CNN, ABC: Arrest in hacking case of high-ranking Obama admin officials

posted at 12:41 pm on February 12, 2016 by Ed Morrissey

One hacking mystery has been solved — although it’s not the one that mattered most. The OPM hack exposed raw investigative files for cleared personnel and all of their personal data. The hacks into the personal e-mails of intelligence chief James Clapper and DHS Secretary Jeh Johnson were more embarrassing than substantively damaging, or so the Obama administration claimed. Now British authorities have arrested a 16-year-old suspect in the hackings and may face extradition to the US, ABC News reported this morning:

British authorities, with help from the FBI, have arrested a teenager they believe is behind a series of cyberattacks targeting some of the highest officials in U.S. government, two sources with knowledge of the matter told ABC News.

Authorities are trying to determine whether others may have been involved, the sources said. The 16-year-old has not been named.

For the past several months, a group calling itself “Crackas With Attitude” has been disclosing private information associated with such high-ranking officials as CIA Director John Brennan, Director of National Intelligence James Clapper, Homeland Security Secretary Jeh Johnson.

Information about rank-and-file employees working for the FBI, Justice Department and the Department of Homeland Security were posted online this week, though sources described the pilfered information as amounting to an internal phone directory.

According to CNN, this suspect may also have conducted the hack and exposure of the names of 20,000 FBI employees earlier this week. That expedited the arrest, CNN reports, because investigators believe that the suspect got access to more damaging data:

This week, the latest target became apparent when personal details of 20,000 FBI employees surfaced online.

By then a team of some of the FBI’s sharpest cyber experts had homed in on their suspect, officials said. They were shocked to find that a “16-year-old computer nerd” had done so well to cover his tracks, a U.S. official said.

Investigators also found the intruder had gotten access to a shared computer drive with sensitive documents, such as some related to investigations and legal agreements in the works.

That prompted law enforcement officials to seek an arrest more quickly.

Motherboard, which broke the news of the latest hack on the Departments of Justice and Homeland Security, claims to have been in touch with the arrested teen:

On Wednesday night, Motherboard spoke to the teenager accused of being Cracka. “I got [expletive] v&,” he told Motherboard, using “v&,” the slang for “vanned,” or getting arrested. (At this point, the arrest had not been made public.) “They’re trying to ruin my life.”

The teenager said authorities arrested him on Tuesday, and are accusing him of the attacks on Brennan, White House officials, and the recent hack on the Department of Justice, which resulted in the publication of the names and contact information almost 30,000 FBI and DHS employees.

The alleged hacker, who declined to reveal his real name, said he refused to answer any questions from the police, and was subsequently released on bail after spending 7 hours in a cell. He also denied being Cracka, saying “I’m not who you think I am ;) ;) ;)”

“I’m innocent until proven guilty so I have nothing to be worried about,” he said, adding that the authorities seized this electronic devices, but he could still use the internet from a relative’s device.

That sounds more like bravado than reality. CNN notes that a Twitter account believed to be controlled by the hacker put out this request on Wednesday: “Anyone got a good lawyer?!?!?”

Extradition in this case could be tricky. Normally there would be little issue between the UK and US on extraditing suspects for any crime, but extraditing a minor may be a lot more difficult. The UK could charge and try the suspect instead, given that the crime took place in their country. That might make it easier in the long run, as long as the US could be satisfied that the hacker would not gain access to the Internet for a very long time.


Related Posts:

Breaking on Hot Air

Blowback

Trackbacks/Pings

Trackback URL

Comments

Tells you all you need to know about the quality of IT people the Federal government hires.

ConstantineXI on February 12, 2016 at 12:45 PM

CNN, ABC: Arrest in hacking case of high-ranking Obama admin officials

LOL I read that first as “Arrest […] of high-ranking Obama admin officials”.

LashRambo on February 12, 2016 at 12:47 PM

No sympathy.

cozmo on February 12, 2016 at 12:48 PM

So it’s cool to start “warehousing” people again?

artist on February 12, 2016 at 12:48 PM

OT: Trump Meets the Honeymooners

TXUS on February 12, 2016 at 12:48 PM

Count one: Crimes against the elite.

artist on February 12, 2016 at 12:49 PM

If only Hillary’s IT staff hadn’t been so busy.

hal_mccombs on February 12, 2016 at 12:51 PM

No sympathy.

cozmo on February 12, 2016 at 12:48 PM

It was always hard for me to understand why sitting at your keyboard and visiting places on the internet would be illegal. Seems to me each person is responsible for their own data security at that level. Would be like a law against walking in the woods, picking a pot plant and smoking it. I guess there is such a law! Now if you wrote a computer program to systematically hack some data, I could see intent there, and a crime. But not just looking at public available data.

Now, reposting it, as he did, OK. That might be a crime.

LashRambo on February 12, 2016 at 12:54 PM

The government can’t even protect itself against a 16 year old hacker….?

d1carter on February 12, 2016 at 12:54 PM

The hacks into the personal e-mails of intelligence chief James Clapper and DHS Secretary Jeh Johnson were more embarrassing than substantively damaging, or so the Obama administration claimed. Now British authorities have arrested a 16-year-old suspect in the hackings

And yet we are to believe that nobody had their way with Blue Clinton’s illegal server.

Happy Nomad on February 12, 2016 at 12:54 PM

Send him to Moscow — he’d make a good roommate for Mr. Snowden.

unclesmrgol on February 12, 2016 at 12:54 PM

Hillary’s server was secure though. Yep. The Russians,NoKos,Iranians didn’t breach it. Nope. No way.

libfreesMom on February 12, 2016 at 12:55 PM

“Crackas With Attitude”

…LOL…where are the BLM people when you need them…

Pelosi Schmelosi on February 12, 2016 at 12:55 PM

The government can’t even protect itself against a 16 year old hacker….?

d1carter on February 12, 2016 at 12:54 PM

…maybe the govt should be offering jobs to 16 y.o. hackers…Obama can’t create jobs for them anyway…might get them outta mommies basement…

Pelosi Schmelosi on February 12, 2016 at 12:57 PM

Why not give him a job

gxbhkt on February 12, 2016 at 12:59 PM

So did the guy they arrested actually do the hacking? Or did he just post a video on YouTube critical of Islam?

JohnD13 on February 12, 2016 at 12:59 PM

Count one: Crimes against the elite.

artist on February 12, 2016 at 12:49 PM

Too bad he didn’t hack every artist and share it all for free to everyone. No artist should be allowed to make a dime off of their art, because… well… power to the people!

Neitherleftorright on February 12, 2016 at 1:03 PM

Would be like a law against walking in the woods, picking a pot plant and smoking it.

LashRambo on February 12, 2016 at 12:54 PM

The woods are on private property, the punk tossed the roach into some dried leaves, burning down the forest and several nearby homes destroying many lives. He filmed the whole thing then bragged about it.

No sympathy.

Let him play minecraft or surf porn like everybody else does.

cozmo on February 12, 2016 at 1:03 PM

Why not give him a job

gxbhkt on February 12, 2016 at 12:59 PM

Without a college degree?
Are we now heathens?
Everyone knows that university is what makes you intelligent, just ask the educators indoctrinators.

Neitherleftorright on February 12, 2016 at 1:05 PM

Why not give him a job

gxbhkt on February 12, 2016 at 12:59 PM

Zakly. He needs house arrest, an unlimited supply of hot pockets and some Frank Abagnale style supervision.

trubble on February 12, 2016 at 1:06 PM

LashRambo on February 12, 2016 at 12:54 PM

Hmmm… I think I see your point. Why is it against the law for someone to go into one’s house and eat their food, if they left the front door open and the refrigerator unlocked? One should be responsible for one’s own security and maintain it, if one didn’t, no harm, no foul.

Neitherleftorright on February 12, 2016 at 1:09 PM

A Brit eh!
————–

CIA DIRECTOR’S EMAILS HACKED
1m

Police say 16-year-old arrested in East Midlands, England, over alleged hacking of CIA director John Brennan – The Daily Dot
read more on dailydot.com
=========================

http://www.dailydot.com/politics/cracka-hacker-cia-john-brennan-email-arrested/

canopfor on February 12, 2016 at 1:12 PM

Way to build up expectations with that headline.

hamiltmc on February 12, 2016 at 1:16 PM


Hmmmmm,:
——–

Here is the full statement from the South East Regional Organised Crime Unit:

“The South East Regional Organised Crime Unit (SEROCU) can confirm we have arrested a [16]-year-old boy on Tuesday (9/2) in the East Midlands on suspicion of conspiracy to commit Unauthorised access to computer material contrary to Section 1 Computer Misuse Act 1990, conspiracy to commit unauthorised access with intent to commit further offences contrary to Section 2 Computer Misuse Act 1990 and conspiracy to commit unauthorised acts with intent to impair, or with recklessness as to impairing operation of a computer contrary to Section 3 Computer Misuse Act 1990.”

http://www.dailydot.com/politics/cracka-hacker-cia-john-brennan-email-arrested/

canopfor on February 12, 2016 at 1:16 PM

It was always hard for me to understand why sitting at your keyboard and visiting places on the internet would be illegal. Seems to me each person is responsible for their own data security at that level.

LashRambo on February 12, 2016 at 12:54 PM

Agreed. The analogy I’d use would be walking down a street and peering through windows; it might be rude but it shouldn’t be illegal.

In this case the people who should be prosecuted are the people responsible for securing the data, because instead of keeping valuable government information safe they hung it up in public. If a child operating without any significant resources (at least not compared to state actors) can get the data then I’d say that is good evidence that they were, at the very least, criminally negligent.

Ultimately I guess that’s why we have laws to prosecute hackers: To protect the incompetent people in government from the consequences of their own failure.

YiZhangZhe on February 12, 2016 at 1:16 PM

The government can’t even protect itself against a 16 year old hacker….?

d1carter on February 12, 2016 at 12:54 PM

The government can’t even protect itself against untold 100,000’s downloading porn all day from their make work .gov job.

roy_batty on February 12, 2016 at 1:18 PM

All we need now is a Comet of Death and we are living You, Me and the Apocalypse.

LoganSix on February 12, 2016 at 1:19 PM

I have doubts about the Twitter statement. How many in England actually use the term lawyer? Solicitor and Barrister are the commonly used terms. Unless this twit watches a lot of Yank TV.

xkaydet65 on February 12, 2016 at 1:21 PM

Better hire him before the Chinese do.

Cleombrotus on February 12, 2016 at 1:25 PM

“They’re trying to ruin my life.”

No stupid, you did that entirely on your own when you hacked US Government computer systems.

oscarwilde on February 12, 2016 at 1:26 PM

A 16 year old kid hacked the CIA director, the Director of National Intelligence and the Head of Homeland Security. That really leaves good feelings about that totally unsecured Home Brew Mail server sitting in Hillary’s basement with the names of the foreign nationals on the CIA payroll. I’m sure nobody noticed that. I mean there is no way Gucifer noticed that mysterious mail domain when he hacked Hillary’s ‘Private Intelligence Provider and overall nitwit” Sid Blumenthal.

patches on February 12, 2016 at 1:32 PM

Mr. Noname McNobody gets arrested for unauthorized possession of secure US government information within days of discovery.

Well-connected political elite with classified information on unauthorized email server in her house jetting around the country with Secret Service protection.

Now that’s what I call justice.

BobMbx on February 12, 2016 at 1:35 PM

It was always hard for me to understand why sitting at your keyboard and visiting places on the internet would be illegal. Seems to me each person is responsible for their own data security at that level.

LashRambo on February 12, 2016 at 12:54 PM

Agreed. The analogy I’d use would be walking down a street and peering through windows; it might be rude but it shouldn’t be illegal.

In this case the people who should be prosecuted are the people responsible for securing the data, because instead of keeping valuable government information safe they hung it up in public. If a child operating without any significant resources (at least not compared to state actors) can get the data then I’d say that is good evidence that they were, at the very least, criminally negligent.

Ultimately I guess that’s why we have laws to prosecute hackers: To protect the incompetent people in government from the consequences of their own failure.

YiZhangZhe on February 12, 2016 at 1:16 PM

Hacking into someone elses computer is not just sitting at your keyboard visiting sites on the internet, and it is not peering through windows. It is the digital version of breaking and entry and burglary. Neither of which activities, I would presume you have any trouble understanding why are criminal offenses.

Ultimately I guess that’s why we have laws to prosecute hackers: To protect the incompetent people in government from the consequences of their own failure.

Are you attempting to suggest that not having the highest computer security is equal to leaving your information on the sidewalk? Because it is not, it is more akin to leaving it on your kitchen table and not locking your front door with 7 different locks.

That your computer is connected to the Internet no more makes it legal for someone else to access it, than having a sidewalk leading from your house to the street makes it legal for anyone who wants to to enter your house.

Your personal failure to have strong enough locks on your front door to prevent entry is not a legally accepted invitation for people to walk into your house and take whatever they wish. The same is equally true of your computer, it, and its contents are not public property.

oscarwilde on February 12, 2016 at 1:37 PM

It’s amazing how fast they can act when it’s them being attacked. When it’s the Democrats using the IRS to attack Conservatives it’s a whole different attitude.

When FBI Director Robert Mueller appeared before the House oversight committee he didn’t know which agent was leading the ‘investigation, he didn’t know how many agents were assigned to the investigation, he didn’t know it they had interviewed any of the victims, he didn’t know a single thing.

I was embarrassed for the good people at the FBI having to see him represent them. I also thought that it was a good thing Robert Mueller had a name placard in front of him in cast someone asked him his name he wouldn’t have had far to look to discover his name.

RJL on February 12, 2016 at 1:44 PM

“I’m innocent until proven guilty”? Surely no aware Briton would say that – at least since Operation Midland.

Surellin on February 12, 2016 at 1:48 PM

“They’re trying to ruin my life.”

Yeah, dipsh_t, that’s what happens when you do stupid crap like this.

LOL I read that first as “Arrest […] of high-ranking Obama admin officials”.

LashRambo on February 12, 2016 at 12:47 PM

My hopes, too, were dashed, upon reading the actual post.

GWB on February 12, 2016 at 2:04 PM

In this case the people who should be prosecuted are the people responsible for securing the data, because instead of keeping valuable government information safe they hung it up in public.

YiZhangZhe on February 12, 2016 at 1:16 PM

No they didn’t.

What you’re saying is essentially: Why are prosecuting that poor juvenile for stealing stuff from Grandma’s house? After all, she didn’t lock her doors. So, it was right out there, “in public”, for the taking!

GWB on February 12, 2016 at 2:06 PM

CNN, ABC: Arrest in hacking case of high-ranking Obama admin officials

What??? Hillary’s been arrested???

landlines on February 12, 2016 at 2:10 PM

LashRambo on February 12, 2016 at 12:54 PM

Hmmm… I think I see your point. Why is it against the law for someone to go into one’s house and eat their food, if they left the front door open and the refrigerator unlocked? One should be responsible for one’s own security and maintain it, if one didn’t, no harm, no foul.

Neitherleftorright on February 12, 2016 at 1:09 PM

Depends on where the analogy “go into one’s house” applies. In reality, a body in a house is trespassing, and eating their food is theft. What about standing on a public sidewalk and looking through a window at a woman undressing? Prurient, but I don’t think illegal.

The question for me is, does the conduct matter. The old philosophical “use” versus “mention” distinction. At one level, it’s just electrons bouncing around, digital ones and zeros.

To me the violation was posting the data publicly, like if you took a picture of the naked woman through the picture window while standing on the sidewalk, and then put it on the internet. But I still don’t see how looking should be a crime. Practically speaking it rarely is considered a crime, as if you don’t make the data public, then no one will ever know you got it in the first place.

LashRambo on February 12, 2016 at 2:11 PM

Your personal failure to have strong enough locks on your front door to prevent entry is not a legally accepted invitation for people to walk into your house and take whatever they wish. The same is equally true of your computer, it, and its contents are not public property.

oscarwilde on February 12, 2016 at 1:37 PM

You seem pretty sure of yourself. For me it’s more of a gray area. Maybe it’s because I like to poke around the internet and don’t think that should be considered a crime.

LashRambo on February 12, 2016 at 2:14 PM

To me the violation was posting the data publicly,

LashRambo on February 12, 2016 at 2:11 PM

If it was public, why the need to hack?

Neitherleftorright on February 12, 2016 at 2:16 PM

You seem pretty sure of yourself. For me it’s more of a gray area.

LashRambo on February 12, 2016 at 2:14 PM

This is only a gray area if you can’t grasp the distinction between “on the internet” and “on a computer connected to the internet”.

This is like the difference between “sitting on the side of the road” and “sitting in someone’s house, behind closed blinds, but they do have a driveway that connects to the road”.

The “looking through a window” analogy is without merit as you use it. If you’re “looking through the window” of someone’s computer that is connected to the internet, it’s because you crawled over the fence into their backyard.

Unless someone actually posts their computer as a server on the internet (and some people are ignorant enough to do exactly that), offering up their hard drive as an internet location, then you had to get onto their property to get in.
(That would be akin to putting a flashing neon “OPEN” sign in the window of your house and leaving the door unlocked and open. You can expect company if you do that.)
Your public thoroughfare stops the second you hit my ISPs gateway. You enter my private property the moment you pass the NID or cable connection at my house. Period.

GWB on February 12, 2016 at 2:29 PM

oscarwilde on February 12, 2016 at 1:37 PM
GWB on February 12, 2016 at 2:06 PM

The scenarios you each mention are sound enough, but not exactly the same, because they involve the taking of goods thereby denying their own of them. In this case only information has been taken.

If somebody writes up a list of ‘private’ information and hangs it inside their office/house and somebody standing on the public street sees and memorizes it, or even takes a photograph of it, and then republishes that information (or otherwise ‘uses’ it), how would you regard that?

If two people stand on the street and speak using some code (i.e. a form of encryption, and hence a form of ‘lock’) and somebody else overhears their conversation and works out what they were saying and publishes it, has that person offended against anything more than good manners?

If a civil-servant sits on a park bench, puts confidential documents on the floor and then covers them with his briefcase (i.e. takes positive action to hide them from view), puts a sign on it saying “national secrets, stay away” and then goes off to sleep and somebody comes along, lifts the briefcase (i.e. circumvents the protection) and reads the documents and then broadcasts the information, has the reader done anything wrong in law?

YiZhangZhe on February 12, 2016 at 2:35 PM

In this case the people who should be prosecuted are the people responsible for securing the data, because instead of keeping valuable government information safe they hung it up in public.

YiZhangZhe on February 12, 2016 at 1:16 PM

Ever watch the show “Bait Car”? Everyone who drives off in the “bait car” gets charged with Grand Theft Auto, even though the doors are open, the key is in the ignition, and the car itself is owned by the police department for the purpose of catching car thieves.

Here’s a mind bender…you walk into a bank on a Tuesday afternoon though the open and unlocked door. You hand the teller a note that instructs the teller to put all the cash in a bag. The teller informs you that the bank doesn’t have any cash in the drawers or the vault.

You walk out. Have you committed a crime?

BobMbx on February 12, 2016 at 2:39 PM

I know some young guys at a university in Colorado who were hired by the feds. They were instructed to hack into systems and then explain how they did it and how to fix the problems.

I can’t speak to whether this is a specific Obama administration problem but I have the feeling it’s going to be an ongoing problem.

Meremortal on February 12, 2016 at 2:39 PM

Tells you all you need to know about the quality of IT people the Federal government hires.

ConstantineXI on February 12, 2016 at 12:45 PM

It’s no different in private industry, trust me.

Tlaloc on February 12, 2016 at 2:44 PM

has the reader done anything wrong in law?

YiZhangZhe on February 12, 2016 at 2:35 PM

If the reader has a security clearance issued by any branch of the federal government, the answer is yes.

BobMbx on February 12, 2016 at 2:45 PM

Here’s a mind bender…you walk into a bank on a Tuesday afternoon though the open and unlocked door. You hand the teller a note that instructs the teller to put all the cash in a bag. The teller informs you that the bank doesn’t have any cash in the drawers or the vault.

You walk out. Have you committed a crime?

BobMbx on February 12, 2016 at 2:39 PM

I’d argue that that depends on exactly what was in the note, and how it was presented.

Note 1: I’d be ever so grateful if you could pop some cash in my bag.

Note 2: Would you be so kind as to fill my bag with cash.

Note 3: Please put the money in the bag and don’t say anything.

All three notes are polite but not equal in tone. Assuming that all three notes were presented politely without any kind of behaviour that would ordinarily be considered ‘menacing’, then I think it would be hard to claim that a crime had been committed.

The 1st note doesn’t even contain a request. The 3rd one is a request for kindness expressed in the form of money. The 3rd note begins to have a tone that could suggest that the presenter had a “criminal mind”. Is it strong enough for a conviction? Doubtful I think.

YiZhangZhe on February 12, 2016 at 2:57 PM

Ever watch the show “Bait Car”? Everyone who drives off in the “bait car” gets charged with Grand Theft Auto, …

BobMbx on February 12, 2016 at 2:39 PM

The person took goods, not information and hence the a crime was committed; I’ve no problem with that (although the use of bait cars seems to be of dubious morality to me).

If the reader has a security clearance issued by any branch of the federal government, the answer is yes.

BobMbx on February 12, 2016 at 2:45 PM

OK, I think I’d normally agree in that special case. What if the reader has not made any undertaking to keep government secrets secret?

YiZhangZhe on February 12, 2016 at 3:05 PM

Did the hacker get a copy of Obama’s university records and entrance applications (Obama or Soerto?), etc.

Hillary already released most of the top secrets…

albill on February 12, 2016 at 3:20 PM

The scenarios you each mention are sound enough, but not exactly the same, because they involve the taking of goods thereby denying their own of them. In this case only information has been taken.

YiZhangZhe on February 12, 2016 at 2:35 PM

Sorry, not good enough. IT’S NOT YOURS TO TAKE. What part of “personal property” do you not get? It IS NOT yours. You have no right to it in part or whole. It is MINE.

If somebody writes up a list of ‘private’ information and hangs it inside their office/house…?

If two people stand on the street and speak using some code…?

If a civil-servant sits on a park bench…?

Those aren’t even remotely analogous to this situation. You need to read what I wrote to Lash – these people DID NOT post the information where it could be read from the street. There are no windows. They did NOT leave it on a park bench. IT WAS ON THE GOV’T SERVER.

Again, the third “scenario” would be much better if you said he left it on his desk, inside the locked office, inside the building which requires an access card.

I’d argue that that depends on exactly what was in the note, and how it was presented.

YiZhangZhe on February 12, 2016 at 2:57 PM

Holy crap. What relativism! He attempted bank robbery. Period. As to whether it would stick in court would depend on the jury. You can get a lot of stupid people (people that reason like you do on this subject) on a jury.

GWB on February 12, 2016 at 3:23 PM

Maybe he can get into the California terrorists phone since the FBI cannot.

NoDonkey on February 12, 2016 at 3:32 PM

Holy crap. What relativism! He attempted bank robbery. Period. As to whether it would stick in court would depend on the jury. You can get a lot of stupid people (people that reason like you do on this subject) on a jury.

GWB on February 12, 2016 at 3:23 PM

The evidence that the witness known only as BobMbx presented to the court of HotAir comprised this:

“The defendant walked into a bank on Tuesday afternoon though the open and unlocked door. The defendant handed the teller a note instructing the teller to put all the cash in a bag. The teller informed the defendant that the bank didn’t have any cash in the drawers or the vault. The defendant walked out of the bank.”

Assumptions and hear-say are not admissible. What, exactly, is in that witness testimony that proves beyond reasonable doubt, an attempted bank robbery?

YiZhangZhe on February 12, 2016 at 3:44 PM

“But no doubt HRC’s home brew server was more secure. In fact, all of the government employees should have their own servers.

— tlaloc”

byepartisan on February 12, 2016 at 3:46 PM

oscarwilde on February 12, 2016 at 1:37 PM

You seem pretty sure of yourself. For me it’s more of a gray area. Maybe it’s because I like to poke around the internet and don’t think that should be considered a crime.

LashRambo on February 12, 2016 at 2:14 PM

I was a Cisco Certified Network Administrator, so yea, I am pretty sure of what I am telling you. While you are trying to defend your poking around, keep this in mind. Prisons all around the world are full of people who just like to poke around other people property, with no regard for where they do or do not have a legal right to be poking. They are also full of people, who while poking around other peoples property saw something that they decided to take home with them.

You can poke around any public domain on the Internet you want to, to your heart desires, and that is not a crime. It is analogous to driving around on a public road. The second you decide to poke around in a house or building that does not belong to you, then it is a crime.

Some buildings have areas designated for public access, stray from those public access area’s into private or restricted access area’s, and you are committing a crime. The Internet is the exact same way. If you have to bypass a security protocol to access some part of a public server, then you are breaking and entering on private property.

You don’t have to like this, in fact, whether you like it or not does not even matter. Hacker’s go to jail all the time. They go to jail for illegally accessing private area’s of servers, or for theft of Intellectual property, or for damaging private property. This happens every single day, and the courts see them exactly the same as they do criminals who physically break into a burglarize physical buildings.

You want to keep playing the “Hey I’m just a curious innocent individual” game, fine, whatever. That bullshit line hasn’t kept one single hacker out of prison. Just like it hasn’t keep one single peeping tom out of jail either.

Hey… I was just innocently looking.

Enjoy taking your risks, but do not pretend that you are innocent.

oscarwilde on February 12, 2016 at 1:37 PM
GWB on February 12, 2016 at 2:06 PM

The scenarios you each mention are sound enough, but not exactly the same, because they involve the taking of goods thereby denying their own of them. In this case only information has been taken.

If somebody writes up a list of ‘private’ information and hangs it inside their office/house and somebody standing on the public street sees and memorizes it, or even takes a photograph of it, and then republishes that information (or otherwise ‘uses’ it), how would you regard that?

If two people stand on the street and speak using some code (i.e. a form of encryption, and hence a form of ‘lock’) and somebody else overhears their conversation and works out what they were saying and publishes it, has that person offended against anything more than good manners?

If a civil-servant sits on a park bench, puts confidential documents on the floor and then covers them with his briefcase (i.e. takes positive action to hide them from view), puts a sign on it saying “national secrets, stay away” and then goes off to sleep and somebody comes along, lifts the briefcase (i.e. circumvents the protection) and reads the documents and then broadcasts the information, has the reader done anything wrong in law?

YiZhangZhe on February 12, 2016 at 2:35 PM

Look, I know you are a smart person, but your argument here is that of a uninformed individual.

a) Information is legally intangible private property. the notion that information just wants to be free (what you are asserting here) is both a logical and legal fallacy. Information does not want anything, it is not a sentient being, it has no will of its own. It is property, unless the rightful owner of that information makes it public, then the accessing of it without the consent of its rightful owner is intellectual property theft.

b) Your allegory of information obtained by photographing something through a window fails because said information has not been made public, it is in a place where the full expectation of privacy protects it, and therefore, photographing it from outside constitutes theft of intellectual property.

c) Your allegory of two people conversing on the street fails because people conversing in public have no expectation of privacy.

d) Your allegory of a public civil servant leaving classified information in a public place fails, because computers are not public places where there is no expectation of privacy.

Most importantly, all of your allegories fail because the information in question was contained on Government servers and not in the public domain. In order for the hacker to obtain that information they had to willfully and knowingly with a full forethought of malice bypass security protocols.

In other words, they had to break in in order to steal it.

In 1998, I took and passed the Cisco Network Administrators course. Believe me when I tell you this, no computer is legally defined as public property where there is no expectation of privacy.

They are all, regardless of being connected to the Internet, legally ethically and morally considered private property. Even servers, whether they be domain, email or data in nature are legally private property.

Every server has what is known as a public ect/ whatever is in that public ect/ is publicly accessible by by anyone authorized to access that server. This is the area where web pages and FTP directories are hosted.

Any part of that computer that is not in the public ect/, is private property, and accessing by anyone not authorized constitutes criminal cyber intrusion. Accessing any information that area, copying of that information, destroying that information, or adding information to that area is a criminal activity.

You may not like this, but that is the law. Breaking and entering does not constitute physical damage or theft, yet it is still a criminal offense. It is no less of a criminal offense online, then it is in your house.

The fact that you and LashRambo seem to have some degree of difficulty grasping the notion that information is private property unless its legal rightful owner makes it public is a bit disturbing.

oscarwilde on February 12, 2016 at 3:47 PM

Here’s the take away for this article. The highest levels of our government are defenseless against a 16 year old hacker living in his mother’s basement.

And HHS is collecting all the medical data from your doctors and hospitals that will make the NSA collection for our personal data seem like kid’s play (pun intended).

Think about it. The IRS can’t be trusted. The DHS, DoJ, ICE, and ATFA can’t be trusted. Obama can’t be trusted. And EPA, BLM, DoE, etc. can’t be trusted. The Department of Education can’t be trusted.

So the government wants to store all of our medical records with HHS. Great.

Do you really think some political activist there isn’t going to leak the medical records of political opponents or use those records to silence opposition.

We thought it couldn’t be done within the IRS. At least the IRS under Nixon refused to do his political dirty work, but the IRS under Obama seems fine with silencing political opposition.

The more data the government collects about us the more dangerous the government becomes to its own citizens.

BMF on February 12, 2016 at 4:14 PM

YiZhangZhe on February 12, 2016 at 2:57 PM

All three notes would still get you in trouble, if you took the money. Regardless of whether you asked politely or not, you are not allowed to take other peoples money.

Hacking into a private computer by circumventing passwords and other security measures is not simply logging in to a public computer. It is analogous to forcibly entering someplace that belongs to someone else without permission, breaking and entering. Taking the data and disseminating it is data theft. Companies and individuals spend lots of money trying to prevent data theft.

So it is not accurate to portray what was done in this instance as an innocent walk in the park where one happened upon unsecured data. But, even in that situation, it would at the least be theft, as the property taken did not belong to the one taking it, regardless of the circumstances.

Neitherleftorright on February 12, 2016 at 4:20 PM

Too bad they haven’t released the boy’s name. He will be a folk hero for taking the dirtbags down.

earlgrey on February 12, 2016 at 4:22 PM

They can track him down, from across the world, but Lois Lerner?

What computer, where, who, how. when…it’s lost…

right2bright on February 12, 2016 at 4:31 PM

Perhaps the Feds should hire this 16 year old nerd to build their IT security? Seems like he knows what he’s doing.
Does anyone on our team know how to build firewalls and anti virus programs? They all of the porn sites down pat, but forget security.

woodhull on February 12, 2016 at 4:52 PM

Love that English “hood” slang.

Do you think they can rap?

petunia on February 12, 2016 at 5:23 PM

The fact that you and LashRambo seem to have some degree of difficulty grasping the notion that information is private property unless its legal rightful owner makes it public is a bit disturbing.

oscarwilde on February 12, 2016 at 3:47 PM

Long response .. thank you. I’m sure I and LashRambo do understand what the law is. Also I expect both of us fully understand that sometimes, at least, information should be like ‘goods’.

For my part I’m not contesting what the law is but whether the lines of the law drawn in the right places.

Some of your assertions are not correct:

b) Your allegory of information obtained by photographing something through a window fails because said information has not been made public, it is in a place where the full expectation of privacy protects it, and therefore, photographing it from outside constitutes theft of intellectual property.

In the UK, i.e. where the arrest took place, that is not theft. Anything* that can be seen from a public place can be lawfully photographed, and those images lawfully published. I’m pretty sure that is the law in some other “common law” countries too because of cases I’ve read about.

(*Anything except “indecent children”).

Breaking and entering does not constitute physical damage or theft

I get your point about “theft” but “breaking” by definition is most certainly “damage” and that is what makes the entering criminal; “goods” have been damaged. Entering without breaking (i.e. common trespass) is not criminal; at least it isn’t in some jurisdictions. Under old English common law it was held that a person had a right to be anywhere that they could gain access to without “breaking-in”. Even today there are only a few situations in which trespass is criminal (on railway lines, airports, nuclear power stations, etc)

a) Information is legally intangible private property. the notion that information just wants to be free (what you are asserting here) is both a logical and legal fallacy. Information does not want anything, it is not a sentient being, it has no will of its own. It is property, unless the rightful owner of that information makes it public, then the accessing of it without the consent of its rightful owner is intellectual property theft.

Actually I wasn’t asserting any notion of information wanting anything. As you say, it isn’t sentient. What I was trying to open discussion of was your next point — what constitutes “making public”, and whether that line is drawn in the right place.

So, as noted above, in the case of photographing the inside of somebody’s house, the law would defend the photographer … the information is visible from the public place and the public commit no offence by looking at it, recording it or replicating it.

How should that apply to Internet servers? Particularly when the transaction between a client and a server takes the form of a request and an answer? This is unlike the trespasser on land or the photographer through the window, who ask no questions and get neither assent nor refusal. The Internet is the public street, the server is a private dwelling, but if the server makes information available to the public street on request, why should that be criminal?

Any part of that computer that is not in the public ect/, is private property, and accessing by anyone not authorized constitutes criminal cyber intrusion.

Exactly where the files are stored on the server is not necessarily known to the visitor and therefore that couldn’t be a test for criminality. (Moreover, anybody who makes “/etc” public is asking for trouble, but I digress). What constitutes authorization? If I ask the server for access and it grants access, how am I not authorized? Why should I not believe the server’s answer to my request? How could I possibly know that it had given me the “wrong” answer?

In order for the hacker to obtain that information they had to willfully and knowingly with a full forethought of malice bypass security protocols.

Malice is only your assumption. We cannot know what the hacker’s state of mind was.

The question of bypassing security is more interesting. What should constitute “bypassing”? If I am asked for a username and password, and I use ones that I have guessed or innocently acquired, and the server accepts them how is that different from wandering into a physical location using the unattended gate or the key that I found on the floor?

The questions are not merely for passing the time. Actually I think the “information” laws might be part of the security problem because perhaps people are relying on the threat of prosecution to discourage people from looking at data rather than considering how to make the data properly invisible to the public place.

I suppose my main thought about this is that when a minimally resourced 16-year old in another country is compromising national security as a hobby then pursuit of the child for its “law breaking” looks like a severe case of totally missing the point.

YiZhangZhe on February 12, 2016 at 5:24 PM

Too bad they haven’t released the boy’s name. He will be a folk hero for taking the dirtbags down.

earlgrey on February 12, 2016 at 4:22 PM

That’s a bizarre position to take. Who are you calling dirtbags here and how will this kid take them down?

Tlaloc on February 12, 2016 at 5:36 PM

Perhaps the Feds should hire this 16 year old nerd to build their IT security? Seems like he knows what he’s doing.

woodhull on February 12, 2016 at 4:52 PM

With tools like metasploit you really don’t need to know what you are doing, you just have to rely on human nature.

BTW have you updated your OS/Java/Flash/browsers with all patches? Most people haven’t.

Tlaloc on February 12, 2016 at 5:38 PM

All three notes would still get you in trouble, if you took the money. Regardless of whether you asked politely or not, you are not allowed to take other peoples money.

Neitherleftorright on February 12, 2016 at 4:20 PM

No I’m not. But I am allowed to ask for it, and they are allowed to give it to me, and if they give it to me then it becomes mine.

If money was actually handed over (and there was no coercion), and the money came from the bank drawer and not from the teller’s own pocket/purse, then I think the trial would revolve around whether a reasonable person should have known that the money was not the teller’s to give.

If no money was handed over, as BobMbx described, I can’t see how a conviction is possible. I’m not going to put this to the test though.

YiZhangZhe on February 12, 2016 at 5:47 PM

No I’m not. But I am allowed to ask for it, and they are allowed to give it to me, and if they give it to me then it becomes mine.

YiZhangZhe on February 12, 2016 at 5:47 PM

Yes you would still be committing theft. Because, you know that the money in the bank doesn’t belong to you or the person giving it to you. So if you take it and do not give it back that is theft. You have actively and knowingly engaged in taking someone else’ money even if it wasn’t through coercion.

Neitherleftorright on February 12, 2016 at 5:59 PM

In the UK, i.e. where the arrest took place, that is not theft. Anything* that can be seen from a public place can be lawfully photographed, and those images lawfully published. I’m pretty sure that is the law in some other “common law” countries too because of cases I’ve read about.

(*Anything except “indecent children”).

You assertion still fails, he did not take a photograph through a window, and though he was in the UK, the crime he committed was in the US. Ergo, his being extradited to the US.

Breaking and entering does not constitute physical damage or theft

I get your point about “theft” but “breaking” by definition is most certainly “damage” and that is what makes the entering criminal; “goods” have been damaged. Entering without breaking (i.e. common trespass) is not criminal; at least it isn’t in some jurisdictions. Under old English common law it was held that a person had a right to be anywhere that they could gain access to without “breaking-in”. Even today there are only a few situations in which trespass is criminal (on railway lines, airports, nuclear power stations, etc)

Sorry, you are mistaken.

breaking and entering

n. 1) the criminal act of entering a residence or other enclosed property through the slightest amount of force (even pushing open a door), without authorization. If there is intent to commit a crime, this is burglary. If there is no such intent, the breaking and entering alone is probably at least illegal trespass, which is a misdemeanor crime. 2) the criminal charge for the above.

What I was trying to open discussion of was your next point — what constitutes “making public”, and whether that line is drawn in the right place.

It doesn’t matter whether you think it was drawn in the right place or not. For the whole of human history this conflict has existed, what constitutes property, and who has the right to take it and under what circumstances. This canard of “Making Public” is just that a canard to cast into doubt the question of property and who does or does not have a right to it.

So, as noted above, in the case of photographing the inside of somebody’s house, the law would defend the photographer … the information is visible from the public place and the public commit no offence by looking at it, recording it or replicating it.

The law in the UK perhaps would, though, that is debatable as the UK has to uphold the EU’s privacy laws.

How should that apply to Internet servers? Particularly when the transaction between a client and a server takes the form of a request and an answer? This is unlike the trespasser on land or the photographer through the window, who ask no questions and get neither assent nor refusal. The Internet is the public street, the server is a private dwelling, but if the server makes information available to the public street on request, why should that be criminal?

I already explained that in detail. If you have to bypass a security protocol to access a area of the server that is not designated as public, then you are illegally intruding on private property. Try your bullshit line of reasoning at a brick and mortar business establishment. Yes, that is a legitimate allegory, a building partitioned into both a publicly accessible area, and a private property area.

Exactly where the files are stored on the server is not necessarily known to the visitor and therefore that couldn’t be a test for criminality. (Moreover, anybody who makes “/etc” public is asking for trouble, but I digress). What constitutes authorization? If I ask the server for access and it grants access, how am I not authorized? Why should I not believe the server’s answer to my request? How could I possibly know that it had given me the “wrong” answer?

Mens Rae. It is the most disingenuous assertion possible to say that when the server requested authorization before allowing you to access certain parts of it, that you did not know you did not have authorization. Merely having a valid password does not constitute authorization. Moreover, using any script, employing an exploit or using security bypassing software clearly constitutes mens rae that you are unauthorized to access what you are accessing.

You do not accidentally break a window, kick in a door or steal a key for the purpose of gaining illegal entry.

Malice is only your assumption. We cannot know what the hacker’s state of mind was.

The question of bypassing security is more interesting. What should constitute “bypassing”? If I am asked for a username and password, and I use ones that I have guessed or innocently acquired, and the server accepts them how is that different from wandering into a physical location using the unattended gate or the key that I found on the floor?

Malice is evident by the action, it is not assumed. You do not innocently guess or acquire a username and password to a system that does not belong to you. You are right, slipping in through a unattended gate or using a key you found are exactly the same, both constitute illegal entry.

The questions are not merely for passing the time. Actually I think the “information” laws might be part of the security problem because perhaps people are relying on the threat of prosecution to discourage people from looking at data rather than considering how to make the data properly invisible to the public place.

This is utterly irrelevant, breaking and entry, illegal entry, and trespassing are criminal actions regardless of the security precautions, or lack thereof, employed to prevent them.

I suppose my main thought about this is that when a minimally resourced 16-year old in another country is compromising national security as a hobby then pursuit of the child for its “law breaking” looks like a severe case of totally missing the point.

You have again made a profoundly disingenuous and dishonest assertion. This individual may well be a 16 year old, but he was anything but minimally resourced. He did not innocently or accidentally gain unauthorized access, he was highly educated in a form a cyber criminal activity and had the computer and Internet access required to engage in criminal activity. He knew exactly what he was doing and did so with a full forethought of malice.

For the entirety of human existence, criminals have had one significant overriding personal characteristic that they all share. That is a disregard for the rights and property of others.

Hackers are just like any other criminal, they do what they do because they believe they can get away with it, and because they have elevated themselves above the rights of their victims.

No, you really do not have a right to anyones elses property, whether it be tangible or intangible property, unless your acquisition of said property is by free consent of that property owner.

You have absolutely no legal right to enter my home, regardless of whether I have a lock on my door or not. The exact same is true of any personal computer, or the private partition of any server.

oscarwilde on February 12, 2016 at 6:40 PM

I’m sure I and LashRambo do understand what the law is.

It’s pretty obvious that YOU don’t.

sometimes, at least, information should be like ‘goods’.

No, pretty much all the time, when you’re talking actual possession.

Anything* that can be seen from a public place can be lawfully photographed, and those images lawfully published.

And, again, you are missing the point that THIS INFORMATION WASN’T IN PUBLIC VIEW.

I get your point about “theft” but “breaking” by definition is most certainly “damage” and that is what makes the entering criminal;

You couldn’t be more wrong:

breaking and entering
n. 1) the criminal act of entering a residence or other enclosed property through the slightest amount of force (even pushing open a door), without authorization. If there is intent to commit a crime, this is burglary. If there is no such intent, the breaking and entering alone is probably at least illegal trespass, which is a misdemeanor crime.

Note that “breaking” a window or a door is not actually necessary to be found guilty of breaking and entering. For instance, deceiving a security guard to gain unauthorized access to an area may be considered breaking and entering. Or, slightly pushing open a door to enter the building may also be breaking and entering.

Breaking is defined as opening or creating an entrance into a building. Breaking can be an action so slight as to push an open door wide enough to create an entrance.

And from the Wikipedia entry on “burglary” (no link, since I’ve done three):

Breaking can be either actual, such as by forcing open a door, or constructive, such as by fraud or threats.[4] Breaking does not require that anything be “broken” in terms of physical damage occurring. A person who has permission to enter part of a house, but not another part, commits a breaking and entering when they use any means to enter a room where they are not permitted, so long as the room was not open to enter.

Even today there are only a few situations in which trespass is criminal

Try coming and standing on my lawn at 2am and see if the police don’t arrest you. It’s a misdemeanor in VA – at a minimum.

the information is visible from the public place and the public commit no offence by looking at it, recording it or replicating it.

Except, AGAIN, the information was NOT IN PUBLIC VIEW.

How should that apply to Internet servers?

Where do you get the idea these were “internet” servers? I doubt you even understand the term “server”. Unless the server in question is a web server, it doesn’t serve ANYTHING up to the public. And even web servers can be private. Just because the road is paved doesn’t make it public property.

The Internet is the public street, the server is a private dwelling

Yes, you finally might get it.

but if the server makes information available to the public street on request, why should that be criminal?

Oh dear Lord in Heaven above, no you DON’T get it. NONE of the information was made available on the “public street”. It wasn’t.

Exactly where the files are stored on the server is not necessarily known to the visitor

BULLCRAP. If it’s not a web server, the person accessing information HAS TO GO LOOKING FOR IT. Do you know ANYTHING about computers and servers?

Malice is only your assumption. We cannot know what the hacker’s state of mind was.

Malice isn’t even an issue – that’s a legal term associated with murder and some assaults. What you (and he) mean is “intent”. Here’s some more legal quotes (no link, but you can find it in the same places as above):

intent
n. mental desire and will to act in a particular way, including wishing not to participate.

By actually bypassing security (pushing open that door), you have shown intent. BY DEFINITION, there is intent.

If I am asked for a username and password, and I use ones that I have guessed or innocently acquired

First, there is NO “innocently acquired”. Second, if you were not given that username/password combo by an individual authorized to give it to you, then you have committed an electronic B&E. Period.

how is that different from wandering into a physical location using the unattended gate or the key that I found on the floor?

And that would be B&E. You don’t get to walk around town trying doors with a key you found. You acquiring the key does NOT make you the rightful owner of the place in question, nor does it make you an “authorized user”.
Technically speaking, you are committing fraud, since you ARE NOT the person to whom those credentials were issued.

BTW, to continue the B&E analogy: do you think you could legally enter a domicile that is not yours because the 4yo answered the door and let you in? The answer is, legally speaking, NO.

rather than considering how to make the data properly invisible to the public place.

It WAS NOT IN A PUBLIC PLACE, numbnuts. That’s the entire point.

looks like a severe case of totally missing the point.

Well, that’s certainly true of you.

Look, no one here is saying the folks in charge of security shouldn’t be punished for leaving the door unlocked – rather not locking it with enough secure locks. He should be – by the agency (and by law, since he works for all of us).
However, that in no way excuses the criminal behavior of the 16yo. Why would you think that? That blatantly violates principles of conservative thought on law and order.

Neitherleftorright on February 12, 2016 at 5:59 PM

Do note that in the original question, no money was handed over. The best they could get would be “attempted robbery”. “Attempted” anythings are hard to prove in most cases.

GWB on February 12, 2016 at 6:55 PM

oscarwilde on February 12, 2016 at 6:40 PM

I woulda posted before you, but I was having PEBCAK problems. :p

Moreover, using any script, employing an exploit or using security bypassing software clearly constitutes mens rae that you are unauthorized to access what you are accessing

Exactly.

He did not innocently or accidentally gain unauthorized access, he was highly educated in a form a cyber criminal activity and had the computer and Internet access required to engage in criminal activity.

Not necessarily. As someone else mentioned, there are lots of script kiddies out there who don’t actually have much of a clue of HOW they’re doing what they’re doing, but do it using those tools.

No, you really do not have a right to anyones elses property, whether it be tangible or intangible property, unless your acquisition of said property is by free consent of that property owner.

Not even if you only take a copy and aren’t “depriving” them of it. It isn’t yours to take in whole or in part.

GWB on February 12, 2016 at 7:20 PM

oscarwilde on February 12, 2016 at 6:40 PM

GWB on February 12, 2016 at 7:20 PM

In size and scope those were good answers from both of you. Thank you.

I don’t fully accept all of your points but between you you’ve made a sufficiently persuasive case in this thread for me to reconsider some things and to see some flaws in my thinking. Since the matters you’ve been persuasive on are important for delimiting the matters I’m less convinced about I shan’t defend my corner again in this particular thread. You can both go to bed tonight content in the knowledge that you’ve moved a mind.

Mostly I agree with the principles you’re advocating and, as I mentioned, one of my concerns is where the line between public and private should be drawn; I don’t dispute that a line should be drawn.

Anyway, being challenged by other opinions is one of the reasons I come here so I really appreciate that you’ve both argued your points vigorously. Thank you, both, again.

YiZhangZhe on February 12, 2016 at 8:27 PM

This individual may well be a 16 year old, but he was anything but minimally resourced.

oscarwilde on February 12, 2016 at 6:40 PM

This bit of my remark was somewhat to the side of our main discussion so it was a bit off-topic and out-of-context.

My meaning was that he was minimally resourced compared to the supposedly major threats such as state-organised cyber-espionage teams.

The likes of Russia and China have been moving people into position for decades so they can combine cyber-espionage with the personal walk-about kind. They’ve had many years to learn about every aspect of the technology in great detail. They’ve presumably got teams of people who can co-operate with one another openly. They have many different ways of accessing all kinds of equipment (for example monitoring EMI or, in the case of China, because they manufacture it and can add ‘features’ — or should that be ‘bugs’). They also can use tools such as bribery and blackmail and threats in order to obtain co-operation.

I mentioned it not to excuse his conduct but to highlight that if the US government can’t even keep the likes of him at bay then, really, he is not the problem. If a group of individuals with very few resources can hack the FBI then perhaps the ‘big’ players are not merely ‘hacking’ the NSA but running it.

YiZhangZhe on February 12, 2016 at 8:41 PM

Tells you all you need to know about the quality of IT people the Federal government hires.

ConstantineXI on February 12, 2016 at 12:45 PM

It’s no different in private industry, trust me.

Tlaloc on February 12, 2016 at 2:44 PM

When these two agree, it’s an open-and-shut case.

Information cascade:

Mr. Noname McNobody gets arrested for unauthorized possession of secure US government information within days of discovery.

Well-connected political elite with classified information on unauthorized email server in her house jetting around the country with Secret Service protection.

Now that’s what I call justice.

BobMbx on February 12, 2016 at 1:35 PM

It’s amazing how fast they can act when it’s them being attacked. When it’s the Democrats using the IRS to attack Conservatives it’s a whole different attitude.

When FBI Director Robert Mueller appeared before the House oversight committee he didn’t know which agent was leading the ‘investigation, he didn’t know how many agents were assigned to the investigation, he didn’t know it they had interviewed any of the victims, he didn’t know a single thing.

I was embarrassed for the good people at the FBI having to see him represent them. I also thought that it was a good thing Robert Mueller had a name placard in front of him in cast someone asked him his name he wouldn’t have had far to look to discover his name.

RJL on February 12, 2016 at 1:44 PM

Here’s the take away for this article. The highest levels of our government are defenseless against a 16 year old hacker living in his mother’s basement.

And HHS is collecting all the medical data from your doctors and hospitals that will make the NSA collection for our personal data seem like kid’s play (pun intended).

Think about it. The IRS can’t be trusted. The DHS, DoJ, ICE, and ATFA can’t be trusted. Obama can’t be trusted. And EPA, BLM, DoE, etc. can’t be trusted. The Department of Education can’t be trusted.

So the government wants to store all of our medical records with HHS. Great.

Do you really think some political activist there isn’t going to leak the medical records of political opponents or use those records to silence opposition.

We thought it couldn’t be done within the IRS. At least the IRS under Nixon refused to do his political dirty work, but the IRS under Obama seems fine with silencing political opposition.

The more data the government collects about us the more dangerous the government becomes to its own citizens.

BMF on February 12, 2016 at 4:14 PM

Don’t get anyone started on gun registration.

AesopFan on February 13, 2016 at 12:12 AM

Tells you all you need to know about the quality of IT people the Federal government hires.

ConstantineXI on February 12, 2016 at 12:45 PM

The IT people may be ok, it’s the management that IGNORE the IT people. Security costs and it’s gotta be constant. One place I consulted with insisted on using Norton AV from the >>> 90’s because some moron refused to pay for upgraded software.

Our entire government is free an open to hackers because the people running the show are complete freaking idiots.

If a 16 year old can do this, imagine what a well seasoned, highly educated person could do with the right set of tools?

You think it hasn’t happened?

I’m just wondering when the harridan’s email will be released. Someone with an axe to grind will do it, and she has a lot of enemies.

dogsoldier on February 13, 2016 at 8:58 AM

YiZhangZhe on February 12, 2016 at 8:41 PM

“reading the mail” It is likely they have implanted stuff to neutralize certain systems if the need arises. Not just at the NSA.

If they took many interconnected systems in the government offline or seriously screwed them up just for a few days, the result would be complete chaos.

Remember, the Chinese hacked RSA and just had spyware reading everything going by.

dogsoldier on February 13, 2016 at 9:04 AM

He should have hidden the server in a public toilet.

NYCMike on February 13, 2016 at 11:15 AM