the device would operate with several configuration sets - maybe switching those on the fly depending whether they were already in use. This way the users' modems would be able to replicate the access data of other users.

That could be prevented by using encryption for exchanging login data, but it's pretty hard to detect: You can't easily tell the difference between unauthorized access of user B with user A's login data, and user A who just happens to use the internet a lot. Also you wouldn't notice a few users doing that in one particular segment, the guys customers could be distributed all over the US:

Re:Bad design

[SuricouRaven]

Cable modems actually solved that a long time ago. The modems themselves are the authentication token - they each have a unique private key embedded in them, and the network uses that. Or rather, should use that - the type of impersonation attack that the article describes is only possible if the ISP has disabled encryption on their network (I'm assuming it's some version of DOCSIS), which is just really stupid of them.

Re:Bad design

[ArsenneLupin]

He was impersonating modems using sniffed MAC addresses, which is only possible if the network is running without encryption

Are you sure about this? Many encryption schemes only encrypt the payload, not link-level headers, such as the MAC address. Or how else would the modem be able to figure out which packets are for itself, and which aren't? Attempting to decrypt every packet (including those not intended for it) would be a huge performance drain.

Re:Bad design

[tinkerghost]

Theoretically it already has, it's paid the fine in lost customers due to their service being so crappy. I can't imagine that you could pull something like this off without massively degrading the hijacked service.

His technique used a packet sniffer & changed the MAC addresses on the modems. That creates the same havoc on the network as 2 devices with the same IP address. So you would have a situation with huge blocks of packet loss while one modem was getting the data for both modems, until the ARP table updated & the other modem got all the data. So, it would probably be pretty miserable for both the person paying for the service, and the person impersonating them.

Re:Bad design

[sjames]

That's fine though. Only the legitimate holder of a given MAC address would possess the correct encryption key. Another modem could transmit a packet with forged link level headers, but the payload wouldn't decrypt correctly and so wouldn't be forwarded.

Re:hrm

[siddesu]

Get your terminology right, please. There's no such thing as "intellectual property", there is a large body of laws and regulations that pertain to patents, trademarks, copyright and other related rights and mostly create various monopolies. "Intellectual property" is a WIPO marketing term for the weak-minded.

Re:hrm

[taktoa]

No, bandwidth requires infrastructure and maintenance, while "intellectual property" can be copied infinitely for a near-zero sum of money.

Re:hrm

[xenobyte]

There a huge difference. You can indeed steal Internet service - you are not making a copy - you are actually taking something someone else paid for, i.e. theft.

When it comes to 'stealing' intellectual property - you are not taking anything away, nor are you taking something someone else paid for. You are making a copy that detracts nothing from the original. Any loss would come from the loss of a potential sale, but as must file sharing either is done by people who would never pay for the stuff they download (no lost sale) or by people that buys the downloaded material later when it becomes available, there's usually no loss involved and thus no theft.

Understand it now?

Writing tools to configure cable modems

[dutchwhizzman]

Writing tools to configure cable modems is what he got convicted for. He just wrote some tools so you could BOOTP your cable modem with a "valid" MAC and uncapped access speed. The cable companies knew they were putting the security in the dynamically configured end user device. They didn't fix the security flaw after it was publicly known. All the guy did was write an exploit for a publicly known bug, others (end users) were the ones that abused it.

Oh well, at least now there is jurisprudence to put gun manufacturers into jail. After all, they make the tools that others use to commit crimes, which is what this guy is going to do hard time for.

Re:Writing tools to configure cable modems

[amiga3D]

It is slightly different in that he did provide customer support in cracking the network. Even so I wonder how this will do on appeal.

Re:Writing tools to configure cable modems

[snowgirl]

Oh well, at least now there is jurisprudence to put gun manufacturers into jail. After all, they make the tools that others use to commit crimes, which is what this guy is going to do hard time for.

Only if they're selling their weapons with full knowledge and intent that it will be used to commit crimes, but then this was the case prior to this guy anyways...

Re:Writing tools to configure cable modems

[complete+loony]

And if the gun manufacturer was taped giving advice on how to use the gun to rob a bank, knowing that the customer was going to follow their advice?

Re:Writing tools to configure cable modems

[snowgirl]

"shooting targets" might be a nice hobby, but it's not very practical.

The purpose of the item being sold does not have to be practical. Recurve bows and arrows have no "practical" use, and are only particularly useful for target practice. In fact, recurve bows are even less useful than hand guns for hunting.

As well, handguns have another perfectly legal reason for purchase and ownership: protection, and defense.

There is no way that gun manufacturers aren't aware of those statistics, yet they keep on allowing their products being sold in shops.

Being aware the statistics about misuse of your item does not mean that you are criminally liable. The manufacturers of oxycodone are certainly aware of the high rate of abuse of their drug, shall we hold them responsible criminally for the abuse of their drug?

With this jurisprudence, gun manufacturers are just as guilty. Either that, or someone got wrongly convicted here.

This jurisprudence is not precedent setting. Gun manufacturers are already, and have long been subject to the conditions under which this individual was charged.

There was sufficiently established evidence that this individual was selling a product that had no legal purpose. Guns have well recognized legal purposes. And weapons manufacturers are not concerned about this case... like I said, this case hinged on already well established legal precedents, and the gun manufacturer lawyers have long been aware of these details.

But then, as usual, anything legal happens, and slashdot armchair lay lawyers are ready to jump out of the woodwork with specious legal theories, and pretend like shit means more than it actually does.

His software is still available

[Cito]

Tcniso uncapper to remove bandwidth restrictions http://www.cable-modem.net/dcforum/DCForumID5/205.html lot of interesting software still available by googling tcniso and on the torrents... stuff is really interesting how he wrote it

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Nothing is worth jail time

[amiga3D]

Generally the assumption is that they'll never be caught and thus never have to pay. If they knew for sure that it was going to cost many years out of their life I believe they might choose otherwise. It's some of that "It can't happen to me" kind of thinking that results in so many bad ends.

Re:hrm

[kyrio]

Are you really as retarded as you are making yourself out to be, or do you actually not understand something this basic?

By using an ISP's connection without paying for it, you aren't piggybacking on another person's packets, you're using up the limited* space in the pipe. By not paying, and essentially being an unknown factor to the business providing the pipe, you are lowering the quality of service for everyone else. If not through using bandwidth that wasn't accounted for, it's by delaying their packets with your own, during an especially congested time.

* Regardless of how big the pipes are, the ISPs do need to calculate just how much capacity they have for the amount of people they are serving. Adding a few hundred extra people without accounting for them can be a big difference for their neighbours. Add thousands of unaccounted users, and you can have a massive congestion problem that will be extremely hard to track down, and costly to locate and fix.

Re:hrm

[azalin]

probably that your brain contradicts his line of thinking

I'm ok with that so long as...

[Sycraft-fu]

You are ok with a fine on you if your house gets broken in to and it is found you didn't do a good job securing it. After all, if we fining people for not doing security properly, then it needs to apply to physical security too, and to individuals too. So if you are like most people and have a cheap lock that is vulnerable to bumping and picking, single pane windows with no security screen or coating, no security locks on your windows, no alarm system, and so on then if you get broken in to, you get fined too.

After all, it is something you can fix. You can get high security locks from someone like Medeco or Assa that can't be bumped, and key controlled, hard to pick etc. You can have your windows replaced with coated glass and screens that are very difficult to break through. You can buy friction security locks for your windows that you take on and off when you want to open them and so on.

You probably don't choose to. Few people do. It costs more and is inconvenient. However it does make it much easier for someone to break in to your house.

Now if you aren't ok with that, then I have to ask why it is ok to fine the ISP. Could have the had better security? Most certainly. However they chose not to and that doesn't make what was done to them right. Same shit with you. You can choose to have better security. Just because you don't, doesn't make it right for someone to break in.

Re:hrm

[gomiam]

Obvious troll, but I'll bite: the bits that you receive through my connection detract from the bits that I can receive through my connection for bandwidth is a physical world entity.

OTOH, the bits that you copy from me don't disappear from my hard disk by your copying, for information is being a virtual world entity.

Re:hrm

[brit74]

Any loss would come from the loss of a potential sale, but as most [sic] file sharing either is done by people who would never pay for the stuff they download (no lost sale) or by people that buys the downloaded material later when it becomes available, there's usually no loss involved and thus no theft.

I'd actually argue that most filesharing is done by people who wouldn't pay for it and there's still a loss involved.

For example, let's imagine a thought experiment: if a company is selling 100,000 copies of some digital media product and then piracy comes along and now 1 million people are pirating it and only 50,000 copies are being sold. We could say that piracy halved the sales - causing a "loss" of 50,000 sales. However, since there are 1 million people pirating it, we could calculate that 95% of them (950,000/1,000,000) wouldn't have bought it. The fact that most of them wouldn't have bought it doesn't change the fact that it caused the sales to be cut in half. Heck, if piracy became the norm, and let's assume that all the sales disappeared (i.e. a loss of 100,000 sales) then we could still truthfully say that "90% of them wouldn't have bought it". My point being: even if you can truthfully say that most of them wouldn't have bought it doesn't mean that it doesn't produce lost sales.

(And just to head-off the "potential sales aren't real they're purely fictional" argument that someone might want to throw my way - if anyone believes that, then they should argue that copyright should never have existed in the first place and corporations should've always been allowed to print all the books they want and sell all the software they want and sell all the movies they can - because it only means a "potential" loss for the creators and corporations should be allowed to pocket all the money for themselves.)

Re:hrm

[MacGyver2210]

What did the customer pay for that these people were stealing? Do terrestrial/cable ISPs still charge per-hour or per-GB for bandwidth?

Last I checked every provider in my area was offering (truly) unlimited high-speed access for a flat rate, and they couldn't tell worth a damn if someone else was using my connection. They certainly didn't charge me more (for example) when my friends would stop by and use my WiFi.

This is no more stealing than using Coffee Shop WiFi, the only difference is how the connection was made.

Re:hrm

[Sarten-X]

Are you really as retarded as you are making yourself out to be, or do you actually not understand something this basic?

By using research without paying for it, you aren't piggybacking on another person's discoveries, you're using up the limited* funding in the field. By not paying, and essentially being an unknown factor to the business providing the R&D investment, you are lowering the return on investment for every other researcher. If not through reducing sales of a final product, it's by crowding their publishable papers out with your own, in a given issue of a journal.

* Regardless of how big the wallets are, the investors do need to calculate just how much return they will see from the research projects they are funding. Adding a few hundred extra competitors to a market without accounting for them can be a big difference for the feasibility projection of a project. Add thousands of unaccounted clones & derivatives, and you can have a massive marketability problem that will be extremely hard to track down, and costly to locate and fix.

What the hell is up with your justice system?

I mean -- 20 years for a simple financial fraud thing. In other countries, murder is less.

No wonder you have a considerable fraction of your population in jail.

Scary.

Re:hrm

[kenshin33]

the guy did offer software to modify the cable modem firmware to get uncapped connections or clone the mac addr of some legitimate modem to access the nework (yes cable modems are authenticated with mac addr) . he didn't do it himself.

Re:hrm

[Farmer+Tim]

Infinitely copied, yes. Infinitely produced, no; that also requires infrastructure and people's time.

Re:hrm

[TemperedAlchemist]

You haven't accounted for the pirates who then turn into customers, either.

Or pirates that tell their friends about how great of a program it is, and those friends purchase the program legitimately.

---

No, let's operate off of the assumption that piracy never occurred. Who is to say your program will have as many paying customers? Don't think you can simply say, "HEY LOOK X PAID, BUT Y DIDNT, THEREFORE WE LOST PROFITS!" Which is mathematically wrong. It should be represented as:

x = customers who are customers regardless of piracy
n = customers who are customers because of piracy
p = pirates that who are not customers, but would otherwise be customers
r = pirates who are not customers, but would not otherwise be customers

If you're going to claim damages, please provide proof that x > p, not that x + n > p.

Re:hrm

[gomiam]

By using research without paying for it, you aren't piggybacking on another person's discoveries, you're using up the limited* funding in the field.

On the contrary, you are actually not using up the funding in the field. You would be, though, if you had to replicate research already done once and again. That's why researchers consider publishing your research a good thing: they get information quite more cheaply than if they had to research everything on their own and they may also get validation/refutation of their own research.

..you are lowering the return on investment for every other researcher.

Only, perhaps, if you don't share back. But if you don't share back you will get sidelined.

...investors do need to calculate just how much return they will see from the research projects they are funding.

Weren't we talking about ROI for other _researchers_? Investors putting money into research and looking at ROI means they don't care about research but its products... and will probably keep research results secret anyway.

Re:hrm

[TheVelvetFlamebait]

There a huge difference. You can indeed steal Internet service - you are not making a copy - you are actually taking something someone else paid for, i.e. theft.

Do you know how much the artist paid for the copies you take? They have donated both their time and their money into creating it. It's not like they come to them for free, it's just that most of the cost is incurred very early in the creation process.

Re:hrm

[kamapuaa]

And along those lines, I don't like the Chicago Cubs, so maybe we can all just pretend they don't exist. Problem solved!

Re:hrm

[Richard_at_work]

The thing that people have yet to touch on in this thread is that the bandwidth used does not just affect the end consumer that is having their connection increased or hijacked - and I'm not talking about the effect on other users on the network.

Let's talk peering arrangements. No ISP has access to the entire Internet, so they peer with other networks and backbones to increase their reach - and those agreements are routinely based on an amount of data transferred per period. Go over that agreed amount and the ISP has to pay. Routinely go over that agreed amount and they have to renegotiate the agreement. Routinely stay under the amount and the ISP can renegotiate a less costly agreement.

So yes, there is a real effect here, it's just some way downstream from you.

Re:hrm

[Tim+C]

Grammar nit-pick - you use "[sic]" when correctly quoting a mistake in the original, not when correcting one when quoting.

not necessarily

[Weezul]

We should never outlaw creating tools like lockpicks, knives, cable modem sniffers, or CPUs able to run unsigned code. We should only outlaw specific usages of said tool.

A priori, there is nothing wrong with explaining how such tools work either, but aiding customers with the specifics of their particular cable provider could eventually cross the line into conspiracy to commit wire fraud, just like helping a robber a house's door would become conspiracy to commit robbery.

I therefore hope they convicted him on specific instances of technical support he provided which unambiguously made him a conspirator in specific customer's wire fraud. And I hope he wins back his freedom on appeal if they convicted him on any other grounds.

In fact, we should discuss the physical plans for equipment and software which he sold here because I'm sure we're curious what exactly he sold. Anyone got links to DIY kits? We should add this stuff to thepiratebay.se's physibles section : http://thepiratebay.se/blog/203

And what about the people on the end?

[Sycraft-fu]

Those that walked in to various loans, eyes wide shut? Or those who took loans they couldn't afford because they figured they'd just flip the house and make money?

The idea that individuals were completely blameless in the financial crisis is silly. Sure there were some people who were suckered in. They were told one thing and given another. For them I have some sympathy (though really, there's a standard loan terms sheet that comes with every loan, it isn't hard to read). However there were plenty that got greedy and just ignored all good sense.

An example would be my cousin, call him B. He owned a house that he'd had for quite some time, around 8-10 years on a 30 year fixed mortgage he could afford. then things went crazy and he decided he's take all his equity out in a refinance so that he could buy a bunch of new toys like a truck, take an expensive vacation, shit like that. His loan amount went way up because he was taking out more than the original loan had been for since his house was allegedly worth more. He couldn't afford a fixed loan at that rate so he got a cut rate ARM. Then prices crashed, the rate went up, and he lost his house. Not only should have he known better, my dad (among others) told him this was a stupid idea.

Then there's me, I have a house that I had since before things went crazy, on a 30 year fixed mortgage that I can afford. It supposedly doubled in value during the craziness. I could have taken a ton of money out. I didn't, because I knew that was a bad idea. I still have my house, and I can still afford my loan.

We were both in a similar situation, he chose one option, I chose another. Nobody held a gun to anyone's head and forced the issue.

The crisis was caused by failures and greed at so many levels. The government, the bond rating companies, the investors, the banks, the loan officers, and yes the individuals. You can't just act like a certain group were the evil ones who caused everything. There is a lot of blame to go around.

Now if you just want to start locking everyone up, I guess that's a valid position, but you might want to ask how well that's work in, say, the drug war.

Re:And what about the people on the end?

[ByOhTek]

The loan reps aren't exactly blameless either.

When I bought my places ($100k-$150k range), the first loan place I went to, the guy I talked to tried to convince me to get a more expensive house (you are approved for up to $350k! You should look at something nicer!)

I would *not* be able to pay the mortgage on such a house, let alone cover food and utilities. He didn't care, they were just going to sell the loan to some other company, they would make their money, he'd get his commission.

Glad I went with another company. That was obnoxious.

Re:And what about the people on the end?

[Ihmhi]

The idea that individuals were completely blameless in the financial crisis is silly.

IMO it's not so much that as the fact that the banks made really irresponsible loans.

Generally I'd say it's not only stupid but flat-out unethical for banks to give out loans to people they know can't repay them. They're just waiting for the other shoe to drop. When you have a few thousand of these loans floating around, well... look what happens.

Re:And what about the people on the end?

[ByOhTek]

Personal responsibility is important (it certainly kept me out of a mess in this regard), but when people from every side are trying to trick you from every side, you eventually slip. These people know your financial situation, - they see your records, and in most cases, are probably better trained to understand it than you. Yet they try to put you in a situation that is above your head, and screws whoever they sell the loan to, for their own profit. Yeah, they should be held responsible as well, not instead of.

It's a bit beyond the magnitude of a super-sized meal, a $20 stack of disks, or a V8 car...

Re:And what about the people on the end?

[Xacid]

Conversely, the fella I worked with was very practical about the topic. Basically I can afford up to X but I'd be eating only ramen and wiping with newspaper. For every increment lower that I could get to would increase my quality of life so either make more money or find something significantly cheaper than X. And hell, I was 23 at the time.

Oh, and the bank - Bank of America oddly enough. Incidentally that guy doesn't work there anymore. He moved back to Sweden. Probably saw the writing on the wall, heh.

Re:And what about the people on the end?

[fearofcarpet]

He didn't care, they were just going to sell the loan to some other company, they would make their money, he'd get his commission.

You nicely summarized the root cause of the collapse of housing markets across the US. The banks thought that, by chopping up mortgages and combining them with other securities, the resulting CDOs had less risk because it was spread around and since the cost of each tranche was proportional to the risk, and therefore the yield, everyone understood the risks involved. Of course that created a profit motive to create as many mortgages as possible--and the riskier the better because the risk magically disappeared once sliced up and repackaged. Opportunists climbed into cheap suits and starting fly-by-night mortgage brokerages, assembling teams of sleazy salespeople to push bad loans. By the time the mortgages went sour, everyone involved in the transaction had taken their profit but, thanks to deregulated banking, those profits were basically paid out of the savings accounts of the very same people getting the bad mortgages. And since all the banks merged into giant mega-banks that snatched up bad debt with your money, they were "too big to fail." But don't worry, they bought "insurance" against it in the form of credit default swaps so that the government wouldn't have to bail them out. Except that the "insurance companies" were also banks and didn't have nearly enough cash to pay out, so the government bailed them out, including the third parties that were buying credit default swaps on CDOs that they didn't even own.

So everyone made money--from the mortgage bundlers all the way up to the CEOs of the giant banks--no matter if they succeeded, failed, or wrecked the global economy in the process. And to get the economy going again, the Fed started loaning out money at %0.01 interest so the banks could turn around and lend it back to Treasury at 3% (and pay back the bailout after dumping their bad assets); it's socialism for banks, and "free markets" and personal responsibility for the rest of us. Now we have a mountain of government debt and a generation of college-educated young people entering a stagnated economy with student loans accrued during the boom-times. I guess that is what happens when you create a system in which you can flip someone's livelihood for a profit without taking on any risk or responsibility.

...but this guy goes to jail for 20 years for scamming cable companies.

Re:And what about the people on the end?

[roman_mir]

You nicely summarized the root cause of the collapse of housing markets across the US

- that is NOT the root cause, that was an expected symptom based on the real root cause, which was government easy credit to the banks (they did push it down all the way to 1% for Clinton and 0% for Bush and it's there now too) and all of the mandates, that had government and quasi government agencies 'insuring' variable rate mortgages, liar loans, all of that stuff. At the time of Clinton and Bush it was mostly F&F, now it's mostly FHA, which 'insures' over 1Trillion with only 5Billion assets.

Of-course all of this 'insurance', just like all other 'insurance' that government provides is not insurance. It's all debt and counterfeiting (hail the Fed).

People saw this coming miles away.

Re:And what about the people on the end?

[jedidiah]

In the old days, there was an obvious means to discourage a loan officer from loaning you money that you could not pay back. If you failed to repay, then he or at least his company was on the hook. There was none of this shuffling off bad debt onto other people.

Although even that practice didn't completely trash our economy.

No. It took rampant pervasive corruption of ratings agencies to do that.

The current approach to doing business is simply not sustainable regardless of how you view the situation in moral or ethical terms.

Re:And what about the people on the end?

[andyteleco]

I remember that when I lived in France, I wanted to get a loan for a car and the guy in the shop asked me how much money I made and how much rent I paid per month, and if I had any other fix expenses.

He later told me that the French law forbids banks to give you any loan which will make you get into a situation of paying more than 33% of your salary for loans+rent. So if you earn 3000â a month and pay 500â rent you will only get a loan which has a maximum repayment of 500â per month.

This was back in 2005. Now we can understand why France hasn't suffered the same real estate crisis as the greatest part of the rest of the world.

Re:hrm

[metlin]

You're missing the point. To allow people to pirate because a small portion of them could potentially purchase down the road may be great for marketing, but is poor for revenue.

I am just unable to understand the intellectual lethargy that I find on Slashdot when it comes to piracy. You may disagree with how someone feels about piracy, but if it is their content, it is their prerogative.

Re:Not the secret service?

[betterunixthanunix]

Kevin Mitnick was far more dangerous than this guy! After all, Kevin Mitnick knew how to ask people to do things, in a way that actually convinced them to do it! Imagine the danger that such a person poses to the public -- a danger that is so severe that he needs to be incarcerated for five years without trial.

Not to say that a cable modem hacker is not a dangerous criminal, who is constantly putting the general public at risk. I mean, this guy modified cable modems to break the rules set by cable companies! Can you imagine a world where that sort of person is allowed to be free, to be near your children?!

In all seriousness, this guy is facing 20 years for each of 7 counts, which is more prison time than some convicted murderers face. What does that say about our society? That we value cable company profits more than human life? That is the scary thing about this case: the severe sentence that might be imposed.

Meanwhile...

[Tasha26]

prison term of up to 20 years and a fine of up to US$250,000

...the real criminals in the banking and mortgage industry got away scoff free even after they caused damages in the trillions. Is the law blind?

Re:Not the secret service?

[Antique+Geekmeister]

No, Kevin engaged in active destruction, both deliberate and accidental, of the systems he probed. You seem to think he just engaged in social manipulation: while effective, it's hardly the only tool he used. And the destruction was as much from his _incompetence_ than from his expertise. By re-arranging and casually ruining core security systems he made production systems crash repeatedly, lose data and code, and cost developers, customers, and companies many millions in lost work. He also _kept_ doing it, even when he turned informant against other crackers and cut deals with the FBI to avoid prosecution.

Mitnick was, indeed, _much_ more dangerous than this guy. He was also too insistent to _stop_ after being caught repeatedly.

FFS, it's not stealing, it's fraud.

[subreality]

I'm tired of "stealing" getting applied to every instance of "underhandedly doing something you weren't supposed to".

Stealing internet murder?

[walterbyrd]

I don't think most people get that kind of a sentence for murder.

I saw one case on this "I Survived" show they have on Biography channel: a woman shot her husband six times in the chest, and she was sentenced to six days for aggravated assault. Six days for unloading a gun into somebody's chest, 20 years for stealing internet; what a wonderful justice system we have.

Re:hrm

[jedidiah]

If it's been 30 years then I should be able to violate the author as much as I want. That's part of the bargain.

Genuine natural rights don't expire like that.

Oh, thought experiments are fun.

[msauve]

For example, let's imagine a thought experiment: if a company is selling 100,000 copies of some digital media product and then piracy comes along and now 1 million people are pirating it and only 50,000 copies are being sold. We could say that piracy halved the sales - causing a "loss" of 50,000 sales. However, since there are 1 million people pirating it, we could calculate that 95% of them (950,000/1,000,000) wouldn't have bought it.

Now, let's suppose they're selling 100,000. Piracy comes along, 1 million pirating, and they're selling 200,000. We could say that piracy doubled the sales, causing a "gain" of 100,000 sales. This is fun! Complete and utter bullshit, but fun!

Wrong. So wrong.

[DeadCatX2]

I imagine you're also lumping Community Reinvestment Act (CRA) loans into the culpability for the crisis. This is a thirty-year old law. You may want to look into that; CRA-approved mortgages were less likely to be subprime and less likely to be resold.

Also, Fannie and Freddie have rules that stipulate they would cover only 80% of a mortgage. Where did the other 20% come from? Ask Angelo Mozilo; Countrywide would just give you a second mortgage to cover the other 20%. Ta-da, 0% down payment home mortgages.

Fannie and Freddie also would not take Jumbo loans. So those McMansions could not be financed that by them.

As far as "liar loans"(or NINJA loans), the fault lies 100% with the broker. While consumers are morally obligated to be honest, it's supposed to be the broker's responsibility to keep liars from getting money they can't pay back. Instead we had brokers facilitating fraud.

The biggest cause of the problem was the large secondary market for mortgages. It's all basic Supply and Demand. If there had been no market for selling shitty mortgages, the brokerage firms would never have been able to get rid of the bad mortgages and they would have crushed under the weight of their own defaulted loans (as they did when the big banks finally stopped buying their trash). But back then Wall Street was more than willing to buy up this crap, so the fly-by-nights had a willing buyer for their doomed-to-fail mortgages.

And make no mistake; Fannie and Freddie were not big players in subprime loans until Countrywide said what amounted to "if you don't buy these loans, Wall Street will, and you will lose all your market share". Fannie and Freddie didn't really get into subprime loans until about 2005. And in 2010, their loans had a foreclosure rate 30% lower than the national average.

Oh, and let's not forget the SEC decision in 2004 that exempted the banks from the capital reserve requirements. Without this ruling, they wouldn't have been able to lever up their balance sheet as highly as they did.

And all the deregulation and mega-mergers that made banks too big to fail, and allowed a shadow banking system to grow in the derivatives market which then began to exceed the size of the real banking system. And the Credit Ratings Agencies which were complicit in labeling toxic CDOs which were designed to fail as AAA-worthy.