Newspaper Editorial Insists Hackers Must Be Punished, While Misunderstanding Nearly Every Detail
from the apparently-never dept
We just recently wrote about a trio of recent situations — all involving young hackers probing for information, leading to either criminal charges or threats of criminal charges against them — that show what happens when people in power don’t understand how technology works. They were all cases where the individuals involved may have done things that some would think inconsiderate, but that hardly should rise to the level of “criminal” behavior — especially with threats of many years in jail. Presenting the flipside to that argument: the editorialists at the Toronto Globe and Mail, who show why those who don’t understand technology have no business writing about it. The editorial is headlined When did it become wrong to punish hackers?, which already suggests problem number one. Hacker is a generic term that does not automatically imply malicious attacks, yet the Globe and Mail immediately seems to assume otherwise. That might be news to the US government, which just announced its own National Day for Civic Hacking (despite filing charges against such civic hackers…).
A Montreal school is being widely criticized for expelling a student who hacked into its computer system and helped expose flaws in the system’s security. The student now has been offered jobs by computer security companies, including the one that ran the system he hacked into. In the Internet age, the hacker is celebrated as a hero and the school is pilloried for being an overbearing, defensive holdover from a bygone age. It’s an unfair presumption that needs to be corrected.
That’s one version of the story. The hacker is celebrated as a hero because he did something useful: exposed a security flaw that could have been used by someone malicious for nefarious purposes. We generally want to celebrate those who spot danger and warn people away from it. And the school is being pilloried because it expelled this person. Without Ahmed Al-Khabaz’s help, the data of students would be at risk. Doesn’t it seem somewhat overbearing to blame the messenger? What exactly is “unfair” about the presumption? After pointing out that Al-Khabaz “discovered a serious flaw” the editorial still supports his expulsion, apparently entirely based on the fact that the company, Skytech, felt his probing was an attack:
… Mr. Al-Khabaz then went on and carried out what the company considered to be a “cyber-attack” on the school’s production servers. The company notified the school, and Mr. Al-Khabaz was hauled on the carpet. The company accepted the student’s explanation and noted that he “demonstrated great talent in computer science.” They dropped the matter and offered Mr. Al-Khabaz a job, but Dawson’s administrators felt the student had gone too far and expelled him on the grounds he had violated the college’s code of conduct.
What the company considered a “cyber-attack” could also be described as “checking to see if the flaw was fixed.” And, clearly, they didn’t think it was a huge problem if they offered him a job, and noted his “great talent.” So why does the school still think he went too far?
Dawson’s officials are right: Rules exist for a reason, and students cannot expect to break them without consequence. Why have them, otherwise?
Ahhhhhh. Rules are rules. Rules exist for reasons, but sometimes those reasons are bad. And punishing people for breaking rules in ways that help people seems like sending the exact wrong message. Sometimes rules should be broken, because the rules are wrong.
The editorial then moves on to Aaron Swartz:
Swartz, who had a history of depression, was facing a slew of charges for allegedly downloading publicly funded academic journals from a large database that charged a fee for access. His family and supporters blame overzealous prosecutors for his death; the prosecutors insist – again, quite rightly – that “stealing is stealing.”
Uh, “stealing is stealing” is a tautology, so of course it’s right. But what’s “wrong” is arguing that what Swartz did was “stealing.” He stole nothing. He downloaded papers from MIT’s open network, which was set up with a site license from JSTOR allowing open downloading of those journal articles, all of which remained on the site for anyone else to download.
Go ahead, explain what was “stolen”?
In the age of the Internet, the massive downloading for free of music and movies and other copyrighted material has muddied the waters for many people.
It seems to have “muddied the waters” for the editorial writers of the Toronto Globe and Mail who don’t seem to realize that neither case had anything to do with the “massive downloading for free of music and movies.”
They seem to have forgotten that privacy rights and copyright laws are among the foundations of our economy. These are things that are not to be shoved aside by the absolutism of Internet activism.
Oh really? If privacy rights are the foundation of the economy, then, er, isn’t it a good thing that Al-Khabaz alerted officials to a hole that exposed the private info of students. He did nothing to compromise anyone’s privacy rights at all. Similarly, Aaron Swartz did not violate any copyright law, and he was not charged with copyright law violations.
So, seriously, how does a huge mainstream publication like the Globe and Mail get away with writing a piece of garbage this ridiculous? It claims things that simply aren’t true, completely flips around reality, and then seems to wrap it up in some bizarre “rules are rules” argument, that makes no sense since the rules it says people violated… weren’t even violated.
And the Globe and Mail thinks people should pay its meter to access this kind of crap?
Filed Under: aaron swartz, ahmed al-khabaz, globe and mail, hackers, punishment, rules
Comments on “Newspaper Editorial Insists Hackers Must Be Punished, While Misunderstanding Nearly Every Detail”
Tautologies
My apologies in advance for taking one small element out of this article and expanding on it. Yet perhaps it is the crux of the incorrect viewpoints and interpretations behind the outdated view of things.
STEALING = STEALING as you point out, is a tautology.
Let’s play around with logic a little.
GRAND THEFT AUTO = STEALING is true.
SHOPLIFTING = STEALING is true.
Therefore GRAND THEFT AUTO = SHOPLIFTING. Uh wait a sec.
You would think that smart people would recognize that STEALING is not in fact always equal to STEALING and if you boil complex issues down to false tautologies, you are going to have unintended consequences that ruin people’s lives.
Then of course you can get back to the point that COPYRIGHT INFRINGEMENT != STEALING or VIOLATING ACCEPTABLE USE POLICIES != STEALING to completely blow up their argument.
(By the way, Toronto’s Globe and Mail has fallen so far from its peak as a widely respected source of news and opinion that I am hardly surprised at their clueless stance on this issue.)
Re: Tautologies
GRAND THEFT AUTO = SHOPLIFTING if you are in a car dealership at the time, but I get your point.
Re: Re: Tautologies
Excellent! You are thinking like a prosecutor: “Hey! Look, we can charge him with BOTH auto theft and shoplifting… oh and vehicular misappropriation and highway robbery and non-pedestrian pilfering… maximum sentence is 300 years in prison but we can whittle it down to four years in a plea agreement. Look how lenient we’re being. I tell ya: doing good feels good.”
Re: Re: Re: Tautologies
Don’t forget, today’s cars have HUNDREDS of computers in them that were all accessed without authorization.
Re: Re: Re:2 Tautologies
I actually wonder if any car thief has been charged with that yet…. A lot of the new cars now have the fancy computer controlled ignitions where you no longer use a key. So I would think you could probably get slapped with a computer hacking charge for defeating that system and cranking the car.
Re: Tautologies
You can resolve the paradox by thinking about them as sets, rather than single instances.
GRAND THEFT AUTO ⊂ STEALING
SHOPLIFTING ⊂ STEALING
since not all cases of stealing are cases of grand theft auto or shoplifting. (It is possible to have a case of GRAND THEFT AUTO && SHOPLIFTING, at least if the dealership has a large enough window.)
Of course, I doubt the Globe and Mail is concerned at all with the proper rigor of set theory, or indeed any form of logic whatsoever.
The funny thing about Mr. Swartz
Everyone goes off about how he must be punished for trespassing and copyright infringement…and yet nowhere in the indictment or the superseding indictment did it mention any law dealing with copyright or trespass.
It’s as if people just see some behavior they don’t approve of, and at that point any punishment at all is justified, even if the punishment has nothing to do with the crime.
Re: The funny thing about Mr. Swartz
That is the problem with the system that allows prosecutorial discretion or any other kind of selective enforcement.
Once you have the general population breaking the law through day-to-day activities, the government ends up with the power to choose to enforce those laws against people that they disagree with.
Re: Re: The funny thing about Mr. Swartz
Just to pile on: Isn’t that the fundamental principle behind a totalitarian regime? If everybody is breaking x laws each day, it is always possible to “remove opposition”!
Discretion in enforcement and execution of laws is a bane of democracy. At some point it comes down to the question:
Is it better to convict an innocent or let a guilty go free. If you choose the first, you are dealing with a principle that is diametrically opposed to human rights!
Re: The funny thing about Mr. Swartz
People get found guilty of not breaking any laws all the time by courts.
Somehow it doesn’t stop the sentencing phase, nor carrying out the sentence.
And a follow up on the noble Aaron Swartz
Aaron Swartz versus the Phantom Giant
When Aaron took on SOPA, he took on AT&T and as he was later to find out, Chris Dodd, whose family has been on retainer to the Rockefeller family for generations, dating back to their ancestor, Samuel Calvin Tate Dodd, the attorney to John D. Rockefeller, who created a holding company each time Rockefeller?s Standard Oil supposedly sold off a business unit (during the court-ordered breakup), moving the stock ownership to the holding company, then in turn establishing ownership of said holding company at one of Rockefeller?s foundations and/or trusts.
Chris Dodd?s father, Thomas Dodd, had no less than at least three Acts of Congress passed in futile attempts to curb the famous Dodd corruption (most notably F.A.R.A., or the Foreign Agents Registration Act, and amendments to it).
Are the Dodds still working for the Rockefeller family? Well, that depends on the mystery ownership of AT&T. Going back to the early 1900s, John Moody, the original founder of the infamous Moody?s rating service, said that AT&T was part of the Rockefeller Trust, originally financed by Morgan, but either sold, traded or shifted over to Rockefeller.
We do know that AT&T loves Senator Jay Rockefeller, and that Jay Rockefeller loves AT&T, as witnessed by the manner in which he led the way in the Senate to grant them retroactive immunity regarding the warrantless wiretapping during the Bush Administration (which continues on, BTW).
From the site link below. . . .
http://attpublicpolicy.com/tag/jay-rockefeller/
Posted by: AT&T Blog Team on January 25, 2011 at 4:08 pm
?Chairman Rockefeller has long made public safety and national security a top priority for this country. We applaud his commitment to the public safety community and his tireless efforts to ensure that first responders have the resources they need to support a nationwide wireless broadband network. This legislation will result in a truly interoperable public safety network and will free up new spectrum and establish funding mechanisms to support the operation and maintenance of this critical network.?
Many people don?t realize that the old AT&T has been reconstituted back to its original, albeit even more powerful and richer self, thanks in part to Bill Clinton?s signing of that Telecommunications Act of 1996 — all except Verizon, but in tracking the circuitous ownership of Verizon it appears to lead back to the same ownership as AT&T!
Why would AT&T target Aaron Swartz, through their federal prosecutor proxies?
We used to marvel, back in the late 1970s, how AT&T set out to destroy the telecom upstart, MCI, which would have shortly gone out of business, had not AT&T pulled their access to long distance lines, thereby allowing MCI legal recourse, eventually netting MCI enough monies (from the legal settlement with AT&T) to continue on with their precarious business existence for a few more years.
AT&T — and the Rockefeller family — has only one strategy: the scorched earth policy!
Now, former IMF stooge and presently an economics prof at MIT, Simon Johnson, would have us believe that the Rockefellers, led by the crafty David Rockefeller, gave away their billions to ?charity? — they morphed from murderous robber barons to ?philanthropists??
So the Rockefeller family, worth an estimated $30 billion in 1960 (when one billion was an unimaginable sum), are now only worth $2 billion?
Puuuhlease — repositioning the Rockefeller fortune to various foundations, trusts and unregistered trusts to hide their wealth and ownership was, and still is, the standard tax dodge; nothing particularly surprising there. (The norm today is to create an LLC, or Limited Liability Corporation, owned by a holding company, in turn owned by an offshore trust.)
One can only imagine what their true net worth is today?
So who owns AT&T today? Look for a Dodd underneath a rock(efeller) and you?ll know the answer.
The Rockefeller Hit Parade:
From the bloody Ludlow Massacre, and the Rockefeller chain gangs, to their secret oil shipments to the Nazis during World War II, to the murders of John F. Kennedy, Martin Luther King, Jr., Bobby Kennedy and the recent death of Aaron Swartz, the bloody prints of the Rockefeller family are evident!
Special Links:
The Ballad of Aaron Swartz
http://www.youtube.com/watch?feature=player_embedded&v=Qb0tCgNzbjk
http://www.stockingblue.com/wp-content/uploads/3835494997_edc2e1dc12_z.jpg
http://whowhatwhy.com/2013/01/17/carmen-ortizs-sordid-rap-sheet/
http://www.nytimes.com/2013/01/21/technology/how-mit-ensnared-a-hacker-bucking-a-freewheeling-culture.html
http://www.youtube.com/watch?NR=1&v=9-UyhdNxv-4
http://www.democracynow.org/2013/1/23/wikileaks_legal_advisor_we_steal_secrets
Sources:
Moody, John. The Truth about the Trusts. 1904
Moody, John. The Masters of Capital. 1919
(pp. 153, 168)
Myers, Gustavus. History of the Great American Fortunes, Vols. I, II & III. 1910
Nace, Ted. Gangs of America. 2003
Wu, Tim. The Master Switch. 2010
Spelling Mistake
“wrap it up in some bizarre “rules are rules” arguming”
Arguming?
Re: Spelling Mistake
it’s like arguing, but chewy.
Re: Spelling Mistake
Are you arguming with Mike? You should reconsider your strategery….
Re: Spelling Mistake
Arguming?
What’s wrong with that? 🙂
Ok, fixed…
Economy
privacy rights and copyright laws are among the foundations of our economy
I totally missed that in my economics classes. Thanks for the tip.
His family and supporters blame overzealous prosecutors for his death; the prosecutors insist ? again, quite rightly ? that ?stealing is stealing.?
Someone please remind me of how many counts of stealing he was being charged with.
Re: Re:
Never mind. I found it.
Apparently, the prosecutors have been misinterpreted. What they really meant is: “stealing is wire fraud, computer fraud, unauthorized access to a computer system, and damaging a computer system” or the opposite, I’m not quite sure, but I am quite positive he was not charged with anything resembling stealing.
Re: Re: Re:
Not only was he not charged with stealing – he wasn’t charged with copyright infringement, either. Nor was he charged with trespassing – although many commentators don’t seem to notice that.
Thankfully...
The commentators to the website are more up to snuff than the article is.
The comments are great
If you go to the article, they are getting skewered (in the comments that they proably won’t read) for the idiocy of this opinion. I particularly liked this one:
“This is labelled a “Globe Editorial First Take.” Does the next take involve thinking about the issue?”
This is frightening and, frankly, dangerous thinking. Once a rule is made, it must be obeyed at all times, no matter how ridiculous it is? Once a law is penned, it has clearly withstood all possible scrutiny and must be slavishly followed, no matter how idiotic or unenforceable it becomes?
Rules exist for a reason, alright: someone thought it would be a good idea if they were rules. Just because that happened, however, does not make them good; and if more good can come about by breaking the rules, then I think any actual sane person would agree that the rules are not good.
Re: Re:
Dawson?s officials are right: Rules exist for a reason, and students cannot expect to break them without consequence. Why have them, otherwise?
These are school officials. Can we stick all of them in a history class for a semester before we allow them to speak in public again?
I read that editorial yesterday and can’t believe it that the Globe and Mail published it.
The best part is that, while they say that privacy rights are important, their own website creates at least 12 cookies. What the Globe and Mail meant to say was that “our privacy rights” as in the Globe and Mail’s was important.
I’m not familiar with g&m business model. But do you think this is click bait or is the writer really that dense?
For an analogy, all Ahmed Al-Khabaz did was realize that a door was unlocked. He told the owner of said door, who replied “Thank you, I’ll get that locked”. A few days later he walked past the same door, figured he check it again by turning the handle. It was still unlocked. For this he has been punished. Why?
Re: Re:
Same with Swartz, except his door had a sign saying “Free to copy public domain research”, with the photocopier mysteriously turning off every once in a while, with no warning or error message.
Code of Conduct
Typically, a college’s code of conduct is rather strict and enforced rather strongly, except when dealing with certain drugs and alcohol. Dispelling on the grounds of such a violation is usually outside the bounds of acceptable punishment in the rest of society.
The focus, in this incident, should be around revising the code of conduct to account for intent and provide escalating punishments for repeat offenders, rather than heading straight for the highest level available.
Still, given the enhanced rules in effect per the discretion of the college and the fact that this matter does fall within the legal scope of the college itself:
I have to side with the college being allowed to preserve its governmental rights with respect to its property and services.
Re: Code of Conduct
“I have to side with the college being allowed to preserve its governmental rights with respect to its property and services.”
I think you left out the part where you explained why you’re siding with the college.
The situation with Mr. Al-Khabaz has one disastrous result that quite plainly you didn’t think of: if you’re a student at their school and you discover a computer vulnerability, you will be expelled for revealing it. That only makes computer systems more insecure, as now people are more reluctant to audit their security, not if they’re going to be punished for it.
Re: Re: Code of Conduct
He was expelled for testing it, not revealing it. But that is ancillary to the point that it is up to those involved with the college to determine what goes into the college’s code of conduct.
The college is a private entity and while subject to the laws of the respective governments above it, it also has the prerogative to define its own restrictions on top of those, in so far as they are not discriminatory, exploitative or restrictive on actions taken outside the college’s domain.
The public at large has no business in the minutia of where the line is drawn in regards to a college’s code of conduct. Those involved with the college certainly have every right to press such matters, but apparently haven’t felt it an issue, as general practice by college’s is to make the code of conduct a formal binding contract signed at the start of each year or semester.
Not all people or entities are best served by any single set of rules. It is for this reason that there are multiple levels of rules and regulatory bodies. My opinion is that the federal governments (or in this case, it may be more accurate to say the UN, seeing as this is a multi-national response to a Canadian incident) should not be in charge of collegiate codes of conduct.
Did the school overact, no, he breached the contract he had signed.
Re: Re: Re: Code of Conduct
Actually he was expelled for embarrassing them by pointing out that they STILL hadn’t fixed it.
Re: Re: Re: Code of Conduct
Now, y’see, if he’d been expelled for EXPLOITING that vulnerability, you’d have a leg to stand on. People wouldn’t be arguing with you.
But all he did was check to see if it was there, report that it was there, then check it again. That’s not good grounds for expelling someone, breach of contract or no.
Re: Re: Re: Code of Conduct
It would be a sad society to live in if, minutia or otherwise, we felt constrained from making observations on moral decisions in organisations that were of concern. Hospitals, schools, universities, armies and corporations are all governed by minutia. As are states. To tell concerned citizens these activities are not their business even when they worry about the morality of these activities raises the question of what exactly do members of society have the right to question.
Re: Code of Conduct
First, it is a college – they should be teaching people to think, not teaching people HOW to think.
Second, what is the lesson they are trying to teach their students? If you see a problem, for goodness sake, don’t try to fix it or make anyone aware of it. Instead, you should brush it under the rug and pretend it isn’t there. Oh, and if the problem could hurt you, please cross your fingers.
Re: Re: Code of Conduct
No I think what most of us take away from this is “If you see a problem, come back after routing through some proxies and exploit the problem to its full potential.”
After all, if your going to take the fall you may as well do the crime. You also might just end up rich.
Re: Re: Code of Conduct
From THUD! (Sir Terry Pratchett):
“Tak does not require that we think of Him; Tak only requires that we think.
Re: Code of Conduct
And nobody is saying otherwise. All people are saying is that the college is being stupidly wrong and needlessly harming one of its students. The college may have the right to be a bunch of clueless nimrods, but everyone else has the right to call them out for being that.
Re: Re: Code of Conduct
He breached a contract he signed. Stating that you feel the contract should be revised is one thing. Stating that he shouldn’t have been expelled at its breach is not the same.
Re: Re: Re: Code of Conduct
Actually, my argument is that he didn’t breach the contract (at least as the terms have been reported in the press). He did not engage in any unethical behavior and did not hack anything.
Regardless, even if he did technically breach the contract, it still fair to say he should not have been expelled for it. It’s idiotic.
Re: Re: Re: Code of Conduct
School officials that lack common sense should not be allowed to stay in a position where they have the potential to adversely affect the education future of our up and coming minds.
Globe and Mail
Is anyone else wondering why we would read about current events in anything that has to do with a ‘globe’ or ‘mail’?
Can someone write the URL for Google maps and GMail on their front door to help them out?
Alas, Poor Globe, I knew him, Horatio...
The Globe used to be CAnada’s premier paper, a slightly right of (Canadian) center version of the nytimes or wapo.
Unfortunately they’ve been getting creamed by the National Post (Which used to be further right but have backed off that), who took all their best columnists and continues to provide better online experience.
I used to read the Globe, but the sheer idiocy of their tech reporting, combined with a completely uncritical report on personality profiling based on blood type, drove me away.
The Globe is dying, and has basically had its lunch eaten by the Post. While the editorial is stupid beyond belief, please don’t give it more credence than it deserves. It’s analogous to the ramblings of your once great uncle who did amazing things but now spends his days yelling at furniture and getting lost on his way to the mailbox.
usual situation, then. those that dont have a clue make decisions that affect the lives of others for ever. i wonder how they would feel if the situation were reversed, especially, from what i read elsewhere, that 14 of 15 computer teachers were in favour of expelling the guy. that really smells like a lot of threatening and/or bribing went on, probably to please just one person. and all for exposing a flawed system? typical whistle-blowing revenge tactics here!!
I would think that the schools computer science program is going to die out soon from lack of enrollment. Why would anyone want to attend this college if that’s how they treat their best and brightest?
Because Reasons, that’s why!
At least they are consistent
Having a backward view of reality is consistent with wanting you to pay to read their backward view.
So we can at least commend Globe and Mail for its consistency.
I thought rules were made to be broken anyway. Right?
Tone
One of the things that hard to deal with on the Internet is tone. Everyone that reads an article or a comment adds their own idea of the tone of the message. This is the first article that I have read by Mike where I immediately thought the tone was that he was pissed off by the Globe. I can’t wait for the next one!
Jail em and throw away the key!
That is the attitude of most who do not understand technology.
Those that do understand technology often hire the person that attacked their system. This is especially true where there was no intent to do harm.
Kind of sad when the entity ‘hacked’ understands more than the government that is supposed to protect us.
Send the editorialists Gertner's comments
Someone should direct the G&M to Mike’s article:
http://www.techdirt.com/articles/20130121/15283121745/retired-federal-judge-criticizes-carmen-ortizs-handling-aaron-swartz-case.shtml?threaded=true#c373
I think Gertner effectively refutes the G&M editorial.
Sorry, wrong URL
Sorry, you should remove #c373 from the end of the URL.
Here’s the correct URL:
http://www.techdirt.com/articles/20130121/15283121745/retired-federal-judge-criticizes-carmen-ortizs-handling-aaron-swartz-case.shtml?threaded=true
— Time Bandits.
Globe and Mail seems to like Randall’s idea better than the “let’s repair the holes” idea.
— Time Bandits.
Globe and Mail seems to like Randall’s idea better than the “let’s repair the holes” idea.
— Time Bandits.
Globe and Mail seems to like Randall’s idea better than the “let’s repair the holes” idea.
Re: Re:
Only meant to post that once 😐
When did it become wrong to...
… hang niggers from the nearest tree?
… throw stones on gays’ houses?
… close your wife home and only let her out to accompany you?
… use deadly force to squash all those stupid protesters?
…
I’d really really like to know all that, must have been beautiful times when people could still do all those things.
I’m gonna read Toronto Globe and Mail right now, perhaps the wise men there have answers to these important questions!
So marijuana is finally legalized in Toronto, at least inside Globe and Mail editorial offices. Can’t wait to see what they come up next…
Investigative Journalism at its best?!?
I used to say that Newsweek was for those who can not think and Life magazine was for those who can not think.
I guess I should put Globe and Mail in Newsweek’s place.
Selling a hack
He could have sold the hack had someone not caught him? What was his explanation to the company? Al- Khabaz?? Are you kidding? When did it ever become useful to train Al-queida to fly a jet liner, but not land one? People are understandably a little cautious these days, especially ~higher learning institutions having their system servers hacked (Broke into).. Don’t be sympathetic with this act. The company that hired him will hopefully be prudent and keep a huge eye on him. We are on planet earth.. hellO
Can I come and rattle your windows just to see they are safe and secure ir would your call the cops?Do really beleive he was just “checking the security”? As for the IT company would you reall y trust them? I wouldn’t.Sorry but he was stealing as he DID take something, read the article carefully.School shoyld do a full audit of every key stroke and see what they find.He is an electrinic burglar.