Slashdot Mirror
Edward Tufte's Defense of Aaron Swartz and the "Marvelously Different"
zokuga writes "Data visualization pioneer Edward Tufte spoke at hacker-activist Aaron Swartz's public memorial. In his message, he described how he came to know Swartz at Stanford and how Tufte's own college hacking exploits had the potential to ruin his own life."
The stupid stunts I did back in the '80s were as bad, if not worse, both in the real world and the BBS scene. The difference is no one stored my every stunt for posterity and instant access for all.
more like injustice amirite?
RIP Aaron, we'll avenge you.
So Tufte was a phreaker. He and a pal did this "longest long-distance call" thing. AT&T caught onto it of course, and a tech rang 'em up. The tech just said, don't do it again, don't tell anyone, and nothing happens. But seriously, the tech (and by extension AT&T) could have seriously ruined Tufte's life. But didn't because it was just a silly prank that didn't actually harm anyone.
By extension, one of Aaron's legal team contacted Tufte who talked to JSTOR and convinced them not to participate in the ruining of this young man's life. After all, there was no harm to anyone, and nothing of value was lost or stolen (copies were made, which Aaron subsequently deleted after being caught).
So, in conclusion, fuck the system.
You were going for a "Funny" mod, weren't you?
The only plausible alternative would be a "Stupid Beyond Belief" mod, and they don't exist...
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
Glenn Reynolds just posted his essay Due Process when Everything is a Crime relating in part to the Aaron Swartz case.
Cases like the Aaron Swartz prosecution are a direct result of the huge, intrusive, abusive government we have. Unfortunately most Slashdotters seem to support this government and want to make it even larger and more involved in everyone's daily lives. Will Slashdot learn anything from Aaron Swartz's death? Or are we still just a few more government programs away from living in a utopia -- this time for sure?
*IF* something would happen, OMG, someone could sue us!
Today, they find ways to make you regret you were even born.
So what's left to blow steam?
Doing bad things because that's all there is left.
You can't sneak into a flooded quarry to swim that's on private property.
You can't jump your bike into a river for fun.
OMG, someone could sue...
Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
I'm guessing every half-decent engineer working in computing has some of this in their past. It's part of the process of how someone becomes an engineer - exploring, testing limits, finding way to use things in ways they weren't intended to be used. I know I did, I know my coworkers did. I work in education, and we've caught a student there trying to hack our network. Give him another ten years, and he'll be the admin trying to keep out the next generation of engineers-to-be. I'm not even an engineer: I'm a lowly technician.
More likely the prosecutor is now going after Tufte.
In the Bush-the-first Administration a friend and I "hacked" into a password-less guest account and over-wrote the login shell script with ftp. This made the low-privilage account a lot less low-privilage than the system administrators wanted. We let the administration know after the fact. They fixed the problem.
By today's laws and possibly those of the time, we committed a felony under both state and federal law. Morally I knew it was probably criminal but common sense and the morals of the time would call it a wrist-slap misdemeanor. I guessed correctly that the computer administrators would be more interested in fixing the problem than punishing us. As far as I know neither of us got into any trouble over it. I didn't. The statutes of limitations are long since expired or I wouldn't be making this admission in public. Within a few short years social attitudes changed and what we did would've likely gotten us some serious campus discipline and a "scare/threat" of arrest at a minimum.
http://www.youtube.com/watch?feature=player_embedded&v=Qb0tCgNzbjk
However, it must be wielded with - pardon the pun - discretion.
It's NOT okay to have strict liability crimes without almost universal knowledge of the crime and likely punishment.
It's NOT okay to use discretion to coerce plea agreements.
In general, the discretion should be based on published, preferably well-known guidelines that all prosecutors in a given geography and who are prosecuting given types of crimes agree on. In other words, there shouldn't be "good luck" and "bad luck" for the defendant when cases are handed out to prosecutors.
You do need proprietorial discretion so prosecutors can deal with things like local priorities, priorities that change over time, laws that have outlived their usefulness, etc. Prosecutors in a city with a high car-theft crime and a publicized crackdown would - and should - be less interested in offering mercy on new car thieves than prosecutors in a city without a high car-theft problem.
You also need to have proprietorial discretion to give leniency where the criminal act may warrant severe punishment but the criminal intent, while present, was not that of a hardened criminal or where "mother nature" has already meted out some punishment. For example, a person who steals a car to joy-ride and wrecks it causing himself severe injury should get a lot more mercy than someone who steals the car for profit. Why? The INTENT was to return the car intact, so the "criminal intent" is much less, and the person's injuries and medical bills will ensure he won't soon forget the experience.
In cases of civil disobedience, the prosecutors in an area should also have a "standard, well-known" response which may be to decline prosecution specifically to deny the citizen the public platform that he is seeking. Another "pre-planned response" may be to seek a very short jail sentence with a long probation period, with a prohibition of associating with other like-minded people during the probation period. Such a response will effectively separate those who are really willing to throw years of their life away for a cause from those who aren't, while appearing to the general public to be showing some leniency.
In the Swartz case, I wonder how differently things would have turned out if the prosecutor had said "Okay, here's our plea offer - 6 months in federal prison on reduced misdemeanor charges. If you don't take it, we'll ask the judge for a felony conviction and a sentence of 'A year and a day.' Talk it over with your lawyer and get back to us."
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
At what point does a "prank" become a "crime", however?
Even if nobody was physically hurt initially, it sounds to me like this incident with Swartz still involved at least some cost to those who were dragged into it involuntarily. Time was wasted, there were probably legal fees and other financial expenses, reputations have been soiled, and so forth. Such costs sound harmful to me.
Let's consider a scenario involving you. Suppose that you're giving a presentation to some important business clients, or perhaps to your colleagues and peers at a conference of some sort. While the focus is on you and your presentation, somebody unexpectedly runs up and pulls down your pants, including your underwear. So you're standing there half-naked. Well, it turns out that you have a micropenis, and this is a fact you've been successfully hiding for years. Now some very important people in your life know your secret, and this affects, perhaps unintentionally, the decisions they make regarding you. Maybe you aren't considered for a promotion, or maybe you aren't invited to work on an important project, or maybe people just don't respect you and your opinion any longer. The perpetrator later says it was just a prank.
You suffered no physical injury during this ordeal. There were some negative effects, but you apparently don't consider these to be "harmful", at least from what I gather from your comment. So what should happen to the perpetrator in this case? Would you just shrug it off? Or would you be after this person's head? Something tells me that if you were directly involved, you would not consider this a "prank", but rather a serious crime. You would demand painful "justice" for the perpetrator.
I got in a ton of trouble for things. At least one, I finally figured out 20 years later what happened.
The college I was at had terms of use. I read them. I followed them.
One of the rules was that you must not access other student's accounts. So I didn't. But I was curious about a lot of stuff, and I did things like write something to check common dictionary words against passwords (this was before shadow passwords). And I wrote something that emulated, down to the effectively-slower bit rate, the behavior of the terminal multiplexer which lived in front of the login process, and gave people fake login prompts, and recorded passwords.
I got in trouble. I was mystified by this. I had not accessed any other student's account.
Apparently, though:
1. No one was actually looking at logs in any detail.
2. At least one student claimed that I had done stuff to them. (I don't even know if it's a student whose account I had a password for; I assume they lost a file and blamed me because they'd heard I had passwords, or maybe it was just a lie.)
3. Also, you're apparently supposed to know that "don't access other people's accounts" implies "don't collect the passwords for other people's accounts."
Nowadays, if I take time to think about it, I can usually spot the intended "or do anything that looks like you might be planning to..." that people assume all rules carry, but I still have to work at it. I didn't even know why I kept having trouble with rules until I started reading up on autism. :)
My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
In the early 1990s I was into Audix running on System 85s. I figured out that 800-##AUDIX and 800-AUDIX## were back end access to AT&T's entire Audix infrastructure. With the help of ToneLoc, myself and some like minded individuals were making short work of the ##AUDIX range. I was living at home with my parents at the time.
After a week or two (it was not long at all), I was at the dinner table and my mom explained to me that she had a long conversation with AT&T corporate security. They explained to her in no uncertain terms that what I was doing was highly illegal (toll fraud (since they were 800 numbers), illegal access to a computer system (the System85s that were running Audix), and some other things). My dad shared tales of blue boxing from Harvard in the 70s, my parents explained that I was not going to be using the modem for six months, and we all decided that a life of phone fraud and computer crime was not going to be part of my future.
By the mid to late 1990s after having spent a lot of time at 2600 meetings and Defcon, it was very obvious to me that the Feds were not going to take a light hand to those who them deemed a threat to the system. The "old school" mentality that Tufte experienced up close, and that I had a brief taste of, disappeared long ago. The shift makes sense because of how the culture has grown. It went from hackers in dorm rooms at a few colleges, to people on bulletin boards with only a few phone lines, to EVERYONE (practically) walking around with a full blown computer in their pocket that is continually connected to the net 24/7.
I think the difference between curious exploration of computer systems, and cracking with the intent of liberating information is an important one. In this day and age, the authorities are not in the mindset to tolerate either. It is a shame. Good IT people are those who are curious about how things work. Smart people of any stripe, no matter what their profession, will always be testing the boundaries of the system. The human mind wants to know. It thrives on knowledge. It is criminal to lock the knowledge away. Yet, in the system we live in, just the opposite is true. It is criminal to liberate information, and perfectly legal to embargo it.
Clearly, a LOT of folks understood about the 2600 Hz in band signaling..
are we really believing Tufte invented the first blue box? I'm a bit skeptical, having read numerous histories of boxing and never encountered him before.
and i believe woz's claims to have invented it are also spurious. Woz sold a number of them to bookies to make cash but i don't believe he invented it, either.
FTFA "In 1962, my housemate and I invented the first blue box."
A recent parallel that comes to mind is the case of the Sarah Palin email hacker, who was convicted and sentenced to one year in minimum security, hard time.
That case was covered by Slashdot and the comments appeared to be rather balanced pro and con. I suspect that this may be b/c the Palin hacker tested laws enforcing individual email privacy (not a popular cause among Slashdot readers), while Swartz tested the legitimacy of institutional copyright enforcement over academic journal articles (a very popular cause, especially within the wider scope of institutional copyright).
The article continues:
And, finally:
What imbecile appointed Carmen Ortiz as a prosecutor, anyway?
"MIT betrayed all of its basic principles."
THE NEW YORK TIME'S ARTICLE http://www.nytimes.com/2013/01/21/technology/how-mit-ensnared-a-hacker-bucking-a-freewheeling-culture.html?
See the ending on page. IT IS CLEAR THAT AS CHANCELLOR OF THE INSTITUTE IT IS HIS FAULT AND HIS FAULT ALONE THAT HE HAS RUINED A FINE LIFE. HE HAD SEVERAL OPTIONS TO BREAK UP THE INVESTIGATIONS
THIS MAN SHOULD BE PUNISHED FOR WHAT HE DID. SAYING THAT'S IT's NOT HIS FAULT IS ONLY WHAT A COWARD WOULD DO.
SHAME ON MIT FOR HAVING SUCH A MAN ON IN THAT POSITION
I made this drawing as a tribute to Aaron Swartz: http://goo.gl/E3v6F
Blog Post(Taiwan): http://caq-qoq.blogspot.tw/2013/01/aaron-swartz.html
As the new york times article of today states, it is clearly Eric Grimson's fault that that things went they way they went.
It is told amongst the few that HE ALONE had the authority to put an end to the investigation at several stages, but he opted not to do so.
He overlooked the red alert signs, not caring and not willing enough to think through his actions. As chancellor of the university he should be blamed, and he should also be punished for it by revoking his current position.
READ THE NEW YORK TIMES ARTICLE to see who really is to be blamed for it.
Eric Grimson just did not enough. As chancellor of the instutute he, and he alone had the authority to stop the investigation at several stages, but it is told that he opted not to do so.
He should be prosecuted for allowing such a fatality. Someone should replace him!
(*please stop censoring the truth and let this comment appear*)
It is is the chancellor's fault of the institute that the investigation was not stopped when it could have been stopped.
The chancellor, and he alone, had the authority to stop the investigation at several stages but did not !
He should be prosecuted for these things and someone should replace him ASAP!
The Chancellor of MIT should have tried far more.
It is told that he and he alone had the chance to stop any investigations on this matter, but repeatedly let things slip leading to the calamitas of Aaron's suicide.
His father is correct that MIT ruined his son. In fact, not MIT, but the Chancellor of MIT ruined him. He should not only be ashamed of his deeds but stripped from his position altogether!
Richard Taylor
Please sign the Whitehouse petition to make the DOJ pay for Aaron Swartz death.
https://petitions.whitehouse.gov/petition/appoint-independent-investigator-subpoena-power-investigate-instances-doj-bullying-extorsion-and/ZrDymCLq