Are Plea Agreements Always Accurate

[Eric Cordian]

[Yes, this is a duplicate.  I screwed up my From: line on the prior one]

According to an article by Declan in this morning's Wired News, Brian K.
West has decided to take a plea agreement in the government's case against
him for accessing an inadvertantly left wide open web site at a newspaper.

http://www.wired.com/news/politics/0,1283,47146,00.html

The plea agreement alleges, amongst other things, that Mr. West intended
to modify the newspaper's Perl scripts and market them commercially, as
well as using a password file to access "private areas."

As I remember the original story, Mr. West snarfed a local copy of the
site to edit with Microsoft's FrontPage, to see what some modifications to
it might look like, and in doing so, discovered that the copy of the site
on the newspaper's server could be accessed and modified by anyone without
need of a password, with complete access to all its scripts and other
files.

In the collection of files presented to the public was something that
looked like a password file, and Mr. West tried one entry from it to see
if access was granted, much like trying a key one finds on the ground in a
nearby lock to see if it fits.

Mr. West then informed the newspaper, which instead of simply fixing the
misconfiguration, called the authorities, who then visited Mr. West under
false pretenses, and attempted to get him to incriminate himself, and
subsequently raided the premises and seized his computer.

The newspaper, which had noticed the log entry from the password being
tested, decided the whole thing was an attempt to steal their extremely
precious Perl scripts, and market them to the public.

The prosecutors, as prosecutors tend to do, managed to lie by
juxtiposition by stating the fact of access using a password, a count of
files transferred to Mr. West's machine, and the newspaper's allegations
of software theft, in a way which suggested that Mr. West had "hacked" his
way into the site using a stolen password, and used that access to steal
hundreds of files, with the intent of making a profit from marketing the
newspaper's stolen intellectual property.

In fact, testing one of the passwords was incidental to the file transfer,
the files were obtained because the site was wide open, not because a
password was used, and the allegations that Mr. West intended to become
the next Larry Ellison by stealing some Perl scripts a product of the
newspaper's paranoid imagination.

Now I find it unremarkable that Mr. West has chosen to take a plea
agreement in this case, on a misdemeanor charge, instead of standing trial
in the aftermath of the World Trade Center flattening as an Evil Terrorist
Hacker, where the government's proof of nothing more than "unauthorized
access" could send him to prison for many years.

I also find it unremarkable that the plea agreement offered Mr. West to
sign contains a complete laundry list of both the newspaper's and the
prosecutor's twisting of the facts, and numerous confessions of "intent."

What I find remarkable, is that Declan has written an article claiming
that the plea agreement constitutes a "confession" by Mr. West, and that
it demonstrates how easily "well-meaning" Netizens can be lead astray by a
person who's really a dangerous criminal.

Declan also has glowing words for the prosecutor, who he characterizes as
unfairly maligned, and for the plea agreement, whose every word he
characterizes as "fact."

One wonders if Declan also considers everything in the Jim Bell and Carl
Johnson plea agreements to constitute "fact" as well."

The slant of Declan's article is also not helped by the fact that all the
links provided by Wired as "also see" are about an exploit in Microsoft's
Web server software having nothing to do with this case.

Wired News and MSNBC continue to run neck in neck in the Birdcage Liner
Olympics.

-- 
Eric Michael Cordian 0+
O:.T:.O:. Mathematical Munitions Division
"Do What Thou Wilt Shall Be The Whole Of The Law"