John Young <jya@pipeline.com> wrote :
David,
Thanks for the Wired pointer. From reading Declan's article it is not anymore clear now what Brian West did or did not do than before -- maybe less so now -- because most of the information about latest developments has come from the feds, and Declan does not appear to have done thorough checking the feds' version with other sources, and indeed has put an unfortunate slant in his story not yet objectively supportable.
You must know that the feds often put out misleading press releases, especially in cases with high media coverage, and most especially when they have made a well-publicized mistake.
The story is not yet out about the complete Brian West story, as with predecessor stories about compsec cases and plea bargains and, worse, rush to judgment convictions.
I read the release. The agreement seems to embellish the facts with suppositions that will never be tested in court. It's sad that testing is so expensive.
I am not being crotchety just awaiting information that does not too quickly help obscure the current law enforcement practice of demonizing all compsec complaints made by poorly secured sites operators and plea bargaining of coerced targets. This case still appears to be that kind of witchhunting loose upon the "defenseless" homeland.
Well put. We need to establish that a site operator is legally responsible for the information security of its own and any customers' data. Until the legal system wises up, everyone, both users and abusers, is doomed to suffer the slings and arrows of disfunctional systems legal and digital.
John
Mike