

Call Yourself A Hacker, Lose Your 4th Amendment Rights - conductor
http://www.digitalbond.com/blog/2013/10/22/call-yourself-a-hacker-lose-your-4th-amendment-rights

======
tptacek
The Digital Bond blog, which covers the computer security subfield of SCADA
assessments, is spinning this story pretty hard, which I think you'll see
pretty quickly if you skim the actual court order.

What's happening here is that Cory Thuen, a former developer of a network
security product called Sophia at a company called Batelle, was fired (he did
not "leave") apparently after it was determined that he was making a personal
copy of Sophia called Visdom that he planned on open sourcing. When Thuen went
on to start his own company to release Visdom (Southfork), Batelle sued for
copyright infringement.

Two things are happening at this point in the story, if I'm following it
right. First, Batelle has prevailed in a preliminary injunction ordering Thuen
to take down Visdom. It did so by making a showing that convinced the court it
was likely to prevail in its suit, and that argument included admissions from
Thuen that he had copied at least some of Sophia.

Next, Thuen is being ordered to comply with discovery in the suit. Hard drive
images are standard ESI evidence in cases like these; it is not at all weird
that a court would order an image of a hard drive. The idea that an adversary
in a civil proceeding might get access to content like this isn't at all
weird; it's a basic result of the Federal Rules of Civil Procedure.

There are two wrinkles to this case:

First, the court ordered that Thuen be served with the demand for his computer
without prior notice. According to the order, this is something that the court
can do in extreme situations to prevent evidence from being spoiled. The
reasoning the court used here is janky: Thuen claimed to be a "hacker", and
the court hung its assessment that he might be likely to blitz his hard drive
on that.

Second, the court order _escrows_ the hard drive image with the court,
allowing Batelle's forensic expert to image the drive but not examine that
image; the court hasn't yet determined what access Batelle will have to the
image, but is instead taking steps to ensure that the image is available
should it be needed.

Once again: hard drive images are not an unusual product of civil discovery.
You do not have a "4th amendment right" to avoid civil discovery.

The "hacker" thing is facially ridiculous. But contra Digital Bond's claim,
"hacker" didn't enable the hard drive imaging to occur; that was going to
occur during discovery no matter what. Instead, "hacker" changed the prior
notification procedure used to obtain the image.

~~~
mpyne
> When Thuen went on to start his own company to release Visdom (Southfork),
> Batelle sued for copyright infringement.

I have no idea as to the merits of the case, but I find it funny how liberally
some OSS types feel with regard to copyright.

At least for GPL advocates, copyright is a feature, not a bug. "Copyleft" may
very well be just a hack of copyright law, but it _depends_ on strong
copyright to work at all. That's why so many Free and open source software
projects take the progeny and licensing of source code so seriously. It's not
simply that we wish to comply with the law, but that the laws regarding
copyright are essential to the ecosystem as a whole.

~~~
tsaoutourpants
I think you overestimate the necessity of copyright law to the open source
community. Even if the community could not legally force people to play fair
with open source code (by releasing modifications, not charging, or whatever
the terms are), people would still continue to write it.

~~~
reginaldjcooper
Source: BSD and MIT-licensed software.

(Unless I'm misunderstanding, you _can_ charge for GPL software, you just
cannot charge for the source once they've got a binary. You also can use your
own fork of GPL on your hardware without releasing any source.)

~~~
nitrogen
You _can_ charge a reasonable distribution/duplication fee for GPL source
code. The early FSF funded itself by selling several hundred dollar copies of
GNU (apparently that took a lot of tapes back then).

See [https://www.gnu.org/licenses/gpl-
faq.html#DoesTheGPLAllowMon...](https://www.gnu.org/licenses/gpl-
faq.html#DoesTheGPLAllowMoney)

------
anigbrowl
No 4th amendment rights were lost. A warrant was issued, which is provided for
in the 4th amendment and whose issue can be challenged in court. The 4th
amendment is designed to protect you from _warrantless_ seizures. It does not
confer any right to frustrate the issuance of a warrant.

Challenged does not mean 'prevent'ed it can be argued later as a matter of law
that the warrant should not have been issued, and that the evidence acquired
as a result is inadmissible. Courts do not have to give defendants the benefit
of the doubt in matters of evidence collection because a) procedures exist to
challenge the admission of that evidence at trial and b) it's a sad but true
fact that a lot of people do in fact attempt to destroy evidence; where they
have both motive and capacity to do so, seizure is justifiable. Spoliation
(the legal term for destruction of evidence) is a big problem in litigation.

~~~
davorak
>Challenged does not mean 'prevent'ed it can be argued later as a matter of
law that the warrant should not have been issued, and that the evidence
acquired as a result is inadmissible.

This is not the case and it is called the "good faith" exception. The police
officers when acting in good faith under a warrant that is latter found to
invalid does not make the evidence inadmissible.

Given this do you now believe there is good reason to fight back against
unreasonable warrants?

~~~
mpyne
Keep in mind that the whole point of the 'exclusionary rule' being discussed
here it to ensure that law enforcement _does_ maintain the Fourth Amendment
rights of a suspect by going through the due process procedures needed to
obtain a warrant before conducting a search and/or seizure.

The whole point to the 'good faith' exception to the 'exclusionary rule' is
that in such a case, the detective _had_ complied with the Fourth Amendment,
the issued warrant passed some "smell tests", etc. Therefore it doesn't make
sense to _automatically_ "punish" the government (and society) and let people
go free under the 'fruit of the poisonous tree' principle, since law
enforcement wasn't the one at fault in that scenario, but rather the judge who
issued the warrant.

However, the 'good faith' exception is a _possibility_ , not a mandate. The
appellate judge can certainly decide that the evidence obtained under a
warrant which is later deemed inadmissible should be excluded completely. All
that the 'good faith' exception means is that the appellate judge doesn't
_have_ to exclude all that evidence; rather they can exclude what they deem
essential toward meeting the interests of overall justice and fairness before
remanding the case back to trial.

Either way, fighting back against "unreasonable warrants" is almost
axiomatically a good idea; I don't think _anyone_ wants "unreasonable
warrants" floating around in the justice system. I find it hard to feel too
bad for people who really committed a serious crime and left evidence to that
effect though. The Bill of Rights is designed to protect the innocent from the
government; that it also gives shielding to the guilty is the price that
society has to pay, but that doesn't mean you should rely on such a shield
being present if you commit a crime :P.

------
vampirechicken
From now on I'm going to refer to myself as a judge.

------
alexeisadeski3
Didn't think that there was much of the 4th Amendment left to lose.

