
Feds visit artist behind People Staring at Computers, confiscate laptop - th0ma5
http://eyeteeth.blogspot.com/2011/07/feds-visit-artist-behind-people-staring.html
======
blhack
Pardon the language, but what a jackass. Walking into the apple store doesn't
mean that I want to have my photo on your website. I think the "but you were
in a public space!" people need to cool it a little bit; maybe them and the
"if you have nothing to hide!" people should get together and take a vacation.

This is just incredibly discourteous. Being public to the people in my
immediate vicinity, and being public to the billions of people on the internet
are not the same thing.

Having his laptop taken is obviously not really an appropriate response.

~~~
rospaya
Unpolite yes, but not enough to warrant a visit from the Secret Service.

~~~
tptacek
Hence "Having his laptop taken is obviously not really an appropriate
response".

------
ja27
The article mentions Title 18 Section 1030 - probably (a)(5). He could
potentially be prosecuted (a federal felony) for accessing a computer
connected to the internet without permission. Since it wasn't a computer owned
by the U.S. government or anything special, I think they need to show that he
exploited his access for financial gain or that the damages exceeded $5,000. I
can't imagine removing his program from a dozen macs would exceed $5,000, but
they could try to show that. My guess is that unless there's more to this
story, this won't result in a prosecution.

~~~
JackStraw
(6) knowingly and with intent to defraud traffics (as defined in section1029)
in any password or similar information through which a computer may be
accessed without authorization, if— (A) such trafficking affects interstate or
foreign commerce; \- 1029. Fraud and related activity in connection with
access ¬devices

If section 1030 doesn't fit, 1029 certainly does.

How can you honestly think this won’t be prosecuted? He installed spyware on
over 100 computers (Apple will have to come down hard to deter future
instances of this nature and push for prosecution).

The “artist” has also publicly admitted to doing so and provided the
prosecution with more than enough evidence to see this through. It wasn't but
an hour ago that the supposed “artist” received word from the EFF that he
should just shut his mouth.

~~~
fleitz
The computers were setup in mind with visitors being able to access them, he
accessed them. The software he wrote would not require elevated privileges. He
even asked a security guard whether he had permission to photograph in the
store.

I fail to see how it's unauthorized, also the recordings were made in a public
space where there is no expectation of privacy. Even if privacy could be
argued in a public space, I'm sure the Apple stores / malls have the requisite
notices that people are being recorded, should they think they are not.
There's a decent chance of a good defense.

It's going to be difficult for Apple to argue that the computers were not
meant to be used this way, infact Apple provides software (Photobooth) to take
pictures and upload them to the internet on its computers.

Are the feds seriously trying to assert that Apple had no idea how to
configure their computers to enforce their access policy? Even if they
couldn't figure this out a simple piece of tape over the camera would suffice.

If Apple doesn't want people doing this to their computers they should post
notices that one should not access their computers until they have read and
signed the acceptable use policy.

~~~
chopsueyar
You're right. As long as the security guard said is was okay.

I mean, it is a public space, paid for by our tax dollars, owned and run by
the local government.

~~~
JackStraw
Let’s be clear about the known facts: 1) McDonald claims he received
permission from a security guard, but I didn't see any evidence or video proof
to support this assertion. 2) McDonald claims he received permission from the
security guard, but he fails to provide any information for what he was
approved to do. -Clearly, filming from a public space, outside and apple store
through a window and into an apple store is not really the central point here
(policies of this nature would be the purview of the mall – and that's not
even clear!) \- McDonald, apparently, was filming within an apple store,
which, correct me if I am wrong, is not technically a public space since it is
a commercially zoned space, paid for by apple. \- McDonald provides no
information to suggest that he received authorization to film apple customers,
likely a violation of apple store policy and security regulations. Last I
checked, I didn't see a sign informing customers that by entering this apple
store you waive your right to protest apple’s right to use your image for
free. Ya, that’s right cause it doesn't exist. Apple security monitoring of
clients in stores seems pretty straight forward and in line with any other
retail outlet.

Accesses: I would argue it’s not an issue of access but the fact that he
installed a program on these computers. Even if the terminals did not require
elevated privileges (which you will see apple change in the coming days), it
is the unauthorized introduction of a program, which violates the law. Again,
access doesn't mean permission to augment settings.

Additionally, it is interesting to note “12 states require, under most
circumstances, the consent of all parties to a conversation. Those
jurisdictions are California, Connecticut, Florida, Illinois, Maryland,
Massachusetts, Michigan, Montana, Nevada, New Hampshire, Pennsylvania and
Washington.” It is conceivable that the spyware in question infringed upon
privacy laws in these states. That would be another charge.

Photobooth has little to do with this situation as far as I can tell. Did
customers agree to the service agreement or terms of service when demoing the
computer? Answer, no. Because apple had no intention of allowing those
pictures to be uploaded to the Net, right? Did these customers sign or
digitally endorse a new kind of privacy policy that was presented by apple in
order to use the demo computer? Answer, no. I mean really. Even if they did,
would apple have been in a position to inform customers about potential
spyware applications that were maliciously added to the demo computers?
Answer, no. I mean come on.

This is pretty clear, cut and dry. Whether or not McDonald is using art to
cover his tracks or whether he is really that ignorant is best left to the
courts. I am sure he can plead out, but he definitely gets zero sympathy from
me.

~~~
ja27
Based on the fact that this is a federal investigation and the warrant
specified Title 18 Section 1030, this has nothing to do with the rights of the
people in the photos. I also don't think the potential charges have anything
to do with wiretapping or capturing any data. It's all about unauthorized
access to Apple's computers. It's a federal case not because of anything
actually crossing state lines but because the computers are connected to the
internet and therefore could potentially be involved in interstate commerce.

I think it's really important that people understand how easily you can cross
that line and end up in deep legal trouble. What's the legal difference
between this and if I walked into an Apple store and installed my latest iPad
app on a few display models?

~~~
JackStraw
We havent seen the warrant. We have only been told one charge the "artist"
claims. That to me doesn't paint a holistic picture of reality.

The criminal statute on unauthorized access seems pretty clear so perhaps
McDonald 'just' violated that as a standalone matter. If so, ok - next (jail).

To answer your question about the difference between this and your scenario is
best summed up by the arrival or lack thereof the Secret Service.

Agree, it is very important for folks to better understand how easy it is (for
some) to cross the line into legal trouble. The EFF provides a few solid
overviews on these issues. Would avoid these waters in general, but I
digress...

------
guelo
IANAL but here's my argument if I was his defense lawyer:

When you walk into an Apple store Apple openly invites you to use their
computers. There are no instructions on what you are and are not allowed to do
on the computers, no warnings against installing software or that specific
types of programs are not allowed to be installed. The computers are mostly
not locked down, the fact that Apple wipes the computers every night shows
that Apple expects customers to use the computers in anyway they see fit.
Apple's open invitation to use the computers means it is not possible to
"trespass" onto these computers.

An Apple store contains hundreds of cameras, the cameras are prominent
features in most of the devices and customers will be aware of them. Customers
routinely take pictures of each other, of the employees and everything in the
store. While using the cameras, they test uploading pictures to internet
services such as email, Facebook, and others. There is no expectation of
privacy and any reasonable customer should expect that their picture might be
taken and uploaded to the internet.

~~~
sorbus
Apply the same logic to using computers in an Apple store to launch a DDOS.
You hardly have to change your argument, and yet it reveals how absurd it is.

~~~
guelo
There are specific laws against launching a DDOS. What law are you suggesting
he violated?

~~~
tptacek
What law are you referring to?

~~~
guelo
DDOS attackers are charged under the Computer Fraud and Abuse Act. They
charged one of the kids from the Anonymous DDOS on Scientology with
"unauthorized impairment of a protected computer in violation of 18 U.S.C. §
1030 (a) (5) (A) (i), (B) (i)."
[http://secretdox.wordpress.com/2008/10/18/usa-v-guzner-
plea-...](http://secretdox.wordpress.com/2008/10/18/usa-v-guzner-plea-
agreement-for-defendant-dmitriy-guzner/)

I realize this is the same statute that they are going to come after this guy
but they couldn't get him for impairment of a protected computer. They would
have to try charging him for unauthorized access, but my point is that Apple
is implicitly authorizing everyone in their stores to access their computers.

------
rfrey
_Now it appears that project may be in jeopardy._

The "project" would be the least of my worries.

------
JackStraw
How did the "artist" get the photos off the webcam?

~~~
itg
Installing spyware on the computers at the apple store. This is a very one-
sided and dishonest blogpost since they leave out a lot of information.

[http://mashable.com/2011/07/07/secret-service-apple-store-
ar...](http://mashable.com/2011/07/07/secret-service-apple-store-art-2/)

~~~
JackStraw
Ha! “McDonald set up roughly 100 Apple store computers to call his servers
every minute.” Better get a real good attorney buddy, get your affairs in
order, and give your cat to your mom, cause boy you are in a lot of trouble.

~~~
ams6110
On the plus side, he could probably get a job with that school system in
Pennsylvania. He seems qualified.

~~~
chopsueyar
_rimshot_

------
cheez
So the guy used the store's property without their permission. He installed
his own software on their computers and contacted his own servers. And then he
advertised it.

Come on dude, be a grownup. This is the behaviour of a jackass, to quote the
top comment.

Now why the SS is involved (see what I did there? haha) I don't know. Maybe
they don't like non-government sanctioned backdoors in Apple computers.

------
napierzaza
Just wait until this happens and it's not an artist who did it. Everyone here
saying it's no big deal will do a 180. It's not his intent but his actions.

~~~
jamesbritt
_... and it's not an artist who did it._

Define "artist."

Best I can tell it's "someone who who declares 'I am an artist!'"

I don't have a problem with that, but I am skeptical of people trying to
excuse arbitrary behavior by hiding behind "But it's art."

------
dreamdu5t
We have become a society obsessed with bureaucracy. We worship it.

