Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security Government The Courts The Internet News

EBay Hacker's Conviction Upheld 174

An anonymous reader writes "The 9th Circuit Court of Appeals has ruled in the case of Jerome Heckenkamp, the former University of Wisconsin student convicted of federal computer crime charges in 2004 after hacking into Qualcomm, Cygnus Solutions and other companies, and defacing eBay. Heckenkamp was caught after a system administrator at the university hacked into his Linux box to gather evidence that Heckenkamp had been attacking the college mail server. The court ruled today that such counter-hacks are allowable under the 'special needs' exception to the Fourth Amendment, and upheld the warrantless search."
This discussion has been archived. No new comments can be posted.

EBay Hacker's Conviction Upheld

Comments Filter:
  • Correct decision (Score:5, Insightful)

    by daveschroeder ( 516195 ) * on Friday April 06, 2007 @10:05AM (#18634377)
    The University was not acting as law enforcement, as an agent of law enforcement, or at the behest of law enforcement, and thus is expressly and explicitly not covered by, or even related to, the Fourth Amendment.

    The University acted to mitigate and prevent further intrusions, the scale of which were as yet unknown, into critical University servers and infrastructure upon which tens of thousands of people and many diverse University functions depend.

    If you hack University servers from your computer (or even if the computer is being used a zombie), and then take steps to hide your identity or otherwise conceal your activities, your network access will be removed, such removal will be actively enforced and verified, and any immediate actions required to protect the security and integrity of the University network and computing resources will be taken.

    Academic, legal, and possible criminal action will then follow, as warranted. These were exigent circumstances, and not done under the guise of law enforcement, but rather the protection of critical university resources from activities clearly and explicitly disallowed by numerous University information technology, housing, academic, and general policies (not to mention various federal and state laws).

    Also, while we're on this topic, if the situation were reversed, I can imagine slashdotters would hardly call the equivalent situation a "hack" (i.e., "the university hacked into his Linux box"). Using the typical logic, he apparently didn't protect his machine well enough, so it's okay, right? Oh, but he's on the malicious side, so he's right, and the University trying to protect itself, from someone violating just about every University policy with no expectation of privacy on the network of a public research university, is wrong?

    Let me know when you people get your stories straight.

    And please, RTFA:

    Here, Savoy provided extensive testimony that he was acting to secure the Mail2 server, and that his actions were not motivated by a need to collect evidence for law enforcement purposes or at the request of law enforcement agents. ... The integrity and security of the campus e-mail system was in jeopardy. Although Savoy was aware that the FBI was also investigating the use of a computer on the university network to hack into the Qualcomm system, his actions were not taken for law enforcement purposes. Not only is there no evidence that Savoy was acting at the behest of law enforcement, but also the record indicates that Savoy was acting contrary to law enforcement requests that he delay action.

    Under these circumstances, a search warrant was not necessary because Savoy was acting purely within the scope of his role as a system administrator. Under the university's policies, to which Heckenkamp assented when he connected his computer to the university's network, Savoy was authorized to "rectif[y] emergency situations that threaten the integrity of campus computer or communication systems[,] provided that use of accessed files is limited solely to maintaining or safeguarding the system." Savoy discovered through his examination of the network logs, in which Heckenkamp had no reasonable expectation of privacy, that the computer that he had earlier blocked from the network was now operating from a different IP address, which itself was a violation of the university's network policies.

    This discovery, together with Savoy's earlier discovery that the computer had gained root access to the university's Mail2 server, created a situation in which Savoy needed to act immediately to protect the system. Although he was aware that the FBI was already seeking a warrant to search Heckenkamp's computer in order to serve the FBI's law enforcement needs, Savoy believed that the university's separate security interests required immediate action. Just as requiring a warrant to investigate potential student drug use would disrupt operation of a high school ... requiring a warran
    • Re: (Score:2, Insightful)

      Fantastic post. Frankly, the thread should end right here.
    • Re:Correct decision (Score:5, Interesting)

      by stecoop ( 759508 ) * on Friday April 06, 2007 @10:23AM (#18634635) Journal
      You forgot to add that Odds are that the 9th Circuit will get overturned...AGAIN!

      Can you guarantee that the System Admin didn't plant the evidence or the evidence was otherwise compromised? Well, now here is the problem, since you said you can guarantee it, that anyone that is called a System Admin is now allowed to plant evidence and vigilantism rules the internet.
      • Re:Correct decision (Score:4, Informative)

        by daveschroeder ( 516195 ) * on Friday April 06, 2007 @10:35AM (#18634797)
        The reason the 9th Circuit gets overturned is because it's a very liberal court that is often seen as out of step with prevailing views.

        It also is very protective of personal and individual rights, liberty, and privacy, and does not err on the side of law enforcement or the state. It is probably statistically the most likely court to rule against the interests of the government and for the interests of the individual.

        This one's not going to be overturned.

        Also, you should really, really read the ruling [uscourts.gov].
        • Those darned liberals, always standing up for individual rights.
          • A right is something you have or is protected form being taken aways. It would be disingenuous to consider something the court didn't have the right to give, as a right in the first place.

            You statement should be more to the effect of, Those darned liberals, always giving false hope up to individuals by inferring rights the don't really have. As i mentioned before, If the right was there, the other courts would have agreed with it. So the individual didn't have a right in the first place.
            • Right, because the other courts are infallible in this regard.
              • I don't know about infallible but they would be more accurate. There are several reasons for this so I will just list a few.

                One is that there are more judges. Another is that the judges only have to consider the context of the ruling alongside the law and constitution. Another is that once removed from the drama of the case, you aren't tied up in it and subconsciously rooting for one side or another.

                But more importantly, they have the final say in the matter. If they didn't find the right then the lower cou
                • Pragmatically, what you say is correct. If the appellate courts won't recognize a right, you cannot exercise it. Whether that means you have a right in the first place is a philosophical and/or linguistic question. Still, one need not look further than the civil rights era or World War II era Japanese interment rulings to find cases where the system failed to protect rights that citizens pretty clearly had.

                  That is why I generally distinguish (at least in my own head) between legally protected rights and
      • Re: (Score:2, Insightful)

        by Nukenbar2 ( 591848 )
        How is that different from any evidence collected from anywhere?

        Most evidence has to be authenticated by the person that recovered it. Just like if a store security guard see you shop-lifting, stops you and searches you, anything he finds, such as a bag of coke, you can be prosecuted for. How do we know he didn't plan it? He has to take the stand, swear to it, and then be cross-examined. That is how our system works, mostly.

        • by stecoop ( 759508 ) *
          Thats right, cross examination solves the problem. Never mind that the perpetrator plead guilty.

          You just missed the little fact about due process.
    • Re:Correct decision (Score:5, Interesting)

      by jrockway ( 229604 ) <jon-nospam@jrock.us> on Friday April 06, 2007 @10:32AM (#18634757) Homepage Journal
      > Using the typical logic, he apparently didn't protect his machine well enough, so it's okay, right? Oh, but he's on the malicious side, so he's right, and the University trying to protect itself, from someone violating just about every University policy with no expectation of privacy on the network of a public research university, is wrong?

      Problem with your logic there. If the University thinks being hacked is wrong, then why do they think hacking someone else is right? Two wrongs don't make a right. The hacker is a criminal, and the University (employee that did the hacking) is a criminal. It's that simple.
      • Re: (Score:3, Insightful)

        by garcia ( 6573 )
        Problem with your logic there. If the University thinks being hacked is wrong, then why do they think hacking someone else is right? Two wrongs don't make a right. The hacker is a criminal, and the University (employee that did the hacking) is a criminal. It's that simple.

        And the fact that this user agreed that SysAdmins may take steps to end emergency situations doesn't immediately say to me "oh, they can then hack my machine to hand over my personal files to the government without a warrant."

        To me that sa
        • Re:Correct decision (Score:4, Informative)

          by daveschroeder ( 516195 ) * on Friday April 06, 2007 @10:53AM (#18635073)
          You forgot the whole part about how even without the allegedly improperly obtained information, there was still sufficient evidence for a search warrant [slashdot.org].

          Also, at the time that this incident occurred, there wasn't an integrated capability to block MACs on the Housing network by the central IT organization, for various reasons. The most immediately available option was blackholing the IP, which was done, at which point the user simply manually assigned himself an unused IP on the DHCP network and continued malicious activity. The central IT organization does not operate the Housing network, and also didn't have immediate capability to physically disable ports in dorm rooms.

          Today, we have all of those capabilities. Then, the only option for dealing with a very critical situation was taking all steps to actively ensure and verify that this computer did not come back on the network during the evolving emergency situation occurring over a very short period of time.
          • Re:Correct decision (Score:5, Interesting)

            by Kythe ( 4779 ) on Friday April 06, 2007 @11:02AM (#18635219)
            Whether there was sufficient evidence for a warrant is irrelevant -- as you yourself noted, the University is not a law enforcement entity, nor were they working in that capacity.

            Additionally, whether the University had the means to sufficiently control its network is also not relevant to whether they had the right to break the law -- unless the man in question specifically allowed hacking into his computer by agreement. Did he do so?

            IANAL, but I wouldn't be terribly surprised to see a lawsuit against the university over their actions. Frankly, I'm rather surprised no one has been charged with hacking the man's computer. Perhaps it's being "overlooked" due to the obviously bad actor involved -- but IMHO it shouldn't be. OKing this sort of vigilantism is a pretty dangerous thing to do, on many levels.
          • by jafiwam ( 310805 )
            You would think this brain-dead idiot would clue into the fact the U was onto him at that point and bounce off a zombie somewhere instead.

            This guy needs to go to jail because he's too stupid to not get himself hurt crossing the street.

            Durrrr.....
      • You missed one critical point. The exigent circumstances allowed the University to take legally take necessary actions to protect its computing and network resources and infrastructure, and the court upheld this.

        The University was clearly correct in taking steps to ensure that the network access of the offending computer, in violation of numerous University policies and actively putting critical systems and services in jeopardy to unknown scope, was terminated and remained terminated in an emergent situatio
        • by Waffle Iron ( 339739 ) on Friday April 06, 2007 @11:02AM (#18635231)
          Since his computer was in a dorm room, the correct thing to do would have been to walk down to the dorm, get the local Resident Adviser or whoever is in charge to open up the room (which is undoubtedly allowed in emergency situations under the lease-like contract that students sign), unplug the network jack, and call the police. This would have had the additional benefit of clearly preserving any evidence of wrongdoing within the attacking system.

          Even if access to the room were not possible, they could have simply gone down to the router, pulled the plug on that room, and called the police.

          Illegally counter-hacking the attacking computer (which also was likely to taint any evidence in the system) was *not* necessary under the exigent circumstances.

          • by Sancho ( 17056 )
            It's called a managed switch, and if they don't have them, their network could use some work.
            • Re: (Score:3, Interesting)

              This was 7 years ago, and all network resources (access, authentication, topology), among many other things, were not centrally managed.

              There were a limited amount of things that could be done centrally. One of them was blackholing IPs. Physically disabling the port was also not possible in a timely manner.

              After a 5-year, $50 million network upgrade, a lot of these things people are suggesting from their armchairs are now possible. But they weren't then. This was an IMMEDIATE situation that required emergen
              • by Waffle Iron ( 339739 ) on Friday April 06, 2007 @12:46PM (#18636671)

                After a 5-year, $50 million network upgrade, a lot of these things people are suggesting from their armchairs are now possible.

                No, the only person with an armchair problem was that guy who couldn't be bothered to get out of his and make an appropriate response to the incident. Instead, he went the lazy/fun route, kept his butt firmly planted in his chair, and took matters into his own hands as a vigilante. Now 300 million Americans have just seen their bill of rights eroded by yet another increment because the university had to set new legal precedents to cover their asses from the fallout of this poor decision.

                No matter what, they could have blocked access from the entire dorm for the hour or two that it would have taken to sort out the problem legally. If their network management was sooooo crappy that even that couldn't be done, they should have just turned off their own goddamned mail server to protect it from this omnipotent hacker that was apparently impervious in his dorm room a couple of blocks away. Committing new federal felonies as a first option was not the answer.

          • Re: (Score:3, Insightful)

            by woolio ( 927141 )
            Indeed...

            I'd saw remotely unplugging the room at the router is probably better than entering the room and unplugging the computer.

            That way the admin would never obtain *physical* access to the computer (e.g. this removes a tiny amount of doubt that he could have tampered with the computer, e.g. with a boot disk/cd before the police arrive ).

      • Re: (Score:3, Insightful)

        by bhsx ( 458600 )

        If the University thinks being hacked is wrong, then why do they think hacking someone else is right? Two wrongs don't make a right. The hacker is a criminal, and the University (employee that did the hacking) is a criminal. It's that simple.

        Scenario:
        You are at the mall and some psycho starts shooting everyone in sight with an AK-47. You work in the mall as an armed guard. If the mall thinks being shot at and killed is wrong, then why do they think shooting someone else is right? Two wrongs don't make a right. The shooter is a criminal, and the mall security guard is a criminal. It's that simple.

        • by Kythe ( 4779 )
          You are at the mall and some psycho starts shooting everyone in sight with an AK-47. You work in the mall as an armed guard. If the mall thinks being shot at and killed is wrong, then why do they think shooting someone else is right? Two wrongs don't make a right. The shooter is a criminal, and the mall security guard is a criminal. It's that simple.

          There are specific laws involved in self defense, as well as laws that govern people who carry weapons as part of their job. The two situations simply aren't c
          • Re: (Score:3, Insightful)

            by bugnuts ( 94678 )
            Most universities with any sort of net access have rules stating that the sysadmins, in the course of their duties, can take action to stop attacks on the network.

            The sysadmin initially blocked the port and called it good, probably with the intent to inform management and let them deal with it. One could argue that "I pay tuition and I was blocked illegally" but nobody here is saying that violated any rights.

            Blocking was not sufficient to prevent the attacks, so the sysadm escalated his effort. That is a
            • by Kythe ( 4779 )
              As the ruling itself stated, there was nothing in the university rules that made hacking the man's computer OK. They found the evidence admissible as a matter of law, not the university terms of service.
              • by Kythe ( 4779 )
                Guess I should modify the above, for consistency.

                The ruling in question didn't address whether hacking the man's computer was right or wrong under the law.

                However, unless the terms of service directly allows an admin to obtain unauthorized access in the name of protecting the network, I would bet the "terms of service" argument wouldn't hold up.

                To me, the factors that would save the university sysadmin are the extremely limited nature of the break-in, as evidence for the purpose of that break-in, and the ci
            • Re:Correct decision (Score:4, Interesting)

              by keraneuology ( 760918 ) on Friday April 06, 2007 @12:29PM (#18636417) Journal
              How does browsing through tmp block an account? He had verified that the computer was the same one that had been previously blocked but decided to give the hacker an additional 15 minutes of time which could have been used to cause additional damage on the university's network. Since the sysadmin was taking the time to snoop it should be clear that he was going beyond what was necessary in the emergency situation. A cop kicks in a door because he hears a scream and finds a woman bleeding to death on the floor. Instead of calling an ambulance or otherwise rendering aid he takes 15 minutes to wander through the house to search for drugs. Proper action?
        • Re: (Score:2, Informative)

          by kad77 ( 805601 )
          It's only that simple to simpletons. GTFO.
      • Re: (Score:3, Insightful)

        by sumdumass ( 711423 )
        There are a lot of situations were people are forced to do things that are illegal but is otherwise considered ok in the circumstances. Killing a person is illegal, killing a person to save your own life gets you a pass. Speeding is illegal, speeding away from a shootout where it is likely you could be hit by a stray gets you a pass. Jaywalking is illegal, jaywalking to get away from a crumbling building gets you a pass.

        Do you see a pattern here? Sometimes in order to protect yourself, illegal actions don't
        • by geekoid ( 135745 )
          "Do you see a pattern here?"

          yes, clearly you have no idea how to keep an anology in context.

    • Re: (Score:2, Insightful)

      by eli pabst ( 948845 )
      I'm not that familiar with the case, but my question is who owned the computer that the administrator "hacked" into. If this was a University-purchased system, then I think they had every right. But if this is his own system that he purchased and simply was connected to a U of W network in his dorm then I think he had a reasonable expectation of privacy. His network traffic would be fair game, but unauthorized access is something different.

      I'm not sure how connecting to someones network gives them the
      • Re: (Score:3, Informative)

        He did have an expectation of privacy, and the court held that.

        It also held that the emergency search fell under the doctrine of the "special needs" exemption to the Fourth Amendment.

        These two principles were balanced, and special needs won out.

        I really wish people would read the ruling [uscourts.gov], as it speaks in great detail about the principles of privacy, expectations thereof, why the search was acceptable in these circumstances, and so on.
        • by Kythe ( 4779 )
          It also held that the emergency search fell under the doctrine of the "special needs" exemption to the Fourth Amendment.

          Speaking as one who has read the ruling, I'll simply note that it applied to whether or not the evidence was admissable (a matter of law, as this is an appeal), not whether the university was right to hack the man's computer. In fact, reading the ruling, it would appear that that might not be the case.

          However, I would also imagine that the limited nature of the search and the circumstance
          • I don't get that from the ruling. While speaking to the admissibility of evidence in the criminal proceedings, the underlying act itself was specifically exempted under special needs. This puts it on solid legal ground as far as the 9th Circuit and the original ruling court are concerned.
            • Re: (Score:3, Interesting)

              by Kythe ( 4779 )
              the underlying act itself was specifically exempted under special needs.

              Again, this was specifically for the purpose of determining the admissibility of the evidence. The 9th Circuit was addressing an appeal, so could only rule on matters of law pertaining to that appeal.

              Whether or not the university sysadmin would be convicted under the circumstances is a fairly open question, if he were charged with unauthorized access of a computer system. Now that I've read the ruling and the facts considered, it cert
              • Re: (Score:3, Interesting)

                I think we essentially agree on the basic points here.

                I understand that this ruling is only speaking to the conviction that is unrelated to the University efforts with regard to ensuring this computer remained off the network.

                However, since special needs only applies to the explicit and direct action the University took, while this ruling is speaking specifically to the appeal of the conviction, it is still reasonable to believe that the action itself would be viewed legal upon consideration of that action
    • Well we could be of the opinion that two wrongs don't make a right and they were both wrong. I'm often amused by the assumption made by people that I'm either for their opinion or for some arbitrary opinion that's completely the opposite. Take the current "You're either for this or you're for the terrorists!" argument that congressmen like to break out to support their current pet project. To which my response, were I confronted with that attitude in person is, "No! You are both a menace to the ideals that
      • by Kythe ( 4779 )
        This is a very good comment.

        As I read it, and given the fact that this story appears to be regarding an appealed ruling, the 9th Circuit was simply upholding the admissibility of the evidence obtained through the university's hacking. It wasn't ruling as to whether the University had the right to hack, or whether they ran afoul of the law in the process.

        IANAL. That said, I would bet what the university sysadmin did ran afoul of at least one computer crime law. Whether or not he'd be convicted or suffer le
    • by geekoid ( 135745 )
      "Just as requiring a warrant to investigate potential student drug use would disrupt operation of a high school "

      because the4 contitution should only be upgheld if it's conveniant.
    • You know, I thought that this was indeed a very well written post, and was nodding my head until... well, until this line:

      "Let me know when you people get your stories straight."

      Yeah, because we, the collective Slashdot posters, have an oligation to you to speak with one voice. We ought to ensure that everyone in our midst presents the same argument. If they disagree, we ought to silence them so they will not disturb the unified presentation. We are Borg of Slashdot.

      Seriously, either talk to specific people
    • So why didn't they just track down the "hacker" and kill him? I mean after all they have a right to protect their systems, apparently by any means necessary, legal or not...
      • Because that would not have been appropriate.

        This was. And the 9th Circuit agrees. It probably wouldn't have agreed that murder was an appropriate response, whereas this intrusion for protective purposes was, on balance.

        Read the ruling [uscourts.gov]. It's pretty informative.
        • Breaking the law was their appropriate response. All I'm saying is if it is appropriate to break one law, why not all of them? How is breaking the law in the exact same manner as the "hacker" justified in their case? Makes no sense. Laws should apply to eveyone, not just "the bad guys". With all the evidence the sysadmin had acquired without breaking the law, it seems like he could have gone to the proper law enforcement authorities and let them handle the "case building evidence" phase.
    • I agree, the sysadmin's response seems very reasonable, and it is quite hard to conceive of any other form of action given that a warrant was already being sought, and the threat to the university systems was immediate.

      The articles give a pretty vague picture of what happened though, because they say the passowrds to the .200 IP were the same as the ones to the 117 one, which Savoy had obtained earlier. My question is: why did Savoy wait and take a defensive stance if he had already cracked the machine befo
  • by Rie Beam ( 632299 )
    " The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. "

    So, does it fit? What was the evidence before the hack? IANAL, just curious.
    • by alen ( 225700 )
      this only applies to the government performing the search. in this case it was the university and he was on their network which probably gave them the right via something he signed

      and even if it was the government, there is probably case law that says a warrant can be given out after the fact if the government can prove they had proof or a compelling reason to gather this evidence at that time and getting a warrant would take too long, etc. it's like if a police officer arrests you without an arrest warrant
  • Thank God (Score:4, Interesting)

    by normuser ( 1079315 ) * <normuser@whyisthishere.com> on Friday April 06, 2007 @10:08AM (#18634425) Homepage Journal

    The court ruled today that such counter-hacks are allowable under the 'special needs' exception to the Fourth Amendment


    Now I don't feel so bad about killing those zombies that keep trying to ssh into my box.
    • The court ruled today that such counter-hacks are allowable under the 'special needs' exception to the Fourth Amendment.

      The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

      Um, there isn't a "special needs" section of the Fourth Amendment. Is it too much to ask Slashdot editors to assume some journalistic responsibility?

  • What? (Score:4, Funny)

    by Spazntwich ( 208070 ) on Friday April 06, 2007 @10:08AM (#18634427)

    The court ruled today that such counter-hacks are allowable under the 'special needs' exception to the Fourth Amendment

    So suddenly the retarded aren't protected by the bill of rights?

    This is preposterous!
  • by Anonymous Coward on Friday April 06, 2007 @10:09AM (#18634447)
    I'm a bit scared as to what this will mean for RIAA attacks against innocent people accused of file sharing. If "self help" is available for the university when someone hacked their server, why WOULDN'T the courts allow "investigators" working for the MAFIAA to hack into computers to determine if they were "pirating" music or movies?
    • Not at UW... (Score:3, Informative)

      Except for the fact that the University of Wisconsin isn't cooperating with the RIAA in its latest efforts:

      University of Wisconsin-Madison Bucks RIAA
      http://slashdot.org/article.pl?sid=07/03/20/015121 6 [slashdot.org]

      UW to RIAA: No way
      http://badgerherald.com/news/2007/03/21/uw_to_riaa _no_way.php [badgerherald.com]

      It may be illegal...
      http://www.doit.wisc.edu/news/story.asp?filename=8 12 [wisc.edu]
    • Re: (Score:3, Informative)

      by proxima ( 165692 )

      I'm a bit scared as to what this will mean for RIAA attacks against innocent people accused of file sharing. If "self help" is available for the university when someone hacked their server, why WOULDN'T the courts allow "investigators" working for the MAFIAA to hack into computers to determine if they were "pirating" music or movies?

      Well, one reason is that apparently this guy was connected to the university's network. He was using it to actively hack other systems, which is more clearly an "emergency" tha

    • by jmv ( 93421 )
      If "self help" is available for the university when someone hacked their server, why WOULDN'T the courts allow "investigators" working for the MAFIAA to hack into computers to determine if they were "pirating" music or movies?

      Cuts both ways (with the general interpretation you make). If they try to break into your box and you didn't do anything wrong, then *you* would then be allowed to break into their machines... Then again, I'm pretty sure there are lots of restrictions.
  • Excellent (Score:2, Insightful)

    I knew two wrongs make a right. (obviously if it benefits certain organizations only)
  • Heckenkamp was caught after a system administrator at the university hacked into his Linux box to gather evidence that Heckenkamp had been attacking the college mail server.

    But what if that evidence had not been there? Would the so-called "counter-hack" have been a punishable offense had the target turned out to be innocent?

    It'd be fun if you could hack anyone you wanted at that University as long as you're looking for evidence of wrongdoing.. especially since all the skills you'd need to hack into a box

  • Forensics Anyone? (Score:5, Insightful)

    by madsheep ( 984404 ) on Friday April 06, 2007 @10:34AM (#18634789) Homepage
    Ok this just sounds a bit ridiculous. This is essentially vigilante cyber justice. Now it had a bit more of a law enforcement/good guy vs bad guy twist, but I just don't see how this can be allowed. Where is this special need and why was this an acceptable method to go about anything?

    Is anyone familiar with forensics? "Hacking" into another machine alters a ton of stuff..even if you're just logging in remotely with username/password you found. You've change login dates, profiles, logs, etc. How would this sysadmin have known this machine wasn't already compromised and was just being used a launching point?? If this was the case and the guy adamantly denied having been a part of it, he would have essentially *ruined* any and all evidence. This is just rediculous.
    • I'm willing to bet that if this guy would concentrate on that aspect he would get a lot further then challenging the constitutionality of the evidence.

      On another note, The courts have in the past allowed evidence that was obtained illegally but not by a law enforcement officer or officer of the courts (including anyone acting on their behalf). It is assumed that the evidence would become public knowledge if the illegal act went to trial and then become fair game. And seeing how the constitution primarily re
  • by Anonymous Coward
    The fourth amendment applies only to the state's action to investigate. So really the question here was whether the admin's knowledge of police activity made him an agent of the state. I don't see this case raising even a remotely close question. The admin did what any admins ought to do. Even if the admins' activities were illegal, he could get prosecuted, but the evidence is admissable

    Just to hammer things home, if a thief breaks into your house and then turns in evidence of illegal doings over to the
  • Too Bad... (Score:2, Flamebait)

    Too bad it was the 9th Circuit that upheld this. They are by far the most overturned of all Courts of Appeal.
  • The article calls him a "confessed superhacker." He's a punk, a loser. Only losers spend their time breaking into other people's computers, and only an extreme loser would actually leave his computer so wide-open that a university sysadmin would be able to walk into it. I work at a university as a sysamdin. We're not a bunch of uber-crackers.

    I've said it before and I'll say it again, the only things that anyone is ever punished for in this world are being unpopular and being incompetent. This punk defi
  • by imunfair ( 877689 ) on Friday April 06, 2007 @01:33PM (#18637401) Homepage
    You either leave the net as the wild west, and let every man fend for himself, or you set up concrete rules about hacking, etc and enforce them fairly.

    I'm not defending the 'ebay hacker', but I think if he's in trouble then the sysadmin should be as well. There are a lot of physical solutions to cut off someone's net access if you have control of their building, in the event that you can't handle it on the technological side. The responsible thing to do if neither of those options were available would be to remove your server from the net, or actually make your system secure, and report the attacker through the proper channels.

    And to all the people defending the sysadmin as justified, I would like to know why - if he thought blackholing the first ip was enough at the time - did he bother to find a working password on the system in question, and what methodology did he use to do that? Seems like he's just using the second attack as a CYA to hide his proclivity to hacking students machines when he wants to. (If you RTFA it says that he used a password from the first time to log in the second time and snoop around to verify it was the same computer)
  • his name isn't Hackenkamp.

If A = B and B = C, then A = C, except where void or prohibited by law. -- Roy Santoro

Working...