Saturday, July 23, 2011

Good Enough for Fort Meade, But Not Rupert!

One of the ongoing hypocrisies of the media coverage of the implosion of Rupert Murdoch is the sensationalism of the stories around his editors' involvement in wire tapping of phone conversations, stealing cell phone data (of a murder victim no less), and the possible repeating of such tactics on 9/11 victims, as if the wall of privacy, so great is our respect for it, should never be violated.  What few commentators, especially in the mainstream media, bother to mention is how the UK now has the highest per capita use of cameras by its government, covering the moves of millions of its citizens (in some cases for parolees, even in their own homes).  Or about how our government since 2001 that has been cataloging every one of our phone calls, spying on our emails, IMs, chats, all without so much as a warrant or cause?  We express feigned shock and outrage at a corporation (capricious as it is) for doing what we tolerate our own government doing to us on a daily basis (when our Bill of Rights is supposed to protect our rights from that government).

How convoluted of a society do we have to be living in for federal law enforcement to arrest hackers when we employ hackers as 'advisors' to our DOD security systems?  How much like The Matrix are we becoming when that same government threatens to have you thrown in jail for opening up a neighbor's snail mail, and allowing corporations to sue you for millions for downloading one of their products on bit torrent, and yet simultaneously conducts extensive warrantless searches and monitoring of our online activities, etc., the exact kind of behavior that would be illegal for us to partake in?

Can anyone fault News Corporation for thinking, even if only for a second, that there was nothing wrong with its activities?  Right now, as I write this, there are civilian contractors in the U.S. who use satellites to spy on us, and monitor our movements, without charge, without evidence, and without any legal oversight (operating on the orders of our government).  Our law enforcement, under the Patriot Act, can literally break into your home, take your hard drive without informing you of the theft, and not only is it legal, it is an increasingly accepted custom of evidentiary gathering in anti-terrorist cases (with the distinction of what it takes to be a 'terrorist' decided upon by a member of that bureaucracy, not a prosecutor and court).

Sounds conspiratorial?  Consider the story of Aaron Swartz.  His crime?  He conducted too many online researches, apparently, attracting the attention of federal prosecutors.  Oh, by the way, Aaron also just so happens to be a founder of an organization that is critical of the federal government's habit of spying on its citizenry.

Feds Charge Activist as Hacker for Downloading Millions of Academic Articles
by Ryan Singel
Well-known coder and activist Aaron Swartz was arrested Tuesday, charged with violating federal hacking laws for downloading millions of academic articles from a subscription database service that MIT had given him access to via a guest account. If convicted, Swartz faces up to 35 years in prison and a $1 million fine.
Swartz, the 24-year-old executive director of Demand Progress, has a history of downloading massive data sets, both to use in research and to release public domain documents from behind paywalls. Swartz, who was aware of the investigation, turned himself in Tuesday.
Disclosure: Swartz is a co-founder of Reddit¹, which like is owned by Condé Nast. He is also a general friend of, and has done coding work for Wired.
The grand jury indictment accuses Swartz of evading MIT’s attempts to kick his laptop off the network while downloading more than four million documents from JSTOR, a not-for-profit company that provides searchable, digitized copies of academic journals. The scraping, which took place from September 2010 to January 2011 via MIT’s network, was invasive enough to bring down JSTOR’s servers on several occasions.
According to the U.S. attorney’s office, Swartz was arraigned in U.S. District Court in Boston this morning where he pled not guilty to all counts. He is now free on a $100,000 unsecured bond. His next court date is Sept. 9, 2011 and he’s represented by Andrew Good of Good and Courmier.
The indictment alleges that Swartz, at the time a fellow at Harvard University, intended to distribute the documents on peer-to-peer networks. That did not happen, however, and all the documents have been returned to JSTOR.
JSTOR, the alleged victim in the case, did not refer the case to the feds, according to Heidi McGregor, the company’s vice president of Marketing & Communications, who said the company got the documents, a mixture of both copyrighted and public domain works, back from Swartz and was content with that.
As for whether JSTOR supports the prosecution, McGregor simply said that the company was not commenting on the matter. She noted, however, that JSTOR has a program for academics who want to do big research on the corpus, but usually faculty members ask permission or contact the company after being booted off the network for too much downloading.
“This makes no sense,” said Demand Progress Executive Director David Segal in a statement provided by Swartz to before the arrest. “It’s like trying to put someone in jail for allegedly checking too many books out of the library.”
“It’s even more strange because the alleged victim has settled any claims against Aaron, explained they’ve suffered no loss or damage, and asked the government not to prosecute,” Segal said.
JSTOR doesn’t go quite as far in its statement on the prosecution — though there are clear hints that they were not the ones who wanted a prosecution, and that they were subpoenaed to testify at the grand jury hearing by the federal government.
We stopped this downloading activity, and the individual responsible, Mr. Swartz, was identified. We secured from Mr. Swartz the content that was taken, and received confirmation that the content was not and would not be used, copied, transferred, or distributed.
The criminal investigation and today’s indictment of Mr. Swartz has been directed by the United States Attorney’s Office.
When asked about this, Christina Sterling, a spokeswoman for the U.S. Attorney’s office said, “I can’t speak specifically about this case, but fundamentally speaking, the U.S. Attorney’s Office makes own independent decisions regarding prosecution based on the merits of a case.”
But the feds clearly think they have a substantial hacking case on their hands, even though Swartz used guest accounts to access the network and is not accused of finding a security hole to slip through or using stolen credentials, as hacking is typically defined.
In essence, Swartz is accused of felony hacking for violating MIT and JSTOR’s terms of service. That legal theory has had mixed success — a federal court judge dismissed that argument in the Lori Drew cyberbullying case, but it was later reused with more success in a case brought against ticket scalpers who used automated means to buy tickets faster from Ticketmaster’s computer system.
“Stealing is stealing whether you use a computer command or a crowbar, and whether you take documents, data or dollars. It is equally harmful to the victim whether you sell what you have stolen or give it away,” said United States Attorney Carmen M. Ortiz in a press release(.pdf).
The indictment (.pdf) accuses Swartz of repeatedly spoofing the MAC address — an identifier that is usually static — of his computer after MIT blocked his computer based on that number. Swartz also allegedly snuck an Acer laptop bought just for the downloading into a closet at MIT in order to get a persistent connection to the network.
Swartz allegedly hid his face from surveillance cameras by holding his bike helmet up to his face and looking through the ventilation holes when going in to swap out an external drive used to store the documents. Swartz also allegedly named his guest account “Gary Host,” with the nickname “Ghost.”
Why would Swartz want to download what is likely gigabytes of information? His history includes a study co-authored with Shireen Barday, which looked through thousands of law review articles looking for law professors who had been paid by industry patrons to write papers. That study was published in 2008 in the Stanford Law Review.
Swartz is no stranger to the feds being interested in his skills at prodigious downloads. In 2008, the federal court system decided to try out allowing free public access to its court record search system PACER at 17 libraries across the country. Swartz went to the 7th U.S. Circuit Court of Appeals library in Chicago and installed a small PERL script he had written. The code cycled sequentially through case numbers, requesting a new document from PACER every three seconds. In this manner, Swartz got nearly 20 million pages of court documents, which his script uploaded to Amazon’s EC2 cloud computing service.
While the documents are in the public record and free to share, PACER normally charges eight cents a page.
The courts reported him to the FBI, which investigated whether the public records were “exfiltrated.” After in-depth background searches, a luckless stakeout and futile attempts to get Swartz to talk, the FBI dropped the case.
The same anti-hacking statute was used to prosecute Lori Drew, who was charged criminally for participating in a MySpace cyberbullying scheme against a 13-year-old Missouri girl who later committed suicide. The case against Drew hinged on the government’s novel argument that violating MySpace’s terms of service was the legal equivalent of computer hacking and a violation of the Computer Fraud and Abuse Act.
A federal judge who presided over the prosecution tossed the guilty verdicts in July 2009, and the government declined to appeal.

Think about that.  Our government takes $700 billion of our money to bailout banks, all pure deficit spending.  The same government, under two administrations (Republican and Democratic), have spent over $1.6 trillion of deficit spending to give tax cuts to millionaires.  Our banks and financial institutions wreck and destroy our economy, and not a single CEO has been held accountable, even the ones who knew they were selling toxic assets and betting against them in private (an act of fraud and violation of securities law).  Nothing.  But download articles from JSTOR, from unprofitable, almost never read academic publications, and well naturally that is a different story.

I will go out on a limb here and say that Rupert Murdoch, even if his managers did hack into the phones of 9/11 victims, will not only remain free and unpunished, but his news service will remain as defiantly dishonest and sleazy as ever, without fail and with the complete support of the media establishment and our so-called socialist president.  And your government will continue to treat the rest of us like subjects to be spied upon at will.  Still, we can rest easily tonight.  The fifteen readers of International Organization will not have to worry about their subscription rates being devalued by an illegal download.

No comments: