If The DOJ Gets Its Way, Tweeting Out A List Of The 'Worst Passwords On The Internet' Will Be A Felony

from the because-our-prisons-aren't-at-maximum-capacity dept

Retweet if you want to go to jail! And not regular county jail, but federal prison!


In case you can't read/see the tweet, it says:
Under the DOJ's CFAA proposal, this article (and this tweet linking to it) could be a 10 year felony. That's insane.
(The link goes to a Techcrunch article featuring SplashData's list of the "worst passwords on the internet.")

The DOJ has offered up its preferred version [pdf link] of the CFAA (Computer Fraud and Abuse Act) -- under the ridiculous name of "Updated Law Enforcement Tools" -- and it indeed would make this sort of thing an instant felony.

Here's the wording change that does it [strikethrough for deletions; bold for additions]:
(6) knowingly and with intent to defraud willfully traffics (as defined in section 1029) in any password or similar information, or any other means of access, knowing or having reason to know that a protected computer would be accessed or damaged without authorization in a manner prohibited by this section as the result of such trafficking; if—

(A) such trafficking affects interstate or foreign commerce; or

(B) such computer is used by or for the Government of the United States;
The DOJ removes intent and replaces it with feelings. Sharing a list of common (and stupid) passwords could be construed as "willfully trafficking" passwords while "knowing" a "protected computer" could be "accessed without authorization."

And that thing about federal prison I opened the post with? That's the way the DOJ wants it. The CFAA currently allows for misdemeanor charges under certain circumstances. But this proposal does away with that. Instead of a misdemeanor-to-3 year sentence range, punishments start at 3 years and escalate to a 10-year cap. Unless, of course, your hacking is part of the commission of another felony, in which case the government proposes it should get to double dip (at minimum). Here's Orin Kerr's take on that part of the proposal:
Under the proposal, breaching a written restriction is a crime if the user violated the written condition in furtherance of a state or federal felony crime, “unless such violation would be based solely on obtaining the information without authorization or in excess of authorization.” On one hand, this might seem kind of harmless, or at least redundant: The proposal makes it a felony to break a promise on a computer in furtherance of a felony. One wonders what the point is: Why not just punish the underlying felony?

But the real problem is the double-counting issue. Federal and state law is filled with overlapping crimes. Congress might enact three crimes that do the same basic thing, giving prosecutors the choice of which to charge or allowing them to charge all three. State criminal codes often mirror the federal criminal code. That raises a question: If Congress makes it a crime to commit an act “in furtherance of” a different crime, does the existence of overlapping crimes mean that a person’s conduct violates the first crime because it was “in furtherance of” the second? This is a particular problem because every state has unauthorized access crimes a lot like the CFAA. We saw this in the Auernheimer case, where prosecutors argued that the misdemeanor federal unauthorized access alleged in that case should be a felony because it was “in furtherance of” New Jersey’s nearly identical state unauthorized access law.
As if we didn't have enough people in prison already, the DOJ proposal mandates felony charges and provides prosecutorial options to ensure very few defendants walk away with short sentences.

The proposal also asks users to perform mind-reading when accessing anything computer-based.
(6) “exceeds authorized access” means to access a computer with authorization and to use such access to obtain or alter information in the such computer—

(A) that the accesser is not entitled so to obtain or alter; or

(B) for a purpose that the accesser knows is not authorized by the computer owner;
Going back to the Weev case, Andrew Auernheimer obviously knew AT&T would not "authorize" his access of supposedly private information, even if all he did was alter URL components to achieve this. Now, companies' security failures can be weaponized against those who discover them -- making it highly unlikely that flaws and holes will be pointed out to those who can actually close them. Why risk a few years in federal prison (remember: no misdemeanors) just because some entity decided to shoot the messenger rather than thank them for their help?

Filed Under: cfaa, doj, felony, obama administration, passwords


Reader Comments

The First Word

Subscribe: RSS

View by: Time | Thread


  • icon
    rw (profile), 21 Jan 2015 @ 5:42am

    What less can you expect from a police state? After all, "it's for the children."

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Jan 2015 @ 11:14am

      Re:

      Corponesse translation

      For the profit, think of the profit, the profit damn you, the profit

      By the profit, for the profit

      Shall i compare you to a summers dayPROFIT

      I profit threfore i am?

      Land of the greed, home to the profit

      Profit, ......profit........PROFITPROOFIT.PROFIT

      reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 21 Jan 2015 @ 5:52am

    DOJ to white-hats: If you see something, shut up, or face a felony

    If they manage to get this 'updated' wording accepted, pretty much the only people 'hacking' systems, or checking security, will be those with criminal intentions. If making a security vulnerability known, or even making it known that you found one, is instantly a felony, the only people who would even risk doing so, will be those that are already planning on breaking the law.

    Companies may feel like they get egg on their face when they have their shoddy security made public after ignoring the problem, but that is nothing compared to what happens when the person 'examining' their security isn't interested in helping anyone but themselves. And with the law making it essentially illegal for someone to test security on their own, for whatever reason, the number of security holes, and resulting harmful hacks, will likely shoot way up.

    Yet again, we've got an example of a government agency making things less safe, and more dangerous, for everyone but the criminally inclined.

    reply to this | link to this | view in chronology ]

    • icon
      John Fenderson (profile), 21 Jan 2015 @ 7:16am

      Re: DOJ to white-hats: If you see something, shut up, or face a felony

      "If making a security vulnerability known, or even making it known that you found one, is instantly a felony, the only people who would even risk doing so, will be those that are already planning on breaking the law."

      The number of white hats would be reduced, no question about it, but there will always be some that keep doing the good work. They'll just go underground (a bit like they used to be in the old days).

      reply to this | link to this | view in chronology ]

      • icon
        nasch (profile), 21 Jan 2015 @ 7:30am

        Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

        They'll just go underground (a bit like they used to be in the old days).

        Even among those who continue working, probably many will stop contacting the companies with vulnerabilities (how confident are they that their communications are really anonymous once the FBI gets involved?) and just publicize everything immediately. Nobody benefits from such a change.

        reply to this | link to this | view in chronology ]

        • icon
          John Fenderson (profile), 21 Jan 2015 @ 8:24am

          Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

          True enough. This, too, is pretty much like the old days. Giving software and hardware producers a couple of weeks of advanced notice prior to public disclosure is a very good thing and it would be a shame if that stopped. But the really crucial part is the public disclosure, and that will go on.

          If the pattern from the old days repeats, what will happen is that software and hardware producers will end up begging white hats to start giving the advanced notice again.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 21 Jan 2015 @ 8:42am

            Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

            If the pattern from the old days repeats, what will happen is that software and hardware producers will end up begging white hats to start giving the advanced notice again.

            The rest of the corporations want all security issues swept under the carpet, as it cost them money to fix them. If they can be kept hidden they do not have to spend the money.

            reply to this | link to this | view in chronology ]

            • icon
              nasch (profile), 21 Jan 2015 @ 8:50am

              Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

              If they can be kept hidden they do not have to spend the money.

              They can't of course, so they'll spend the money to settle class action lawsuits after massive data breaches, rather than spending it ahead of time to fix problems.

              reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 21 Jan 2015 @ 9:27am

                Re: Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

                That way their lawyer buddies make a lot of money, with a little trickling down to those who have suffered.

                reply to this | link to this | view in chronology ]

            • icon
              John Fenderson (profile), 21 Jan 2015 @ 8:53am

              Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

              That's why public disclosure is the more important part.

              reply to this | link to this | view in chronology ]

          • icon
            nasch (profile), 21 Jan 2015 @ 8:51am

            Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

            If the pattern from the old days repeats, what will happen is that software and hardware producers will end up begging white hats to start giving the advanced notice again.

            At which point, the white hats will say "if I did know anything about a vulnerability, it would be a felony to tell you about it." Let's hope this amendment never sees the light of day.

            reply to this | link to this | view in chronology ]

            • icon
              That One Guy (profile), 21 Jan 2015 @ 8:52pm

              Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

              On the contrary, let's hope it sees as much light as possible, and is shot down and crushed in such a manner that it will be years before anyone even thinks about proposing something as stupid as it again.

              reply to this | link to this | view in chronology ]

              • icon
                nasch (profile), 22 Jan 2015 @ 8:03am

                Re: Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

                "Never see the light of day" as in "never have a chance to exist". If it doesn't get passed by Congress, it will never leave that building and thus never be exposed to the light of day.

                reply to this | link to this | view in chronology ]

                • icon
                  Gwiz (profile), 22 Jan 2015 @ 9:23am

                  Re: Re: Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

                  Having to explain an idiom takes the wind out of your sails and sucks like an Electrolux, doesn't it?

                  reply to this | link to this | view in chronology ]

                  • icon
                    nasch (profile), 22 Jan 2015 @ 9:33am

                    Re: Re: Re: Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

                    Having to explain an idiom takes the wind out of your sails and sucks like an Electrolux, doesn't it?

                    It's like grabbing the wrong leg in a pig wrestling contest.

                    reply to this | link to this | view in chronology ]

                    • icon
                      Sheogorath (profile), 23 Jan 2015 @ 6:32pm

                      Re: Re: Re: Re: Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

                      It's like grabbing the wrong leg in a pig wrestling contest.
                      Isn't that what much 'law enforcement' consists of, nowadays? Someone wrestling a 'pig' on the ground so as to avoid assault, praying that the guy (as they generally are) doesn't shoot, tase, or pepper spray them.

                      reply to this | link to this | view in chronology ]

          • icon
            That One Guy (profile), 21 Jan 2015 @ 8:51pm

            Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

            As long as a potential felony is on the books, they'd have to be fools to give that advanced notice. Between taking the risk of jail time by contacting the company, or anonymously publishing the security vulnerability, I imagine most will choose the latter as the safer option.

            Even the 'promise' of no charges being brought if a security vulnerability is brought to the attention of a company wouldn't be worth much, as that wouldn't stop the DOJ from stepping in and filing their own charges.

            reply to this | link to this | view in chronology ]

    • identicon
      Citizen, 21 Jan 2015 @ 7:50am

      Re: DOJ to white-hats: If you see something, shut up, or face a felony

      This is truly a terribly crafted piece of legislation that invites every opportunity for its abuse. Hopefully these debates prompt the corrections needed to make it applicable to its goals before it's submitted.

      reply to this | link to this | view in chronology ]

  • icon
    Ninja (profile), 21 Jan 2015 @ 6:01am

    If anything, law enforcement in the US (and frankly, everywhere) are shooting their feet with such 'shoot the messenger' tactics because people are getting more and more wary when it comes to cooperating for fear of interacting with law enforcement and running into trouble. So while they are worrying that encrypted smartphones may get in the way they are silencing witnesses that would probably render such encryption moot. This is just an example. There's already a general lack of trust from the citizenry towards law enforcement and they and now they are actively ensuring that people will not help on investigations and security flaws out of fear of bad laws. Great.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 6:35am

    This makes everybody in tech a felon

    or any other means of access, knowing or having reason to know that a protected computer would be accessed or damaged without authorization in a manner prohibited by this section as the result of such trafficking

    As someone who works in cloud this is part of my day to day. So by merely passing this law, anyone with knowledge of a vulnerability would automatically become a felon. There is often a trade-off between security and getting something to market. This would mean even getting it to market would be legally felonious in many if not all cases.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Jan 2015 @ 7:15am

      Re: This makes everybody in tech a felon

      Same here. Part of my job involves protecting an alarmingly large corpus of diagnosis, treatment and prescription data -- but I won't be able to do that if this passes...well, not without risking prison.

      This is not only wrong, it's insane.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 Jan 2015 @ 7:50am

        Re: Re: This makes everybody in tech a felon

        Or if you're brave you could use it in your advertising slogans.

        "We're willing to break the law by following standard security practices to make sure your data is secure from hackers".

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 6:46am

    The inquisition is back. This time it punishes 'hacking' instead of 'witchcraft', but the way of determining guilt seems about equivalent to the trials of old.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 7:05am

    Ahhh the good ol US Of A.

    "A good offense...Is a good offense. What is this "Defense" you speak of?

    reply to this | link to this | view in chronology ]

  • identicon
    mcinsand, 21 Jan 2015 @ 7:32am

    Ahhh, but Novell Netware of the 1990's

    I remember when Novell Netware came into the company where I worked in the 1990's. Their documentation would run afoul of the DOJ's current intent. It was a database, and I learned an awful lot when I ran a search with the keywords 'security,' 'password,' and 'risk.' No doubt matters have tightened up now, but that became important for my job back then. I was in R&D, and Production would often massage/tweak/crochet/edit data that went through official channels to claim that tests had a given desired result. Thanks to the Novell documentation, it wasn't hard to go into sister sites' networks and get the raw data. Again, those were the old days, and we also had Moe, Larry, and Curly managing our IT.

    Seriously, though, this could impact those technical writers and trainers. Reinforcing the need for best practices is difficult when you can't thoroughly explain the risk of worst practices.

    reply to this | link to this | view in chronology ]

  • icon
    nasch (profile), 21 Jan 2015 @ 7:37am

    Would be

    Sharing a list of common (and stupid) passwords could be construed as "willfully trafficking" passwords while "knowing" a "protected computer" could be "accessed without authorization."

    "Would be", not "could be". There's no need to exaggerate how bad this is.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 7:43am

    Manuals

    Does this mean that companies publishing a manual which contains the default login/password are commiting a felony? They are after all publishing a password willfully which can be used to access a device without authorization.

    If they are I guess they will remove them from the manuals. Would this mean that we have to brute force the password for i.e. a router before we can use it?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 7:52am

    Since the NSA logs everything that goes across the internet and automatically flags anything containing certain key words, I wonder if composing a *bad* password (thinking no one else would ever see it), something like "BombtheBlackhouse" or "KillThePresident" (or whatever) could get a person SWAT'd and a thrown in jail on terrorist charges?

    Besides NSA snooping, it would also be an interesting way to test if the website or network administrator is reading [supposedly-confidential] passwords by composing a password consisting of a terrorism or death threat against the person or company you suspect might be snooping passwords and/or logging traffic.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Jan 2015 @ 8:00am

      Re:

      Do you really want to do this in a country where police officers routinely kill unarmed civilians and walk away with paid vacations and a substantial stash in donations? Where SWAT teams routinely raid the wrong locations and throw grenades at children and walk away with commendations? Where drone operators kill innocent men, women and children in between coffee breaks and receive medals for it? Where those who conduct torture are shielded and protected while those who expose it are persecuted, harassed and jailed?

      I didn't think so.

      reply to this | link to this | view in chronology ]

  • identicon
    Pixelation, 21 Jan 2015 @ 8:21am

    I wonder...

    Will this become a first Amendment fight?

    reply to this | link to this | view in chronology ]

  • identicon
    joe, 21 Jan 2015 @ 8:22am

    2014 maybe *nt* the year of Digital Security?

    In the caption it states 2014 was the year of digital security. Robert Cringely blogged on this recently and suggests well see more violations this year, but it won't be until 2016 till we deal with it.http://www.cringely.com/2015/01/12/2015-will-year-nothing-happened/

    http://www.cringely.com/2015/0 1/16/2015-predictions-money-stupid/

    reply to this | link to this | view in chronology ]

  • icon
    Spaceman Spiff (profile), 21 Jan 2015 @ 8:23am

    You never expect

    You never expect the Spanish Inquisition! Or the DOJ Inquisition now... :-(

    reply to this | link to this | view in chronology ]

  • icon
    limbodog (profile), 21 Jan 2015 @ 8:34am

    "12345? That's the same password I have on my luggage." - President Skroob in Spaceballs

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 8:43am

    what the hell is wrong with these people? dont they have anything proper to do? there is a multitude of crime going on and they have time to come out with this? not only that but they want to make it a punishable offence? JEEZ! get a grip!!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Anonymous Coward, 21 Jan 2015 @ 8:55am

    Motivations

    Amongst others:

    Our prisons are populated with many people on marijuana violations.

    Our prisons are becoming private entities.

    Several states have legalized recreational marijuana, and more to come, eventually all of them, then the Federal laws will follow.

    The corporations who own privatized prisons are in need of a new source for occupancy, because profit.

    The DOJ, doing their masters bidding, are merely trying to create a new source for prison occupancy.

    Computers are not going away.

    If this fails, they WILL find another excuse and attempt to encode it into law.

    reply to this | link to this | view in chronology ]

  • icon
    Berenerd (profile), 21 Jan 2015 @ 9:16am

    The only reason the DOJ is doing this is because its their passwords on the list.

    reply to this | link to this | view in chronology ]

  • identicon
    Rich Kulawiec, 21 Jan 2015 @ 9:19am

    This proposal appears to criminalize being 0wned

    The removal of the word "intent" seems to imply that the intention here is to hold computer owners responsible for what their systems do without their knowledge. And in a perfect world, that might not be a bad idea. However, in this world, where there are a few hundred million botted systems on the Internet, it's a horrible idea.

    Look what happened to Julie Amero, and that wasn't even her system. The combination of a grandstanding prosecutor, utterly incompetent "forensic experts" and clueless newspaper editors destroyed her life -- over someone else's mistake. (And a rather common mistake, at that.)

    This proposal could be used to go after everyone whose system has been botted, and since it can be, it will be. When convenient. When expedient. When politically desirable.

    reply to this | link to this | view in chronology ]

  • icon
    Jeremy Lyman (profile), 21 Jan 2015 @ 9:20am

    The Emperor's New Password

    Crap, turns out our security really sucks. Should we fix it?
    Let's just make talking about security illegal.
    Problem solved!

    reply to this | link to this | view in chronology ]

  • identicon
    me, 21 Jan 2015 @ 9:43am

    enemy of the american people...

    IS the DOJ

    reply to this | link to this | view in chronology ]

  • identicon
    RK57957, 21 Jan 2015 @ 9:48am

    Wait isn't everything capable of being a password

    Couldn't this sentence technically be a password? Crap wouldn't typing out the previous sentence be a felony if the law is changed because I know it could technically be a password? Crap wouldn't typing out the previous sentence be a felony if the law is changed because I know it could technically be a password? Crap isn't anything I could possibly type out be a felony because I know it could be used as a password.

    reply to this | link to this | view in chronology ]

    • icon
      John Fenderson (profile), 21 Jan 2015 @ 10:27am

      Re: Wait isn't everything capable of being a password

      I was thinking about this as well. A "password" is just arbitrary characters strung together (if it's actual words, then you're doing it wrong).

      A list of nothing but passwords isn't even that useful (except to compile a dictionary to be used in a dictionary attack). What is useful is a list of services and user IDs with their passwords.

      reply to this | link to this | view in chronology ]

      • icon
        nasch (profile), 21 Jan 2015 @ 11:08am

        Re: Re: Wait isn't everything capable of being a password

        A "password" is just arbitrary characters strung together (if it's actual words, then you're doing it wrong).

        That's not true; a long string of dictionary words is a very secure password. Forexamplethisrightherewouldbevirtuallyimpossibletocrackjustbecauseit'ssolong.

        reply to this | link to this | view in chronology ]

      • icon
        JP Jones (profile), 21 Jan 2015 @ 11:14am

        Re: Re: Wait isn't everything capable of being a password

        A list of nothing but passwords isn't even that useful (except to compile a dictionary to be used in a dictionary attack).

        Why'd you have to point this out? Now they're going to ban the dictionary! Oh, wait, aren't there password crackers that utilize Wikipedia?

        BAN IT ALL! BAN ALL THE WORDS!

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 21 Jan 2015 @ 11:24am

          Re: Re: Re: Wait isn't everything capable of being a password

          come on politicians of the world, lets get our stones, pitchforks, and lanterns, burn it, burn it, burn it all to hell.....politicians of the world unite, we can do this, come on

          reply to this | link to this | view in chronology ]

      • identicon
        Jake, 28 Jan 2015 @ 7:01am

        Re: Re: Wait isn't everything capable of being a password

        This is the correct angle on this I think, a list of "potential bad passwords" is just a list of combinations of letters and numbers (not likely to be any special chars in there). They do not become passwords until connected with a username and an account at a specified service.

        To bring the idea proposed by the law into the real world, would a list of gases used in various types of blowtorch be considered an intentional aid to safecrackers?

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Jan 2015 @ 12:35pm

      Re: Wait isn't everything capable of being a password

      Please find your nearest authoritarian representatives so you can begin your gazzilion bajillion sentence, thankyou for your servitude peasant

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 9:51am

    Why are they under the impression that they own the internet?

    Its based on freedom expression, freedom to create.....not an entitlement to restrict, to profit, or too monopolise

    reply to this | link to this | view in chronology ]

  • identicon
    Guardian, 21 Jan 2015 @ 10:15am

    retards of the world unite

    so they want to put people in jail for ten years cause they are stupid or daft. GO FOR IT les of em out side the better

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 10:45am

    Nobody wants to see their paswords posted online, but this is not about passwords, its about the attempts to use an event to demand , yes demand the ability, an ability that is so beyond anything like it, to put people who "dont do as they say" in jail, for the crime of presenting a bunch of characters in a certain way, bypassing the human right laws protecting inocent suspicion, or bringing to light questionable laws

    The next step or after other several steps in this obvious ploy will be to put in jail anybody who opposes bad laws, policies, actions, bills, ideas etc etc.........i dont want to pass my own policy, i have no policy by CHOICE, i certainly dont want to see BAD "policies" being passed or manipulated into impressionable minds, and certainly not by people who OBVIOUSLY through the very action they incessantly keep pushing dont give a shit about the rights and freedoms of the individual

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 11:18am

    how long for default passwords, 15 years?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 11:49am

    Pssh, as if I would ever let anyone else see my hunter2-ing password.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 12:07pm

    And this is why Snowden fled to Russia, hippies aren't the only domestic flag burners in the USA, and the military's approval rating of the President is at an all time low.

    They're trying to mold younger generations in their image. All they're doing is creating a generation who consider the US government worse than the Soviet Union. At least Stalin's bad ideas couldn't spread globally due to his toxic reputation.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 12:09pm

    The solution is not to end up arresting 50% of your population if its not already 100%, the solution is to recognize how important it is to beef up defensive security, whther those devices be in a company or somebodies home........but because its harder by your standards you take the easy route, by arresting people..........there is, aswell as bad, a good thing when a "hacker" attempts to test how secure something is with the idea to inform the target of the vulnrability..........bit bit by bit, that software becomes more and more secure, and malicious opportunity deminishes, as malicious hackers with ill intent need to find more unique ways to exploit........what their advocating is reducing the ammount people with expertise who do this to contribute to the security community drastically, which in some cases will probably give that one malicious hacker, lets say ten years of use for an exploit he found instead of 8,5,4 2 years? i just had a thought, its funny how this would also reduce the likelyness of good hackers finding intelligence service crimes, yes crimes not hacks.....

    Security/privacy updates/patches should be a right not a privellage, it deals with information belonging to the individual, and so by this extension, security/privacy should be seen as a right, as is the right to not be searched without suspicion.......but with this kind of behaviour you expect to see in oppressed governments, you shoot your selves in the foot.....by your-self........because now, your suspicions are suspect.......you either dont care if we trust you, or, the more relieving of the two, you're too stupid to realise how important it is to have the trust of those you represent......appologies for my frustrated chosen words, but not the drive behind it

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 12:28pm

    Okay so lets say, supposedly that the pure possesion of this "material", material made up of random characters next to other random characters, is a felony punishable by ten years......in this imaginary world, i'd like to start with the intelligence centers harddrive's first please.....complete and utter unrestricted access please......no, but thats suspiciously similar to someone looking like their hidding something......and we all know what you say that means, right!

    reply to this | link to this | view in chronology ]

  • icon
    Padpaw (profile), 21 Jan 2015 @ 1:42pm

    years of reporting America's slide into a fascist police state and the tone of these articles always sound so shocked the worse things get

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 21 Jan 2015 @ 6:01pm

      Re:

      It's when you stop being shocked and disgusted, and instead respond with resigned anger and annoyance that things have gotten really bad. Shock and disgust come from expecting better, hoping for people to act rationally, and having them not. Shock is good, gives people motivation to do something about the cause of the shock.

      Resignation though, when it reaches that point, that's because you no longer expect anything good, because you expect the worst, and are no longer surprised by it. And at that point, the drive to fix the situation is pretty much gone, because why would you even try when you know that that's just what they do?

      reply to this | link to this | view in chronology ]

  • icon
    Rapnel (profile), 21 Jan 2015 @ 1:44pm

    Another day another law the DOJ writes for itself to assist in making the functions that it performs easier, for itself.

    The further that "Justice" can distance itself from "Department of" then the more just our society will become.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jan 2015 @ 4:41pm

    written language is banned

    Since any and all words can be used as passwords.
    Hmm, would spoken language count as trafficking?

    reply to this | link to this | view in chronology ]

  • identicon
    Tom Joad, 22 Jan 2015 @ 3:58am

    So that means..

    IF you, at the end of your article, or any one of us at the end of our comments write "all of the words above, including even these, COULD be passwords somewhere on some machine" we're culpable?
    So even if you LEFT OUT that part at the end, anyone with more than two brain cells would know those all were possible passwords, so even without the advice, these are all passwords (including the word password) and therefore anyone writing ANYTHING is a criminal.

    reply to this | link to this | view in chronology ]

    • icon
      GEMont (profile), 22 Jan 2015 @ 4:32pm

      Re: So that means..

      You do realize that the members of the NSA, FBI, CIA, HLS, and their extra-national affiliates around the world scanning this comments page, have all just wet themselves reading your words - which point out that writing any string of words would be a criminal act under this legislation and thus, describes nicely the near-ultimate wet dream of any fascist....

      That the creation and or publishing of any "unauthorized" literature, is automatically a major criminal act, punishable by maximum legal reaction.

      This is of course only the for-runner legislation of the true ultimate wet dream laws of fascism...

      That all unauthorized speech is automatically a major criminal act, punishable by maximum legal reaction.

      Peasants need only labor for the state, sleep and eat, and need no voice or thought beyond that necessary to fulfilling the task assigned them by the state to insure the continuity of the state. That is the goal of fascism - that the state becomes a commercial operation owned and run by the ruling class and the peasants become the feedstock from which the wealth of the ruling class is derived.

      This is the way life has been on earth for most of human history.

      The fact that fascism always leads directly to dissolution of the nation in which it flourishes changes nothing, as fascists have no plan beyond draining a place of its wealth before moving on to greener pastures.

      The resemblance to a virus, or the legendary vampires of Hollywood is telling.

      The last thing the fascist owned state needs is uppity peasants discussing the fact - verbally or in writing - that the state is nothing more than a gang of lizard brained greedy millionaires mindlessly sucking the life out of the earth like fleas on a dog.

      It would be lovely to perceive a future where the heads of tycoon CEOs, mob bosses, billionaire politicians, lawyers and their kin, could be seen adorning the pointy ends of pikes along the roads of a nation awakened from a nightmare, but all my limited fore-sight conjures up is empty streets.



      ---

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 Jan 2015 @ 7:23pm

    They said 'would' (indicating certainty) but you paraphrased it as'could' meaning within the realm of possibility.


    Big difference. Very big difference. Very,very big difference, actually.

    reply to this | link to this | view in chronology ]

  • identicon
    herp, 22 Jan 2015 @ 8:57pm

    And Pastebin will shutdown.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.