Asking People To Hit Reload Is A Felony?

from the seems-a-bit-extreme dept

Well, here's yet another story about non-tech savvy folks seriously overreacting to a technology issue. Slashdot points us to the story of a high school kid who set up a blog on his high school's server, and jokingly told visitors to hit "F5" (reload) to see if it would crash the server. It did slow down the server, and the school went to the police who have somehow decided that asking people to reload a webpage repeatedly is a felony. The city prosecutor gets all of the amusing quotes in this story: "Michael said it was a joke. We showed him how we deal with this kind of joke." By charging him with felony charges? Later on in the article, the same guy admits that they had to charge some students with misdemeanors last year for breaking into school computers and changing their grades. Who knew that breaking into a computer and changing grades was a lesser crime than telling people to hit F5? Still, the best quote is: "This new technology has created a whole wave of crimes, and we're just trying to find ways to solve them." Perhaps before "solving" them you should take a step back and figure out if there's really a problem. If the school had set their system up to handle more traffic would there be any crime at all? Still, this could raise some questions about what's the dividing line between asking a lot of people to visit a site and setting off a denial of service attack? However, if you had to draw the line somewhere, it would probably be well beyond asking people to reload the website. As some of the commenters on Slashdot point out, just having Slashdot link to the school's website probably is more likely to slow down the server than whatever this kid did. In other words, by making news with this felony charge, the school is more likely to have their servers go down. So who will they arrest for that mistake?
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Griffon, 6 Jan 2006 @ 5:18pm

    dos is dos

    He basically tried to implement a DOS attack, saying the school needed to be setup up better doesn't really make what he did ok. Yeah it seems a little over the top reaction wise, but still, trying to implement a DOS attack even though mundane means isn't something that should be ignored (though the relative level of sucess should be considered :) ).

    link to this | view in chronology ]

    • identicon
      outsider27, 6 Jan 2006 @ 6:34pm

      Re: dos is dos

      do we honestly believe that he had criminal intent with that comment? in addition to that, is it really a felony to tell people to do something?

      Maybe they should just charge all the people that did it with the same as co-conspirators

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 7 Jan 2006 @ 7:01am

        Re: dos is dos

        so true. the co-conpspirator charge is bs in general. i know because i've been prosocuted under it.

        link to this | view in chronology ]

    • identicon
      Anon, 6 Jan 2006 @ 6:45pm

      Re: dos is dos

      So, if I say, "Hit reload on this page you are reading right now on this story!" then I'm setting up a DOS attack on techdirt? Thinking about this, I don't care how many times a single person hits reload, you have to have many people doing it to even get a bump on a very horrible site.

      Of course, in this case, I think anyone actually and seriously trying to crash the server might get... 3 days suspension, tops. Maybe a charge for Criminal Mischief at most.

      BTW, this is also a reformat of an old joke. The old joke can be written on a dollar bill or on a piece of paper:

      "How do you keep (insert target group, like blonds here) busy for hours? Look on other side for answer."

      You write the same thing on the other side, and then hand the piece of paper to a blond (preferably a friend who knows you are joking). ;) Didn't read the actual page, but I could see F5 used in a similar joke.

      link to this | view in chronology ]

    • identicon
      Samuel Walter, 7 Jan 2006 @ 3:34am

      Re: dos is dos

      Your assertion that the student's actions constitute an attempted Denial of Service (DoS) attack is ridiculous. The student simply posted a comment on a public blog, not operated by the school, requesting that others go to the site and refresh the content. Regardless of his intentions, all he did was tell people to visit the site. He didn't setup flood bot, he didn't coordinate a distributed attack, and he didn't take advantage of or even mention possible weaknesses to exploit. Again, all he did was ask people to visit the site and refresh the content. At the most, the boy's actions equate to harassment and could have been remedied by simply talking to him.


      Charging this boy with a FELONY is reckless, and irresponsible, and illustrates incredible ignorance by the school, the police, and the prosecutor. Furthermore, the actions taken and comments made by the prosecutor demonstrate his own brazen arrogance, poor judgement, and malice. If convicted of the charge this boy, who is just beginning his life, will carry the burden of being a "convicted felon" until he dies or is absolved by a higher court. Here's a sample of the collateral consequences his conviction would bring:

    • Ineligible for student loans and other financial aid.
    • Ineligible for most jobs requiring licensing by state or federal government (i.e. teacher, doctor, architect, lawyer, electrician, real estate broker, stock broker).
    • Ineligible for governmental employment.
    • Prohibited for possessing firearms.
    • Must disclose "convicted felon" status on employment applications.
    • Loses the right to become an elector and cannot vote, hold public office, or run for public office.
    • Potential disqualification from applying for public housing and other social services.
    • Potential disqualification from applying to be a foster parent.
    • Potential disqualification from adoption applications.


      Even if this boy is exonerated and the charges are dropped or dismissed, he will have been put through a process reserved for those accused of the highest order of crime defined by law. The prosecutor's rash decision to file felony charges without first consulting with a technology expert is reprehensible. Regardless of the outcome, it is clear he lacks the sound judgement and integrity that is necessary to competently represent the People of his municipality. He should resign from or be removed from his post, and be replaced by someone who will represent the People with the integrity and consideration they deserve.


      Respectfully,

      Samuel Walter
      Network Engineer / Security Analyst

link to this | view in chronology ]

  • identicon
    AndyM, 7 Jan 2006 @ 4:40am

    Re: dos is dos

    So if TechDirt turned round and had offence at the (stupid) comment that Griffon made, then Griffon could be charged under DMA for altering the contents of this discussion and the data on TechDirts servers? Interesting concept......
    As a side note, if you want to see if anyone else has posted to this since you've been reading, you better come back in an hour, because if you press F5, then you will of course be starting a DOS!!

    link to this | view in chronology ]

  • identicon
    heavyw8t, 7 Jan 2006 @ 6:15am

    Re: "this new technology"???

    Just how much lomger is internet access going to be called "new technology"? Hasn't it been like 10 years since connectvity moved from text based programs like Lynx to being in 3/4 of homes in the country? And this is still NEW technology?

    link to this | view in chronology ]

  • identicon
    Jeff, 7 Jan 2006 @ 7:16am

    Re: dos is dos

    You can't possibly think that this is really a crime. Maybe everbody should go to this website http://www.cityofcanton.com/question.html and ask them to drop the drippy charges. Who knows what could happen to their server if enough people went their at the same time. If they crashed would we all be charged?

    link to this | view in chronology ]

  • identicon
    Radioactive Halo, 8 Jan 2006 @ 3:12am

    Re: dos is dos

    Hey, everyone go to microsoft.com and refresh the page! Now I am a fellon.
    Now, everyone go shoot you parents.
    Oh gawd, I am going to jail forever.

    I know it is a little over the top, but still, telling peopleto refresh a page at a specific website, does NOT a D.O.S. attack make...

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jan 2006 @ 12:56pm

    Re: dos is dos

    To me this is indicative of the problems faced with the computer industry.

    A simple analogy would clear it all up.

    You install an alarm system that detects movement. The field of view goes out the window. Duh.

    Kid walks buy and sets it off, tells others to do the same thing.

    Kid being disruptive? yes, is he breaking the law?? In someones eyes, yes.

    But what exactly is he doing?

    People will NEVER fix a problem unless someone takes advantage of it.

    Until then, the problem exists.

    The kids who changed their grades should have been charged with criminal tresspass, tampering with computer logs and a few other things. Which in the sate of NJ, would be up to 4 years in prison.

    A lot of laws make you wonder does the punishment fit the crime.

    Also, my favorate, does the punishment take into account the likelyhood of the ones making the law, getting caught breaking that law.

    Is what I always thought was funny about DUI's, embezzlement, and vehicular manslaghter.

    Go figure.

    Anwyay, just my nickel worth.

    link to this | view in chronology ]

  • identicon
    dave, 8 Jan 2006 @ 1:21pm

    Re: dos is dos

    YOUR NUTS...it is a freakin high school -- who cares if the site went down for 5 minutes while a couple of kids hit F5 --- perhaps we should put everyone in jail that hit F5 trying to get a plush cow from chick-fil-a when there servers did not respond for 9 minutes on the giveaway they did. A DOS is several orders of magnitude greater than hitting a key 30 KPS; perhaps you dind't pass Algerbra-I in HS. Furthermore there was no attempt to hide their identity whatsoever; and most highschool websites are garbage, out of date and full of porrly designed and somewhat not useful information.

    link to this | view in chronology ]

  • identicon
    Karel, 6 Jan 2006 @ 6:42pm

    No, a real felony would be if you...

    ... posted the story on all the major news services and encouraged everyone in the world to all hit F5 repeatedly at the same time.

    link to this | view in chronology ]

  • identicon
    Anonymous, 6 Jan 2006 @ 6:59pm

    Wouldn't it just come out of browser cache?

    I thought the default behaviour of F5 (at least in Internet Exploder) was just to reload the page... and that to force it to go back to the source server, you had to hold ctrl-F5? Wouldn't the page be simply reloading from browser cache?

    link to this | view in chronology ]

    • identicon
      Anon, 6 Jan 2006 @ 7:21pm

      Re: Wouldn't it just come out of browser cache?

      Exactly. And, many ISPs use GET cache's that would even prevent a DOS of this type, unless the user was rePOSTing information each time. And, even further, if the server being accessed had a proper setup, it would have a fast cache to serve up static and non-changed dynamic pages without using much CPU time.

      The F5 DOS was only really a serious action 7 years ago or before. Today, most admins are smart enough to see their bandwidth rising because of a few people, and banning their subnet. This is exactly how an automated DDOS is stopped (though usually by firewall or automated server scripts, not directly be the admin themselves).

      What's really funny about this story is the incompetence of this school's admin. Think about this. He had to actually report this as a crime, and investigate 3 or 4 students reloading a page. I know us admins are thought of as geeks (proudly, I might add, haha) who do nothing but spend our lives in front of computers. But this guy really does have no life, and he is seriously lacking in skill. My guess? The server admin is the principle of the school, who does this in his spare time. This was not a real admin, and definately not a real geek.

      link to this | view in chronology ]

  • identicon
    Gabe, 6 Jan 2006 @ 7:26pm

    Lake High

    If anyone wants to check out the site for themselves, for any reason at all, here is the link:

    lake.stark.k12.oh.us/hs

    although for some reason, it won't load...i wonder why?

    link to this | view in chronology ]

  • identicon
    Rich, 6 Jan 2006 @ 8:06pm

    why?

    why do small tasks always raise big issues?

    link to this | view in chronology ]

  • identicon
    What is in a name?, 7 Jan 2006 @ 2:26am

    Why is this a problem?

    I tell clients that they ought not keep important data, and confidential data on the same server as your web server, while it can be done, and you can make things pretty secure, there is always that traffic issue.

    Is this server JUST a web server? Or does it run other critial applicaitons that contribute to the day-to-day operations of the school? If it is just a web server, then no harm done.

    If it is more important than that, then it is more the admins fault.

    Finally: the schools ought to be thankful that a weakness in their system had been found out. And if they would have kept their mouths shut, they could have avoided the streisand effect, and fixed the problem. But alas, they had to exercise their foolish zero tollerance attitude and make a big 'ol stinky fart out of this mess, and now THEY are in much deeper, uh, doodoo.

    I hate it when stinky 'ol farts leave a mess. But that is what you get when you don't take care of the poo in good time.

    link to this | view in chronology ]

  • identicon
    bigkid782, 7 Jan 2006 @ 4:37am

    What's up with that

    I dont think the biggest part of the story should be what the kid did, I think it should be the punishment. The article said that kids who broke into the schools computers and changed their grades were given a lighter punishment than someone who asked everyone to press F5. That school/county has some deeper issues.

    link to this | view in chronology ]

  • identicon
    Mark Entingh, 7 Jan 2006 @ 4:59am

    idiots

    What is our country coming to when a kid can't use his freedom of speech. What he said on his blog was just his thoughts and the only people who should be held accountable for their actions are the ones who listened to him and held down F5.

    link to this | view in chronology ]

  • identicon
    Buy-On-Sale.com, 7 Jan 2006 @ 6:35am

    What's the big deal

    WOW so someone who puts an auto refresh meta tag in their HTML is a FELON too?! This is the most ridiculous thing I have ever heard of. So what if some extra bandwidth was consumed.

    link to this | view in chronology ]

  • identicon
    jeff, 7 Jan 2006 @ 7:13am

    No Subject Given

    Why doesn't everybody go to this website and ask them if they are crazy, asking people to reload can't possibly be a crime. Who knows what could happen to their server if enough people go there? http://www.cityofcanton.com/question.html

    link to this | view in chronology ]

  • identicon
    fredfrumppy, 7 Jan 2006 @ 12:05pm

    No Subject Given

    furthermore, assuming the prosecutor is the school, school district or any local authority, on top of attracting huge negative press and spending a presumably substantial amount of money on a pointless lawsuit, they are hounding a member of their own school/community with malicious charges apparently intended to ether excessively punish this particular student or make an example of them to other students. this seems to me to completely go against the idea of authority protecting the common person. not only is there no legitimate charge, but this sort of overreaction will only encurage people to cary out more serious atacks in protest.

    link to this | view in chronology ]

  • identicon
    citizendave, 7 Jan 2006 @ 1:01pm

    Student Information System

    I particularly appreciate the comments of Anon, on proper web server setup, and Samuel Walter, who is more articulate than I.
    This subject has another dimension. Our school district has over 20,000 students, but we have no Student Information System. We've been told repeatedly "We can't afford it." A SIS would provide reliable communication between teachers and parents, so that we parents would know what is going on at school. Currently, we must rely on our students to report accurately on their homework – but it turns out that reporting is not always accurate. Our high school freshman is a bright kid, but he is failing four of six subjects, due to not turning in homework.
    For less than $200 per year I could establish a simple SIS site with a cheap web host provider. Several tech savvy teachers would help set it up and maintain it. The content would consist of simple text files uploaded daily, describing the current homework assignment.
    My thinking on this subject has been mostly technical. But now I'm thinking about the potential legal liability incurred by the legally responsible party for the site. I would have little or no control over server setup. Site security would depend on logon credentials.
    Kids WILL probe for weaknesses in the system. I can imagine the consequences of one kid discovering a teacher's logon, and posting defamatory remarks on the homework page.
    For the school district to set this up, it would take many months and thousands of dollars, and in our current fiscal climate, it will not happen. It would be a shame if the only reason not to make this happen would be the fear of bad law and ignorant prosecutors.

    link to this | view in chronology ]

  • identicon
    Jake, 7 Jan 2006 @ 1:08pm

    Google Attacks

    Are we going to start claiming that companies like google and yahoo are committing felonies by sending out bots to track websites? Working as a web admin I find that most of my problems are from bots, not users.

    link to this | view in chronology ]

  • identicon
    john, 7 Jan 2006 @ 4:35pm

    Poor man's virus

    That reminds me of the poor man's virus ... a spam requesting you to delete all your files and reformat your hard drive since the virus writers were too poor to hire a programmer to do it for them.

    link to this | view in chronology ]

  • identicon
    Urza9814, 7 Jan 2006 @ 6:57pm

    Contact the school

    Here's a link to the contact form on the school's website...it's the right school too, I made sure. Uniontown, Stark county.

    http://lakelocal.oh.schoolwebpages.com/education/components/contact/default.php?sectiondetail id=3439

    link to this | view in chronology ]

  • identicon
    Frank Forchione, 7 Jan 2006 @ 10:28pm

    Call Frank!

    Work | Forchione, Frank G Atty
    National City Bank Bld
    Canton, OH 44702
    330-453-7676

    Home | Forchione, Sandra & Frank
    1647 Shriver Ave NE
    Canton, OH 44705
    330-455-6486

    link to this | view in chronology ]

  • identicon
    Pharaoh, 8 Jan 2006 @ 3:34am

    >READ PEOPLE

    Don't be lemmings! learn to read. I normally like tech dirt but this isn't the truth, he didn't just ask people to press F5! he said

    Stone told users to “hold down F5 to help crash my school server,�

    thats not as innocent as just hitting F5. He knew what he was doing when he asked and he had intent!

    link to this | view in chronology ]

    • identicon
      Joseph L. Rogers, 8 Jan 2006 @ 4:14am

      Re: >READ PEOPLE

      Still, NOT a felony. Detention, low-level suspension, followed by mentoring. An intellect/initiative combination like that should not be wasted.

      Remember, everyone, that Bill Gates reverse-engineered Windows, then marketed it under Microsoft. That IS a felony (or damn well should be), and he's now a billionare.

      link to this | view in chronology ]

      • identicon
        Andrew Strasser, 8 Jan 2006 @ 10:20am

        Re: >READ PEOPLE

        If this is a felony and he gets more time than Martha Stewart did for stealing millions out of old peoples retirement funds. Then we seriously have some problems in this country. The people at enron are facing less than this in terms of charges. There are much larger targets that could go down just by a word said by someone. Ridiculous and if this legislation stands we'll see...

        link to this | view in chronology ]

    • identicon
      Samuel Walter, 8 Jan 2006 @ 1:42pm

      Re: >READ PEOPLE

      Pharaoh:

      Regardless of his intentions, the action he urged others to take was completely benign and could not have led to the outcome he was allegedly working towards.

      Intent means nothing without sufficient action. If I tell everyone to fill a DixieCup with water to help me flood the city, and a hundred people actually do it, is the city going to flood or is there going to be a hundred idiots standing there looking at a puddle?


      Respectfully,

      Samuel Walter
      Network Engineer / Security Analyst

      link to this | view in chronology ]

      • identicon
        amazon10x, 9 Jan 2006 @ 4:37pm

        Re: >READ PEOPLE

        @Samuel

        Regardless of his intentions, the action he urged others to take was completely benign and could not have led to the outcome he was allegedly working towards.

        Intent means nothing without sufficient action. If I tell everyone to fill a DixieCup with water to help me flood the city, and a hundred people actually do it, is the city going to flood or is there going to be a hundred idiots standing there looking at a puddle?

        Perhaps I am misuderstanding but in the case of the school wasn't his intention (crashing the server) accomplished?

        link to this | view in chronology ]

        • identicon
          Joseph L. Rogers, 9 Jan 2006 @ 5:30pm

          Re: >READ PEOPLE

          Naw, he didn't crash it, he simply "slowed the school's computer system down".

          link to this | view in chronology ]

          • identicon
            Anonymoush, 9 Jan 2006 @ 11:00pm

            Re: >READ PEOPLE

            People here in Finland are laughing at that Forchione guy. It was just a small prank. But then you must realize that you can sue anyone for anything in the almighty America *grin*

            If I would live in there I would probably sue my cat for causing me mental and physical damage...

            link to this | view in chronology ]

        • identicon
          Samuel Walter, 10 Jan 2006 @ 3:38am

          Re: >READ PEOPLE

          amazon10x:

          From my understanding, the server was not crashed; it maintained normal operations. There was an alleged slowdown and their admin attributed it to higher-than-normal activity originating from a particular referrer - that being the blog link directing users to the school's site.

          Given that this is a Windows server, operating on equipment purchased with money funded by a school system that has demonstrated incredible technological ignorance, I'm inclined to suppose that there are probably several other mitigating factors contributing to the alleged slowdown. Anyone who has any experience with Microsoft IIS knows that you have to throw a lot of hardware at it to achieve decent performance. Since a web server is only as good as the operating system it runs on, IIS-powered web sites (if you can say 'powered') are prone to poor performance and outages far more often than should be tolerated. This is one of the major reasons that Microsoft IIS powers less than 21% of the Web, compared to Apache which is the engine behind 68% of the Web. Factor in the likely-meager salary they pay their administrator and I think a pretty bleak, yet clear, picture of their network infrastructure emerges.

          Something else to consider is the browser configurations of the refresh-perpetrators. By default, Internet Explorer and most other common browsers are configured to display previously viewed web sites from their cache unless the page being viewed has changed since it was last viewed. It accomplishes this by comparing the date and file size of the page on the server with the one in its cache. Unless the page has changed, all of its content is displayed from the cache on the individual's computer. So, unless the school was making a whirlwind of changes to their web site while the refresh-onslaught was going on, the impact of all this F5 pushing would be negligible.

          I think the biggest obstacle in this case is going to be explaining the reality of the situation to the prosecutor, judge, and jury (if it gets that far). When people lack knowledge and understanding of something, the first reaction is usually fear. Fear is always a catalyst of extreme and unreasonable reaction, and people, especially criminal prosecutors, are not quick to admit that they were wrong; even when presented with overwhelming evidence and logic.

          If you haven't already done so, I urge you all to please sign the petition to "Free Mike Stone" by going to http://www.petitiononline.com/mwstone/petition.html


          Respectfully,

          Samuel Walter
          Network Engineer / Security Analyst
          swalter718@gmail.com

          link to this | view in chronology ]

  • identicon
    Ferd, 8 Jan 2006 @ 9:29pm

    Ridiculous

    >>> Repost of my petition comments
    "District Mission - The mission of Lake Local Schools, recognized as a leader in education and community partnerships, is to guarantee all students a superior educational experience, enabling them to become lifelong learners and healthy, productive citizens."
    Really?? Charging a student with a felony to just to make an example of him over something as dastardly as yelling "Water!" in a crowded swimming pool. This is how you guarantee a superior educational experience? This is how you create productive citizens in Ohio, by turning them into 3rd class demi-citizens (felons)?
    Shame on your school administrators and elected officials.

    link to this | view in chronology ]

    • identicon
      AC, 9 Jan 2006 @ 6:19am

      Re: Ridiculous

      yeah well thats OH for you. Standing around knuckles to forehead with brows furrowed in a vain attempt to understand the confusing world around them.
      See this is what happens when the digital divide starts to hit home. A bunch of people with no understanding of the domain are the ones vested with punitative authority. Thus a bad decision is almost guaranteed since people tend to react negatively to the unknown by default. Therefore the kid does something none of them really understand so they go to the extreme of punishment just to make sure. Brilliant.
      And heres the bad news: its only going to get worse since we no longer value education in the US. The barrier to entry in the information society is getting high enough that people can't be bothered to even learn the basics of protecting themselves from malware so I don't think we can expect them to even try and understand anything more complicated.

      link to this | view in chronology ]

  • identicon
    sharp, 10 Jan 2006 @ 7:46am

    No Subject Given

    i would help you with that but im at school hitting F5 >_> _<

    link to this | view in chronology ]


  • Follow Techdirt
    Essential Reading
    Techdirt Deals
    Report this ad  |  Hide Techdirt ads
    Techdirt Insider Discord

    The latest chatter on the Techdirt Insider Discord channel...

    Loading...
    Recent Stories

    Friday

    19:39 Important Announcement: Techdirt Is Migrating To A New Platform (0)
    More arrow

    This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
    Close

    Email This

    This feature is only available to registered users. Register or sign in to use it.