[HN Gopher] Reporter likely to be charged for using "view source...
___________________________________________________________________
Reporter likely to be charged for using "view source" feature on
web browser
Author : denysvitali
Score : 316 points
Date : 2021-12-31 08:07 UTC (14 hours ago)
(HTM) web link (boingboing.net)
(TXT) w3m dump (boingboing.net)
| eskathos wrote:
| You can not trespass my eyes...
| actually_a_dog wrote:
| Related:
|
| _Reporter may be prosecuted for using "view source"_ (currently
| 151 comments): https://news.ycombinator.com/item?id=29737412
| RappingBoomer wrote:
| stunning..and scary... the root problem here (or at least one of
| the root problems) is that government workers are not hired or
| promoted on merit. That leads to people of lesser intelligence
| being bosses. As evidenced here. That is a bad thing, in my
| opinion. You want smart people in charge. That's a good thing!
| johnorourke wrote:
| Let's not equate "lack of understanding of a specific piece of
| technology" with "lesser intelligence", that is not a healthy
| way to think.
| hermitcrab wrote:
| That no offence was comitted here should be apparent to 10
| year old of average intelligence. The governor is either very
| stupid, very ignorant or very cynical. Or some combination of
| the 3.
| xigoi wrote:
| That's true, but insisting that you're right about something
| that you know nothing about is a sign of lesser intelligence.
| pbhjpbhj wrote:
| Maybe, but there a possibility they know it's not a valid
| argument but believe they can still use it effectively.
| Just because someone supports a position doesn't mean they
| know it's valid, not that they know it's moral. Plenty of
| people, and especially politicians of some persuasions, are
| happy to spout known lies and deceptions to get to their
| preferred outcome.
| goldcd wrote:
| There's the original IT screw-up - but I think the body of the
| sory is around the ineptitude of the elected governor.
|
| Not specifically that he doesn't understand how the web works -
| more that he didn't care to find out before opening his mouth.
|
| Or worse is aware, but is disengenuously pushing for a
| prosecution of somebody he disagrees with.
| skywal_l wrote:
| Has I said in another comment, it is not about education or
| intelligence. Read the article. The politicians trying to
| intimidate the St Louis Post Dispatch have a history of
| intimidation against journalists. Demagoguery is unfortunately
| a chronic condition of democracy.
| pbhjpbhj wrote:
| Any thoughts on how to tailor political systems to work
| around demagoguery but maintain functioning democracy?
| denton-scratch wrote:
| What's democracy? Is that when stuff gets done to you by
| corrupt politicians, and you have to shut up and suck it,
| except that every few years you get to swap one bunch of
| corrupt politicians for another bunch?
| bjornsing wrote:
| Yes. You pretty much nailed it.
| rsynnott wrote:
| Not having a single person be the executive likely helps.
| In a parliamentary democracy, the prime minister would have
| to tell the justice minister to do this. The justice
| minister would likely refuse. The prime minister's recourse
| would be to fire the justice minister and get a new one
| appointed, but that's a big step. Assuming that's overcome,
| the new compliant justice minister would have to tell the
| public prosecutor to do it. In many countries that's an
| independent office, and the justice minister wouldn't have
| much standing. So you're back to trying to fire people, and
| the petty vindictive prosecution is turning into a
| government-ending event; the PM is likely to be seeking
| alternative employment...
|
| Executive presidency/governor systems, like those used in
| the US, have a generally higher dependency on individuals
| behaving properly.
| skywal_l wrote:
| If only I knew... Might be worth reading de Tocqueville[0]
| again I guess.
|
| [0] https://en.wikipedia.org/wiki/Democracy_in_America
| MR4D wrote:
| We already have it - it's the 3 branches of government that
| provide for an independent judiciary.
| pbhjpbhj wrote:
| In USA? Judiciary are political appointees aren't they.
|
| Apologies if that was a joke.
| skywal_l wrote:
| In theory. I believe the system was setup to ensure that
| the judicial system is independent from the executive
| branch. However, we have seen the nefarious influence of
| money in politics which is now starting to encroach on
| the judicial system too:
|
| https://www.wsj.com/articles/federal-judges-brokers-
| traded-s...
|
| https://iadllaw.org/2020/09/more-than-200-lawyers-file-
| judic...
| rsynnott wrote:
| This is nothing to do with government worker competence.
| Undoubtedly, the governor has been advised that there is no
| case. It's legal harassment, and a sign of (a) a structurally
| flawed system (the executive should be in no position to make
| this sort of threat in the first place) and (b) a sick
| political system (even if the executive is legally able to make
| such a threat, it should be politically impossible for them to
| do so).
| ratww wrote:
| _> the root problem here is that government workers are not
| hired or promoted on merit. That leads to people of lesser
| intelligence being bosses_
|
| That's hardly exclusive to government work.
| asimpletune wrote:
| I wonder what the lock picking lawyer would say about this view
| source = illegally picking an albeit crappy lock?
| SSShupe wrote:
| The HTML document revealed by "view source" isn't something
| "behind" the web page -- it IS the web page. The State
| effectively made a document containing the confidential info
| available to everyone and is now complaining because someone
| looked at it. I agree with the prior commentators that this is
| more about politics than law.
| kbsspl wrote:
| 2 birds, one stone.
|
| Politicians can get away doing what they want with whatever
| reason.
|
| And politicians are being used to make the internet more opaque.
| Since 'view source' is being made a scapegoat, expect it to
| disappear soon.
| nunez wrote:
| Disappearing View Source is stupid in a world in which you can
| curl or use dev tools to get at the same data. Wouldnt even be
| shocked if some applications/workflows depended on it.
| gefhfffh wrote:
| kthejoker2 wrote:
| From a tort perspective, it seems like the client assumes all the
| risk of an HTTP request: I made a request for this URI - without
| (obviously) knowing its contents - and you send me some contents.
| Even if I as the client attempt to send a malicious payload, etc.
| the server can transmit back whatever it would like any time -
| that's the rules of the game.
|
| So the server holds all the power, and as long as I got a "200
| OK" response with whatever contents you sent me, you have
| absolved the client of wrongdoing without a much bigger burden of
| proof of fraud, identity theft, etc...
|
| Otherwise, the Internet literally becomes unusable - if even
| submitting this comment might result in me receiving illegal
| content, how does one proceed?
|
| Sidenote: this is tangentially similar to the CitiGroup Revlon
| case, where Citi accidentally paid out the full principal on a
| loan to Revlon to a bunch of small lenders, and the lenders
| refused to return the money.
|
| https://www.npr.org/transcripts/1019909860
|
| The court ruling is interesting, in that as long as the lenders
| assumed the money was sent on purpose - that that was the
| intention of CitiGroup - then there was no reason to send the
| money back. But if they assumed the money was sent on accident,
| then it was illegal to keep it.
|
| The court ruled that under good faith argumentation ("discharge
| of value") that if someone owes you money and they pay it back,
| even "on accident" or otherwise, you have no obligation to return
| it.
|
| And again, it hinged not on the individual case per se but the
| effect of ruling otherwise - that you could never truly spend
| money that was sent to you because someone might come later and
| claw it back, which would just grind the financial industry to a
| halt.
|
| I think the same conclusion would have to be made here: if you
| send something and stick a 200 on it, the recipients are entitled
| to what you sent them.
| badRNG wrote:
| >I think the same conclusion would have to be made here: if you
| send something and stick a 200 on it, the recipients are
| entitled to what you sent them.
|
| Disclaimer: I don't work with web tech, but wouldn't that also
| permit a lot of activities we would absolutely consider
| unethical, like SQL injection? It seems like you could
| certainly craft a request to circumvent security controls to
| receive a 200 response back that we'd absolutely consider to be
| unethical.
| agar wrote:
| I find it overly amusing that the article is tagged with "CHRIST
| WHAT AN ASSHOLE". After clicking through to see other stories
| with the same tag, it's...apt.
| gaws wrote:
| What did you expect? It's BoingBoing. Not really at the
| pinnacle of American journalism.
| jimnotgym wrote:
| Am I to understand that a state governer has the power to
| instruct some lacky-lawyer to charge someone with a crime, and to
| prosecute them for that crime? In the land of the free, this is
| not an independent process?
| _dain_ wrote:
| The state Attorney General is part of the executive branch and
| takes orders from the governor. This is the case in most states
| and the equivalent is true at the federal level. People seem to
| think it is an "apolitical" post but that just isn't true.
| ensignavenger wrote:
| No, the state governor does not have the power to order a
| county prosecutor to prosecute. He can't even order the
| attorney general to prosecute. Might be able to put political
| pressure on them to do so, though.
|
| On the other hand, the President of the United States does have
| some constitutional power over the Department of Justice, and
| appoints the US Attorney General (With confirmation by the
| Senate), and can fire the AG, so at the Federal level, there is
| a direct line of such power.
| Broken_Hippo wrote:
| You are surprised? We already know that a prosecutor will try
| for higher sentences near an election and... well, they _are_
| elected. It isn 't hard to imagine that an elected official
| works with other elected officials, especially if they want to
| do other things in government.
| rsynnott wrote:
| In many countries, the executive trying to direct the public
| prosecutor would be a scandal that would end multiple
| careers.
|
| Actually, I would think that it would be in the US, too, if
| done on a _federal_ level.
| jimnotgym wrote:
| I live in the UK. I am very suprised yes
| michaelt wrote:
| Imagine the following situation:
|
| Someone anonymous on Twitter threatens to kill you. You go
| to the front desk of your local police and they say "You
| have our sympathies, but we have limited resources, and we
| don't know whether it's really a serious matter or not, or
| even if the perpetrator is within our jurisdiction."
|
| You threaten on Twitter to kill your MP. They go to the
| head of the local police force who decides it _is_ a
| serious matter, looks into it and finds you _are_ in their
| jurisdiction, and some police officers come knocking at
| your door.
|
| Is this the rule of law operating as intended, reflecting
| the reality that MPs have been murdered before, and in a
| world unfortunately constrained by finite policing budgets?
|
| Or is it a double-standard, where a wealth of usually-
| unenforced laws allow the powerful to oppress their
| opponents?
| Talanes wrote:
| Craig Murray only just got out of prison for court
| reporting while not part of the proper crowd, so is it
| really that different over there?
| marcus_holmes wrote:
| I don't know why you're surprised. The courts have shown
| time and again that they are part of the establishment
| (that includes the civil service and government), and will
| act in accordance with government wishes most of the time.
|
| "Yes, Minister" was documentary not fiction (also, since we
| seem to be remaking/rebooting everything good, can we have
| an updated version of this, please?)
| rsynnott wrote:
| They did remake Yes Minister. It was Not Very Good.
|
| This, incidentally, is precisely the sort of thing that
| Humphrey would stop Hacker doing, if Hacker had the
| ability, which he didn't. The only times Humphrey lets
| Hacker indulge in overreach are to put him in a situation
| that Humphrey can then save him from.
| marcus_holmes wrote:
| > They did remake Yes Minister. It was Not Very Good.
|
| Thanks, I must have missed it. I'll check it out (even if
| it's crap).
|
| I agree with your take on it, I was more indicating that
| the way Things Are Supposed To Work is almost not How
| They Actually Work, and usually that's How The Old Boy
| Network Want Them To Work.
| Ekaros wrote:
| As European, I find it insane that I could elect the
| prosecutor or even the police. And in some ways that
| politicians would have any word on this apart from deciding
| the funding and laws...
| skywal_l wrote:
| I don't disagree with your point but how a prosecutor
| must be selected then? If someone is not chosen by a
| public and popular vote, it must be chosen differently.
| Any mechanism of choice will have an inherent bias.
|
| For example, you could decide that a prosecutor is the
| best at knowing the law, so let's have a law exam where
| the one with the best score is named prosecutor. However,
| being a good prosecutor can't always be reduced to a
| technical know-how. And those good at laws might be those
| who were able to pay to go to the best universities, buy
| the textbooks, be allowed to study for years without
| working, etc. So you also have a bias on wealthy
| families.
|
| I don't think that the problem of allocation of power in
| our modern societies is a solved problem...
| abecedarius wrote:
| The current setup where only official prosecutors can
| prosecute crimes is historically recent. I don't know
| what would be better, but these officials becoming too
| cozy with other officials is what you'd expect a priori.
| rsynnott wrote:
| It varies by country. For instance, in Ireland, the
| Office of the Director of Public Prosecutions is a civil
| service bureaucracy. It's lead by the director, who's
| appointed by the government for a ten year term and must
| be an experienced barrister or solicitor. The director is
| a civil service executive, not a dictator, so the amount
| of damage a bad or corrupt one can do is somewhat
| limited.
|
| Until the 70s, the role was filled by the office of the
| attorney general, who's a direct government appointee
| (strictly speaking appointed by the president on
| direction of the government). The separate agency was
| created to defend against bias.
| simonh wrote:
| Just because any system could or do have biases, that's
| no good defence of a system we know has terrible
| pernicious biases that are visibly compromising it's
| integrity. I'm a Brit, and I'd have good expectations of
| being treated fairly if I faced prosecution as an
| innocent person here in the UK, in France, Germany, or
| plenty of other countries. I have no such confidence
| about the USA. Especially so if the crime I was accused
| of was politicised. I actually know someone in the US
| who's life was destroyed by that system, he spent a year
| in prison and it took years more to clear his name.
|
| Politicisation is endemic to the US justice and policing
| system, it's an absolute disgrace. I agree no system is
| perfect, we have miscarriages of justice here in the UK
| too, but perfection is not the enemy of the good and your
| system is below mediocre. You can do, and deserve, a lot
| better.
| Ekaros wrote:
| Specially when the public side is underfunded and
| defending yourself is insanely expensive. Not that law is
| cheap anywhere, but from recent cases like Kyle
| Rittenhouse and officer Potter it seems just stupid and
| broken.
| JaimeThompson wrote:
| What was wrong with the Potter case?
| Ekaros wrote:
| That that sort of case would take weeks in court room and
| even longer outside and cost tens or hundreds of
| thousands to pay for defence.
| ttybird2 wrote:
| Did you disagree with the result of the Potter case? I am
| unfamiliar with it but it seems like they charged a
| police officer who "mistakenly used a handgun instead of
| a Taser"? Am I missing something here?
| ziml77 wrote:
| After both looking into the details myself and watching
| LegalEagle's analysis of the case, I'm not convinced that
| there was anything wrong with the Rittenhouse trial.
| Rittenhouse was stupid for driving into the city in the
| first place, but each of the times he fired his gun
| seemed perfectly reasonable. And I had initially thought
| that he was looking for an excuse to shoot black people,
| but then found out that all 3 people he shot were white.
| luckylion wrote:
| Germany just had Pimmelgate (Pimmel is a synonym for
| penis). Hamburg's Senator of the Interior did something
| and some random guy wrote "you're such a dick" ("du bist
| so 1 pimmel"). The Senator apparently was very annoyed
| and asked the state attorney to go after the guy. They
| summoned him to the precinct, he went, said that he wrote
| that tweet and declined to say anything else without a
| lawyer present. They then got a judge to sign a search
| warrant against his ex-girlfriend (and mother of his
| children who live with her), and executed it, which was
| unnecessary (they knew who did it and he had already
| confessed) and meant to punish extra-judicially since the
| case would likely be thrown out in court.
|
| The state attorneys and police are part of the executive
| branch and subject to directives of the politician in
| charge. Theoretically, electing the state attorneys
| directly would motivate them to not just do whatever the
| administration wants, be that legally reasonable or not.
| In practice it probably does not matter.
| TomSwirly wrote:
| > I don't disagree with your point but how a prosecutor
| must be selected then?
|
| The same way you select the heads of hospitals, or police
| chiefs, or head librarians?
|
| What a strange question. Only in the US do you VOTE for
| prosecutors!
| ttybird2 wrote:
| God save the queen
| https://news.ycombinator.com/item?id=29508528
| xwolfi wrote:
| Land of the free... to shut up and pay their credit card debts
| and student loans.
| tshaddox wrote:
| In an authoritarian state, yes, of course this is possible.
| Ekaros wrote:
| It is all politics. Prosecutors are sometimes elected with
| political ambitions. And on higher level in same corrupt
| parties are those on state level... Thus pressure to do
| things...
| literallyaduck wrote:
| It was more than "View Source". It was decoding viewstate.
|
| Reading someone's postcard in the mailbox is like looking at the
| source.
|
| He opened the letter that was in the encoded viewstate.
|
| The envelope doesn't offer any real security but it is illegal to
| open someone else's mail, and decoding a site's viewstate might
| technically be illegal as well, but unless you tell someone you
| did it no one will know.
|
| The reporter should have notified them directly, anonymously, or
| kept their mouth shut.
|
| If you send information to the client, it is your responsibility
| to make sure it doesn't contain private information.
|
| The reporter should probably not be prosecuted, pardoned if
| convicted, and we should repeal the laws that make using anything
| sent to client illegal.
|
| If you are sent something you didn't order in the mail the FTC
| says you don't have to pay:
|
| https://www.consumer.ftc.gov/articles/what-do-if-youre-bille...
|
| "By law, companies can't send unordered merchandise to you, then
| demand payment. That means you never have to pay for things you
| get but didn't order. You also don't have to return unordered
| merchandise. You're legally entitled to keep it as a free gift."
|
| This reporter was gifted some viewstate because it came to his
| computer.
|
| Edit:
|
| To the person claiming it is "another language", I don't know
| anyone that does Base64 decoding in their head, and this is
| clearly not meant for human consumption.
|
| Here is what viewstate is:
|
| http://www.nullskull.com/articles/20060208.asp
|
| There are many tools for consuming it through decoding and
| deserializing but that doesn't make it legal. There are tools for
| decoding DVDs which meet this same category.
| tragictrash wrote:
| This is an incorrect assessment. The analogy is a postcard
| written in a language you don't understand.
|
| The outside of the letter is a kind of lock, like encryption.
|
| You don't violate the laws for translating the French on the
| back of the postcard to English if you happen to see it right?
|
| Opening the letter is illegal, and breaking that lock is where
| the act becomes a crime. He didn't do that. He only translated
| what was delivered to him.
| tshaddox wrote:
| The main difference is that the postcard is addressed to
| someone else and the law is very clear that you can't open mail
| addressed to someone else. Also, I don't really buy that
| "decoding" counts as an additional step, since _all_ the
| contents of every web page are already decoded by the browser.
| jazzyjackson wrote:
| What is this "encoded viewstate" of which you speak?
|
| It's my impression that the reporter didn't have to go so far
| as thumbing over to the network tab or otherwise open any
| envelopes, the social security numbers were instead embedded in
| HTML, just not visible in the painted layout. Kudos for
| attempting a framing for the prosecution, but I don't think
| there are laws against opening mail addressed to me.
|
| Edit: just saw the comment about .net using base64 encoded
| state, so I understand your argument better now. In that case,
| if a ROT13 encrypted message was sent to me without the key,
| being trivial to crack doesn't imply I have the right to share
| state secrets... agreed the case is a little more complicated
| than journalists have made it appear, go figure.
| roywiggins wrote:
| People publish stuff they find in improperly redacted
| documents fairly frequently. Sometimes what happens is that
| the black bars covering the text in a PDF are just cosmetic,
| and the text is still there. Even if there's a state secret
| under there, it's not something people get prosecuted for (in
| the US). You generally have the right to publish state
| secrets that fall into your lap, even if they were obscured
| and might have required some technical spelunking inside a
| document.
| albertopv wrote:
| Seen from abroad USA seems like a parody of themselves, not a one
| particularly funny. Greatest country for greatest opportunities,
| still many politicians seem incredibly dumb, or ar least as dumb
| as italian ones, which are really really dumb, on average.
| sixothree wrote:
| Just remember the US isn't exactly one entity, but a collection
| of 50 states. Still it's sad that the least educated states
| seem to have so much power lately.
| batch12 wrote:
| Which states are these that should have less power than the
| states with the "smart" people?
| nijave wrote:
| I think a lot of analogies miss the point that data was copied
| and transmitted to the client and accessed client side. I think
| it'd be more accurate to compare to a barcode
|
| Imagine requesting a voter registration form and you receive a
| letter in the mail with all previous residents social security
| numbers encoded in QR codes that were added as a "convenience
| feature" for the voting office
|
| In that case, it'd be ridiculous to claim you "hacked the voting
| office"
| mind-blight wrote:
| A similar example could be credit card strips. They actually
| had people's SSNs encoded in them for a while. Anyone with a
| reader and physical access to a card could grab them. Dateline
| did a report on it back in the day without having to deal with
| anything like this
| [deleted]
| FDSGSG wrote:
| Blogspam for https://www.stltoday.com/news/local/govt-and-
| politics/missou...
| account-5 wrote:
| State makes the personal information of state employees freely
| available to anyone with an internet connection and a web
| browser.
|
| Reporter notices, reports it to the state, waits for it to be
| fixed, then runs the story.
|
| State governor goes after reporter.
|
| The state governor is either an idiot, or trying to cover up
| iltheir incompetence, or both. And doing so in a way that makes
| him look like more of an idiot.
|
| If the prosecutor takes this up then either they're an idiot or
| being pressured to do so, by the idiot in charge.
| gaws wrote:
| > The state governor is either an idiot, or trying to cover up
| iltheir incompetence, or both.
|
| He's both, in addition to trying to "stand up to the fake news"
| for his voter base.
| rookderby wrote:
| A person should be able to email security@domain without legal
| ramifications. They should encourage these good guys with
| bounties as well. Edit: I would guess its much cheaper in the
| long run, although i dont have a source.
| jollybean wrote:
| I hope they charge him, because it's going to be very hard to
| prosecute I believe, and a victory would enshrine legal rights to
| 'Right Click' and view source.
|
| I think the trial would come under enormous scrutiny.
|
| If the reporter lost the case in local banana republic courts, I
| do believe it would go up to Federal or Supreme and it would win.
| rchaud wrote:
| The case being hard to prosecute doesn't mean that paying for a
| legal defense will be cheap. The same goes for suing the state
| for damages afterwards; lawyers will require retainers to
| investigate the likelihood of a settlement. Suing the
| government is not a simple matter, by design.
|
| The goal of threatening reporters with prosecution is to
| intimidate others and prevent them from investigating areas
| that could embarrass the state government.
| denysvitali wrote:
| Think about how happy would the NFT owners be!
| coldcode wrote:
| If I was the lawyer for the reporter I'd ask Tim Berners-Lee to
| testify. What a great testimony that would be.
| huffmsa wrote:
| If a government clerk brings you a stack of papers with SSNs on
| it and you read it and tell them, it's not your fault.
|
| Just because the browser only renders certain parts of the
| returned document doesn't mean that the government site didn't
| send you the whole document
| TameAntelope wrote:
| This smells like clickbait. No charges have been filed, just a
| statement from a governor who has a history of bloviating about
| the press.
|
| "Likely to be charged" is a huge stretch.
| sigmaprimus wrote:
| Having watched a few of the sessions held by congress
| questioning social media CEOs and the like, I think this story
| is quite plausible.
|
| In between the grandstanding some of the politicians asked such
| odd questions, I think an introduction to digital safety should
| be a requisite course for all public servants along side
| antidiscrimination and inclusivity.
|
| I wouldn't be surprised if there is someone already in jail who
| has been charged and convicted to a similar action.
|
| Here is a Canadian example of a similar event.
|
| https://edmontonjournal.com/news/politics/covid-19-records-w...
| TameAntelope wrote:
| "Plausible" is exactly where misinformation and fake news
| thrives.
|
| It's news if he's actually charged, it's much less news if a
| frustrated governor blows off steam about it.
|
| This is, so far, nothing more than the latter.
| watwut wrote:
| Frustrated governor blows off steam is news, because that
| is literally governor harrassing journalists and abusing
| position.
| TameAntelope wrote:
| Yeah (less news isn't not news), just not the news being
| reported in the title.
|
| And this isn't harassment yet. This is just a statement,
| nothing has actually happened.
|
| If you want to see where this could go, check out the
| story of the data scientist who whistleblew on the
| Florida government hiding COVID deaths [0].
|
| But none of that's happened here, yet.
|
| [0] https://www.beckershospitalreview.com/healthcare-
| information...
| [deleted]
| themitigating wrote:
| The title doesn't say they were charged it says "likely".
| FDSGSG wrote:
| The article does nothing to substantiate that claim. We
| already know that the feds essentially told the state to fuck
| off.
|
| At this point it really is _unlikely_ that the reporter will
| be charged.
| badRNG wrote:
| They aren't dependent on the feds to bring charges.
|
| The feds' involvement would be for prosecuting the reporter
| for CFAA violations. Missouri has its own computer
| intrusion legislation that would be the basis for charges
| from the state.
| badRNG wrote:
| I don't think it is that big a stretch. There's more details in
| the Verge article[1]:
|
| > They turned the case over to Cole County Prosecuting Attorney
| Locke Thompson on Monday, December 27. Governor Parson then
| held a press conference on Wednesday, December 29, where he
| cited a state statute related to computer tampering and
| repeatedly suggested Thompson should use it to prosecute Renaud
| and the paper.
|
| As of the time of writing this comment, that was four days ago,
| and during the holidays. It certainly seems like charges will
| be brought unless Thompson chooses to side against the Governor
| and decline to pursue charges (I'm not sure what the political
| implications of that would be in either direction.) State
| statute is here [2]. IANAL, but this statute seems _very_
| broad. Especially sections 3, 4, and 5:
|
| >A person commits the offense of tampering with computer data
| if he or she knowingly and without authorization or without
| reasonable grounds to believe that he has such authorization:
| [...] (3) Discloses or takes data, programs, or supporting
| documentation, residing or existing internal or external to a
| computer, computer system, or computer network; or (4)
| Discloses or takes a password, identifying code, personal
| identification number, or other confidential information about
| a computer system or network that is intended to or does
| control access to the computer system or network; (5) Accesses
| a computer, a computer system, or a computer network, and
| intentionally examines information about another person;
|
| Like, yeah, factually the reporter did examine information
| about another person without authorization. This law sucks, but
| it is not a stretch to think they will prosecute the reporter.
|
| [1] https://www.theverge.com/2021/12/31/22861188/missouri-
| govern...
|
| [2] https://revisor.mo.gov/main/OneSection.aspx?section=569.095
| dekhn wrote:
| The STL Dispatch covered every single angle of responsibility
| before and during taking this action. Even if they violated
| the letter of some law, the only outcome of a court case will
| be to embarass the state by exposing how incompetent they
| were, and how responsible the reporter and the paper were in
| disclosure.
|
| My guess is the prosecutor will decline to pursue.
| badRNG wrote:
| Thompson is a small-town Missourian elected prosecutor,
| facing pressure from fellow conservatives to "hold the fake
| news accountable" as stated in the latest attack ad against
| the reporter from a conservative PAC [1]. At best it's a
| coin toss imo.
|
| [1] https://www.youtube.com/watch?v=9IBPeRa7U8E
| nunez wrote:
| > The reporter discovered that the source code of the website
| contained Social Security numbers of educators. The reporter
| alerted the state about the social security numbers. After the
| state removed the numbers from the web page, the Post-Dispatch
| reported the vulnerability.
|
| I really hate the idea that trying to do the right thing
| (reporter telling MO DoE about SSNs being in their HTML) results
| in prosecution to save face instead of reflection and
| congratulations. This is how you get more crime.
|
| Also, REALLY?!
|
| That means that Google indexed those SSNs!
| mind-blight wrote:
| I'm also wondering if they're hanging out in the wayback
| machine
| addingnumbers wrote:
| > That means that Google indexed those SSNs!
|
| Not necessarily. The SSNs were returned in search results from
| an HTML form. Last I checked, google's crawlers don't POST
| forms.
| AtNightWeCode wrote:
| Nothing will happen. Just politicians trying to intimidate media.
| kypro wrote:
| If I were to guess they probably know nothing will happen. It
| seems like the point here might just be to send a message --
| sure, perhaps nothing will happen this time, but are you going
| to take that chance next time?
| CoastalCoder wrote:
| Is there a legal defense fund? I'd gladly contribute.
| josefrichter wrote:
| This is a fascinating question. I can see strong arguments on
| both sides. Just because something is publicly accessible, it
| doesn't make it free to take or use. Of course there will never
| be a strict line, so one needs to take into account the intent,
| intensity, and the usual parameters.
| Nihilartikel wrote:
| Another perspective is that the private data was extracted and
| conveyed by the state website to the end user completely
| without their request or consent!
|
| I find it reasonable that the government should be held legally
| liable for introducing users to the hazard of accidental
| exposure to confidential data.
| josefrichter wrote:
| I find the question interesting from the general point of
| view. I don't really know enough details of this specific
| case to form any opinion.
| w-j-w wrote:
| ki9 wrote:
| Well the reporter didn't "take or use" the SSNs. He found them
| without looking for them and reported them.
| josefrichter wrote:
| I don't really know what happened there, but the underlying
| topic is fascinating.
| remram wrote:
| The reporter didn't _use it_ , but signaled it so it could be
| fixed.
| wonderwonder wrote:
| We are very much on the slippery slope of elected officials
| making prosecutors punish people they don't like. Short hop and a
| jump to Putin like rule. We are not going in the right direction
| in the US.
| gaws wrote:
| > We are very much on the slippery slope of elected officials
| making prosecutors punish people they don't like.
|
| Are you living under a rock? This has been happening for a
| while.
| nijave wrote:
| I saw in a thread somewhere else a while ago a bit more detailed
| explanation:
|
| The web page used an old .NET framework that serialized the
| application state, base64 encoded it, then dumped it in a hidden
| form field at the bottom. When you navigate pages, the data is
| POSTd back to the server to achieve a "stateless" web app on the
| server side
|
| The reporter had to view source and base64 decode the data
|
| Obviously still trivial but I think the laws are also very
| ambiguous on "decoding" and "accessing"
| damagednoob wrote:
| > The web page used an old .NET framework that serialized the
| application state, base64 encoded it, then dumped it in a
| hidden form field at the bottom.
|
| Wow. I was a C# developer for many years and I never realised
| that ViewState encryption was _opt in_[1].
|
| [1] https://docs.microsoft.com/en-us/previous-
| versions/aspnet/bb...
| habeebtc wrote:
| Woah. I did not realize that either.
|
| It would be trivial to loose a bot on government TLD's and
| see who else is putting unencrypted PII in their viewstate.
| tragictrash wrote:
| Someone interviewed for my company last month. One of his
| previous experiences was listed as "dynamic SQL". My third
| question was how do you prevent SQL injection attacks. He
| didn't know.
| ceejayoz wrote:
| To be fair, leaving a SQL injection hole makes it pretty
| dynamic.
| tragictrash wrote:
| Wow. That's the real 10x developer play. New api? Why, we
| have that one endpoint!
| chewbacha wrote:
| That's basically what Postgraphql is.
| ethbr0 wrote:
| I can't believe the defense wouldn't be able to present an
| expert witness / cross-examine the prosecution's on the
| distinctions between "encoding" and "encrypting."
| Volker_W wrote:
| If Wikipedia tells you how to read something, it is not
| encrypted.
|
| If base64 is an encryption, then so is jpeg or *.docx .
| ethbr0 wrote:
| I guess base64 is cryptographically a substitution cipher
| with a public pad. Which... you'd think using a ~2000+ year
| old method in a known-harmful way would stretch the term.
| pyrale wrote:
| I don't really like the framing that the reporter is framed for
| using "view source". This reinforces the idea that the people
| responsible for this are just uneducated. I'm sure, at this
| point, someone already explained them.
|
| That reporter is a victim of harassment, and that if it wasn't
| for "view source", it could be for some unrelated stuff. It's the
| same as protesters being arrested for all kinds of bogus reasons,
| or random people being arrested with planted evidence. The goal
| is to deter someone you don't like from exercising their legal
| right (journalism, protesting, standing in the street in the
| wrong neighbourhood), by weaponizing unrelated laws.
|
| The only reason "view source" is being talked about is because
| that looked like the best case when the book was thrown at that
| journalist.
|
| I hope that case remains at threats and doesn't get to actual
| charges.
| siculars wrote:
| "Show me the man and I'll show you the crime"
|
| -Lavrentiy Beria
|
| https://www.oxfordeagle.com/2018/05/09/show-me-the-man-and-i...
| libraryatnight wrote:
| That's a great quote that has next to nothing to do with the
| rest of that opinion piece.
| 908B64B197 wrote:
| This whole story honnestly paints a very bleak picture of the
| state of Missouri.
|
| Honnestly, if I was a young, college educated innovator would
| that make me more likely to move to Missouri (or stay there) or
| move out of state?
|
| Is Missouri attracting talent with these policies and
| practices?
| toomuchtodo wrote:
| If you are young and educated, you are not the target
| audience of these theatrics and you're more than likely going
| to bounce from the state (Columbia aside, Missouri's version
| of an affordable Austin).
|
| Conservatives are swinging for the fences with their base in
| decline. I can come up with no other explanation for these
| disingenuous actions.
| netizen-936824 wrote:
| They might prosecute, but I bet a jury would throw it out
| pfortuny wrote:
| Never underestimate the ignorance of a jury or the lies of a
| DA.
| randombits0 wrote:
| No, they won't. The linked article is BS. This is much ado
| about nothing. YHBT. HAND.
| badRNG wrote:
| This definitely is not "much ado about nothing."
|
| I prefer the Verge article on this one though [1]. Relevant
| quote from the article:
|
| > They turned the case over to Cole County Prosecuting
| Attorney Locke Thompson on Monday, December 27. Governor
| Parson then held a press conference on Wednesday, December
| 29, where he cited a state statute related to computer
| tampering and repeatedly suggested Thompson should use it
| to prosecute Renaud and the paper.
|
| It was just earlier this week that this was turned over to
| the prosecutor's office. This prosecutor is an elected
| official, and the Missouri conservative PAC has put their
| money behind this by placing attack ads against the
| reporter, and framing this as "holding the fake news
| accountable" [2]. Also, IANAL but if we're going by the
| letter of the law, the local Missouri computer crime
| section certainly does seem to include the actions of the
| reporter [3], even if the SSNs weren't Base64 encoded. Bad
| law, but the fact that the law is bad doesn't have bearing
| on whether they'll decide to prosecute.
|
| [1] https://www.theverge.com/2021/12/31/22861188/missouri-
| govern...
|
| [2] https://www.youtube.com/watch?v=9IBPeRa7U8E
|
| [3]
| https://revisor.mo.gov/main/OneSection.aspx?section=569.095
| habeebtc wrote:
| Indeed. We have seen killers this past 10 years walk
| because of bad laws.
|
| I will not name any in specifics because that may start
| an internet slap fight.
| sgjohnson wrote:
| It probably won't even get to jury. It might get dismissed
| with prejudice before it goes to trial.
| rchaud wrote:
| For a case that could potentially embarrass the state, I'd
| think the prosecution would try hard to make sure the case
| appears on the right judge's docket.
| jbullock35 wrote:
| What ability do prosecutors have to maneuver their case
| onto a particular judge's docket? How would they do that?
| pixl97 wrote:
| You talking about the cops, the DA, and the judge that
| eat lunch at the same table, attend the same parties, and
| go to the same church?
|
| You tell me how indirect influences could possibly happen
| in separated and just legal system.
|
| Sorry for the snark, but your post seems very naive on
| how the legal system works.
| rsynnott wrote:
| I think the ship has sailed on avoiding embarrassment to
| the state...
|
| My feeling is that this is deliberate; the American right
| wing appears to rather like performative stupidity these
| days.
| sgjohnson wrote:
| They can try all they want, but do they have a shred of
| evidence of any wrongdoing?
| badRNG wrote:
| IANAL, but the local Missouri computer crime statute is
| _very_ broad [1]. Technically, the reporter seems to have
| factually "Accessed a computer, a computer system, or a
| computer network, and intentionally examined information
| about another person" without "authorization."
| Considering the conservative PAC for the state has
| already pushed attack ads against the reporter [2], and
| the fact that the prosecutor is elected (potentially
| supported by conservative PACs), I definitely see a
| possibility of this going to court and _potentially_
| arriving at a conviction. Again, IANAL, and I don 't know
| the jurisprudence or case history behind this particular
| statute.
|
| [1] https://revisor.mo.gov/main/OneSection.aspx?section=5
| 69.095
|
| [2] https://www.youtube.com/watch?v=9IBPeRa7U8E
| ensignavenger wrote:
| The reporter did not access anything they did not have
| permission to access! It was on a publicly accessible
| website, posted publicly, for the purpose of public
| dissemination. The statue is even more restrictive than
| that- the part you didn't quote:
|
| "A person commits the offense of tampering with computer
| data if he or she knowingly and without authorization or
| without reasonable grounds to believe that he has such
| authorization"
|
| No one could possibly prove beyond a reasonable doubt
| that the reporter did not have "reasonable grounds to
| believe that he has such authorization". The reporter did
| not know that the website had private information on it
| when he accessed the page.
|
| The law does allow for a civil action to be taken by the
| owner of the computer system (In this case the state)
| which would lower the standard of evidence to more likely
| than not- but given the facts of the case, I don't think
| it comes even close to meeting that bar.
| badRNG wrote:
| I totally agree with you in principle. Everything the
| reporter accessed was publicly accessible.
|
| That said, it seems like a prosecutor could articulate an
| argument that the reporter accessed information he had no
| reasonable grounds to believe he was authorized to access
| _because_ he deliberately decoded some Base64-encoded
| strings that the reporter expected to contain sensitive
| information. Further, that because the reporter knew the
| site was using encoding to "protect" this information,
| by decoding the information he had believed might contain
| unauthorized information, he had "examined information
| about another person" that he had no "reasonable grounds"
| to believe he was authorized to access.
|
| For every objection that is coming to your mind reading
| this, think to yourself whether you are confident you
| could convince a tech-illiterate prosecutor (who is
| looking to "hold fake news accountable") to see things
| your way. Further, is a jury or a judge going to be able
| to find salient AND relevant differences between
| "decoding" and "decrypting" or "client-side" vs "server-
| side" software? And are those differences great enough to
| affect their interpretation of the reporters actions in
| the context of the statute? Judges, prosecutors, and
| juries cannot be relied upon to unwrite bad tech laws.
| rbanffy wrote:
| > think to yourself whether you are confident you could
| convince a tech-illiterate prosecutor (who is looking to
| "hold fake news accountable") to see things your way.
|
| "It is difficult to get a man to understand something
| when his salary depends upon his not understanding it."
|
| -- Upton Sinclair
| netizen-936824 wrote:
| This is the point. Even if it gets before a biased judge,
| any lawyer worth their salt will see that they have no
| case and will call for a jury trial
| tshaddox wrote:
| Why would it embarrass the state any more than the
| governor's public comments already have?
| jvanderbot wrote:
| Just because you understand it to be a ridiculous charge
| and view the gov as embarrassing himself, does not mean
| all have made that judgment for themselves. Those
| holdouts would latch onto a verdict as truth and view the
| gov as vindicated.
|
| That's basic legal harassment 101.
| rubyist5eva wrote:
| I'm sure the governor would rather see this all the way
| to the end, lose and then cry foul than just admit he is
| wrong too. He probably already knows he is wrong but no
| politician would ever admit it. Politicians will dig in
| their heals until they've dug their own grave than admit
| fallibility. They are incapable of it.
| leros wrote:
| It will still end up costing this person tons of legal fees
| and probably years of stress to get there though.
| geoduck14 wrote:
| >I don't really like the framing that the reporter is framed
| for using "view source". This reinforces the idea that the
| people responsible for this are just uneducated. I'm sure, at
| this point, someone already explained them.
|
| I don't like the framing either, but for different reasons.
| From my reading, the journalist is being targeted for
| _reporting_ the vulnerability or perhaps for _exploiting_ the
| vulnerability- I 'm not sure.
|
| To be clear, most websites have some disclaimer that says
| "don't use this website for unauthorized purposes". This is
| deliberately vague and _includes_ "don't use SSNs that we leave
| laying around".
|
| Should the website leave SSNs laying around? Definitely not.
|
| Should the web site owner have the strong arm of the law come
| smashing down on them? Absolutely.
|
| Should others use those SSNs? Definitely not.
|
| If the journalist _saw_ the SSNs and then _did nothing_ , leave
| him alone. If he _did something with them_ , charge him. If he
| reported them, and he is _being harassed for reporting them_ ,
| then write an article about that.
| gaws wrote:
| > From my reading, the journalist is being targeted for
| reporting the vulnerability or perhaps for exploiting the
| vulnerability- I'm not sure.
|
| He reported on the vulnerability, even telling the state it
| existed. He never exploited it.
| pixl97 wrote:
| Seeing it and doing nothing is worse in my eyes. That is how
| you create societies that ignore terrible problems for fear
| of law enforcement retaliation.
|
| The only way he should be charged is if he committed identity
| theft or sold the numbers.
|
| This entire debacle is a direct attack on journalists.
| badRNG wrote:
| >This entire debacle is a direct attack on journalists.
|
| As if this attack on a free press wasn't brazen enough,
| local PACs have already put out attack ads against the
| journalist, to frame this as the governor "holding fake
| news accountable." [1]
|
| [1] https://www.youtube.com/watch?v=9IBPeRa7U8E
| weare138 wrote:
| And it won't stop there. If this becomes case law it's only
| a matter of time before people in the tech industry are
| affected.
| jbjbjbjb wrote:
| The lock analogy is completely false. A better analogy is state
| sending this person a letter with all the social security
| numbers.
| denton-scratch wrote:
| > If somebody picks your lock on your house
|
| It's not like picking a lock. It's more like turning over a sheet
| of paper to read what's on the other side. If this guy gets
| convicted, I'll eat my hat (I wear a fedora).
|
| "Thy just thow their fedora wherever the floor is And start doing
| horas and taps".
| gaws wrote:
| > I'll eat my hat (I wear a fedora).
|
| You should do that regardless.
| denton-scratch wrote:
| I'm aware that there are people here who object to fedoras!
| TBH I guess I was trolling them.
|
| I don't know what it is; maybe they think it's vanity and
| fashion. If you asked anyone I know whether that matched me,
| they'd all burst out laughing - I'm a notorious slob.
|
| I wear a hat because my natural scalp insulation is wearing
| out, and when I buy things I like to buy good things. A good
| felt hat with a brim is resistant to heavy rain, for example,
| and makes a brolly unnecessary.
|
| I like to cook; but I don't know how to cook rabbit-fur felt
| so that it can be chewed. And my digestion isn't that great.
| Maybe I went too far, saying I'd do that.
| mattwilsonn888 wrote:
| "A better analogy would be you're walking in the street past a
| neighbor's house and notice their front door wide open with no
| one around. You can see a purse and car keys near the door. You
| phone that neighbor, and tell them their door is open and their
| purse and keys are easily visible from the street. Would Parson
| consider this breaking and entering?"
|
| This was only a few lines below that.
| salawat wrote:
| You're going down dicey waters there.
|
| Say your neighbor has an atrium and gets medication
| delivered. Said medication is clearly labeled as light/heat
| sensitive, and the package is left by the delivery person in
| direct sunlight. Their front door is unlocked.
|
| You open the door and tuck the package safely inside.
|
| Breaking and entering?
|
| Anyone telling me that qualifies has some serious thinking on
| Mens Rea to do.
| TechBro8615 wrote:
| You had me in the first half. I think the better completion
| of this analogy would be:
|
| You ordered some medication, and the delivery guy drops it
| in your atrium. You open the package and find that it
| includes your neighbor's medication, too. You tell the
| delivery guy that he sent your neighbor's medication. The
| delivery guy calls the police and requests you be arrested.
| tharkun__ wrote:
| Technically yes, you are breaking and entering under what I
| can find as the legal definition of breaking and entering
| in the US (IANAL and don't live in the US even):
|
| https://www.law.cornell.edu/wex/breaking_and_entering
| Breaking and entering is the entering of a building through
| force without authorization. The slightest force including
| pushing open a door is all that is necessary. Breaking also
| includes entering a building through fraud, threats, or
| collusion. To constitute entering, it is sufficient if any
| part of the accused's body is introduced within a building.
| It is not considered breaking and entering if the premises
| are at the time open to the public or the person is
| licensed or privileged to enter.
|
| So the fact that you wanted to do a good deed is not
| relevant for it being considered breaking and entering. If
| only the door was already open and you shoved the package
| inside without actually ever even having an atom of your
| fingertip enter the house itself, then it would not have
| been "breaking and entering".
|
| I completely agree though that nobody in their right mind
| should want to prosecute you for this. This is the
| differences between the actual letter of the law as it
| would be applied by a computer algorithm automatically and
| a good judge / jury that interprets the law and the facts.
| salawat wrote:
| >Breaking and entering is the entering of a building
| through force without authorization.
|
| Where's the force? Door unlocked. I'll give ya the lack
| of auth though as I'm not willing to die on the hill of
| unlocked doors being an implied grant of authorization.
| tharkun__ wrote:
| You ignored the second sentence of what I am quoting.
| Here it is again: The slightest force
| including pushing open a door is all that is necessary.
|
| Not my words. That said, force does not imply amplitude
| of said force, except colloquially. This is legal stuff
| though, which, like say physics, has slightly different
| use of certain words than most people are used to from
| day to day life.
|
| As in, I would agree with you that force in regular use
| is usually used in the sense of a large force. But that
| is not the actual definition and o ly possible use of the
| word.
| accountofme wrote:
| I think a better analogy is that you requested a document
| about yourself from the state and a bureaucrat sent you your
| document and a whole bunch more you didn't ask for that was
| encoded using pig latin.
| TechBro8615 wrote:
| I don't think the analogies about "someone else's house" work
| in the reporter's favor, whether the door was open or not.
| The data was included in source code that the server sent to
| the client in the normal course of operations.
|
| It's more like if the New York Times dropped a newspaper at
| your house with the answers to next week's crossword puzzle
| included on the page.
| denton-scratch wrote:
| That's _not_ a better analogy. The implication is that
| somehow the raw HTML is more valuable than the rendered
| webpage.
|
| You don't get to publish a "rendered webpage"; what you
| publish is raw HTML. If you didn't want people to read it,
| you didn't ought to have published it.
|
| [Edit] Also, taking a copy of the HTML isn't like taking keys
| and a purse. If you take keys and a purse, the owner has been
| deprived of them. That's not the case with taking a copy of a
| webpage.
| rich_sasha wrote:
| It's a good analogy in terms of how far the "breaking into"
| stuff you go.
|
| The journalist literally only saw what you legitimately see
| from the street, just as "view source" only shows you what
| you're supposed to see anyway.
|
| As far as the _technical_ analogy goes, I'd probably agree.
| netizen-936824 wrote:
| The technical analogy is the only correct one. The other
| analogies are just plain wrong.
|
| This data is what forms the page that is displayed and is
| accessible to anyone that can tap the server. This data
| is what they broadcast to the public
|
| You wouldn't be able to go and shout a bunch of SSNs in
| the middle of the street and then prosecute anyone who
| was listening
| shadowgovt wrote:
| Yep. When Google Street View cars hoovered up in-the-
| clear wifi data, the most they were ever punished was
| $25k for impeding the FCC's investigation, not for the
| actual data collection.
|
| Shouting your information in public is not and should not
| be grounds to prosecute those who are listening.
| rich_sasha wrote:
| The accusation is of (1) theft using (2) technology. So
| there's two aspects to it.
|
| That you focus on the technology side, fine, but don't
| dismiss people who say the "theft" is not in fact theft,
| regardless of "technology" involved.
| bobthechef wrote:
| skinkestek wrote:
| SSNs were available in the source but not in the visible
| web page.
|
| I say the example is good.
| denton-scratch wrote:
| What's visible depends on what you use to view the
| webpage.
|
| GET / HTTP/1.1
|
| If you don't happen to have a GUI ([Edit] or something
| like Lynx), that's how you read a website. It's not
| reverse engineering, or de-compiling; that's just
| displaying exactly what the server served.
| Wowfunhappy wrote:
| The keys and purse don't represent the raw html, they
| represent the social security numbers that were visible
| _in_ the raw html. The front door was wide open in that
| this information should have been kept in the backend, not
| the frontend.
|
| It's a good analogy.
| TechBro8615 wrote:
| It's not a good analogy because your browser is _your_
| house.
|
| The "open front door" analogy works in some instances of
| "hacking," like enumerating an ID field in a URL. But in
| those cases you are making an active request to "enter
| the door" for each ID. That's not the case here - you
| downloaded a page you have access to, and the server
| included more data in the page than it should have,
| without you asking for it.
|
| It's like somebody tossed a phone book into _your_ open
| door, and then prosecuted you for reading it.
| Wowfunhappy wrote:
| Does it really matter whether you're in your own house or
| standing on the public street? The good Samaritan in the
| analogy didn't go through the open door. They just phoned
| their neighbor to warn them: "Hey, your door is open,
| leaving your purse in plain view. You should probably fix
| that!"
|
| A bad actor would have actually stolen the purse. Just
| like a bad actor would have used the social security
| numbers to commit identify fraud. Since neither of those
| things happened, prosecuting anyone is ridiculous, in
| both the analogy and real life.
| o_m wrote:
| It is like if there was a smaller written text in the ink, and
| using a microscope you can see what the ink really contains. It
| was never hidden.
| brayhite wrote:
| I was reading these attempts at better analogies, kept
| wondering why someone wasn't making an analogy akin to
| writing or books, left to read the article, then came back
| and saw your comment.
|
| Your analogy is much more apropos. Nothing was tampered with
| or "pulled" from another location, virtual or otherwise.
| Everything the reporter saw was already there and accessible
| (the public website), they just knew how to use their lens
| (browser) in a perfectly legal way to see it.
| denton-scratch wrote:
| I regret having contributed to this analogy-storm. I thought
| I was just making a helpful remark, but now it's got out of
| control.
| ThrustVectoring wrote:
| The process is the punishment here. The only adequate
| protection against capricious prosecution is that in principle
| you can make a stink and vote out the elected officials abusing
| their power.
| lodovic wrote:
| To me this is more like writing your SSN on a whiteboard in
| your living room, with the curtains open so everyone can see
| it.
| schwartzworld wrote:
| A sheet of paper that somebody placed inside your home in an
| unsealed envelope and said "here read this"
| hyiltiz wrote:
| Sounds like we must better educate people about what is public
| about the web.
| skywal_l wrote:
| I don't think it's about education. It's about bad faith and
| cynical politicians abusing the justice system to intimidate
| reporters. There is nothing to be done about it but vote those
| people out.
| peanut_worm wrote:
| At this point they definitely understand how it works but they
| are choosing to prosecute anyways to cover their asses
___________________________________________________________________
(page generated 2021-12-31 23:02 UTC)