Donate for the Cryptome archive of files from June 1996 to the present

14 April 2013

Hacktivists as Gadflies


http://opinionator.blogs.nytimes.com/2013/04/13/hacktivists-as-gadflies/

Hacktivists as Gadflies

By PETER LUDLOW

Peter Ludlow is professor of philosophy at Northwestern University. His most recent book is “The Philosophy of Generative Linguistics.”

The Stone -- The Stone is a forum for contemporary philosophers on issues both timely and timeless.

Around 400 B.C., Socrates was brought to trial on charges of corrupting the youth of Athens and “impiety.” Presumably, however, people believed then as we do now, that Socrates’ real crime was being too clever and, not insignificantly, a royal pain to those in power or, as Plato put it, a gadfly. Just as a gadfly is an insect that could sting a horse and prod it into action, so too could Socrates sting the state. He challenged the moral values of his contemporaries and refused to go along with unjust demands of tyrants, often obstructing their plans when he could. Socrates thought his service to Athens should have earned him free dinners for life. He was given a cup of hemlock instead.

The government is treating hackers who try to make a political point as serious threats.

We have had gadflies among us ever since, but one contemporary breed in particular has come in for a rough time of late: the “hacktivist.” While none have yet been forced to drink hemlock, the state has come down on them with remarkable force. This is in large measure evidence of how poignant, and troubling, their message has been.

Hacktivists, roughly speaking, are individuals who redeploy and repurpose technology for social causes. In this sense they are different from garden-variety hackers out to enrich only themselves. People like Steve Jobs, Steve Wozniak and Bill Gates began their careers as hackers — they repurposed technology, but without any particular political agenda. In the case of Mr. Jobs and Mr. Wozniak, they built and sold “blue boxes,” devices that allowed users to defraud the phone company. Today, of course, these people are establishment heroes, and the contrast between their almost exalted state and the scorn being heaped upon hacktivists is instructive.

For some reason, it seems that the government considers hackers who are out to line their pockets less of a threat than those who are trying to make a political point. Consider the case of Andrew Auernheimer, better known as “Weev.” When Weev discovered in 2010 that AT&T had left private information about its customers vulnerable on the Internet, he and a colleague wrote a script to access it. Technically, he did not “hack” anything; he merely executed a simple version of what Google Web crawlers do every second of every day — sequentially walk through public URLs and extract the content. When he got the information (the e-mail addresses of 114,000 iPad users, including Mayor Michael Bloomberg and Rahm Emanuel, then the White House chief of staff), Weev did not try to profit from it; he notified the blog Gawker of the security hole.

For this service Weev might have asked for free dinners for life, but instead he was recently sentenced to 41 months in prison and ordered to pay a fine of more than $73,000 in damages to AT&T to cover the cost of notifying its customers of its own security failure.

When the federal judge Susan Wigenton sentenced Weev on March 18, she described him with prose that could have been lifted from the prosecutor Meletus in Plato’s “Apology.” “You consider yourself a hero of sorts,” she said, and noted that Weev’s “special skills” in computer coding called for a more draconian sentence. I was reminded of a line from an essay written in 1986 by a hacker called the Mentor: “My crime is that of outsmarting you, something that you will never forgive me for.”

When offered the chance to speak, Weev, like Socrates, did not back down: “I don’t come here today to ask for forgiveness. I’m here to tell this court, if it has any foresight at all, that it should be thinking about what it can do to make amends to me for the harm and the violence that has been inflicted upon my life.”

He then went on to heap scorn upon the law being used to put him away — the Computer Fraud and Abuse Act, the same law that prosecutors used to go after the 26-year-old Internet activist Aaron Swartz, who committed suicide in January.

The law, as interpreted by the prosecutors, makes it a felony to use a computer system for “unintended” applications, or even violate a terms-of-service agreement. That would theoretically make a felon out of anyone who lied about their age or weight on Match.com.

The case of Weev is not an isolated one. Barrett Brown, a journalist who had achieved some level of notoriety as the “the former unofficial not-spokesman for Anonymous,” the hacktivist group, now sits in federal custody in Texas. Mr. Brown came under the scrutiny of the authorities when he began poring over documents that had been released in the hack of two private security companies, HBGary Federal and Stratfor. Mr. Brown did not take part in the hacks, but he did become obsessed with the contents that emerged from them — in particular the extracted documents showed that private security contractors were being hired by the United States government to develop strategies for undermining protesters and journalists, including Glenn Greenwald, a columnist for Salon. Since the cache was enormous, Mr. Brown thought he might crowdsource the effort and copied and pasted the URL from an Anonymous chat server to a Web site called Project PM, which was under his control.

Just to be clear, what Mr. Brown did was repost the URL from a Web site that was publicly available on the Internet. Because Stratfor had not encrypted the credit card information of its clients, the information in the cache included credit card numbers and validation numbers. Mr. Brown didn’t extract the numbers or highlight them; he merely offered a link to the database. For this he was charged on 12 counts, all of which pertained to credit card fraud. The charges against him add up to about 100 years in federal prison. It was “virtually impossible,” Mr. Greenwald, wrote recently in The Guardian, his new employer, “to conclude that the obscenely excessive prosecution he now faces is unrelated to that journalism and his related activism.”

Other hacktivists have felt the force of the United States government in recent months, and all reflect an alarming contrast between the severity of the punishment and the flimsiness of the actual charges. The case of Aaron Swartz has been well documented. Jeremy Hammond, who reportedly played a direct role in the Stratfor and HBGary hacks, has been in jail for more than a year awaiting trial. Mercedes Haefer, a journalism student at the University of Nevada, Las Vegas, faces charges for hosting an Internet Relay Chat channel where an Anonymous denial of service attack was planned. Most recently, Matthew Keys, a 26-year-old social-media editor at Reuters, who allegedly assisted hackers associated with Anonymous (who reportedly then made a prank change to a Los Angeles Times headline), was indicted on federal charges that could result in more than $750,000 in fines and prison time, inciting a new outcry against the law and its overly harsh enforcement. The list goes on.

In a world in which nearly everyone is technically a felon, we rely on the good judgment of prosecutors to decide who should be targets and how hard the law should come down on them. We have thus entered a legal reality not so different from that faced by Socrates when the Thirty Tyrants ruled Athens, and it is a dangerous one. When everyone is guilty of something, those most harshly prosecuted tend to be the ones that are challenging the established order, poking fun at the authorities, speaking truth to power — in other words, the gadflies of our society.