
Hacker Who Helped Disrupt Cyberattacks Is Allowed to Walk Free - brianmwaters_hn
http://www.nytimes.com/2014/05/28/nyregion/hacker-who-helped-disrupt-cyberattacks-is-allowed-to-walk-free.html?hp
======
melville_X
For anyone who wants to see a preview of Sabu's entrapment of anonymous
members, one of his chat logs were leaked:

[http://cryptome.org/2012/09/sanguinarious-
sabu.htm](http://cryptome.org/2012/09/sanguinarious-sabu.htm)

> Why is an informant going around throwing out a location to a claimed cache
> of classified documents concerning SCADA systems? So this is like a textbook
> attempt at entrapment, its akin to giving someone a key to a door but
> telling them its legal to open it with, someone being an informant, to take
> them down after. It also does not appear the FBI gives not one fuck about
> the security of critical infrastructure as long as it entraps another kid.
> Nothing at all wrong here is there? Full transcript:
> [http://cryptome.org/2014/05/sabu-m45t3rs4d0w8-2012-0330-0524...](http://cryptome.org/2014/05/sabu-m45t3rs4d0w8-2012-0330-0524.pdf)

Perfect example of the FBI looking for easy arrests using morally-vague
methods of entrapment, instead of doing the hard work and stopping real
criminal conspiracies. This is a technique they perfected in domestic
terrorism cases where they find dumb criminals with no skill, financing, or
strong motivation, then give them all of the resources and information they
need to do conduct a real scheme. While holding their hand along the way.

Makes great headlines when they arrest someone "domestic terrorist caught by
FBI!" but hardly a good use of resources when they keep missing _real_
terrorist attacks.

Bruce Schneier nailed it in 2007:
[https://www.schneier.com/essay-174.html](https://www.schneier.com/essay-174.html).
None of the 'foiled plots' were ever a real threat until the FBI showed up.
People could argue these people should be in jail anyway but they are hardly
worth the skill and resources of the most advanced investigators in the
country.

~~~
afarrell
Quick illustrated guide to what the legal concept of Entrapment actually is:
[http://thecriminallawyer.tumblr.com/post/19810672629/12-i-wa...](http://thecriminallawyer.tumblr.com/post/19810672629/12-i-was-
entrapped)

By a former New York prosecutor.

~~~
tptacek
This whole series is pretty great. The cheat sheet here:

Entrapment requires:

(1) a causal relationship between police action and the accused's commission
of a crime, and

(2) the police overcoming some demonstrable resistance to the commission of
that crime, or the accused otherwise demonstrating that the police somehow
corrupted them into committing a crime they would not have been predisposed to
commit otherwise.

The "entrapment myths" in the comic:

1\. That the police have to tell you that they're cops, or are somehow not
allowed to deceive you into committing a crime. (No).

2\. That the police cannot ask you to commit a crime. (No).

3\. That the police cannot break the law themselves to get themselves into a
position to see you commit a crime. (No).

4\. That the police cannot help you commit a crime. (No).

5\. That the police cannot allow you to commit a crime or somehow give you the
impression that your actions are lawful and then arrest you. (No).

The law expects you to actively resist an entreaty from anyone --- undercover
cop, uniformed cop, friend, family member --- to knowingly break the law.

The example the comic gives of an unreasonable effort to break through
resistance: appealing to a friend to aid in the commission of a crime because
your life depends on it, putting the accused in a position where a reasonable
ordinary person might choose to participate in the crime as the lesser of two
evils. That's entrapment.

Furthermore, as I understand it, and this may be state-by-state, but
entrapment is doubly difficult to employ in a defense because it's an
affirmative defense: to raise "entrapment", you must first acknowledge that
you committed the crime in all its particulars, and _then_ claim that your
excuse was that you were entrapped.

~~~
melville_X
Yes that's the definition of entrapment as interpreted by American courts.
Very challenging for lawyers to use as a defense. Which is exactly why law
enforcement loves using informants and undercover agents for everything these
days. In heavily bureaucratic agencies like the FBI, the only thing that
matters is looking good to management by getting arrests and 'foiling plots'.
So why not go for some easy prosecutions? You'll be upper management in no
time.

Plus there are a _ton_ of dumb people and nearly everything is a crime these
days, so all you have to do his handout a crime on a platter and fill prisons
with the incompetent criminals who take the bait.

Why hunt down criminals when you can fish for dumb ones.

~~~
tptacek
The crimes we're talking about here aren't "the crimes every American commits
while squeezing orange juice in the morning" crimes.

Meanwhile, it is extraordinarily difficult to catch people in the act of
committing computer crimes; the most effective investigative approach to
enforcing computer crime laws probably is to find people who are predisposed
to commit them, stage an opportunity to commit a specific instance of it, and
then apprehend them. So, yes, computer crime enforcement does have a "fishing
for dumb people" element to it.

What would be really interesting in a thread like this is, after pointing out
how US criminal law makes it hard to raise an entrapment defense, providing
specific examples of how some other country's criminal law handles the same
circumstances.

~~~
walshemj
There was a BBC program a couple of years back on secret services MI5/6 and
they contrasted how we do it in the UK and The USA.

One example was an IRA arms dealer caught bang to rights actually at the
buying point he got off on a tiny technicality - whereas the amount of stuff
that the FBI where allowed to do was interesting and slightly disturbing.

It might have been on PBS or BBC America at some point

------
bernardom
Given the conversations here[1][2] on how PR firms plant articles all the
time, I've been thinking a lot about who benefits from each article I read in
the NYT.

This one seems like a very obvious benefit for the FBI. The government wants
it well known that "look, if you really cooperate we'll totally definitely let
you go later." Of course, all the cases where the defendant cooperated and
still went to jail don't make the media.

[1]
[http://www.paulgraham.com/submarine.html](http://www.paulgraham.com/submarine.html)
[2]
[https://news.ycombinator.com/item?id=2532759#up_2532885](https://news.ycombinator.com/item?id=2532759#up_2532885)
[3] There are others, too lazy to list.

~~~
Zigurd
A lot of "news" consists of swallowing an official position whole. It's nicely
packaged. The journalists are dependent on access. Why rock the boat?

------
mpyne
Remember guys... this ("rolling" captured suspects to unwind a large criminal
network) _is_ the "good old-fashioned police work" you all say that the NSA
should be doing instead of using surveillance.

~~~
munin
I think HNs idea of old fashioned police work is a Victorian Bobby
interrupting a back alley mugging by saying "wots all this then", and anything
else is Stalinist

------
codesuela
The article tries to frame him like a noble hacker who turned to the good side
but in fact he remains a backstabbing snitch. Does anyone here have respect
for what he did?

~~~
rayiner
The "snitch" concept is not just adolescent, but harmful. There's nothing
morally wrong with trying to atone for past bad actions by exposing other
criminals.

~~~
pyre
> The "snitch" concept is [...] harmful.

That's the point. The idea is that one should 'fall on the grenade' to protect
his criminal comrades. When he instead throws _them_ to the wolves to save
himself, people get up-in-arms about it.

Though it's not all that surprising. It's sort of like whole 'honor among
thieves' ideal. When you throw in with a bunch of people that are willing to
'colour outside the lines,' sometimes the lines that they cross will not
_just_ be the lines drawn in the sand by the law, but the lines that you
yourself draw in the sand.

~~~
rhizome
_When he instead throws them to the wolves to save himself, people get up-in-
arms about it._

Well, there's a reason why it's called "defection" in the Prisoner's Dilemma.

~~~
smsm42
PD doesn't apply here though - Monsegur got much better deal than if he had
not cooperated.

~~~
rhizome
That's part of the premise of PD, though. Am I misunderstanding something?

~~~
smsm42
No, PD is that if both cooperate, the result is negative. That's what makes it
a problem. But in the case of Monsegur, if any of the others would cooperate
with the FBI too, it wouldn't do much difference for him, as he already did
his job in catching them, so there's no downside in cooperating.

~~~
rhizome
Well, PD is also that if both refuse to cooperate, the result is also
negative. It just turns out that there were different penalties for the same
crimes.

~~~
smsm42
Same crimes, but not the same behavior after crime.

------
Rancidcoleslaw
For anyone that doesn't know, "We Are Anonymous" was an interesting read
chronicling this whole event. I enjoyed it.

