You don't see any difference between "Shit, we left some of our internal DB data accessible" and "I love downloadin things from this P2P network, huh I wonder what peer-to-peer means..." ?
I don't see any difference between "Shit, we left some of our internal DB data accessible" and "Shit, I shared the wrong folder on my P2P app". There is no difference whatsoever.
Either you can infer intent from public availability or you cannot. You cannot have it both ways.
Weev took advantage of a poorly secured access on their part.
And the police here took advantage of poorly secured access on these guys P2P program. The only evidence that these guys intended to share this data is that the data was shared. The same evidence exists for AT&T's data.
IANAL, but there comes a point when every law reduces to some arbitrary judgment call.
A public, unauthenticated internet service is a public, unauthenticated internet service. There is no justice whatsoever in treating them differently.
This discrepancy only demonstrates to what degree justice is lacking in the US. Justice is blind, but in the US corporations like AT&T get special treatment under the law.
Well, if you share something on a P2P network, you intend for people to download it.
And if you post something on a web server and don't implement any authentication?
If you accidentally reveal a list of other people's sensitive information (because you're bad at the web), you arguably didn't intend to make that data publicly available.
What if I "accidentally" share my root directory on P2P and you download something. Should I be able to have you imprisoned under the CFAA?
Not meaning to side against weev or anything here, just pointing out a meaningful difference between the two.
I don't see any difference whatsoever. The two situations are exactly analogous.
In this case they implied consent of making their information public by using that network, an AT&T customer did not imply consent of their information being made public.
AT&T implied consent of that information being made public by not implementing any sort of authentication. From TFA:
"The evidence overwhelmingly demonstrates that the only information accessed was made publicly available by the IP address or the software it was using," Reiss wrote. "Accordingly, either intentionally or inadvertently, through the use of peer-to-peer file sharing software, Defendants exposed to the public the information they now claim was private."
Could you not say exactly the same thing about AT&T's "private" data? Substitute "peer to peer" with "web server" where appropriate.
If you run a service on the internet, you have no expectation of privacy of the data you serve. That sounds reasonable enough. But why then was weev imprisoned for downloading data from a publically facing web server?
If weev can be imprisoned for computer hacking by using a publicly facing server in ways not intended by the owner, why aren't the police here facing similar charges?
I'd suggest that the choice to retain backwards compatibility for so long is stupidity. And it hasn't even worked very well. These days Linux is more compatible with old Windows apps than Windows is.
Microsoft deliberately made the architecture of Windows so byzantine, baroque, and spaghetti-like that even their own in-house staff of tens of thousands of developers could barely make sense of it
Never attribute to malice that which is adequately explained by stupidity.
They in fact are. Nicotine is harder to quit than heroin. Sigmund Freud, an early proponent of cocaine quit it when he realized the toll it was taking on himself. However, even after losing his jaw to cancer he never quit smoking cigars.
While alcohol addiction doesn't occur as rapidly, it is one of the few addictive drugs from which withdrawal can be lethal. Nobody dies from heroin withdrawal or methamphetamine withdrawal. People do die from alcohol withdrawal.
No, what we need is full legalization. The two most addictive and dangerous drugs known to man are currently available at almost every gas station in the country. It's a policy that works, and every other drug should be treated the same way.
Well, while it was signed by a republican president and sponsored by a republican, it was cosponsored by 2 dems and a republican. It also passed house with a voice vote, and the senate with a unanimous vote.
This was a completely bipartisan bill that our whole government went in on.
No, it was a monopartisian bill. A perfect example of how there is really just one party in Washington.
This is a world of governments. What they do is legal, by definition, unless they have specific Constitutional or statutory bars on that particular behavior.
You have that exactly backwards. Governments have no legitimate powers that are not specifically granted to them by the people. It's a default deny policy, with exceptions.
As someone who has been a sysadmin for years, I can say, unequivocally, I never ask people for their passwords.
You should be. Every once in a while, pick a person at random. Give them a phone call and ask them for their password. If they give you their password, have them fired.
If you think there aren't people who work in the tech field who will say "I'm totally in favor of this, because it protects us from the terrorists", you're likely sadly mistaken.
Anyone who would say this is not a good geek, because he lacks critical thinking skills.
Slashdot Mirror
Anyway, Weev had to manipulate a URL to get the information. He even wrote a script to do this.
Police used "an automated P2P query-response tool".
Another opinion is that these are two different kinds of services intended for two different kinds of uses.
What exactly is the meaninful difference between the two services? Functionally, they are identical.
That's a valid opinion, but possibly not a widely employed social convention.
You know what is a widely employed social convention? That unauthenticated web services are free to use by the public.
The entire intent of P2P sharing is "HEY GUYS I HAVE THESE FILES"
And if the files were accidentally shared? Then the intent was not there, and the police are commiting the same crime weev was convicted of.
The intent of ATT wasn't "HEY GUYS I HAVE ALL THESE CUSTOMERS".
And we're supposed to read AT&T's mind?
You don't see any difference between "Shit, we left some of our internal DB data accessible" and "I love downloadin things from this P2P network, huh I wonder what peer-to-peer means..." ?
I don't see any difference between "Shit, we left some of our internal DB data accessible" and "Shit, I shared the wrong folder on my P2P app". There is no difference whatsoever.
Either you can infer intent from public availability or you cannot. You cannot have it both ways.
The database wasn't "available for public download"
It most certaily was. Because the public did download it.
This is directly counter to purpose of P2P software which is to make accessible files and/or information on one's computer.
And what is the purpose of a web server?
Weev took advantage of a poorly secured access on their part.
And the police here took advantage of poorly secured access on these guys P2P program. The only evidence that these guys intended to share this data is that the data was shared. The same evidence exists for AT&T's data.
It's the exact same thing.
IANAL, but there comes a point when every law reduces to some arbitrary judgment call.
A public, unauthenticated internet service is a public, unauthenticated internet service. There is no justice whatsoever in treating them differently.
This discrepancy only demonstrates to what degree justice is lacking in the US. Justice is blind, but in the US corporations like AT&T get special treatment under the law.
Well, if you share something on a P2P network, you intend for people to download it.
And if you post something on a web server and don't implement any authentication?
If you accidentally reveal a list of other people's sensitive information (because you're bad at the web), you arguably didn't intend to make that data publicly available.
What if I "accidentally" share my root directory on P2P and you download something. Should I be able to have you imprisoned under the CFAA?
Not meaning to side against weev or anything here, just pointing out a meaningful difference between the two.
I don't see any difference whatsoever. The two situations are exactly analogous.
And what is the purpose of publicly facing web servers without authentication?
In this case they implied consent of making their information public by using that network, an AT&T customer did not imply consent of their information being made public.
AT&T implied consent of that information being made public by not implementing any sort of authentication. From TFA:
Could you not say exactly the same thing about AT&T's "private" data? Substitute "peer to peer" with "web server" where appropriate.
If you run a service on the internet, you have no expectation of privacy of the data you serve. That sounds reasonable enough. But why then was weev imprisoned for downloading data from a publically facing web server?
If weev can be imprisoned for computer hacking by using a publicly facing server in ways not intended by the owner, why aren't the police here facing similar charges?
Lawyers wield the most dangerous weapon of all, the law.
That, my friend, is a very good jab. Thanks for the laugh.
I'd suggest that the choice to retain backwards compatibility for so long is stupidity. And it hasn't even worked very well. These days Linux is more compatible with old Windows apps than Windows is.
Microsoft deliberately made the architecture of Windows so byzantine, baroque, and spaghetti-like that even their own in-house staff of tens of thousands of developers could barely make sense of it
Never attribute to malice that which is adequately explained by stupidity.
They in fact are. Nicotine is harder to quit than heroin. Sigmund Freud, an early proponent of cocaine quit it when he realized the toll it was taking on himself. However, even after losing his jaw to cancer he never quit smoking cigars.
While alcohol addiction doesn't occur as rapidly, it is one of the few addictive drugs from which withdrawal can be lethal. Nobody dies from heroin withdrawal or methamphetamine withdrawal. People do die from alcohol withdrawal.
These are the hardest of the "hard drugs".
You want to shut us up? You know how.
The pharmaceutical industry also has an interest in people using prescription drugs only as instructed on the label.
That's not what DARE is about.
No, what we need is full legalization. The two most addictive and dangerous drugs known to man are currently available at almost every gas station in the country. It's a policy that works, and every other drug should be treated the same way.
This is just like the pharmaceutical industry funding D.A.R.E..
Well, while it was signed by a republican president and sponsored by a republican, it was cosponsored by 2 dems and a republican. It also passed house with a voice vote, and the senate with a unanimous vote.
This was a completely bipartisan bill that our whole government went in on.
No, it was a monopartisian bill. A perfect example of how there is really just one party in Washington.
This is a world of governments. What they do is legal, by definition, unless they have specific Constitutional or statutory bars on that particular behavior.
You have that exactly backwards. Governments have no legitimate powers that are not specifically granted to them by the people. It's a default deny policy, with exceptions.
As someone who has been a sysadmin for years, I can say, unequivocally, I never ask people for their passwords.
You should be. Every once in a while, pick a person at random. Give them a phone call and ask them for their password. If they give you their password, have them fired.
What would you know about good people? You are a terrible person.
If you think there aren't people who work in the tech field who will say "I'm totally in favor of this, because it protects us from the terrorists", you're likely sadly mistaken.
Anyone who would say this is not a good geek, because he lacks critical thinking skills.