Visiting a Website against the Owner's Wishes Is Now a Federal Crime

While we're on the subject of terrible 9th Circuit Court rulings:

The U.S. Court of Appeals for the 9th Circuit has handed down a very important decision on the Computer Fraud and Abuse Act.... Its reasoning appears to be very broad. If I'm reading it correctly, it says that if you tell people not to visit your website, and they do it anyway knowing you disapprove, they're committing a federal crime of accessing your computer without authorization.

Posted on July 13, 2016 at 2:10 PM • 64 Comments

Comments

Rick LobrechtJuly 13, 2016 2:27 PM

Sounds like the equivalent of putting up a no trespassing sign at the edge of a field filled with attractions.

PaulJuly 13, 2016 2:31 PM

Does this apply to the police? If I say "Police officers are not allowed to visit this website. Click here to confirm you are not a police officer", does that mean they need a search warrant to visit my site?

JeremyJuly 13, 2016 2:34 PM

@Paul: I believe that generally, the police can lie about being police in order to obtain your consent to search your stuff. (That's basically how ALL undercover operations work.)

KalimacJuly 13, 2016 3:32 PM

The bank analogy is bad not just because it involves physical trespass where the computer scenario doesn't.

In the bank analogy, the problem with the friend accessing the safe deposit box isn't because they're not the box holder, but because they were carrying a gun. Wouldn't the bank be just as upset if the patron carrying a gun were the authorized box holder?

In any case, what is the gun in the hypothetical bank story an analogy for in the real-world scenario? Power didn't do anything with its users' Facebook accounts that the users weren't authorized to do themselves. The sole problem that FB had was that it was somebody else doing it.

In other words, in the analogy, the friend visiting the safe deposit box is not brandishing a gun.

front teatJuly 13, 2016 3:59 PM

Well at least Guccifer2 graciously invites us to his website! Thanks to him, today we have addresses and emails for lots of idiot kleptocrats who were stupid enough to trust Democrats with their privacy. Now you don't need a tour to show you where Ellen DeGeneres, Eva Longoria and Jane Fonda live. The crooked Pritzkers who stuffed Obama's shirt for him! Some spooks and well-paid assets too, of course, this is Hillary after all.

VSJuly 13, 2016 4:00 PM

The analogy I see is being able to look at a house while standing on the street, and the owner prohibiting you from looking at the house. If you don't want people to look at your house, put up a wall (password).

65535July 13, 2016 4:53 PM

This is legislating from the bench. This is a can of worms.

How is this "decision" to be enforced? What is the jurisdiction? How can it be enforced with proxy servers all over the world?

Douglas LancasterJuly 13, 2016 4:56 PM

I am curious if this works both ways. For example, if one were to, say, send Microsoft a cease and desist order, could this be used to prevent the constant bombardment of information via the push notification service? Or better yet, prevent MS from constantly trying to force a Windows 7 user from upgrading?

Hmmm.... maybe this isn't such a bad decision after all.

AnuraJuly 13, 2016 4:56 PM

@Rick Lobrecht

Sounds like the equivalent of putting up a no trespassing sign at the edge of a field filled with attractions.

I don't think that's a good analogy. If you have a store, and anyone is allowed to enter that store, but someone is abusing that privilege, so you then tell them to leave and never come back, but they return, then they are trespassing and can be arrested.

The thing is, the internet is not really the same as a field or a store, it's just different. A disruptive person in a store can cause you to lose customers, but a web service at most costs you a little bit of increased bandwidth, and there shouldn't be any applicable criminal charges as long as they aren't actually disrupting service. I think that the most that should be done is that the company should be able to sue the abusers for damages such as bandwidth costs IFF they took action to get in direct contact with the abuser and inform them that they were no longer authorized to access their service (such as a cease and desist).

MindrakerJuly 13, 2016 5:08 PM

What about people who said they didn't want Windows 10 installed on their computers? Did Microsoft now commit a Federal Crime?

BardiJuly 13, 2016 5:10 PM

So, if I have a porn website and place a hard to miss notice that someone under 18 (or whatever the legal age is) cannot visit my porn site, and they do, I can have them go to jail?

Snarki, child of LokiJuly 13, 2016 5:27 PM

telnet mail.valhalla.eu 25
220-mail.valhalla.eu ESMTP Postfix
220 DEATH TO SPAMMERS! GO AWAY NOW!
HELO spammer.mcspammyface.com
250 Hi, 'spammer.mcspammyface.com', you're not going to spam me, are you?
MAIL FROM 
...

blakeJuly 13, 2016 6:01 PM

@Anura

> a web service at most costs you a little bit of increased bandwidth, and there shouldn't be any applicable criminal charges as long as they aren't actually disrupting service

If it's that disruptive then you should have authentication before serving the website.

A more analogous situation is: as a bar manager, you wander out onto the street and yell at someone to forbid them to visit your establishment. They walk in, ask for a beer, you serve them, they drink it. Then after they leave you chase them onto the street yelling at them for doing what you told them not to.

Because here's the thing, where it intersects with security again: that Ukranian botnet doesn't give two sh*ts, and these courts don't have jurisdiction over them anyway. This ruling only protects against people who already have good intentions.


And then ... what happens if someone sends me an email when I haven't given them permission? What right do they have to insist on putting their bits on my machine?

CharlesJuly 13, 2016 6:24 PM

A commenter in the EFF article mentioned that beyond just visiting, Power Ventures may have actually scrapped data from Facebook (prohibited in the terms).

Facebook, Inc. v. Power Ventures (Wikipedia)
https://en.wikipedia.org/wiki/Facebook,_Inc._v._Power_Ventures,_Inc.

Terms (Facebook)
https://www.facebook.com/terms

[…] Safety
We do our best to keep Facebook safe, but we cannot guarantee it. We need your help to keep Facebook safe, which includes the following commitments by you:

- You will not collect users' content or information, or otherwise access Facebook, using automated means (such as harvesting bots, robots, spiders, or scrapers) without our prior permission.

CharlesJuly 13, 2016 6:41 PM


"Facebook claimed violations of the CAN-SPAM Act, the Computer Fraud and Abuse Act ("CFAA"), and the California Comprehensive Computer Data Access and Fraud Act. According to Facebook, Power Ventures Inc. made copies of Facebook’s website during the process of extracting user information. Facebook argued that this process causes both direct and indirect copyright infringement. In addition, Facebook alleged this process constitutes a violation of the Digital Millennium Copyright Act ("DMCA"). Finally, Facebook also asserted claims of both state and federal trademark infringement, as well as a claim under California's Unfair Competition Law ("UCL").

https://en.wikipedia.org/wiki/Facebook,_Inc._v._Power_Ventures,_Inc.

Charles 2July 13, 2016 6:45 PM

The title is completely false, Mr. Schneier I know you're here to sell ads (among other things, and nothing wrong with that), but you and I *both* are 100% aware that there will *never* be a case in front of any judge where the primary finding of fact includes one person sharing their Netflix password with another person.

That is, on its face, absurd, and what I wish is that you wouldn't pretend like it was anything but absurd.

Ross SniderJuly 13, 2016 7:37 PM

The continuing pattern here is the privatization of communications and relationships.

Facebook's value and service isn't a website portal or the technology to offer at-scale service across the world with little downtime.

Facebook owns the communications and relationships between individuals. Where it is in the interest of a party to alter or gather information on people's communications and relationships, Facebook sells this as a product. That's how Facebook makes money. Facebook trades and sells censorship, propaganda and advertising to interested parties and sells surveillance capabilities to the same governments and large corporate actors.

What the judge would have really liked to rule - but what there currently isn't language in the law to substantiate - is that the relationships and conversations, being owned by Facebook, are not allowed to be given away to another third party. Facebook has planted its flag over interpersonal relationships. Accessing those relationships without Facebook's authorization is the same as trespassing on its property.

However, we aren't there yet in the letter of the law. So some sort of abuse of 'information trespassing' and 'computer abuse' has been twisted to get the result that the judge has desired.

It's important to understand the ownership and profit model of Facebook and to understand the ongoing patterns and trends in this arena, as this trajectory is the one that we're really wanting to fight. Facebook would also be broadly against client side software installed on customers devices that would hook Facebook and provide a transparent interface over it to allow cross-platform access. Whether Power were a service or an application, Facebook would have the same concerns and would issue the same cease-and-desist warnings.

Privatization of social interaction is a worrying trend, as advocates for civil rights seem to have problems arguing that Facebook (or whomever else) doesn't have a right to censor and propagandize and surveil if it 'owns' the feeds and communications infrastructure by which large parts of society interact. Hell, there's even lawsuits currently demanding that Facebook censor their users more in correspondence with the wishes of certain member of the political spectrum (anti-Palestinian/anti-Hamas).

In theory, courts are supposed to deal with costs between those with conflicting rights. However, when the rights of a party are rights that subsume the civil rights of others (privatized ownership over those rights) it would stand to reason that these individuals be present and have representation in the trial. It does not appear to be manifesting that way.

CharlesJuly 13, 2016 7:50 PM

Terms (Facebook)
https://www.facebook.com/terms

[…] Safety
We do our best to keep Facebook safe, but we cannot guarantee it. We need your help to keep Facebook safe, which includes the following commitments by you:

- You will not post unauthorized commercial communications (such as spam) on Facebook.
- You will not collect users' content or information, or otherwise access Facebook, using automated means (such as harvesting bots, robots, spiders, or scrapers) without our prior permission.
- You will not engage in unlawful multi-level marketing, such as a pyramid scheme, on Facebook.
- You will not upload viruses or other malicious code.
- You will not solicit login information or access an account belonging to someone else.
- You will not bully, intimidate, or harass any user.
- You will not post content that: is hate speech, threatening, or pornographic; incites violence; or contains nudity or graphic or gratuitous violence.
- You will not develop or operate a third-party application containing alcohol-related, dating or other mature content (including advertisements) without appropriate age-based restrictions.
- You will not use Facebook to do anything unlawful, misleading, malicious, or discriminatory.
- You will not do anything that could disable, overburden, or impair the proper working or appearance of Facebook, such as a denial of service attack or interference with page rendering or other Facebook functionality.
- You will not facilitate or encourage any violations of this Statement or our policies.

WmJuly 13, 2016 8:27 PM

This is the kind of fascist thinking coming out of governments today, especially from liberals like American democrats. Because there are a multitude of laws, as well as fanatical interpretations of the law, it is extremely important and perfectly reasonable to always answer any questions from the police or other authorities with the Miranda Rights. A cop ask questions solely for the purpose to entrap people in their words. If you are wise enough to recognize this, then you will never have any problems in remaining silent. Only by your answers can they proceed to build a case against you and destroy you. Unfortunately many, if not most people succumb to fear of the authorities and are thereby destroyed by them.

rJuly 13, 2016 8:39 PM

@Charles 2,

Considering the varying aspects and actors within the information security that visit this site, I highly doubt he is making ad revenue considering likely 99% of his viewership would be using noscript,adblock,ublock,umatrix, customized lmhosts or even extremely tightened firewall rulesets from within controlled and monitored environments.

It's absurd to me, that a guy who's only script I'm aware of is his RSS button would compromise the security of his readers with JavaScript or some cheesy CGI banner group.

You made me smile, thanks. :)

rJuly 13, 2016 8:42 PM

"The title is completely false, Mr. Schneier I know you're here to sell ads"

More like books.

SteveJuly 13, 2016 8:51 PM

The bank analogy is particularly bad.

I think a better real world analogy would be where a next door neighbor comes along and plugs his Tesla into an outlet on the outside of your garage. You tell him to scram but he keeps doing it anyhow, running up your electric bill.

It would seem to me well within your rights to call the cops and have him arrested for theft.

chrisJuly 13, 2016 10:55 PM

@Charles 2 : Mr. Schneier I know you're here to sell ads
@ r : I highly doubt he is making ad revenue considering likely 99% of his viewership would be using noscript,adblock,ublock,umatrix, customized lmhosts or even....


Ads?

HIS books (Data and Goliath, etc.)
HIS company (Resilient an IBM company)
HIS EFF (well, not exactly, but...)

How much money do you get from these ads, Bruce? Was it hard to sign yourself up?

Joe KJuly 14, 2016 12:03 AM

For those who are struggling in Analogies 101:

Facebook is kind of like a car wash.

Power.com (Rest In Peace) was kind of like an automotive butler service, that would drive your car, as needed, to the car wash, or the gas station, or the muffler shop, and then return it to you.

Joe KJuly 14, 2016 12:07 AM

Another article (briefly) discussing the ruling:

https://www.techdirt.com/articles/20160712/15491134950/appeals-court-it-violates-cfaa-service-to-access-facebook-behalf-users-because-facebook-sent-cease-desist.shtml

From that article, Mike Masnick's TLDR:

The CFAA remains a mess of a law, and rulings like these are likely only going to lead to more litigation around borderline cases. And that's bad. It's going to be bad for users and it's bad for innovation. It's been particularly disappointing to see companies like Facebook and Craigslist coming down on the wrong side of CFAA litigation -- in both cases going after companies who were not "hacking" in any traditional sense, but were rather looking to add useful layers of services on top of existing services. The law is being abused by companies that don't want others to innovate, and that's unfortunate and bad for innovation.

Darren ChakerJuly 14, 2016 1:55 AM

I understand the trespass theory of the court, it is just the Supreme Court of California decided Intel Corp. v. Hamidi, 2003 WL 21488209, which cuts against the 9th Circuit reasoning in the sense even if the company advises a person to not email them, there is little which can be done although the servers are the property of the company.

Specifically, in Hamidi, the court, in its reversal, held that under California law the tort of trespass to chattels does not encompass, and should not be extended to encompass, an electronic communication that neither damages the recipient computer system nor impairs its functioning. According to the court, such an electronic communication does not constitute an actionable trespass to personal property, i.e., the computer system, because it does not interfere with the possessor’s use or possession of, or any other legally protected interest in, the personal property itself — some actual injury must have occurred in order for trespass to chattels to be actionable.

Best to everyone who contributes here!

Know Your RightsJuly 14, 2016 3:24 AM

regardless of this ruling for and against
one can assure ones protection either as a patron or a host of a website
by understanding the difference, in legal terms, of public and private jurisdictions

statutes, police, nsa, judges lawyers courts, congress, fiat currency, corporations - and much more, all exist in the public jurisdiction. the public jurisdiction is not living. It is a fiction, a construct. It is dead. The private is the living.
as @curious will tell you, in law words are extremely important.
Many words we use are owned by the public jurisdiction

for a website, an authentication button can declare that visitors are only allowed if they are a man or a woman (these words specifically belong to the private jurisdiction)

a negative averment is even stronger, legally speaking
''i will not click this button to enter if i am not a man or a woman''

if you know how to hold your position properly, this can grant you absolute autonomy by a refusal to enjoin with the public realm . The private jurisdiction grants infinite more protection and sovereignty if you stay within in. @ Bumblebee , knowing this and how to wield it effectively will free you from the statutes you have said bind you in all number of ways including preventing your freedom of movement
Ones body cannot be sent to jail as surety for the name used to identify you in the public jurisdiction (your first and last name in all capital letters) unless one enjoins with the public jurisdiction

Check out Winston Shrout

A slightly different topic but this video about keeping safe from the police in practical terms has about 7 million views
it's just talking heads really so you can get away with listening to just the audio. quite entertaining and will definitely save the life of someone you know

https://www.youtube.com/watch?v=6wXkI4t7nuc

Green SquirrelJuly 14, 2016 4:43 AM

Working this out is giving me a headache.

How do you tell people they cant visit your website before they have visited your website? Even if you have an authentication process which notifies them on arrival, they have still visited your website to see it.

I think one of the challenges here is that people (posters on this blog included) constantly try to find real-world analogies for internet based activities and by virtue of being an analogy there are always bits which are different.

This ruling is simply a fundamental problem with people who have no idea what they are talking about passing rules. (Analogy time) would you expect homeopaths to pass good legislation on medical science?

Green SquirrelJuly 14, 2016 4:46 AM

@Charles2

The title is completely false, Mr. Schneier I know you're here to sell ads (among other things, and nothing wrong with that), but you and I *both* are 100% aware that there will *never* be a case in front of any judge where the primary finding of fact includes one person sharing their Netflix password with another person.

Did I miss something here? The title I can see is about visiting a website, not netflix.

Bumble BeeJuly 14, 2016 5:34 AM

Re: original topic

You're in the red-light district. We may need a way to censor or block websites like that, just to protect ourselves from trumped-up criminal charges.

This is like those grocery stores or liquor stores with a neon "Open" sign that charge you with trespassing or loitering if you enter their premises without the permission of the local pimp, (who, by the way, runs the local police department and the local court system.)

And this is federal. Mind-boggling, but not surprising.

rJuly 14, 2016 7:45 AM

@green squirrel,

This has implications for the recent hidden service discovery and attempted exploitation too, there were no open signs over those doors... no links or directions had been published in public. only reserved address numbers in the residential part of the redbook(yellow book).

They were trespassing by not being invited, intending to smash and grab etc.

rJuly 14, 2016 7:56 AM

Wow these guys up there, @Chris and @Charles 2

Are seriously concerned about revenue generated by static book ads?

Quote a few of our hosts works are public domain and widely deployed, and you question having book sales? On what grounds??

We already know that authors don't make money hand over fist from their works, it's just like the music industry which is why we've seen movements by authors (musicians included) into peer to peer models. To remove parasitic middle entities.

I question you two.

William MorrissJuly 14, 2016 8:02 AM

Does the title "Visiting a Website against the Owner's Wishes Is Now a Federal Crime" and the comment that the 9th circuit's decision is "terrible" mean that website owners shouldn't be able to have control of who does or does not visit their sites? This wasn't a case where someone got in trouble for violating a website's terms of use. Indeed, on page 16 the decision specifically says that " a violation of the terms of use of a website—without more—cannot be the basis for liability under the CFAA [i.e., the computer fraud and abuse act]." Instead, Facebook (the website owner) blocked the defendant's IP address and sent a cease and desist letter because the defendant was generating form emails promoting another social networking site which listed "Facebook" in their from line and were signed by "The Facebook Team." If there are any circumstances under which it should be possible to legally prohibit someone from accessing a publicly accessible website, why aren't those conditions present here, and what more should be needed?

Jim A.July 14, 2016 10:37 AM

I like Blake's analogy. But I would say that it's even more like using the drive up window. The user's interaction begins with a request for service (downloading an html file) The people running the service are under no obligation to serve it to that user. The fact that the providers are only complaining AFTER they have supplied the file rings funny. If you want to limit access, you have the means (paywalls, IP range limited access etc) to do so. I don't think that a user can be prohibited from ASKING for access to a file in the absence of some kind of consideration from the person who wants him to stop. After all the organization that is in a position to supply the file can always decline to provide it.

K15July 14, 2016 11:47 AM

Somewhat off topic: Has email become equivalent to postal mail, in terms of legal protections against interference?

JeremyJuly 14, 2016 2:49 PM

Visiting a web site shouldn't be compared to entering a building in the first place.

It's more like writing a letter to a business, asking them to send you their catalog.

One could imagine a business getting mad at you if you keep writing letters asking them to send you catalogs, when you already have their catalog and don't intend to buy anything anyway. It costs them some small amount of money to fulfill those requests, and they'd prefer to only incur that cost for people who might actually buy stuff.

But if they're still voluntarily sending you a new catalog every time you ask, it's pretty ridiculous to suggest that you've committed a crime just by writing letters asking for it. If they care that much, they should go to the effort of identifying your letters and filtering them out of their mail pile.

(Now, if you were lying in the letters in order to get them to send you stuff, that would be fraud. But just sending letters asking politely is not, and should not be, a crime.)

rJuly 14, 2016 3:24 PM

@Jim A.,

Blacklisting via IP address is an incomplete and problematic solution, this grants legal recourse when those boundaries fail.

My question, and I understand why the federal government is weighing in on this first (commerce clause, it's the internet yo!): there may be fringe cases that would never be covered without state legislation otherwise.

BenJuly 14, 2016 3:43 PM

Actually @Charles 2 you'll find that Bruce has linked to a reputable source (The Washington Post) where a real EXPERT* has expressed the view that visiting a website without permission is an offence.

Unless you're a Professor of Law you're in no position to comment.

The finding of the courts IS absurd but that doesn't change the fact that this is essentially what the court has decided.

Regarding password sharing - see the other article.

*Orin Kerr is the Fred C. Stevenson Research Professor at The George Washington University Law School, where he has taught since 2001. He teaches and writes in the area of criminal procedure and computer crime law.

TedJuly 14, 2016 6:26 PM

@Bumble Bee

Could this be useful to you or your colleagues?

DHS Cyber and Tech Job Fair - July 27-28, 2016
Our workforce is committed to assuring the security, resiliency and reliability of the Nation’s information technology and communications infrastructure. We need our best and brightest, our finest computer scientists and engineers, analysts, mathematicians, problem solvers, and innovative thinkers.

Join us in leading the Nation’s defenses against cyber threats.

https://www.dhs.gov/cyberfair

jjcJuly 14, 2016 10:25 PM

Sorry but the judge erred in the fundamental. If the website is not 'published' by using an internet name, then his argument might have held some water. By using a public name, there is implicit permission to use the site. The same is true by having a visible letter box on your front door. there is implicit permission for postpersons and others to deposit material into it, thus permission to approach unless other measures are in place.

For it to be real computer fraud, the site has to be password controlled.

Unfortunately the judge is a moron.

$222k winner/loserJuly 14, 2016 10:39 PM

@chuck2

you and I *both* are 100% aware that there will *never* be a case in front of any judge where the primary finding of fact includes one person sharing their Netflix password with another person.

No Charles 2, you are so very wrong. That is exactly what is going to happen. And the punishment will be so christianly out of proportion with the magnitude of harm resulting from the 'crime' that people will know what the score is. Afterwords, there certainly still will be many people sharing netflix passwords, but they'll know that if they happen to have unpopular political opinions, or piss off the wrong person, selective enforcement will come their way. Wake up and smell the mentality of the war on drugs. Ok, so it might not be netflix. Netflix could well be clueful enough that simple password sharing might be something they can effectively defend against. But it'll look about the same.

Bumble BeeJuly 15, 2016 4:01 AM

@Ted

I don't think so. I'm a permamently and irrevokably adjudicated mental defective per U.S. code. "Legally" I am not allowed to

  • bear arms
  • defend myself in court
  • have the assistance of counsel
  • receive regular (non-mental) health care
  • get an eyeglass prescription that isn't screwed up
  • get dental care
  • eat fresh fruit
  • drink clean water
  • work for the federal government
  • work with children or vulnerable adults
  • leave the U.S. and return
  • visit federal property
  • use the public library
  • use a public swimming pool
  • obtain housing
  • and so on and so forth...

LakesJuly 15, 2016 9:20 AM

How can anyone be legally prevented from fresh fruit and clean drinking water?

rJuly 15, 2016 10:07 AM

@Lakes,

Restrictions on "dietary supplements", look up the panic and disinformation surrounding the 'codex commission' in the 90s.

rrrJuly 15, 2016 10:08 AM

@Ted,

If Mr Bumbles was bored with his condition they wouldn't be restricting his activities.

milkshakenJuly 15, 2016 11:15 AM

this has been going on for a while: FBI found out that investigating industrial espionage is tricky. So what they like to do instead is to go after defendants on hacking statues, for access to computer data of their employer without a specific authorization, the Feds then hope is to tack back on the industrial espionage back during sentencing- not based on the reasonable doubt but on much lower standard, preponderance of evidence, as decided by a judge (rather than a jury). All it takes is one judge to buy the governments argument and people get sent away for ten years on bullshit charges that would not hold in court.

Bumble BeeJuly 15, 2016 1:16 PM

@ "Mr Bumbles" (some drone who goes by "rrr" and needs to buzz off somewhere else)

The foreigners don't even put a period after their damn titles. Next thing you know, they're some junior or the third or the fourth, or related to some earl or duke or some crap like that. (And women have to use a title that relates to their sexual experience or lack thereof or their marital status or their husband's status or yet more crap like that.) They may as well rename the U.S. Senate the House of Lords and have the justices of SCOTUS wear powdered wigs, because we're well into London's red-light district.

@Lakes

How can anyone be legally prevented from fresh fruit and clean drinking water?

Fresh fruit and clean drinking water interfere with federally mandated mental health incarceration, forced treatment with psychotropic drugs, major and minor tranquilizers, atypical antipsychotics, mood stabilizers, antidepressants, benzodiazepines, amphetamines, physical restraints, lobotomies, electroshock therapy, forced sterilizations, and other such "care."

@milkshaken
You got that right. It's a lot easier to trump up a petty argument against a "lone wolf" into a federal felony than it is to go after organized crime. Especially when they're all complicit and happy with the bribes and public corruption.

Anonymous CowardJuly 15, 2016 1:32 PM

Not knowing this, I:


  • clicked the Washington Post link
  • got an overlay with a popup asking for me to give out my email address
  • hid the overlays using the "block element" button of my ad blocker
  • set overflow:scroll so I could read the whole article
  • read the article
  • realized that what I did is now a federal crime

:(

rJuly 15, 2016 3:49 PM

@Bumble Bee,

By stating a restriction of fresh water, you neglected to include that you're in the same boat as some others: lead(pb). It's one great big socioeconomic experiment reinforcing our perceived cultural and intellectual barriers.

What's in your coffee?

rJuly 15, 2016 3:51 PM

@Anonymous Coward,

No big deal little brother, big brothers got your back: just give us the name of those authoring the hack tool and be a federal witness against them on our behoove.

Bumble BeeJuly 15, 2016 8:40 PM

@r

The chemical symbol for lead, Pb, stands for Latin "plumbum" from which the English word "plumbing" derives because in ancient times all pipes were made of lead.

Then they started using galvanized (zinc-coated) iron pipe instead of lead, but that scaled and corroded over time so then they went to copper pipe and eventually they even banned lead in the solder so they solder copper pipe now with lead-free silver-bearing solder, but copper is such an excellent conductor of heat it tends to freeze and burst in exterior walls in the winter, and you need dielectric unions or brass or bronze fittings wherever it joins iron (or lead) to mitigate the corrosion caused by contact of dissimilar metals, and then there is chlorinated polyvinyl chloride (CPVC) plastic pipe which is dirt cheap, but brittles with age in only a few months, (not to mention the fumes from CPVC glue are an occupational health hazard,) or cross-linked polyethylene (PEX) pipe, which requires expensive proprietary tools and proprietary crimped fittings and tends to develop pinhole leaks, although it does withstand freezing somewhat better.

Bloke on a sleeping volcanoJuly 16, 2016 7:09 PM

It's like telling somebody in the public arena that he is not allowed to stop and look into your shop window, and suddenly, voila, it's a crime for him to do so. One moment it was okay, next it has become a crime... but law is fixed, so this is, by definition, lawlessness.

That is just BIZARRE! Then again, people in high places often lack the oxygen required to maintain normal neural health. Is an atrophied brain considered brain death? I wonder if these idiots are organ donors? Could be a gold mine for some less than scrupulous surgeon, but I digress.

Anyway, if you don't want people peeking into the window, don't have a window! A closed door with a bouncer and security passes will do just fine.

Bumble BeeJuly 16, 2016 9:18 PM

@Bloke

It's like telling somebody in the public arena that he is not allowed to stop and look into your shop window, and suddenly, voila, it's a crime for him to do so.

This is exactly what I mean when I use the term "red-light district." People generally understand that there is prostitution in red-light districts, (and the Internet is no exception,) but they pretend to be ignorant of the legal aspects of the enforcement and protection of the prostitution racket. When societal corruption has reached this stage the justice system no longer prosecutes actual crimes, only blokes who have pissed off the local pimp. Women aren't necessarily better off. Numerous public universities in the U.S. insist on maintaining their own police departments and there they treat rape as a student discipline issue rather than a crime...the pimps and frat boys and the good old boys dowmtown have ways to use and abuse women, and the madams justify their treatment of the younger women in that they "paid their fare" when they were young themselves.

That's how they get educated and then they come out of those universities and that's how they start running the whole country.

rJuly 16, 2016 9:58 PM

@Bumble Bee,

You make an interesting point about institutionally protected and encouraged predatory behaviour, thank you for adding that to my list of concerns. Additionally, I'd like to point out that there's not really much of a difference (on the surface: per results) between colleges turning a blind eye and the current national backlog of rape kits.

But at least the real police aren't encouraging it.

Either way, +1 Bumbles.

JardaJuly 17, 2016 10:09 AM

How exactly is the site owner going to tell me not to visit his site? Is he going to display a message on his site? Then to reach that message I already commit a federal offence.

BTW, didn't they mention which drugs is the judge using? That must be strong stuff.... Otherwise I don't see how a conclusion could have been reached that a publicly displayed information cannot be read if the owner says so.

America and AmericaerJuly 17, 2016 2:31 PM

DON'T READ THIS SIGN
Under Penalty of Law

Welcome to the future, Jack.

Ian Oldludite July 23, 2016 4:26 AM

The world today is increasingly too complicated for judges, lawyers, civil servants, and finally the poor public to understand. Multinationals are involved in trade negotiations, local government is increasingly administering local planning decisions and law, police and politicians investigate themselves, and they are all using a plethora of hardware and software made overseas.

It may be quite possible to develop malware that silently installs and then goes about it's business violating laws for the prime purpose of making the infected system appear to be the origin of malicious and unlawful activity. A number of hidden services could easily be installed on the systems of unwitting and technologically challenged victims, serving up directories for the distribution of pirated material, exploitation or terrorism material purely to land them in hot water.

David SchwartzJuly 26, 2016 2:42 PM

"By using a public name, there is implicit permission to use the site. The same is true by having a visible letter box on your front door. there is implicit permission for postpersons and others to deposit material into it, thus permission to approach unless other measures are in place."

I agree, there was implicit permission, but that permission was explicitly revoked by the cease and desist letter. We don't want a world where people have to lock doors and put up fences to have the enforceable legal right to keep others off their property. We want a world where unambiguous notice and clear boundary markings are sufficient. That's just way better for everyone.

This case is more like someone soliciting in a bank lobby under a "no soliciting" sign, and when the bank asks them to leave, they refuse claiming that one of the bank's customers said they could be there.

Facebook's web site is open to the public, like a bank lobby. Some people can get services from the bank that others can't, just like people who have Facebook accounts.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.