The Digital Bond blog, which covers the computer security subfield of SCADA assessments, is spinning this story pretty hard, which I think you'll see pretty quickly if you skim the actual court order.
What's happening here is that Cory Thuen, a former developer of a network security product called Sophia at a company called Batelle, was fired (he did not "leave") apparently after it was determined that he was making a personal copy of Sophia called Visdom that he planned on open sourcing. When Thuen went on to start his own company to release Visdom (Southfork), Batelle sued for copyright infringement.
Two things are happening at this point in the story, if I'm following it right. First, Batelle has prevailed in a preliminary injunction ordering Thuen to take down Visdom. It did so by making a showing that convinced the court it was likely to prevail in its suit, and that argument included admissions from Thuen that he had copied at least some of Sophia.
Next, Thuen is being ordered to comply with discovery in the suit. Hard drive images are standard ESI evidence in cases like these; it is not at all weird that a court would order an image of a hard drive. The idea that an adversary in a civil proceeding might get access to content like this isn't at all weird; it's a basic result of the Federal Rules of Civil Procedure.
There are two wrinkles to this case:
First, the court ordered that Thuen be served with the demand for his computer without prior notice. According to the order, this is something that the court can do in extreme situations to prevent evidence from being spoiled. The reasoning the court used here is janky: Thuen claimed to be a "hacker", and the court hung its assessment that he might be likely to blitz his hard drive on that.
Second, the court order escrows the hard drive image with the court, allowing Batelle's forensic expert to image the drive but not examine that image; the court hasn't yet determined what access Batelle will have to the image, but is instead taking steps to ensure that the image is available should it be needed.
Once again: hard drive images are not an unusual product of civil discovery. You do not have a "4th amendment right" to avoid civil discovery.
The "hacker" thing is facially ridiculous. But contra Digital Bond's claim, "hacker" didn't enable the hard drive imaging to occur; that was going to occur during discovery no matter what. Instead, "hacker" changed the prior notification procedure used to obtain the image.
> When Thuen went on to start his own company to release Visdom (Southfork), Batelle sued for copyright infringement.
I have no idea as to the merits of the case, but I find it funny how liberally some OSS types feel with regard to copyright.
At least for GPL advocates, copyright is a feature, not a bug. "Copyleft" may very well be just a hack of copyright law, but it depends on strong copyright to work at all. That's why so many Free and open source software projects take the progeny and licensing of source code so seriously. It's not simply that we wish to comply with the law, but that the laws regarding copyright are essential to the ecosystem as a whole.
I think you overestimate the necessity of copyright law to the open source community. Even if the community could not legally force people to play fair with open source code (by releasing modifications, not charging, or whatever the terms are), people would still continue to write it.
> Even if the community could not legally force people to play fair with open source code (by releasing modifications, not charging, or whatever the terms are), people would still continue to write it.
There was a reason I made clear to mention GPL advocates. There are differing definitions of "software freedom" that target the developers of software and the users of software.
When your political movement aims to ensure that the source code for the software that people are using is actually available and stays available then you need something like copyleft.
If your idea is instead to ensure that people are free to release source code for free if they wish, then there's not actually a battle to be had! That was how software started out after all, but that was also what led eventually to users being closed off from their source code.
(Unless I'm misunderstanding, you can charge for GPL software, you just cannot charge for the source once they've got a binary. You also can use your own fork of GPL on your hardware without releasing any source.)
You can charge a reasonable distribution/duplication fee for GPL source code. The early FSF funded itself by selling several hundred dollar copies of GNU (apparently that took a lot of tapes back then).
> You also can use your own fork of GPL on your hardware without releasing any source.
I believe this is no longer true (at least in general) as of GPL v3. In fact this "Tivoization" is one of the very things the GPLv3 was intended to combat.
Software-as-a-Service is another thing they were aiming at... I don't know offhand if it made it into GPLv3 or not.
No, copyleft does not fundamentally depends on strong copyright law. That is just an implementation detail. It would work just as well--better, actually--if it was enshrined in actual law. In fact, I understand this is what the movement actually wants; unfortunately,a law like this is unlikely to get through the legislative process. Happily, we can use some "legal judo" to turn copyright onto itself, creating an opt-in system to remove copyright using existing laws.
In short: copyleft only depends on copyright because it has to, and it only has to because it's a minority position. Actual GPL supporters would be perfectly happy if the equivalent of the gpl was law and normal copyright did not exist.
As its not enshrined in its own law, in reality it does depend on strong copyright law.
Some contributors that you know - perhaps the majority that you know - may be shaky about this, they may not understand this, but it doesn't make it false and nor does it mean that other contributors are ignorant.
Is it even a warrant? A warrant authorizes law enforcement to search a person/place/thing for evidence. A discovery order is a demand for a specific piece of evidence. Nobody is "searching"; the court knows exactly what it wants --- the whole hard drive image.
Remember in the Netscape vs. Microsoft case, when the contents of Jamie Zawinsky's "Really Bad Ideas" mailing list were released? That was because of a discovery order demanding Netscape's email spools.
It's for exactly this reason that large companies have specific policies about document retention.
Why is it not standard practice for people who work in security or anything remotely contentious to keep their work OS, programs, data and so on, on a usb stick that you can just hide somewhere when you are not working on it?
Because people have a tendency to either think they're too good to get caught, or that they're not really doing anything wrong / anything anyone will go after them for.
Also, I'd assume we don't get to hear about the people that actually are too good, as they'd be more likely than most to avoid getting suspected in the first place.
> First, the court ordered that Thuen be served with the demand for his computer without prior notice. According to the order, this is something that the court can do in extreme situations to prevent evidence from being spoiled.
I'd accept upon equal consideration being provided. Why should he have to be forced to pay for what is essentially a fishing expedition by the prosection? would they have a case should the computer not be taken?
I was considering the offering up the computer (asset) as payment, or, at the very least, collateral, on the charges. Since they're using accounting/banking terms for these charges anyway (how often do you see "Escrow" used in a court case?), no reason to not try to settle/close this as if it were just another probate/bankruptcy issue. :)
No 4th amendment rights were lost. A warrant was issued, which is provided for in the 4th amendment and whose issue can be challenged in court. The 4th amendment is designed to protect you from warrantless seizures. It does not confer any right to frustrate the issuance of a warrant.
Challenged does not mean 'prevent'ed it can be argued later as a matter of law that the warrant should not have been issued, and that the evidence acquired as a result is inadmissible. Courts do not have to give defendants the benefit of the doubt in matters of evidence collection because a) procedures exist to challenge the admission of that evidence at trial and b) it's a sad but true fact that a lot of people do in fact attempt to destroy evidence; where they have both motive and capacity to do so, seizure is justifiable. Spoliation (the legal term for destruction of evidence) is a big problem in litigation.
>Challenged does not mean 'prevent'ed it can be argued later as a matter of law that the warrant should not have been issued, and that the evidence acquired as a result is inadmissible.
This is not the case and it is called the "good faith" exception. The police officers when acting in good faith under a warrant that is latter found to invalid does not make the evidence inadmissible.
Given this do you now believe there is good reason to fight back against unreasonable warrants?
Keep in mind that the whole point of the 'exclusionary rule' being discussed here it to ensure that law enforcement does maintain the Fourth Amendment rights of a suspect by going through the due process procedures needed to obtain a warrant before conducting a search and/or seizure.
The whole point to the 'good faith' exception to the 'exclusionary rule' is that in such a case, the detective had complied with the Fourth Amendment, the issued warrant passed some "smell tests", etc. Therefore it doesn't make sense to automatically "punish" the government (and society) and let people go free under the 'fruit of the poisonous tree' principle, since law enforcement wasn't the one at fault in that scenario, but rather the judge who issued the warrant.
However, the 'good faith' exception is a possibility, not a mandate. The appellate judge can certainly decide that the evidence obtained under a warrant which is later deemed inadmissible should be excluded completely. All that the 'good faith' exception means is that the appellate judge doesn't have to exclude all that evidence; rather they can exclude what they deem essential toward meeting the interests of overall justice and fairness before remanding the case back to trial.
Either way, fighting back against "unreasonable warrants" is almost axiomatically a good idea; I don't think anyone wants "unreasonable warrants" floating around in the justice system. I find it hard to feel too bad for people who really committed a serious crime and left evidence to that effect though. The Bill of Rights is designed to protect the innocent from the government; that it also gives shielding to the guilty is the price that society has to pay, but that doesn't mean you should rely on such a shield being present if you commit a crime :P.
That's a good point, but there's no question here of police going on a fishing expedition. By definition, an invalid warrant is subject to the good faith exception because it's reasonable. Here, there doesn't seem to be any question about the defendant being in possession of the information they're alleged to have taken.
I find nothing unreasonable about the warrant here.
What's happening here is that Cory Thuen, a former developer of a network security product called Sophia at a company called Batelle, was fired (he did not "leave") apparently after it was determined that he was making a personal copy of Sophia called Visdom that he planned on open sourcing. When Thuen went on to start his own company to release Visdom (Southfork), Batelle sued for copyright infringement.
Two things are happening at this point in the story, if I'm following it right. First, Batelle has prevailed in a preliminary injunction ordering Thuen to take down Visdom. It did so by making a showing that convinced the court it was likely to prevail in its suit, and that argument included admissions from Thuen that he had copied at least some of Sophia.
Next, Thuen is being ordered to comply with discovery in the suit. Hard drive images are standard ESI evidence in cases like these; it is not at all weird that a court would order an image of a hard drive. The idea that an adversary in a civil proceeding might get access to content like this isn't at all weird; it's a basic result of the Federal Rules of Civil Procedure.
There are two wrinkles to this case:
First, the court ordered that Thuen be served with the demand for his computer without prior notice. According to the order, this is something that the court can do in extreme situations to prevent evidence from being spoiled. The reasoning the court used here is janky: Thuen claimed to be a "hacker", and the court hung its assessment that he might be likely to blitz his hard drive on that.
Second, the court order escrows the hard drive image with the court, allowing Batelle's forensic expert to image the drive but not examine that image; the court hasn't yet determined what access Batelle will have to the image, but is instead taking steps to ensure that the image is available should it be needed.
Once again: hard drive images are not an unusual product of civil discovery. You do not have a "4th amendment right" to avoid civil discovery.
The "hacker" thing is facially ridiculous. But contra Digital Bond's claim, "hacker" didn't enable the hard drive imaging to occur; that was going to occur during discovery no matter what. Instead, "hacker" changed the prior notification procedure used to obtain the image.