Hacker News new | comments | show | ask | jobs | submit login

Attempting to tie what he did to violating the security of the defense industry is not helping your position.

I'm trying to counter this notion that MIT is a place where information runs free and people are encouraged to explore to their heart's content. The fact that MIT is a billion-dollar defense contractor means that its culture of freedom and openness necessarily exists within well-defined boundaries. Judging from its reaction, MIT clearly felt that those boundaries had been crossed.

From the perspective of a prosecutor, what do you do in that situation? Can you not see how the nature of MIT as a major defense contractor would color an outsider's view of the situation? Do you honestly think the prosecutor would have acted similarly if Swartz had plugged into the network of a sports bar?

I shouldn't have to point this out, but again, I'm not saying that 50+ years or whatever would've been an appropriate punishment for what happened. I'm in fact quite sympathetic to the problem of overly aggressive laws re: network security. But I think it's willful blindness to paint this situation as someone doing something totally harmless and every day and being totally unable to comprehend why anyone would react differently.

It's odd that you're hilighting MIT's status as a defense contractor, when their primary role should be as a university. MIT is also able to draw remarkable talent in part because they have fostered a culture that challenges the concept of boundaries; if MIT now lacks the technical fortitude to deal with their network security in anything other than a litigious fashion, then they have fallen very far indeed from their reputation.

Further, if the cost of MIT's status as a defense contractor has indirectly been the death of one of the bright individuals in the very field that MIT holds the most prestige, then I think the cost is too great.

The U.S. is not a country that really believes in the idealistic rhetoric about academia that people sometimes indulge themselves in. Universities are, in the U.S. firmly entrenched in various massive complexes: defense, pharmaceuticals, agriculture. They are cogs in the engine of industry. Anyone who thinks these major research universities are anything other than the establishment are naively optimistic. Nobody gets a billion dollars of DOD money each year without being thoroughly part of the establishment.

Now, that does not mean that MIT does not or cannot foster a culture that encourages challenging boundaries. It just means that there are firmer boundaries further out from the playground in which the undergraduates play.

MIT says: "MITnet is an open network. There are no network firewalls, or network filter restrictions, and computers connected to MITnet are given network addresses that are accessible by the public Internet." (http://ist.mit.edu/security/authentication). This is the soft boundary. They're not going to prevent you from running bittorrent. But that doesn't mean it's unregulated. It has terms of use: http://ist.mit.edu/network/rules. Of the six central tenants, one is: "Don't misuse the intellectual property of others." It gets higher billing than: "Don't use MITnet to harass anyone in any way." That's the hard boundary. Better not use bittorrent to download copyrighted materials!

I think that explains MIT's reaction in this situation. Going into the closet to plug into the network came too close to breaching that hard outer boundary for the University's taste.

And to circle back to my other point: MIT's status as massive defense contractor colors how other people perceive what happens there. When the prosecutors in the DOJ think of MIT, they don't think of a place where students are encouraged to "challenge boundaries." They think of it as a place that does critical research often on very sensitive subjects--a vital part of the national infrastructure. Please tell me you understand why someone would be more sensitive to a network intrusion at MIT while operating under the latter premise than under the former.

I have no idea how you think you can get away with describing what "the U.S." believes as though it supports your point. Your entire argument here seems to depend on this absurdly shallow fiction of universities as being nothing more than aspects of corporate and military development. I already disputed this, and you doubled down on it without saying anything new.

What you're saying about MIT's network policies doesn't even help your point, it helps mine, unless you actually believe that e.g. running BitTorrent on MIT's network should justify really stiff penalties just because of some DoD involvement in other parts of MIT's network.

By the way, one of our clients has been on-and-off-again funded by the DoD, and we are directly responsible for their network, and we were audited by representatives of the army not too long ago. So, I do have some notion of the expectations for network security in such an environment, and I can tell you that everyone that matters there -- including the Army -- would think I was insane if I suggested that the unauthorized use of the network there to download paywall'd scientific journals should be a felony offense, or one that should result in any jail time at all.

Whether or not MIT's status as a defense contractor "colors" other people's decisions or not is irrelevant. What has been under discussion is whether or not those decisions were reasonable and proportionate to the crime committed, and you are doing absolutely nothing to argue that point.

Your profile claims that you are both a lawyer and an engineer, but bewilderingly, you don't seem to be accounting at all for what Swartz was actually doing. You seem to be making an argument that, because there were sensitive portions of MIT's network, even though it was established that Swartz was not accessing or attempting to access those portions, it's somehow justifiable to punish him as though he were. If that is your argument, I think you ought to reconsider that condescending tone on your last line.

If your point is that any unauthorized access, either of facilities or network closets, at MIT should be prosecuted more heavily merely because of MIT's DoD involvement, then let me again circle back to my point, which is that such policies are completely at odds with the ideals that made MIT an attractive talent pool for the DoD in the first place.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact