Court Says Sending Too Many Emails To Someone Is Computer Hacking
from the you-can't-be-serious dept
Okay, the courts are just getting out of hand when it comes to the Computer Fraud and Abuse Act (CFAA), which is supposed to be used against cases of malicious hacking. Most people would naturally assume that this meant situations in which someone specifically broke into a protected computing system and either copied stuff or destroyed stuff. And yet, because of terrible drafting, the law is broad and vague and courts are regularly stretching what the CFAA covers in dangerous ways.The latest example, found via Michael Scott is that the Sixth Circuit appeals court has overturned a district court ruling, and is now saying that a labor union can be sued for violating the CFAA because it asked members to email and call an employer many times, in an effort to protest certain actions. Now some of the volume may have hurt the business, but does it reach the level of hacking? What's really troubling is even just the focus on emails:
The e-mails wreaked more havoc: they overloaded Pulte's system, which limits the number of e-mails in an inbox; and this, in turn, stalled normal business operations because Pulte's employees could not access business-related e-mails or send e-mails to customers and vendorsSo... because Pulte's IT folks set up their email boxes such that they could only hold a certain number of emails, suddenly this raises to the level of "hacking"? That seems like a stretch, and you can definitely see how such a rule can and likely will be abused. Especially since the court made some very broad statements, including:
[We] conclude that a transmission that weakens a sound computer system—or, similarly, one that diminishes a plaintiff’s ability to use data or a system—causes damage.Broad enough for you? I can see this ruling being cited in all sorts of abusive trials now.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
What an outrage
[ link to this | view in chronology ]
Re: What an outrage
It's a lost cause, though. I doubt he reads email. He might have a secretary that prints them for him though.
[ link to this | view in chronology ]
Re: Re: What an outrage
Also... hahaha, remember film?
[ link to this | view in chronology ]
Re: Re: What an outrage
[ link to this | view in chronology ]
Re: What an outrage
And pray the justice system is still on Exchange 2003. We can reach that 75GB limit in minutes and be hackers all of us.....
[ link to this | view in chronology ]
Re: Re: What an outrage
[ link to this | view in chronology ]
Re: Re: What an outrage
I also think Dave above might be on to something there.
[ link to this | view in chronology ]
Re: What an outrage
[ link to this | view in chronology ]
Soon
[ link to this | view in chronology ]
Sorry Mike, you are out to lunch on this one too.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
This case is more akin to those jackass merchants leaving a flier under my windshield wiper. It's annoying but not illegal.
[ link to this | view in chronology ]
Re: Re:
First off, since email headers can (and usually are) faked, it isn't hard for someone to send all those emails apparently from different addresses, with slight differences in subject line that would make it very hard to simply filter.
Second, your email server still has to process the mail. If you are using server based rule systems, the server still has to accept the connection, take the mail, process it, etc. If you are using "PC based rules" (spam filters in your local system) you still have to actually download all the mail from your email server and process it.
Third, a basic DoS attack is just overwhemling a computer with too many requests or too much traffic. If your PC is spending most of it's time filtering spam, downloading messages, and not being available to do what you want, then the email is a DoS.
I have seen it done, it isn't hard to tear down an email server and make it puke it's internals on the floor from too much traffic. That is a basic DoS method.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
I am not getting where you are going here. They sent the emails with the intention of loading down the system. That is pretty much a basic DoS, no matter how successful or not it is.
As for human power, would you care to explain how LOIC works?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
LOIC is automated, because no human has the will to refresh a web page 10 times per second for hours....
The whole point of LOIC is to make an impact by exceeding the parameters at which a human operates.
Following your line, demonstrating outside a business so that workers and customers are inconvenienced is also DoS and should be considered hacking?
Or to highlight - what if the business behaved like jerks and got tons of customer complaints. Would the angry customers then be sued for hacking? And is that reasonable?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
Did they? Was that cited in the ruling? I am admittedly too lazy to wade through the legalese, but the writeup didn't mention anything about their intent.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
> They sent the emails with the intention of
> loading down the system
Or they sent the emails with the intention of making the company aware of the strength in numbers of those who oppose their policies. (Which is much more likely to be the case, by the way.)
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
If they were encouraged to do it specifically to bring down the system the fuckem.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
> the intention of flooding the email was to
> limit it's functionality and to cause the
> computer(s) in question to be of diminished use
How do you know that was the intention?
Sounds to me like the intention was to show the company how many people are upset with their actions. Just like when Rush Limbaugh (or Michael Moore, to be non-partisan) exhorts his listeners to call their congressman about one thing or another. It's not to overload the switchboard and bring business to a halt, but to make sure the politicians know the strength of public opinion.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Key word being "sound"
How is an email system that goes down in this situation "sound"?
[ link to this | view in chronology ]
Re: Key word being "sound"
[ link to this | view in chronology ]
Re: Key word being "sound"
[ link to this | view in chronology ]
Re: Key word being "sound"
[ link to this | view in chronology ]
Re: Key word being "sound"
[ link to this | view in chronology ]
so, when MoveOn emails its constituency and tells them to email their elected officials, are they going to be found liable too?
seems to me like this could bump right into free First Amendment law.
[ link to this | view in chronology ]
Re:
On the other hand, the Union hired an autodialer to spam the voicemail. And when Pulte came to them 4 days later the union refused to stop. I think the email claims are garbage of a poorly designed network, but the phone may have been what pushed them over the line.
[ link to this | view in chronology ]
Re: MoveOn
Under that logic, and assuming the brain is classified as a system, MoveOn could be sued for a multitude of infringements that diminish its constituents' ability to use their systems... pretty much any time they say something.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
I remember a time when I was trying to watch some streaming online and after a few reloads the servers went unresponsive! I need to hide!
/derp
If memory serves it was some fashion related event (back when streaming was actually in its infancy) and they had predicted x visitors but received 10x visitors and system went boom. 1.5 million simultaneous accesses if memory serves. All of them hackers!
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
The only fashion related event that could generate that many views (especially back then) was probably the Victoria's Secret event.
I think I remember helping to crash that one, too.
[ link to this | view in chronology ]
Limits the number of e-mails in an inbox?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
slashdot effect?
[ link to this | view in chronology ]
Re: slashdot effect?
[ link to this | view in chronology ]
Re: Re: slashdot effect?
[ link to this | view in chronology ]
judgement was sound
The union is able to protest but at some point, sending way too email and way too many phone calls become harassment. Freedom of speech doesn't allow you to yell fire in a theater.
[ link to this | view in chronology ]
Re: judgement was sound
[ link to this | view in chronology ]
Re: judgement was sound
[ link to this | view in chronology ]
Re: Re: judgement was sound
However you may be brought up on charges of inciting a riot, or inciting a panic, disturbing the peace kinds of laws. However you freedom of speech is uninhibited.
[ link to this | view in chronology ]
Re: Re: Re: judgement was sound
[ link to this | view in chronology ]
Re: judgement was sound
Since companies are people too, shouldn't they have to put up with the excess of free speech, and if they can't handle it, then stop what you are doing?
I believe If I tried to sue those protestors i would be laughed out of court, just as this ruling should have been.
[ link to this | view in chronology ]
Re: judgement was sound
[ link to this | view in chronology ]
@#13 - Re: judgement was sound
And wrong again! You can yell "fire" in a theater.
One permissible scenario: when there is a fire.
Two for two. Maybe you should try not facing sunward. Your vision seems to have been impaired.
[ link to this | view in chronology ]
Re: judgement was sound
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Quick, Everyone do this NOW.... finally a way to end spam (or at least profit privately from it)
Ok, while it would be nice, the ones who should be held responsible will just disappear and re-appear with a new name and company and start the same crap over again....
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Misleading article . . .I expect better of Techdirt
http://www.out-law.com/page-12138
That said, no difference here between what the union did here any any other form of DDOS. Most "hacking" starts with human engineering. . .
[ link to this | view in chronology ]
Re: Misleading article . . .I expect better of Techdirt
[ link to this | view in chronology ]
Re: Misleading article . . .I expect better of Techdirt
[ link to this | view in chronology ]
Re: Misleading article . . .I expect better of Techdirt
Also, this case is not over. It has been remanded back to the district court.
[ link to this | view in chronology ]
I seem to remember there was a bit of an IT crisis right after..
[ link to this | view in chronology ]
Reading the backstory on the case, after 4 days the union was contacted by the company and asked to stop because it was harming the business. They continued. It could be that this point they entered into the arena of using a form of a Denial of Service attack on the company.
Having hired outside robodialers, this was infact the plan of attack the union wanted to use.
A limitation of the email accounts could be seen as a bad system design, but the goal the union had was to cripple the company. After they were aware they had the intended effect, they continued.
This is a delicate matter trying to balance the rights of people to protest, and the rights of a business to be in business.
When people picket, they get arrested if they harass people entering/exiting or block entranceways.
This protest effectively harmed the business by closing it down.
While the law itself might be to broadly worded, it seems like it might have been properly applied in this case. The company was fully aware of the complaints of the union, but continuing knowing that your causing actual harm to the business is just designed to punish the business that if done in real world terms would get you arrested.
But then I might be insane, the jury is still out.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
After 4 days of the systems, email & phone, being overloaded and the union being informed that they were causing damage to the business they are under no obligation to consider what they are doing is harmful?
They were not sued on day 1, 2, 3, or 4. They were sued after they knew that were causing damage to the business they targeted.
While the limits on the email system settings might be debatable, the union caused damage to the business by denying their ability to function. The union was informed of this fact, and continued to inflict harm on the business to make their point.
Did we think the first 100, 1000, 100000 emails were possibly missed?
Because I am sure the robodialer flooding every number for the business made sure to drive that home.
[ link to this | view in chronology ]
Re: Re: Re:
adj \yər, ˈyu̇r, ˈyȯr\
Definition of YOUR
1
: of or relating to you or yourself or yourselves especially as possessor or possessors , agent or agents , or object or objects of an action
you're
\yər, ˈyu̇r, ˈyȯr, ˌyü-ər\
Definition of YOU'RE
: you are
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
It is possible that LIUNA intended to harass Pulte with a limited DOS attack. It is also possible that DOS wasn't their goal. You have to take a closer look at what was done.
LIUNA put out a call on their website to make calls to Pulte and to email them. They set up a pre-written letter which any member could click on and cause a separate email to be sent. LIUNA has 500,000 members. Even if all 500,000 sent an email this way, it would be hard to argue that that action was illegal. Such mass, topic oriented, email campaigns are done elsewhere, and should be protected under first amendment freedom of speech. Now, if a single person had caused hundreds, or thousands of emails to be sent, that would be a scenario accurately described as a DOS attack.
The use of an autodialer sounds suspicious. I do not know how it was used. It is possible that the autodialer was used similarly to the emails. The website could have allowed a member to click on a button that caused the autodialer to send a pre-recorded voice message to a Pulte phone number. That would not be much different than the email scenario and should also be protected under the first amendment. On the other hand, if the autodialer was programmed to just automatically, and continuously, call and leave messages, that would be a DOS attack.
An interesting aspect of this case is that even if this was a kind of DOS attack, the capabilities of the computer to resist such damage is taken into account. Pulte claims they had to "shut down their email in boxes". I am sure what really happens is that once the box is full new incoming emails are automatically discarded. What if the email in-boxes were capable of handling 200,000 messages, would there still be a case? Pulte claimed they could not send emails. That is most certainly wrong. I suspect they were being intentionally vague in describing that they could not respond to emails because it took too much time to filter through the spam or were automatically discarded. If they could still send emails, would there still be a case? finally, any email client or server created in the last decade (at least) is capable of filtering out some spam. The easiest thing to filter out are identical messages all coming from the same address. Most of the emails were from the LIUNA server via their website trigger. If Pulte could have easily filtered out all those emails, why didn't they and would there still be a case?
My suspicion is that both LIUNA and Pulte are harassing each other in anyway they can. The fact that Pulte is using the court system for a case that shouldn't really exist may be legal but is unethical.
[ link to this | view in chronology ]
Re:
Hackers are spinning in their graves over this one.
This diminishes the honorific of "hacker". No monkey jokes please, this it not nice. This offends the eye.
[ link to this | view in chronology ]
I could say the same thing about snail mail
"[We] conclude that a transmission that weakens a sound computer system — or, similarly, one that diminishes a plaintiff’s ability to use data or a system — causes damage."
Regarding 'too many advertising flyers', I say:
"[We] conclude that a transmission that weakens a sound mailbox — or, similarly, one that diminishes a plaintiff’s ability to use the mailbox or extract mail from it — causes damage."
Is there a fundamental difference here? I don't think so. One claim is as silly as the other.
[ link to this | view in chronology ]
did i misunderstand? is the union not affiliated at all with the employer?
unless they were threatening, malicious... but at that point, shouldn't the person sending the threats be liable?
why should the union be liable for the actions of its members... or is that one of the drawbacks of being a union?
I also fail to see how the law was broken.. even if it is read incredibly broad. The article makes it seem like the employees could still access and use the communication systems and that the system was working just as it should.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
I understand it may be a DoS but it was not malicious nor should it of cause a DoS...called lousy thought process by the company
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
Interesting idea, the ability to sue judges for bogus rulings, that might get them to consider getting aid from some experts on rulings outside their expertise.
[ link to this | view in chronology ]
The court never says anything about hacking
The decision says the union violated the CFAA. You say that the CFAA is supposed to protect against hacking, but hacking doesn't appear in the statute either.
[ link to this | view in chronology ]
Re: The court never says anything about hacking
[ link to this | view in chronology ]
Re: The court never says anything about hacking
The decision says the union violated the CFAA. You say that the CFAA is supposed to protect against hacking, but hacking doesn't appear in the statute either.
Mike, of course, made up the part about "hacking" for effect. The court did not say it's hacking. Did you expect any more from him? He blows most things out of proportion.
[ link to this | view in chronology ]
Computer Hacking via emails
[ link to this | view in chronology ]
Amusing
http://www.youtube.com/watch?v=Ml00gVWhSGY
[ link to this | view in chronology ]
Re: Amusing
[ link to this | view in chronology ]
Re: Re: Amusing
[ link to this | view in chronology ]
Re: Amusing
[ link to this | view in chronology ]
Threats and Vulgar language
There is no need for this, and president Obama just did a similar thing calling for citizens to call congress. In essence this was unsolicited spam email and should be held in the same regard..
[ link to this | view in chronology ]
Re: Threats and Vulgar language
[ link to this | view in chronology ]
Re: Re: Threats and Vulgar language
Or Viagra.
[ link to this | view in chronology ]
Re: Re: Re: Threats and Vulgar language
Or tech support for his Viagra.
[ link to this | view in chronology ]
Does it for the Lulz
[ link to this | view in chronology ]
[ link to this | view in chronology ]
I can use this
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Yes, it's hacking
[ link to this | view in chronology ]
Re: Yes, it's hacking
[ link to this | view in chronology ]
Re: Re: Yes, it's hacking
[ link to this | view in chronology ]
Yes, it's hacking
[ link to this | view in chronology ]
Also, I remember a post that was probably on techdirt, but maybe not, that compared DDoS attacks to digital sit-ins.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Yes, of course it's meant to disrupt business. How else are you supposed to get their damn attention.
The point is it is a very peaceful and incredibly effective way to get your point across.
Maybe you should address the root cause of this protest instead of the protest itself. If a child is crying because it's hungry do you spank the child for crying?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
A sound "computer system" is one that can't be weakened by incoming "transmissions" at all.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
FINALLY!
I'd also like to take this wonderful opportunity to personally attack those evil little trolls that build those awful flash enabled websites. Don't they know those things are taxing on a 56k modem?
[ link to this | view in chronology ]
No different than a good old postal mail blitz
This is simply an e-version of that, and I don't recall anyone ever being punished for mailing too many letters.
[ link to this | view in chronology ]
Abuse
NORMAL PEOPLE: But the CFAA wasn't targeted at people sending lots of emails, either, and look where we are now.
BIG COPY: Shut up.
[ link to this | view in chronology ]
Please don't lie about the law.
[ link to this | view in chronology ]
Re: Please don't lie about the law.
[ link to this | view in chronology ]
Re: Re: Please don't lie about the law.
[ link to this | view in chronology ]
Re: Re: Please don't lie about the law.
[ link to this | view in chronology ]
Re: Please don't lie about the law.
[ link to this | view in chronology ]
Re: Re: Please don't lie about the law.
[ link to this | view in chronology ]
Re: Please don't lie about the law.
[ link to this | view in chronology ]
Re: Please don't lie about the law.
Wow. Sorry, but the CFAA is very much about "hacking." Just because they don't use the word does not mean that it's not what it's about. I stand by the article 100%.
[ link to this | view in chronology ]
Re: Re: Please don't lie about the law.
[ link to this | view in chronology ]
Re: Re: Re: Please don't lie about the law.
I did no such thing. The CFAA was designed to deal with computer hacking. It's a descriptive term for what is in the law, including the types of hacking, which you describe in your article. The specific violations described within the CFAA are an attempt (weak one) by Congress to define illegal hacking.
It's dishonest and indefensible.
Oh come on. It's completely honest and very defensible. No need to get obnoxious over a difference of opinion.
. If you want to criticize the legal ruling, have the courage to do so within the scope of the law, nicely published online for your convenience, not what you have imagined the purpose of the law to be
I did. Honestly the only thing I find dishonest is your attempt to attack me because I didn't use the magic words you wanted to hear. Sorry, but the law is an anti-hacking law. Saying that this qualifies under the law is the courts saying that this could be a form of hacking.
It's not dishonest. And it's most certainly defensible.
[ link to this | view in chronology ]
Re: Re: Re: Re: Please don't lie about the law.
Do you have any evidence whatsoever to back up this claim?
You decided, out of thin air, to use the word "hacking" to describe the crimes under the CFAA. You then wrote things and used quotation marks in such a way as to suggest that the word "hacking" was actually used by the court:
"Court Says Sending Too Many Emails To Someone Is Computer Hacking"
"So... because Pulte's IT folks set up their email boxes such that they could only hold a certain number of emails, suddenly this raises to the level of "hacking"?"
Finally, you suggested that if it wasn't "hacking" under some unspecified definition, then the court ruling must be wrong.
All of those things are lies.
In fact, the stated purposes of the CFAA include "to provide additional penalties for fraud and related activities in connection with access devices and computers," which is certainly broader than "hacking."
You don't have a foot to stand on, which is unfortunate because there are so many easy and legitimate criticisms of the CFAA. But unfortunately, you chose to make a ridiculous one.
[ link to this | view in chronology ]
Re: Re: Please don't lie about the law.
To be fair, if I was saying that a piece of writing was very much about something the lack of the authors using the word I thought it was about would make me somewhat less confident in my analysis.
[ link to this | view in chronology ]
Re: Re: Re: Please don't lie about the law.
Here is a course about bumping uglies and getting knocked up. I'm quite confident of that despite the fact that the term "knocked up" appears nowhere in the course material.
[ link to this | view in chronology ]
Spam diminishes my ability to use a system, can I sue spammers now?
[ link to this | view in chronology ]
The court has a point
Imagine the howls of indignation here if the MPAA started DOS attacks on people who criticized their tactics or in some way tried to compete with them?
[ link to this | view in chronology ]
The court has clearly never run an email server...
There is no doubt that an excess of messages is abusive, but "abusive" is not the same as "hacking". "Abusive" (in the context of email) encompasses the sometimes-overlapping categories of mailbombing, forgery, spam, DoS attacks against SMTP, rapid-retry, etc. None of these qualify as hacking. Oh, they're all reprehensible, like many other things that aren't hacking either, but that doesn't make them what the court imagines them to be.
Moreover, a read through this indicates that the company's own profound incompetence is largely responsible for its troubles. It is a trivial matter for any minimally-clueful mail system administrator to deal with issues like this -- many of us deal with them on a routine basis. Sometimes they're the result of malicious action; sometimes they're the result of somebody else's screwup; sometimes they're the result of a well-meaning but poorly conceived campaign, as appears to be the case here. But whatever the cause, dealing with the results is very easy, so much so that I think it reasonable to presume any competent mail system administrator would be ready for this and would only need to flick the switch, so to speak, to deal with the issue.
Of course one of the obvious, fundamental errors made by the mail system administrators shows up as early as page 3 of this ruling, where it states that the mail system "limits the number of emails in an inbox". In a time when 2T drives cost much less than an hour of system admin time, that's not just stupid, it's set-yourself-on-fire stupid. While there is a reasonable argument to be made that the very largest email providers (e.g., gmail) may need count/size quotas, there is no such argument to made for the overwhelming majority of mail operations. (Yes, I'm well aware there are outliers. I've run some of them.) It is vastly more efficient, cost-effective, secure (mail quotas facilitate DoS attacks), and simple to add storage in almost every case.
The correct response from Pulte Homes is not to pursue this in court, but to fire their mail system admin(s) on the spot and replace them with individuals who possess at least minimal competence in the field.
[ link to this | view in chronology ]
Re: The court has clearly never run an email server...
[ link to this | view in chronology ]
Re: The court has clearly never run an email server...
[ link to this | view in chronology ]
2 apply spam filter to present the appearance of taking precautions
3 file civil and criminal charges against everyone that sends me more than 2 emails.
4 patent method
5 profit
[ link to this | view in chronology ]
Is an software update hacking?
I have experienced a "transmission" in the form a Microsoft software update that stopped my "sound computer" from operating. Does that mean Microsoft is a hacker? Wow that is a broad statement.
[ link to this | view in chronology ]
Re: Is an software update hacking?
[ link to this | view in chronology ]
bad ruling
Hacking is a security issue, not an overload disruption issue.
[ link to this | view in chronology ]
Terrible drafting?
Apparently you fail to realize it's not terrible drafting when its designed so the government can use it to smother anyone that pisses them off.
[ link to this | view in chronology ]
The reality of it...
Everyone who agrees that this is hacking is wrong! There was no intention to disrupt systems, but to send a message. Sure, the bloat of emails and phone calls would slow some workers down but not to do harm to the company. As a previous poster stated this is no different than protesters standing in front of a store and a different poster referenced Limbaugh and Moore mobilizing their armies to action.
This is another case of a judge not understanding technology and not taking the time to educate themselves.
What the shocker here is that the Union lost, I thought they ran the country.
[ link to this | view in chronology ]
story doesn't fit title
[ link to this | view in chronology ]
So...
[ link to this | view in chronology ]
OHHHHH CANADA
NOW lets go forward to now and your telling me that if 30000 coders did this today we'd all be arrested as hackers for sending a single email....
WHAT A JOKE THE USA IS.
THIS IS NOT EVEN FUNNY ANYMORE.
I sincerely hope you don't pay your debts and go right into bankruptcy big time.
[ link to this | view in chronology ]
Re: OHHHHH CANADA
"forced MS to make the stuff i make with the package mine and mine alone versus you make it with a ms tool they too can steal it..." You make no sense. I understand the individual words but the combination in which you use them is perplexing!
Take your universal health care and Tim Hortons and stick it, 'eh.
All in good fun! I do like Toronto.
[ link to this | view in chronology ]
@25
I will add this doesn't shut down the business it has phones and faxes and other communications no? was the union sending non stop faxes and telephone calls by the thousands constantly ..NO i see so it didn't cripple the business just one email account hardly hacking...get a good email bomber and it don't care what email accounts are there it will just hammer it to death THAT'S HACKING.
NOW when you send one email form 30000 people that shows you the union and its members are serious about some issue. NOW you have those mails you can auto block them and this does what then to said business....NOTHING. unless they all sent in minutes which they did not do.
AGAIN it was not a email bomb from a single person it was the union and its members. SO by your reasoning if said union said call this company that it would be hacking as the phone lines be all tied up. BOY OH BOY what a nasty police state world you live in .....control control control.
[ link to this | view in chronology ]
It would be pretty hard to claim that sending e-mail to a server that was setup to accept mail from anyone was "unauthorized".
[ link to this | view in chronology ]
@40 then @43 then @45 then @46 then @53
too bad none of what you said was done by said union and in fact as the article says all that was done was the union asking its members to email that address.
@43
and that's why no spam filtering would work on this cause these were real people doing as they should email someone, if your going to raise taxes and are a politician do you think you want to only be able to get 10 email a day and then not use your account? HRMMMM me thinks someone really overreached authority here. Expect an appeal i would say. Other wise we in other nations will just laugh or heads off....
@45
actually when vb 4 was around there was 30000 coders whom banded together after MS said anything you make with said tool they owned too cause they made the tool....WE all emailed them once a day for a week personally and MS backed down ...we were sending them the "message" NOT trying to damage but that its important to us....they not do what they were saying. IT worked and you make it its your software.report was MS servers fell 4 times in that week.
@46
So when open media got 446000 people to electronically sign a petition you think sending all our emails to the minister is a hack? NOW i SAY GOT YA ....its bad precedent to go down this road cause once people cant vent they go out into london streets and do what?
@53
the inbox was full via way of the email systems rules and no other email accounts had issues. GO FIGURE.
[ link to this | view in chronology ]
Intent
If you are being mailed marketing material the intent is that your system works perfectly, so that you may receive more information or contact the vendor.
If you try to access a website and your traffic causes it's service to diminish, your intent was to view some content on that web page.
The union did a number of things that made the intent of its efforts clear and that it was aware of the results of its actions. Requesting that it's members send emails in a manner that would compromise the victims systems is essentially the same a DDOS attack, it's just that part of the system is biological. They sent a message from a command system to other systems which then directed traffic to a particular machine with the idea that it would be negatively effected by this.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Intent, and yes it is a DOS attack plain and simple
DDOS is illegal, call it what you will, hacking, cracking or straight out criminal activity. The result is the same.
What would have happened if this union decided to do that with the 000 (or 911) phone number ? and closed down that system.
Or the phone line of the ambulance or fire brigade ?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
This is why you need lawyers
When a court entertains a motion to dismiss for failure to state a claim, they basically take the complaint and, for the sake of the motion, take everything in it to be true (regardless of whether that is ACTUALLY the case). That's what they did here. The definition they gave is obviously over broad, but that may be refined once the facts of the case become more apparent. Further, I don't think its the definition of damage that matters so much as the definition of intent. I don't think it will be possible, given the facts, to show that LIUNA actually intended to damage the system. Further, this sort of case seems like it will implicate the first amendment. In any case, the battle is clearly not over, and it sounds highly unlikely that Pulte is going to win.
This is why tech geeks need lawyers.
[ link to this | view in chronology ]
Ruling will be overturned by SCOTUS
[ link to this | view in chronology ]
OH HO HO, MR GOVERNMENT SIR, IS THIS NOT WHAT YOU ARE ATTEMPTING TO DO YOURSELF?
[ link to this | view in chronology ]
Does this apply to snailmail?
[ link to this | view in chronology ]
re: re
The first being a lawyer who is reaching to get a case.
The second here is a judge who has no clue on technical (and legal) issues here and should be forced to
a. Reverse himself and
b. Never listen to any case that has technical issues having to do with computers again.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
If you can not e-mail them boycott their services and products.
[ link to this | view in chronology ]
Case holding
1.There is no mention of "hacking"
2.There was no ruling on the flood of emails--only permission to sue under the statute that addresses hard to computers. (This was a labor disute.)
3. The number of emails was huge and shut down Pulte's system. Writing to CEOS will not shut down their systems.
4. If the same thing were done to Congress the same law would apply.
Release the email addresses!
[ link to this | view in chronology ]