
Man who hacked Scarlett Johansson's e-mail sentenced to 10 years - Cadsby
http://arstechnica.com/tech-policy/2012/12/man-who-hacked-scarlett-johanssons-e-mail-sentenced-to-10-years/?comments=1
======
ChrisNorstrom
This sentence is everything wrong with the American justice system. I do NOT
want my tax payer dollars to be spent keeping a hacker in jail along with with
murderers and rapists.

Lindsey Lohan and Paris Hilton drive around coked up and drunk and get either
probation or a 1 month/1 year sentence but someone hacking a phone (who
doesn't endanger anyone's life) gets 10 years???

~~~
rpm4321
Yes and no. I believe 10 years is obviously a bit much in this case, but if
you tweak the variables a bit, this sort of thing can be tantamount to a
sexual assault.

Imagine it's your sister or girlfriend involved, and the pictures are splashed
across Facebook by an ex-boyfriend.

In this case, the victims are certainly less sympathetic, but the principle is
basically the same.

It reminds me a bit of this Hunter Moore business:
<http://news.ycombinator.com/item?id=4890088>

~~~
DanBC
I would be very angry. I would want the person to understand just how
distressing their actions had been. I would want them to feel sorry for what
they had done, and I would want them to know that this is not something that
they will ever do again. I would want the person to make some kind of
restitution.

Putting that person in prison achieves none of that.

Obviously, that's just my personal opinion, and I kind of understand that
other people feel differently.

------
javajosh
The lesson here is clear: if you have money, there is no such thing as crime.
If you don't have money, like this guy, then even if you plead guilty you get
_years_ in prison.

HSBC can aid terrorists and launder money from drug cartels and pay a fine.
Goldman Sachs knowingly sells junk to their clients, minimizing their own
exposure to the financial crisis, and gets a bailout.

Fuck this shit.

~~~
daeken
> Goldman Sachs knowingly sells junk to their clients, minimizing their own
> exposure to the financial crisis, and gets a bailout.

GS never got a bailout. They _were_ paid by AIG using bailout money, for what
they were owed, but never received a bailout by the US government at all.

~~~
boboblong
How is that any different?

~~~
daeken
If they were bailed out, that would mean the company was in a risky financial
position and needed assistance from the government. What happened with GS was
that AIG owed them money (legitimately), and AIG was bailed out. The reason
AIG needed to be bailed out (in part) was that they owed a lot of money to a
lot of people; when that went through, they paid their creditors.

Claiming that GS was bailed out is like claiming that Microsoft was bailed out
-- AIG gave them money after the bailout too, I'm sure.

------
aaronbrethorst
Poor bastard. He did something that is unquestionably highly unethical and
illegal, but he was also an awkward, messed-up nerdy guy who arguably just
needed some real friends and a chance.

[http://www.gq.com/news-politics/newsmakers/201205/chris-
chan...](http://www.gq.com/news-politics/newsmakers/201205/chris-chaney-
hacker-nude-photos-scarlett-johansson?printable=true)

~~~
Jagat
Wait, can't the same argument be applied to certain sociopaths?

~~~
drivebyacct2
Are you implying that sociopaths should just be thrown in prison and left to
rot?

Does anyone in the US pretend that prison should be rehabilitative? I'm sure
that this guy serving 10 years in prison is going to be a net-positive for our
society. /not

~~~
wilfra
Given the amount of publicity this is getting, I would argue it will be a net
positive. It will provide a strong deterrent to people hacking celebrities in
the future.

~~~
sesqu
Harsh sentences don't "set an example" and deter crime.

[https://en.wikipedia.org/wiki/Deterrence_(legal)#Effectivene...](https://en.wikipedia.org/wiki/Deterrence_\(legal\)#Effectiveness)

------
dmix
Now when we discuss the legality of NSA having wide open access to citizen
emails and other personal data, we'll have a good reference point on what
happens when regular people do it.

~~~
evoxed
I wonder which pays better, being a fall guy for News Corp or the NSA...
either way, I'm sure it'll just mean one less salary to turn over at the end
of the year.

------
m0nastic
Here's a thought experiment:

Many people here seem to be okay with the idea of this being a punishable
offense, but take issue with the length of the sentence (which I'll admit,
seems excessive on first blush).

But what would an acceptable sentence be for hacking someone's email and then
distributing their personal information? Maybe a year? That doesn't sound
outrageous.

So if he did that, and was sentenced to a year in prison, and then got out and
did it again, presumably another year in prison isn't unreasonable (you could
argue for a harsher sentence because it was a repeat crime, but we'll ignore
that).

So he did this to 50 different accounts. That's 50 separate crimes. He took a
plea (which resulted in being found guilty of a lesser number of charges), and
that got him 10 years.

I still think 10 years seems like a lot of time to spend in jail for a
nonviolent crime, but shouldn't the number of crimes be used somehow in
calculating a sentence?

~~~
sesqu
Yes, but not as a multiplier. After all, the threshold for a fifth crime is
not equal to the threshold for the first.

------
veb
10 years is far too long.

I agree the punishment for hacking emails should be harsh, because your email
is your _life_. But not 10 years... because reading or leaking someone's email
is not akin to killing them.

------
themckman
People seem to be focusing on this 10 year number and being really upset, but
I'm wondering if anyone actually read the article. The article claims he had
access to 50 email accounts and plead guilty to 9 counts of various charges. A
linked document mentioned something about a "28-count superseding indictment",
which I won't claim to understand. However, the point is, most people here
appear, to me at least, that they think it's 1 person's email that he got
access to. It's a little bit more than that.

------
AutoKorrect
So now that the court agrees that the sentence for hacking email is 10 years,
when do we start convicting the entire NSA, AT&T, on up to the Executive head
(the President) for doing this to the entire USA? If there is no conviction
for these people, then he is clearly not being treated equally under the law,
and deserves to be set free.

~~~
ahallock
Because States do not universalize their own rules & laws. The exempt
themselves, and are above the moral obligation that the rest of us are
expected to follow. They also control the language and will create a vast set
of euphemisms to excuse their contradictory behavior.

------
tnuc
He may have been better off murdering someone.

~~~
sixothree
As long as that person was from a relatively low class.

------
joonix
More extreme sentencing. Long live the prison state.

------
DanBC
The US spends about $52 Billion on people in prison. There are about 2.3
million people in US prisons, with nearly 5 million people on parole.

The reason isn't because the US puts more people per year into prison; the
reason is that the US keeps people in prison for so long.

The incredibly high prison rate has other weird effects. People are expected
to die in prison but prison guards are not trained to deal with people at end
of life. Dementia in particular is difficult for anyone to deal with.

I found this article moving:

Life, With Dementia ([http://www.nytimes.com/2012/02/26/health/dealing-with-
dement...](http://www.nytimes.com/2012/02/26/health/dealing-with-dementia-
among-aging-criminals.html?hp=&pagewanted=all&_r=0))

And here's another article about prison hospice:

([http://www.latimes.com/news/local/la-me-1121-prison-
hospice-...](http://www.latimes.com/news/local/la-me-1121-prison-hospice-
html,0,280840.htmlstory))

We know that prison doesn't work for most prisoners. So why do we spend so
much money keeping people there? (There are some people who deserve to be in
jail, and who cannot live in wider society.)

------
da_n
I don't know much about this story and certainly don't condone the behaviour,
but from the article it seems all he was doing was abusing the password reset
system offered by the service providers, which as anyone reading hacker news
will know is a very flawed security model (I use random data for answers when
they force security q/a). Not exactly high level hacking (it's no firesheep
session hijack for example) so seems a bit harsh considering. Surely this is
really an issue of a very bad security hole being abused, more responsibility
should be directed to the email providers to get better with their security.
Again not saying such behaviour should go unpunished, he deserves jail time
certainly, but this should also be a clear signal that service providers need
to get more serious about security and take more responsibility.

edited for clarity.

------
harold
Wow. He might have received less time for attempted murder [1]

[http://themercury.com/articles/man-gets-5-years-for-
murder-a...](http://themercury.com/articles/man-gets-5-years-for-murder-
attempt)

------
richforrester
10 years seems a bit steep.

Wonder what Scarlett thinks of this; someone read her email, and is now in
jail for 10 years.

~~~
ryanac
Didn't he also publicly release nude photos of her and three other women?
Still maybe a bit extreme on the sentence, but it wasn't just "reading
e-mail".

~~~
ChuckMcM
Yes he did. There is a strange cognitive dissonance between email and regular
mail. If someone broke into an apartment lobby, picked the lock on the
mailboxes, took out a set of film prints [1] from the drug store, made copies
of the 'private and personal' pictures contained therein and then shared them
with their friends for prurient reasons, what sort of punishment is deserved
there?

The "virtual" nature of email makes it seem so much more distant than the
reality of breaking and entering into someone elses home for the purposes of
stealing their mail.

[1] Well presumably not surprising but there was an interesting arrest of a
guy who did this at CostCo by searching through the finished pictures boxes
looking for interesting pictures for his "collection."

~~~
moe
_If someone broke into an apartment lobby_

Do you really face 10yrs for breaking into a hollywood apartment and releasing
nude tapes you found?

I can see him going to a jail for a while, but 10 years is an _awful_ long
time for a crime that very likely didn't leave permanent damage of any kind
(psychological, physical or otherwise).

~~~
ChuckMcM
Guess it varies, according to this report from the Post Office in 2001
<https://postalinspectors.uspis.gov/radDocs/pubs/ar01_01.pdf> there are both
shorter and longer sentences handed out.

I really can't speak for the judicial system of course, I do know that people
I've talked to about this case see "email" as being less "real" than physical
mail, and I also have spoken to people who have had their mail stolen and used
against them. It is hard to be dispassionate about relative punishment in that
case.

It may be that if someone stole your mail and published it you would just
laugh it off. This guy took it a bit further than that I would say.

And just for context, in California at least since our prisons are over full,
the most this guy would serve would be 5 years, and then he'd be eligible for
parole in 18 months, less time off for good behavior. I don't know if Florida
has similar issues but there are times in the California system where the goal
is to have the person spend at least _some_ time in jail and that sometimes
requires a longer than expected sentence. (No idea at all if that is the case
in Florida though)

