
DOJ Subpoenas Twitter About Five Users Over a Smiley Emoji Tweet - keithrl
https://www.techdirt.com/articles/20171023/18275838465/doj-subpoenas-twitter-about-popehat-dissent-doe-others-over-smiley-emoji-tweet.shtml
======
coldcode
One of the subpoenas was about PopeHat, who of course is public, and he wrote
about it on his blog. Why demand twitter unmask a public account?

~~~
simcop2387
Link to said popehat blog article, [https://www.popehat.com/2017/10/24/in-
which-my-identity-is-s...](https://www.popehat.com/2017/10/24/in-which-my-
identity-is-sought-by-federal-grand-jury-subpoena/)

Speculated reasoning in the comments on the article was that it then gives an
admissible account of who owns the twitter name. Otherwise the assertions
about who owns it are inadmissable hearsay. That said it's still really weird
that the accounts were subpeonaed

EDIT: fixed link. Just noticed it went to an old article. Apparently the new
one is up but not listed on the homepage? (Similar topics so I didn't notice
right away)

~~~
heartbreak
Link to the actual post:

[https://www.popehat.com/2017/10/24/in-which-my-identity-
is-s...](https://www.popehat.com/2017/10/24/in-which-my-identity-is-sought-by-
federal-grand-jury-subpoena/)

~~~
simcop2387
Thanks just fixed mine. Didn't realize that it was the wrong one since the
topics were similar and i grabbed it off the homepage. That's one thing
popehat has always suffered from, weird caching/publishing their rss feed was
running a few weeks out of date for a while.

------
duxup
What amazes me is somewhere along the process someone with power didn't notice
and think "Hey you know this all seems like a bit much considering what we're
looking at here..."

~~~
jmcqk6
Never underestimate the power given when people take the attitude that
something they are looking at is "not my problem".

------
SubiculumCode
I used to tell my son that there will always be work for computer security
specialists and that he should go for that. This makes me wonder about my
advice.

~~~
TerminalJunkie
I assume that if you're freelance you're at more risk of finding yourself on
the receiving end of a CFAA violation. What I wonder is that if security
researchers who work for domestic companies face the same degree of scrutiny
that these freelance researchers do.

I guess that if you work for a company you're probably not looking at anyone's
website that's not explicitly paying you/your company and under some contract.

~~~
jerf
While what you posted makes sense with the right definitions, I think you
might understand better if you're careful with your definitions of "security
specialist" (what SubiculumCode said), "security researcher" (what you said),
and the other classifications.

Not all specialists or researchers are doing penetration testing. Of those,
not all of them are penetration testing third party stuff, and of those, not
all of them are doing it without permission. That's the only one that will get
you into trouble.

I'm not, technically, a "security specialist" of any stripe, but I take a very
careful interest in the defensive side of security, and am currently in the
middle of implementing a fairly security-sensitive system. I don't worry that
the FBI is going to bust down my door at 2am because I've tweaked the API of
my code to make it harder to write cross-site scripting attacks, or because I
fixed the architecture so that authentication is done very early in the
request cycle instead of ad-hoc and inconsistently very late in the request
cycle in a way that requires every developer of every individual web page to
have to enforce all authentication. Most security work is going to involve
internal matters and the fixing thereto, and, yeah, the job isn't going
anywhere any time soon.

(Though it does have the eternal challenge of convincing people they need to
pay for it, and the problem that even in companies where programming is the
major product like Facebook and Google, you're _still_ going to be a cost
center.)

------
jrjarrett
I can't even anymore. If this story is anywhere near true -- and I have no
reason to believe it is not -- then what the hell do we as citizens DO about
it?

How can we put an end to ridiculous infringements on rights and wasteful use
of resources?

It certainly starts with voting for representatives that won't allow thus, but
damn. There aren't a lot of good choices out there. And even if there are, how
do we fix the issues that allow the bad actors to get elected over a "good"
rep?

~~~
rayiner
The problem isn't the government, it's the "citizens." We're a society of
cowards, who are afraid of everything and want the government to do something
about it. _E.g._ crime rates are at historic lows, but more than half of
Americans say that they worry a "great deal" about crime:
[http://news.gallup.com/poll/190475/americans-concern-
crime-c...](http://news.gallup.com/poll/190475/americans-concern-crime-climbs-
year-high.aspx).

It's not getting any better, it's probably getting worse. We're not that far
away from people being arrested for the tweets they post:
[http://www.cnn.com/2017/03/17/us/twitter-journalist-
strobe-e...](http://www.cnn.com/2017/03/17/us/twitter-journalist-strobe-
epilepsy/index.html). Millennials don't see anything wrong with that sort of
thing: [https://www.theatlantic.com/education/archive/2017/07/why-
it...](https://www.theatlantic.com/education/archive/2017/07/why-its-a-bad-
idea-to-tell-students-words-are-violence/533970).

~~~
WillPostForFood
Not true that crime rates are at historic lows, particularly violent crime
which is over double the 1960 rate:

[http://www.factcheck.org/2016/07/dueling-claims-on-crime-
tre...](http://www.factcheck.org/2016/07/dueling-claims-on-crime-trend/)

But if you are in the Chicago area, you should know that like wealth, crime is
incredibly unevenly distributed. There are communities that have effectively
zero risk of violent crime, and communities within 30min drive that have
violent crime rates that rival the most dangerous cities in the world.

~~~
24gttghh
>Not[e] true that crime rates are at historic lows, particularly violent crime
which is over double the 1960 rate:

Which ignores the context of the data that while still double the 1960 rate,
it is also _half the peak 1991 rate_ , and has generally been decreasing since
then. The murder rate is similar to the early 1960's, after it's peak in the
70s/80s.

I have nothing to disagree with your comment on Chicago, which sounds
plausibly accurate.

~~~
WillPostForFood
I wasn't ignoring the parent context, which was that crime is at historic lows
which is not true.

~~~
24gttghh
I found this neat crime vs population density study, but as with most things,
you answer one question and end up with more:

[https://blog.nycdatascience.com/student-works/pressure-
cooke...](https://blog.nycdatascience.com/student-works/pressure-cooker-
higher-population-densities-increase-crime/)

------
Floegipoky
Why is Ted Stevens a fool for saying the Internet is a series of tubes, but so
many otherwise level-headed are fine pretending networks are houses?

~~~
d0lph
It's a metaphor.

------
znpy
So... Tweeting now is a form of assaulting ?

~~~
bitwize
Yes. The victim had epilepsy, and the tweet was something like "You deserve a
seizure!" accompanied by a rapidly flashing animated GIF.

~~~
znpy
Oh. Didn't think of that.

------
PatientTrades
And this is why you should be very careful what you tweet. Once its out there
it can never be deleted. Even with a fake name and handle. Your ip address,
mac address, location, etc.

~~~
loeg
Mac address? What is possibly recording that?

~~~
MichaelGG
Many WiFi networks record MAC addresses to help associate devices with
IP/users.

------
Spivak
So a security researcher who was angry about getting raided and hit with a
CFAA accusation after an unauthorized access of private medical data started
doxxing the FBI agent responsible on Twitter. And in response the FBI is
requesting information about the Twitter users that were part of the
conversation.

Doesn't seem quite as sensational once you know the backstory. The author is
right that the charges aren't the strongest but we can't be obtuse and pretend
that posting the personal information of the officer and his family couldn't
meet the bar for intimidation or harassment.

~~~
stedaniels
Doxxing? Hardly. Looking at the Twitter thread, he did far less than a lazy
casual fan of a TV star would do on an average Google/Facebook search.

> Doesn't seem quite as sensational once you know the backstory.

Though your summary was sensationalised by the addition of the term doxxing
(usually negative connotations there), whether you meant it to be or not. It
is all about how the spin is put on it. An innocuous situation can be played
up, or down, by either side.

P.S. @Spivak, it's your 1024 days anniversary on HN! :-)

~~~
amichal
actually if you read the attachments at the end of the referenced complaint[1]
the FBI is claiming he did a _bit_ more then look up the agent and his family.
He also sent various semi-threating messages to them on facebook.

Still not sure why that gives them grounds to subpoena everyone on the thread.

[1] [https://assets.documentcloud.org/documents/4116064/Shafer-
Co...](https://assets.documentcloud.org/documents/4116064/Shafer-
Complaint.pdf)

~~~
stedaniels
Darn it. Apologies for going off with my half baked facts ;-)

