Asking People To Hit Reload Is A Felony?
from the seems-a-bit-extreme dept
Well, here’s yet another story about non-tech savvy folks seriously overreacting to a technology issue. Slashdot points us to the story of a high school kid who set up a blog on his high school’s server, and jokingly told visitors to hit “F5” (reload) to see if it would crash the server. It did slow down the server, and the school went to the police who have somehow decided that asking people to reload a webpage repeatedly is a felony. The city prosecutor gets all of the amusing quotes in this story: “Michael said it was a joke. We showed him how we deal with this kind of joke.” By charging him with felony charges? Later on in the article, the same guy admits that they had to charge some students with misdemeanors last year for breaking into school computers and changing their grades. Who knew that breaking into a computer and changing grades was a lesser crime than telling people to hit F5? Still, the best quote is: “This new technology has created a whole wave of crimes, and we’re just trying to find ways to solve them.” Perhaps before “solving” them you should take a step back and figure out if there’s really a problem. If the school had set their system up to handle more traffic would there be any crime at all? Still, this could raise some questions about what’s the dividing line between asking a lot of people to visit a site and setting off a denial of service attack? However, if you had to draw the line somewhere, it would probably be well beyond asking people to reload the website. As some of the commenters on Slashdot point out, just having Slashdot link to the school’s website probably is more likely to slow down the server than whatever this kid did. In other words, by making news with this felony charge, the school is more likely to have their servers go down. So who will they arrest for that mistake?
Comments on “Asking People To Hit Reload Is A Felony?”
dos is dos
He basically tried to implement a DOS attack, saying the school needed to be setup up better doesn’t really make what he did ok. Yeah it seems a little over the top reaction wise, but still, trying to implement a DOS attack even though mundane means isn’t something that should be ignored (though the relative level of sucess should be considered 🙂 ).
Re: dos is dos
do we honestly believe that he had criminal intent with that comment? in addition to that, is it really a felony to tell people to do something?
Maybe they should just charge all the people that did it with the same as co-conspirators
Re: Re: dos is dos
so true. the co-conpspirator charge is bs in general. i know because i’ve been prosocuted under it.
Re: dos is dos
So, if I say, “Hit reload on this page you are reading right now on this story!” then I’m setting up a DOS attack on techdirt? Thinking about this, I don’t care how many times a single person hits reload, you have to have many people doing it to even get a bump on a very horrible site.
Of course, in this case, I think anyone actually and seriously trying to crash the server might get… 3 days suspension, tops. Maybe a charge for Criminal Mischief at most.
BTW, this is also a reformat of an old joke. The old joke can be written on a dollar bill or on a piece of paper:
“How do you keep (insert target group, like blonds here) busy for hours? Look on other side for answer.”
You write the same thing on the other side, and then hand the piece of paper to a blond (preferably a friend who knows you are joking). 😉 Didn’t read the actual page, but I could see F5 used in a similar joke.
Re: dos is dos
Your assertion that the student’s actions constitute an attempted Denial of Service (DoS) attack is ridiculous. The student simply posted a comment on a public blog, not operated by the school, requesting that others go to the site and refresh the content. Regardless of his intentions, all he did was tell people to visit the site. He didn’t setup flood bot, he didn’t coordinate a distributed attack, and he didn’t take advantage of or even mention possible weaknesses to exploit. Again, all he did was ask people to visit the site and refresh the content. At the most, the boy’s actions equate to harassment and could have been remedied by simply talking to him.
Charging this boy with a FELONY is reckless, and irresponsible, and illustrates incredible ignorance by the school, the police, and the prosecutor. Furthermore, the actions taken and comments made by the prosecutor demonstrate his own brazen arrogance, poor judgement, and malice. If convicted of the charge this boy, who is just beginning his life, will carry the burden of being a “convicted felon” until he dies or is absolved by a higher court. Here’s a sample of the collateral consequences his conviction would bring:
Even if this boy is exonerated and the charges are dropped or dismissed, he will have been put through a process reserved for those accused of the highest order of crime defined by law. The prosecutor’s rash decision to file felony charges without first consulting with a technology expert is reprehensible. Regardless of the outcome, it is clear he lacks the sound judgement and integrity that is necessary to competently represent the People of his municipality. He should resign from or be removed from his post, and be replaced by someone who will represent the People with the integrity and consideration they deserve.
Respectfully,
Samuel Walter
Network Engineer / Security Analyst
Re: Re: dos is dos
Not just that, samuel… under the three strikes laws, if he makes similar posts on his blog twice more he could be sentenced to life in prison.
Re: Re: dos is dos
I agree fully with Mr Walter. In fact, I made this petition – please sign it and spread the word. Thanks. Save the world from those lacking in grey matter!
http://new.petitiononline.com/mwstone/petition.html
Re: Re: Re: dos is dos
There is a typo in the last line of the petition. I belive it should read additionaly rather than instead.
Re: Re: dos is dos
And, if I were his father, I’d be lining up the best legal talent right now to bury the school and prosecutor with a civil lawsuit. While prosecutors may be immune from most suits, I think a case can be made for just what you mentioned – reckless prosecution. No prosecutor is immune from that.
Re: Re: dos is dos
Mr. Walter,
I fully agree with your commentary. I’d ask that you forward your views to someone who can appeal the charge, or at least make a public statement about it. I’ve found no way to contact the school, so my suggestion is to contact the journalist who wrote the story: edd.pritchard@cantonrep.com. Perhaps he would be willing to post it as a letter to the editor, gaining the attention of that city’s citizens and setting the facts straight.
I appreciate your comments, and encourage you to campaign for this student’s innocence.
Re: Re: Re: dos is dos
CoronaJoe:
Thank you for voicing your support of my commentary. Given that I am not in any way involved in this fiasco, I was hesitant to write such a lengthy statement of my opinion. Nobody wants to be perceived as an “opinionated do-gooder”, but I found myself particularly outraged by the audacious actions of the school and, especially, the prosecutor.
I followed your suggestion and emailed a copy of my post to the journalist covering the story at the Canton Repository, Mr. Edd Pritchard. It is my sincere hope that my statement makes it way to someone with enough common sense in a high enough position of power to vindicate this poor kid.
I would also like to urge other readers who share my disbelief and outrage to please voice your opinion here on TechDirt.com, and either forward a copy of your comments to Mr. Pritchard (edd.pritchard@cantonrep.com) or call him at 330-580-8484. The more comments this story generates the longer it will stay in the public eye, and the greater the chance this boy has of making it through this unscathed.
Additionally, I ask that everyone fill out the petition created by srage at http://new.petitiononline.com/mwstone/petition.html. I don’t know what impact it will make, but an organized collection of names certainly couldn’t hurt. I live in Philadelphia and have no connection to anyone involved in this story, but cannot sit back and watch this unfold without making an effort to reach out and do something about it. Let’s show the Lake Township School Board and Mr. Frank Forchione what “Power to the People” really means!
Respectfully,
Samuel Walter
Network Engineer / Security Analyst
swalter718@gmail.com
Re: Re: Re:2 dos is dos
I’d like everyone to know that I’m forwarding a copy of the comments here, as well as a link to the petition to the City of Canton’s Law Director, Mr. Joseph Martuccio. From what I gather, he is the prosecutor’s supervisor. Perhaps more importantly, he is an ELECTED OFFICIAL and may be a bit more open to listening to the opinions of the People. If anyone else is interested in contacting him, his email address is jmcarman@ci.canton.oh.us and his phone number is 330-489-3251.
Respectfully,
Samuel Walter
Network Engineer / Security Analyst
swalter718@gmail.com
Re: Re: Re:3 dos is dos
If you dos a system it should probably be a crime not sure. I’m sure shuttting down mail serves and things of the like happen everyday though it is something maybe someone should take a stand against. I think there are things much more important than that to deal with however if you can take down a satellite feed that’d be a pretty good feat that might deserve some media attention. A school computers system is lame.
Re: Re: Re:3 dos is dos
I agree with everyone that thinks this is reprehensible. I have sent an email to Mr. Martuccio regarding this case and notifying him that I will raise awareness of this case and that Mr. Forchione, the prosecutor, I will encourage people to push for a charge of reckless prosecution, resulting in his disbarment.
Re: Re: Re:4 ??
Wow, Thats all I can say. How can this be leagal first off, there are worse people out there that suggest things to people that physicaly hurt themselves who get away clean by appologiseing and this kid gets busted for doing what? suggesting for everyone to hit the refresh key?…Shame on them and I hope the worst for the schools administration. You DO NOT take your frustration with technology out on kids. I know kids who have had the crap beat out of them and the attackers were at the most suspended for month. I will be sigining the petition in hopes that the judge/jurry on the case decide properly.
Re: Re: Re:2 love to instant message
Hi i just love to have an instant message conversation with my boyfriend jordan claus
Re: Re: dos is dos
Samuel,
Beautifully worded and written! A man should be proud to have you at his back. Have you considered speaking out on something other than a blog? Perhaps in the boy’s defense? It shouldn’t be too hard to find who his lawyer is, and I’d even be willing to look it up for you, if you’re interested. This IS a ridiculous thing, charging him with a felony for a harmless prank. Thank you for a well-needed reminder of what’s important.
Respectfully,
Joe Rogers,
Wanna-be Geek
(2-yr degree, instead of 4)
Re: Re: dos is dos
you are right and all who agree with you should sign a paper telling the school of your ideas and make a statement.petitions have huge leverage
Re: Re: dos is dos
Samuel Walter
You are so on target. I was discussing the news article with a few online, and spotted your post. If at best this teen is guilty of blogging. However the incomprehension of the school, the police, and the prosecutor, make me think that perhaps instead of the school teaching, the police protecting, and the prosecutor being able to take legal action. They should of enrolled all three departments in kindergarten instead to brush up on computer skills.
Re: Re: Re: dos is dos
I feel bad for the kid. A child, about to have is future all #&$% up, because some idiot wants to make an example out of him. I signed that petition, I hope everyone does.
Re: dos is dos
So if TechDirt turned round and had offence at the (stupid) comment that Griffon made, then Griffon could be charged under DMA for altering the contents of this discussion and the data on TechDirts servers? Interesting concept……
As a side note, if you want to see if anyone else has posted to this since you’ve been reading, you better come back in an hour, because if you press F5, then you will of course be starting a DOS!!
Re: "this new technology"???
Just how much lomger is internet access going to be called “new technology”? Hasn’t it been like 10 years since connectvity moved from text based programs like Lynx to being in 3/4 of homes in the country? And this is still NEW technology?
Re: dos is dos
You can’t possibly think that this is really a crime. Maybe everbody should go to this website
http://www.cityofcanton.com/question.html and ask them to drop the drippy charges. Who knows what could happen to their server if enough people went their at the same time. If they crashed would we all be charged?
Re: dos is dos
Hey, everyone go to microsoft.com and refresh the page! Now I am a fellon.
Now, everyone go shoot you parents.
Oh gawd, I am going to jail forever.
I know it is a little over the top, but still, telling peopleto refresh a page at a specific website, does NOT a D.O.S. attack make…
Re: dos is dos
To me this is indicative of the problems faced with the computer industry.
A simple analogy would clear it all up.
You install an alarm system that detects movement. The field of view goes out the window. Duh.
Kid walks buy and sets it off, tells others to do the same thing.
Kid being disruptive? yes, is he breaking the law?? In someones eyes, yes.
But what exactly is he doing?
People will NEVER fix a problem unless someone takes advantage of it.
Until then, the problem exists.
The kids who changed their grades should have been charged with criminal tresspass, tampering with computer logs and a few other things. Which in the sate of NJ, would be up to 4 years in prison.
A lot of laws make you wonder does the punishment fit the crime.
Also, my favorate, does the punishment take into account the likelyhood of the ones making the law, getting caught breaking that law.
Is what I always thought was funny about DUI’s, embezzlement, and vehicular manslaghter.
Go figure.
Anwyay, just my nickel worth.
Re: dos is dos
YOUR NUTS…it is a freakin high school — who cares if the site went down for 5 minutes while a couple of kids hit F5 — perhaps we should put everyone in jail that hit F5 trying to get a plush cow from chick-fil-a when there servers did not respond for 9 minutes on the giveaway they did. A DOS is several orders of magnitude greater than hitting a key 30 KPS; perhaps you dind’t pass Algerbra-I in HS. Furthermore there was no attempt to hide their identity whatsoever; and most highschool websites are garbage, out of date and full of porrly designed and somewhat not useful information.
No, a real felony would be if you...
… posted the story on all the major news services and encouraged everyone in the world to all hit F5 repeatedly at the same time.
Wouldn't it just come out of browser cache?
I thought the default behaviour of F5 (at least in Internet Exploder) was just to reload the page… and that to force it to go back to the source server, you had to hold ctrl-F5? Wouldn’t the page be simply reloading from browser cache?
Re: Wouldn't it just come out of browser cache?
Exactly. And, many ISPs use GET cache’s that would even prevent a DOS of this type, unless the user was rePOSTing information each time. And, even further, if the server being accessed had a proper setup, it would have a fast cache to serve up static and non-changed dynamic pages without using much CPU time.
The F5 DOS was only really a serious action 7 years ago or before. Today, most admins are smart enough to see their bandwidth rising because of a few people, and banning their subnet. This is exactly how an automated DDOS is stopped (though usually by firewall or automated server scripts, not directly be the admin themselves).
What’s really funny about this story is the incompetence of this school’s admin. Think about this. He had to actually report this as a crime, and investigate 3 or 4 students reloading a page. I know us admins are thought of as geeks (proudly, I might add, haha) who do nothing but spend our lives in front of computers. But this guy really does have no life, and he is seriously lacking in skill. My guess? The server admin is the principle of the school, who does this in his spare time. This was not a real admin, and definately not a real geek.
Lake High
If anyone wants to check out the site for themselves, for any reason at all, here is the link:
lake.stark.k12.oh.us/hs
although for some reason, it won’t load…i wonder why?
Re: Lake High
That’s an incorrect link, that’s why it doesn’t load.
Try this:
http://www.lakelocal.k12.oh.us/lhshome.htm
Re: Re: Lake High
No, there is a video of the newcast. You can see http://lake.stark.k12.o typed into the screen before it zooms out.
The Lake High School you linked to is in a completely different part of Ohio than the one in the story.
Re: Re: Lake High
wrong lake High School… that link is to one near Toledo.
why?
why do small tasks always raise big issues?
Why is this a problem?
I tell clients that they ought not keep important data, and confidential data on the same server as your web server, while it can be done, and you can make things pretty secure, there is always that traffic issue.
Is this server JUST a web server? Or does it run other critial applicaitons that contribute to the day-to-day operations of the school? If it is just a web server, then no harm done.
If it is more important than that, then it is more the admins fault.
Finally: the schools ought to be thankful that a weakness in their system had been found out. And if they would have kept their mouths shut, they could have avoided the streisand effect, and fixed the problem. But alas, they had to exercise their foolish zero tollerance attitude and make a big ‘ol stinky fart out of this mess, and now THEY are in much deeper, uh, doodoo.
I hate it when stinky ‘ol farts leave a mess. But that is what you get when you don’t take care of the poo in good time.
What's up with that
I dont think the biggest part of the story should be what the kid did, I think it should be the punishment. The article said that kids who broke into the schools computers and changed their grades were given a lighter punishment than someone who asked everyone to press F5. That school/county has some deeper issues.
idiots
What is our country coming to when a kid can’t use his freedom of speech. What he said on his blog was just his thoughts and the only people who should be held accountable for their actions are the ones who listened to him and held down F5.
Re: idiots
Call your Mother !! 702-328-6747
What's the big deal
WOW so someone who puts an auto refresh meta tag in their HTML is a FELON too?! This is the most ridiculous thing I have ever heard of. So what if some extra bandwidth was consumed.
No Subject Given
Why doesn’t everybody go to this website and ask them if they are crazy, asking people to reload can’t possibly be a crime. Who knows what could happen to their server if enough people go there?
http://www.cityofcanton.com/question.html
No Subject Given
furthermore, assuming the prosecutor is the school, school district or any local authority, on top of attracting huge negative press and spending a presumably substantial amount of money on a pointless lawsuit, they are hounding a member of their own school/community with malicious charges apparently intended to ether excessively punish this particular student or make an example of them to other students. this seems to me to completely go against the idea of authority protecting the common person. not only is there no legitimate charge, but this sort of overreaction will only encurage people to cary out more serious atacks in protest.
Student Information System
I particularly appreciate the comments of Anon, on proper web server setup, and Samuel Walter, who is more articulate than I.
This subject has another dimension. Our school district has over 20,000 students, but we have no Student Information System. We’ve been told repeatedly “We can’t afford it.” A SIS would provide reliable communication between teachers and parents, so that we parents would know what is going on at school. Currently, we must rely on our students to report accurately on their homework ? but it turns out that reporting is not always accurate. Our high school freshman is a bright kid, but he is failing four of six subjects, due to not turning in homework.
For less than $200 per year I could establish a simple SIS site with a cheap web host provider. Several tech savvy teachers would help set it up and maintain it. The content would consist of simple text files uploaded daily, describing the current homework assignment.
My thinking on this subject has been mostly technical. But now I’m thinking about the potential legal liability incurred by the legally responsible party for the site. I would have little or no control over server setup. Site security would depend on logon credentials.
Kids WILL probe for weaknesses in the system. I can imagine the consequences of one kid discovering a teacher’s logon, and posting defamatory remarks on the homework page.
For the school district to set this up, it would take many months and thousands of dollars, and in our current fiscal climate, it will not happen. It would be a shame if the only reason not to make this happen would be the fear of bad law and ignorant prosecutors.
Google Attacks
Are we going to start claiming that companies like google and yahoo are committing felonies by sending out bots to track websites? Working as a web admin I find that most of my problems are from bots, not users.
Poor man's virus
That reminds me of the poor man’s virus … a spam requesting you to delete all your files and reformat your hard drive since the virus writers were too poor to hire a programmer to do it for them.
Contact the school
Here’s a link to the contact form on the school’s website…it’s the right school too, I made sure. Uniontown, Stark county.
http://lakelocal.oh.schoolwebpages.com/education/components/contact/default.php?sectiondetailid=3439
Call Frank!
Work | Forchione, Frank G Atty
National City Bank Bld
Canton, OH 44702
330-453-7676
Home | Forchione, Sandra & Frank
1647 Shriver Ave NE
Canton, OH 44705
330-455-6486
>READ PEOPLE
Don’t be lemmings! learn to read. I normally like tech dirt but this isn’t the truth, he didn’t just ask people to press F5! he said
Stone told users to “hold down F5 to help crash my school server,???
thats not as innocent as just hitting F5. He knew what he was doing when he asked and he had intent!
Re: >READ PEOPLE
Still, NOT a felony. Detention, low-level suspension, followed by mentoring. An intellect/initiative combination like that should not be wasted.
Remember, everyone, that Bill Gates reverse-engineered Windows, then marketed it under Microsoft. That IS a felony (or damn well should be), and he’s now a billionare.
Re: Re: >READ PEOPLE
If this is a felony and he gets more time than Martha Stewart did for stealing millions out of old peoples retirement funds. Then we seriously have some problems in this country. The people at enron are facing less than this in terms of charges. There are much larger targets that could go down just by a word said by someone. Ridiculous and if this legislation stands we’ll see…
Re: >READ PEOPLE
Pharaoh:
Regardless of his intentions, the action he urged others to take was completely benign and could not have led to the outcome he was allegedly working towards.
Intent means nothing without sufficient action. If I tell everyone to fill a DixieCup with water to help me flood the city, and a hundred people actually do it, is the city going to flood or is there going to be a hundred idiots standing there looking at a puddle?
Respectfully,
Samuel Walter
Network Engineer / Security Analyst
Re: Re: >READ PEOPLE
@Samuel
Regardless of his intentions, the action he urged others to take was completely benign and could not have led to the outcome he was allegedly working towards.
Intent means nothing without sufficient action. If I tell everyone to fill a DixieCup with water to help me flood the city, and a hundred people actually do it, is the city going to flood or is there going to be a hundred idiots standing there looking at a puddle?
Perhaps I am misuderstanding but in the case of the school wasn’t his intention (crashing the server) accomplished?
Re: Re: Re: >READ PEOPLE
Naw, he didn’t crash it, he simply “slowed the school’s computer system down”.
Re: Re: Re:2 >READ PEOPLE
People here in Finland are laughing at that Forchione guy. It was just a small prank. But then you must realize that you can sue anyone for anything in the almighty America *grin*
If I would live in there I would probably sue my cat for causing me mental and physical damage…
Re: Re: Re: >READ PEOPLE
amazon10x:
From my understanding, the server was not crashed; it maintained normal operations. There was an alleged slowdown and their admin attributed it to higher-than-normal activity originating from a particular referrer – that being the blog link directing users to the school’s site.
Given that this is a Windows server, operating on equipment purchased with money funded by a school system that has demonstrated incredible technological ignorance, I’m inclined to suppose that there are probably several other mitigating factors contributing to the alleged slowdown. Anyone who has any experience with Microsoft IIS knows that you have to throw a lot of hardware at it to achieve decent performance. Since a web server is only as good as the operating system it runs on, IIS-powered web sites (if you can say ‘powered’) are prone to poor performance and outages far more often than should be tolerated. This is one of the major reasons that Microsoft IIS powers less than 21% of the Web, compared to Apache which is the engine behind 68% of the Web. Factor in the likely-meager salary they pay their administrator and I think a pretty bleak, yet clear, picture of their network infrastructure emerges.
Something else to consider is the browser configurations of the refresh-perpetrators. By default, Internet Explorer and most other common browsers are configured to display previously viewed web sites from their cache unless the page being viewed has changed since it was last viewed. It accomplishes this by comparing the date and file size of the page on the server with the one in its cache. Unless the page has changed, all of its content is displayed from the cache on the individual’s computer. So, unless the school was making a whirlwind of changes to their web site while the refresh-onslaught was going on, the impact of all this F5 pushing would be negligible.
I think the biggest obstacle in this case is going to be explaining the reality of the situation to the prosecutor, judge, and jury (if it gets that far). When people lack knowledge and understanding of something, the first reaction is usually fear. Fear is always a catalyst of extreme and unreasonable reaction, and people, especially criminal prosecutors, are not quick to admit that they were wrong; even when presented with overwhelming evidence and logic.
If you haven’t already done so, I urge you all to please sign the petition to “Free Mike Stone” by going to http://www.petitiononline.com/mwstone/petition.html
Respectfully,
Samuel Walter
Network Engineer / Security Analyst
swalter718@gmail.com
Ridiculous
>>> Repost of my petition comments
“District Mission – The mission of Lake Local Schools, recognized as a leader in education and community partnerships, is to guarantee all students a superior educational experience, enabling them to become lifelong learners and healthy, productive citizens.”
Really?? Charging a student with a felony to just to make an example of him over something as dastardly as yelling “Water!” in a crowded swimming pool. This is how you guarantee a superior educational experience? This is how you create productive citizens in Ohio, by turning them into 3rd class demi-citizens (felons)?
Shame on your school administrators and elected officials.
Re: Ridiculous
yeah well thats OH for you. Standing around knuckles to forehead with brows furrowed in a vain attempt to understand the confusing world around them.
See this is what happens when the digital divide starts to hit home. A bunch of people with no understanding of the domain are the ones vested with punitative authority. Thus a bad decision is almost guaranteed since people tend to react negatively to the unknown by default. Therefore the kid does something none of them really understand so they go to the extreme of punishment just to make sure. Brilliant.
And heres the bad news: its only going to get worse since we no longer value education in the US. The barrier to entry in the information society is getting high enough that people can’t be bothered to even learn the basics of protecting themselves from malware so I don’t think we can expect them to even try and understand anything more complicated.
No Subject Given
i would help you with that but im at school hitting F5 >_> _<