If The DOJ Gets Its Way, Tweeting Out A List Of The 'Worst Passwords On The Internet' Will Be A Felony

from the because-our-prisons-aren't-at-maximum-capacity dept

Retweet if you want to go to jail! And not regular county jail, but federal prison!


In case you can't read/see the tweet, it says:
Under the DOJ's CFAA proposal, this article (and this tweet linking to it) could be a 10 year felony. That's insane.
(The link goes to a Techcrunch article featuring SplashData's list of the "worst passwords on the internet.")

The DOJ has offered up its preferred version [pdf link] of the CFAA (Computer Fraud and Abuse Act) -- under the ridiculous name of "Updated Law Enforcement Tools" -- and it indeed would make this sort of thing an instant felony.

Here's the wording change that does it [strikethrough for deletions; bold for additions]:
(6) knowingly and with intent to defraud willfully traffics (as defined in section 1029) in any password or similar information, or any other means of access, knowing or having reason to know that a protected computer would be accessed or damaged without authorization in a manner prohibited by this section as the result of such trafficking; if—

(A) such trafficking affects interstate or foreign commerce; or

(B) such computer is used by or for the Government of the United States;
The DOJ removes intent and replaces it with feelings. Sharing a list of common (and stupid) passwords could be construed as "willfully trafficking" passwords while "knowing" a "protected computer" could be "accessed without authorization."

And that thing about federal prison I opened the post with? That's the way the DOJ wants it. The CFAA currently allows for misdemeanor charges under certain circumstances. But this proposal does away with that. Instead of a misdemeanor-to-3 year sentence range, punishments start at 3 years and escalate to a 10-year cap. Unless, of course, your hacking is part of the commission of another felony, in which case the government proposes it should get to double dip (at minimum). Here's Orin Kerr's take on that part of the proposal:
Under the proposal, breaching a written restriction is a crime if the user violated the written condition in furtherance of a state or federal felony crime, “unless such violation would be based solely on obtaining the information without authorization or in excess of authorization.” On one hand, this might seem kind of harmless, or at least redundant: The proposal makes it a felony to break a promise on a computer in furtherance of a felony. One wonders what the point is: Why not just punish the underlying felony?

But the real problem is the double-counting issue. Federal and state law is filled with overlapping crimes. Congress might enact three crimes that do the same basic thing, giving prosecutors the choice of which to charge or allowing them to charge all three. State criminal codes often mirror the federal criminal code. That raises a question: If Congress makes it a crime to commit an act “in furtherance of” a different crime, does the existence of overlapping crimes mean that a person’s conduct violates the first crime because it was “in furtherance of” the second? This is a particular problem because every state has unauthorized access crimes a lot like the CFAA. We saw this in the Auernheimer case, where prosecutors argued that the misdemeanor federal unauthorized access alleged in that case should be a felony because it was “in furtherance of” New Jersey’s nearly identical state unauthorized access law.
As if we didn't have enough people in prison already, the DOJ proposal mandates felony charges and provides prosecutorial options to ensure very few defendants walk away with short sentences.

The proposal also asks users to perform mind-reading when accessing anything computer-based.
(6) “exceeds authorized access” means to access a computer with authorization and to use such access to obtain or alter information in the such computer—

(A) that the accesser is not entitled so to obtain or alter; or

(B) for a purpose that the accesser knows is not authorized by the computer owner;
Going back to the Weev case, Andrew Auernheimer obviously knew AT&T would not "authorize" his access of supposedly private information, even if all he did was alter URL components to achieve this. Now, companies' security failures can be weaponized against those who discover them -- making it highly unlikely that flaws and holes will be pointed out to those who can actually close them. Why risk a few years in federal prison (remember: no misdemeanors) just because some entity decided to shoot the messenger rather than thank them for their help?

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cfaa, doj, felony, obama administration, passwords


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    rw (profile), 21 Jan 2015 @ 5:42am

    What less can you expect from a police state? After all, "it's for the children."

    link to this | view in thread ]

  2. icon
    That One Guy (profile), 21 Jan 2015 @ 5:52am

    DOJ to white-hats: If you see something, shut up, or face a felony

    If they manage to get this 'updated' wording accepted, pretty much the only people 'hacking' systems, or checking security, will be those with criminal intentions. If making a security vulnerability known, or even making it known that you found one, is instantly a felony, the only people who would even risk doing so, will be those that are already planning on breaking the law.

    Companies may feel like they get egg on their face when they have their shoddy security made public after ignoring the problem, but that is nothing compared to what happens when the person 'examining' their security isn't interested in helping anyone but themselves. And with the law making it essentially illegal for someone to test security on their own, for whatever reason, the number of security holes, and resulting harmful hacks, will likely shoot way up.

    Yet again, we've got an example of a government agency making things less safe, and more dangerous, for everyone but the criminally inclined.

    link to this | view in thread ]

  3. icon
    Ninja (profile), 21 Jan 2015 @ 6:01am

    If anything, law enforcement in the US (and frankly, everywhere) are shooting their feet with such 'shoot the messenger' tactics because people are getting more and more wary when it comes to cooperating for fear of interacting with law enforcement and running into trouble. So while they are worrying that encrypted smartphones may get in the way they are silencing witnesses that would probably render such encryption moot. This is just an example. There's already a general lack of trust from the citizenry towards law enforcement and they and now they are actively ensuring that people will not help on investigations and security flaws out of fear of bad laws. Great.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 21 Jan 2015 @ 6:35am

    This makes everybody in tech a felon

    or any other means of access, knowing or having reason to know that a protected computer would be accessed or damaged without authorization in a manner prohibited by this section as the result of such trafficking

    As someone who works in cloud this is part of my day to day. So by merely passing this law, anyone with knowledge of a vulnerability would automatically become a felon. There is often a trade-off between security and getting something to market. This would mean even getting it to market would be legally felonious in many if not all cases.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 21 Jan 2015 @ 6:46am

    The inquisition is back. This time it punishes 'hacking' instead of 'witchcraft', but the way of determining guilt seems about equivalent to the trials of old.

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 21 Jan 2015 @ 7:05am

    Ahhh the good ol US Of A.

    "A good offense...Is a good offense. What is this "Defense" you speak of?

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 21 Jan 2015 @ 7:15am

    Re: This makes everybody in tech a felon

    Same here. Part of my job involves protecting an alarmingly large corpus of diagnosis, treatment and prescription data -- but I won't be able to do that if this passes...well, not without risking prison.

    This is not only wrong, it's insane.

    link to this | view in thread ]

  8. icon
    John Fenderson (profile), 21 Jan 2015 @ 7:16am

    Re: DOJ to white-hats: If you see something, shut up, or face a felony

    "If making a security vulnerability known, or even making it known that you found one, is instantly a felony, the only people who would even risk doing so, will be those that are already planning on breaking the law."

    The number of white hats would be reduced, no question about it, but there will always be some that keep doing the good work. They'll just go underground (a bit like they used to be in the old days).

    link to this | view in thread ]

  9. icon
    nasch (profile), 21 Jan 2015 @ 7:30am

    Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    They'll just go underground (a bit like they used to be in the old days).

    Even among those who continue working, probably many will stop contacting the companies with vulnerabilities (how confident are they that their communications are really anonymous once the FBI gets involved?) and just publicize everything immediately. Nobody benefits from such a change.

    link to this | view in thread ]

  10. identicon
    mcinsand, 21 Jan 2015 @ 7:32am

    Ahhh, but Novell Netware of the 1990's

    I remember when Novell Netware came into the company where I worked in the 1990's. Their documentation would run afoul of the DOJ's current intent. It was a database, and I learned an awful lot when I ran a search with the keywords 'security,' 'password,' and 'risk.' No doubt matters have tightened up now, but that became important for my job back then. I was in R&D, and Production would often massage/tweak/crochet/edit data that went through official channels to claim that tests had a given desired result. Thanks to the Novell documentation, it wasn't hard to go into sister sites' networks and get the raw data. Again, those were the old days, and we also had Moe, Larry, and Curly managing our IT.

    Seriously, though, this could impact those technical writers and trainers. Reinforcing the need for best practices is difficult when you can't thoroughly explain the risk of worst practices.

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 21 Jan 2015 @ 7:37am

    Re:

    It never left, it just takes on different forms as people need it to.

    Every culture and politic has a buzz word, card to play, or dogmatic bias against the side they oppose.

    link to this | view in thread ]

  12. icon
    nasch (profile), 21 Jan 2015 @ 7:37am

    Would be

    Sharing a list of common (and stupid) passwords could be construed as "willfully trafficking" passwords while "knowing" a "protected computer" could be "accessed without authorization."

    "Would be", not "could be". There's no need to exaggerate how bad this is.

    link to this | view in thread ]

  13. identicon
    Anonymous Coward, 21 Jan 2015 @ 7:43am

    Manuals

    Does this mean that companies publishing a manual which contains the default login/password are commiting a felony? They are after all publishing a password willfully which can be used to access a device without authorization.

    If they are I guess they will remove them from the manuals. Would this mean that we have to brute force the password for i.e. a router before we can use it?

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 21 Jan 2015 @ 7:50am

    Re: Re: This makes everybody in tech a felon

    Or if you're brave you could use it in your advertising slogans.

    "We're willing to break the law by following standard security practices to make sure your data is secure from hackers".

    link to this | view in thread ]

  15. identicon
    Citizen, 21 Jan 2015 @ 7:50am

    Re: DOJ to white-hats: If you see something, shut up, or face a felony

    This is truly a terribly crafted piece of legislation that invites every opportunity for its abuse. Hopefully these debates prompt the corrections needed to make it applicable to its goals before it's submitted.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 21 Jan 2015 @ 7:52am

    Since the NSA logs everything that goes across the internet and automatically flags anything containing certain key words, I wonder if composing a *bad* password (thinking no one else would ever see it), something like "BombtheBlackhouse" or "KillThePresident" (or whatever) could get a person SWAT'd and a thrown in jail on terrorist charges?

    Besides NSA snooping, it would also be an interesting way to test if the website or network administrator is reading [supposedly-confidential] passwords by composing a password consisting of a terrorism or death threat against the person or company you suspect might be snooping passwords and/or logging traffic.

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 21 Jan 2015 @ 8:00am

    Re:

    Do you really want to do this in a country where police officers routinely kill unarmed civilians and walk away with paid vacations and a substantial stash in donations? Where SWAT teams routinely raid the wrong locations and throw grenades at children and walk away with commendations? Where drone operators kill innocent men, women and children in between coffee breaks and receive medals for it? Where those who conduct torture are shielded and protected while those who expose it are persecuted, harassed and jailed?

    I didn't think so.

    link to this | view in thread ]

  18. identicon
    Pixelation, 21 Jan 2015 @ 8:21am

    I wonder...

    Will this become a first Amendment fight?

    link to this | view in thread ]

  19. identicon
    joe, 21 Jan 2015 @ 8:22am

    2014 maybe *nt* the year of Digital Security?

    In the caption it states 2014 was the year of digital security. Robert Cringely blogged on this recently and suggests well see more violations this year, but it won't be until 2016 till we deal with it.http://www.cringely.com/2015/01/12/2015-will-year-nothing-happened/

    http://www.cringely.com/2015/0 1/16/2015-predictions-money-stupid/

    link to this | view in thread ]

  20. icon
    Spaceman Spiff (profile), 21 Jan 2015 @ 8:23am

    You never expect

    You never expect the Spanish Inquisition! Or the DOJ Inquisition now... :-(

    link to this | view in thread ]

  21. icon
    compgeek (profile), 21 Jan 2015 @ 8:23am

    Re: Re:

    umm... too late?

    link to this | view in thread ]

  22. icon
    John Fenderson (profile), 21 Jan 2015 @ 8:24am

    Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    True enough. This, too, is pretty much like the old days. Giving software and hardware producers a couple of weeks of advanced notice prior to public disclosure is a very good thing and it would be a shame if that stopped. But the really crucial part is the public disclosure, and that will go on.

    If the pattern from the old days repeats, what will happen is that software and hardware producers will end up begging white hats to start giving the advanced notice again.

    link to this | view in thread ]

  23. icon
    compgeek (profile), 21 Jan 2015 @ 8:24am

    Re: Manuals

    technically if this passes default router password being printed in manuals would be criminal, yes.

    link to this | view in thread ]

  24. icon
    limbodog (profile), 21 Jan 2015 @ 8:34am

    "12345? That's the same password I have on my luggage." - President Skroob in Spaceballs

    link to this | view in thread ]

  25. identicon
    Anonymous Coward, 21 Jan 2015 @ 8:42am

    Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    If the pattern from the old days repeats, what will happen is that software and hardware producers will end up begging white hats to start giving the advanced notice again.

    The rest of the corporations want all security issues swept under the carpet, as it cost them money to fix them. If they can be kept hidden they do not have to spend the money.

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 21 Jan 2015 @ 8:43am

    what the hell is wrong with these people? dont they have anything proper to do? there is a multitude of crime going on and they have time to come out with this? not only that but they want to make it a punishable offence? JEEZ! get a grip!!

    link to this | view in thread ]

  27. icon
    nasch (profile), 21 Jan 2015 @ 8:50am

    Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    If they can be kept hidden they do not have to spend the money.

    They can't of course, so they'll spend the money to settle class action lawsuits after massive data breaches, rather than spending it ahead of time to fix problems.

    link to this | view in thread ]

  28. icon
    nasch (profile), 21 Jan 2015 @ 8:51am

    Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    If the pattern from the old days repeats, what will happen is that software and hardware producers will end up begging white hats to start giving the advanced notice again.

    At which point, the white hats will say "if I did know anything about a vulnerability, it would be a felony to tell you about it." Let's hope this amendment never sees the light of day.

    link to this | view in thread ]

  29. icon
    John Fenderson (profile), 21 Jan 2015 @ 8:53am

    Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    That's why public disclosure is the more important part.

    link to this | view in thread ]

  30. identicon
    Anonymous Anonymous Coward, 21 Jan 2015 @ 8:55am

    Motivations

    Amongst others:

    Our prisons are populated with many people on marijuana violations.

    Our prisons are becoming private entities.

    Several states have legalized recreational marijuana, and more to come, eventually all of them, then the Federal laws will follow.

    The corporations who own privatized prisons are in need of a new source for occupancy, because profit.

    The DOJ, doing their masters bidding, are merely trying to create a new source for prison occupancy.

    Computers are not going away.

    If this fails, they WILL find another excuse and attempt to encode it into law.

    link to this | view in thread ]

  31. identicon
    Anonymous Coward, 21 Jan 2015 @ 9:02am

    Re: Re: Manuals

    then the next question is I guess... are brute force programs legal?

    link to this | view in thread ]

  32. icon
    Berenerd (profile), 21 Jan 2015 @ 9:16am

    The only reason the DOJ is doing this is because its their passwords on the list.

    link to this | view in thread ]

  33. identicon
    Rich Kulawiec, 21 Jan 2015 @ 9:19am

    This proposal appears to criminalize being 0wned

    The removal of the word "intent" seems to imply that the intention here is to hold computer owners responsible for what their systems do without their knowledge. And in a perfect world, that might not be a bad idea. However, in this world, where there are a few hundred million botted systems on the Internet, it's a horrible idea.

    Look what happened to Julie Amero, and that wasn't even her system. The combination of a grandstanding prosecutor, utterly incompetent "forensic experts" and clueless newspaper editors destroyed her life -- over someone else's mistake. (And a rather common mistake, at that.)

    This proposal could be used to go after everyone whose system has been botted, and since it can be, it will be. When convenient. When expedient. When politically desirable.

    link to this | view in thread ]

  34. icon
    Jeremy Lyman (profile), 21 Jan 2015 @ 9:20am

    The Emperor's New Password

    Crap, turns out our security really sucks. Should we fix it?
    Let's just make talking about security illegal.
    Problem solved!

    link to this | view in thread ]

  35. identicon
    Anonymous Coward, 21 Jan 2015 @ 9:27am

    Re: Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    That way their lawyer buddies make a lot of money, with a little trickling down to those who have suffered.

    link to this | view in thread ]

  36. identicon
    me, 21 Jan 2015 @ 9:43am

    enemy of the american people...

    IS the DOJ

    link to this | view in thread ]

  37. identicon
    RK57957, 21 Jan 2015 @ 9:48am

    Wait isn't everything capable of being a password

    Couldn't this sentence technically be a password? Crap wouldn't typing out the previous sentence be a felony if the law is changed because I know it could technically be a password? Crap wouldn't typing out the previous sentence be a felony if the law is changed because I know it could technically be a password? Crap isn't anything I could possibly type out be a felony because I know it could be used as a password.

    link to this | view in thread ]

  38. identicon
    Anonymous Coward, 21 Jan 2015 @ 9:51am

    Why are they under the impression that they own the internet?

    Its based on freedom expression, freedom to create.....not an entitlement to restrict, to profit, or too monopolise

    link to this | view in thread ]

  39. identicon
    Guardian, 21 Jan 2015 @ 10:15am

    retards of the world unite

    so they want to put people in jail for ten years cause they are stupid or daft. GO FOR IT les of em out side the better

    link to this | view in thread ]

  40. icon
    John Fenderson (profile), 21 Jan 2015 @ 10:27am

    Re: Wait isn't everything capable of being a password

    I was thinking about this as well. A "password" is just arbitrary characters strung together (if it's actual words, then you're doing it wrong).

    A list of nothing but passwords isn't even that useful (except to compile a dictionary to be used in a dictionary attack). What is useful is a list of services and user IDs with their passwords.

    link to this | view in thread ]

  41. identicon
    Anonymous Coward, 21 Jan 2015 @ 10:45am

    Nobody wants to see their paswords posted online, but this is not about passwords, its about the attempts to use an event to demand , yes demand the ability, an ability that is so beyond anything like it, to put people who "dont do as they say" in jail, for the crime of presenting a bunch of characters in a certain way, bypassing the human right laws protecting inocent suspicion, or bringing to light questionable laws

    The next step or after other several steps in this obvious ploy will be to put in jail anybody who opposes bad laws, policies, actions, bills, ideas etc etc.........i dont want to pass my own policy, i have no policy by CHOICE, i certainly dont want to see BAD "policies" being passed or manipulated into impressionable minds, and certainly not by people who OBVIOUSLY through the very action they incessantly keep pushing dont give a shit about the rights and freedoms of the individual

    link to this | view in thread ]

  42. icon
    nasch (profile), 21 Jan 2015 @ 11:08am

    Re: Re: Wait isn't everything capable of being a password

    A "password" is just arbitrary characters strung together (if it's actual words, then you're doing it wrong).

    That's not true; a long string of dictionary words is a very secure password. Forexamplethisrightherewouldbevirtuallyimpossibletocrackjustbecauseit'ssolong.

    link to this | view in thread ]

  43. identicon
    Anonymous Coward, 21 Jan 2015 @ 11:14am

    Re:

    Corponesse translation

    For the profit, think of the profit, the profit damn you, the profit

    By the profit, for the profit

    Shall i compare you to a summers dayPROFIT

    I profit threfore i am?

    Land of the greed, home to the profit

    Profit, ......profit........PROFITPROOFIT.PROFIT

    link to this | view in thread ]

  44. icon
    JP Jones (profile), 21 Jan 2015 @ 11:14am

    Re: Re: Wait isn't everything capable of being a password

    A list of nothing but passwords isn't even that useful (except to compile a dictionary to be used in a dictionary attack).

    Why'd you have to point this out? Now they're going to ban the dictionary! Oh, wait, aren't there password crackers that utilize Wikipedia?

    BAN IT ALL! BAN ALL THE WORDS!

    link to this | view in thread ]

  45. identicon
    Anonymous Coward, 21 Jan 2015 @ 11:18am

    how long for default passwords, 15 years?

    link to this | view in thread ]

  46. identicon
    Anonymous Coward, 21 Jan 2015 @ 11:24am

    Re: Re: Re: Wait isn't everything capable of being a password

    come on politicians of the world, lets get our stones, pitchforks, and lanterns, burn it, burn it, burn it all to hell.....politicians of the world unite, we can do this, come on

    link to this | view in thread ]

  47. identicon
    Anonymous Coward, 21 Jan 2015 @ 11:31am

    Re: Re: Re: This makes everybody in tech a felon

    I'd buy it!

    link to this | view in thread ]

  48. identicon
    Anonymous Coward, 21 Jan 2015 @ 11:49am

    Pssh, as if I would ever let anyone else see my hunter2-ing password.

    link to this | view in thread ]

  49. identicon
    Anonymous Coward, 21 Jan 2015 @ 12:07pm

    And this is why Snowden fled to Russia, hippies aren't the only domestic flag burners in the USA, and the military's approval rating of the President is at an all time low.

    They're trying to mold younger generations in their image. All they're doing is creating a generation who consider the US government worse than the Soviet Union. At least Stalin's bad ideas couldn't spread globally due to his toxic reputation.

    link to this | view in thread ]

  50. identicon
    Anonymous Coward, 21 Jan 2015 @ 12:09pm

    The solution is not to end up arresting 50% of your population if its not already 100%, the solution is to recognize how important it is to beef up defensive security, whther those devices be in a company or somebodies home........but because its harder by your standards you take the easy route, by arresting people..........there is, aswell as bad, a good thing when a "hacker" attempts to test how secure something is with the idea to inform the target of the vulnrability..........bit bit by bit, that software becomes more and more secure, and malicious opportunity deminishes, as malicious hackers with ill intent need to find more unique ways to exploit........what their advocating is reducing the ammount people with expertise who do this to contribute to the security community drastically, which in some cases will probably give that one malicious hacker, lets say ten years of use for an exploit he found instead of 8,5,4 2 years? i just had a thought, its funny how this would also reduce the likelyness of good hackers finding intelligence service crimes, yes crimes not hacks.....

    Security/privacy updates/patches should be a right not a privellage, it deals with information belonging to the individual, and so by this extension, security/privacy should be seen as a right, as is the right to not be searched without suspicion.......but with this kind of behaviour you expect to see in oppressed governments, you shoot your selves in the foot.....by your-self........because now, your suspicions are suspect.......you either dont care if we trust you, or, the more relieving of the two, you're too stupid to realise how important it is to have the trust of those you represent......appologies for my frustrated chosen words, but not the drive behind it

    link to this | view in thread ]

  51. identicon
    Anonymous Coward, 21 Jan 2015 @ 12:28pm

    Okay so lets say, supposedly that the pure possesion of this "material", material made up of random characters next to other random characters, is a felony punishable by ten years......in this imaginary world, i'd like to start with the intelligence centers harddrive's first please.....complete and utter unrestricted access please......no, but thats suspiciously similar to someone looking like their hidding something......and we all know what you say that means, right!

    link to this | view in thread ]

  52. identicon
    Anonymous Coward, 21 Jan 2015 @ 12:35pm

    Re: Wait isn't everything capable of being a password

    Please find your nearest authoritarian representatives so you can begin your gazzilion bajillion sentence, thankyou for your servitude peasant

    link to this | view in thread ]

  53. icon
    Padpaw (profile), 21 Jan 2015 @ 1:42pm

    years of reporting America's slide into a fascist police state and the tone of these articles always sound so shocked the worse things get

    link to this | view in thread ]

  54. icon
    Rapnel (profile), 21 Jan 2015 @ 1:44pm

    Another day another law the DOJ writes for itself to assist in making the functions that it performs easier, for itself.

    The further that "Justice" can distance itself from "Department of" then the more just our society will become.

    link to this | view in thread ]

  55. icon
    Padpaw (profile), 21 Jan 2015 @ 1:45pm

    Re:

    then what would they use as an excuse to arrest people they do not like

    link to this | view in thread ]

  56. identicon
    Anonymous Coward, 21 Jan 2015 @ 4:41pm

    written language is banned

    Since any and all words can be used as passwords.
    Hmm, would spoken language count as trafficking?

    link to this | view in thread ]

  57. icon
    That One Guy (profile), 21 Jan 2015 @ 6:01pm

    Re:

    It's when you stop being shocked and disgusted, and instead respond with resigned anger and annoyance that things have gotten really bad. Shock and disgust come from expecting better, hoping for people to act rationally, and having them not. Shock is good, gives people motivation to do something about the cause of the shock.

    Resignation though, when it reaches that point, that's because you no longer expect anything good, because you expect the worst, and are no longer surprised by it. And at that point, the drive to fix the situation is pretty much gone, because why would you even try when you know that that's just what they do?

    link to this | view in thread ]

  58. icon
    That One Guy (profile), 21 Jan 2015 @ 8:51pm

    Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    As long as a potential felony is on the books, they'd have to be fools to give that advanced notice. Between taking the risk of jail time by contacting the company, or anonymously publishing the security vulnerability, I imagine most will choose the latter as the safer option.

    Even the 'promise' of no charges being brought if a security vulnerability is brought to the attention of a company wouldn't be worth much, as that wouldn't stop the DOJ from stepping in and filing their own charges.

    link to this | view in thread ]

  59. icon
    That One Guy (profile), 21 Jan 2015 @ 8:52pm

    Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    On the contrary, let's hope it sees as much light as possible, and is shot down and crushed in such a manner that it will be years before anyone even thinks about proposing something as stupid as it again.

    link to this | view in thread ]

  60. identicon
    Tom Joad, 22 Jan 2015 @ 3:58am

    So that means..

    IF you, at the end of your article, or any one of us at the end of our comments write "all of the words above, including even these, COULD be passwords somewhere on some machine" we're culpable?
    So even if you LEFT OUT that part at the end, anyone with more than two brain cells would know those all were possible passwords, so even without the advice, these are all passwords (including the word password) and therefore anyone writing ANYTHING is a criminal.

    link to this | view in thread ]

  61. identicon
    Pragmatic, 22 Jan 2015 @ 4:53am

    Re: Re:

    The word you're looking for is "Boogeyman."

    link to this | view in thread ]

  62. icon
    nasch (profile), 22 Jan 2015 @ 8:03am

    Re: Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    "Never see the light of day" as in "never have a chance to exist". If it doesn't get passed by Congress, it will never leave that building and thus never be exposed to the light of day.

    link to this | view in thread ]

  63. icon
    Gwiz (profile), 22 Jan 2015 @ 9:23am

    Re: Re: Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    Having to explain an idiom takes the wind out of your sails and sucks like an Electrolux, doesn't it?

    link to this | view in thread ]

  64. icon
    nasch (profile), 22 Jan 2015 @ 9:33am

    Re: Re: Re: Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    Having to explain an idiom takes the wind out of your sails and sucks like an Electrolux, doesn't it?

    It's like grabbing the wrong leg in a pig wrestling contest.

    link to this | view in thread ]

  65. icon
    GEMont (profile), 22 Jan 2015 @ 4:32pm

    Re: So that means..

    You do realize that the members of the NSA, FBI, CIA, HLS, and their extra-national affiliates around the world scanning this comments page, have all just wet themselves reading your words - which point out that writing any string of words would be a criminal act under this legislation and thus, describes nicely the near-ultimate wet dream of any fascist....

    That the creation and or publishing of any "unauthorized" literature, is automatically a major criminal act, punishable by maximum legal reaction.

    This is of course only the for-runner legislation of the true ultimate wet dream laws of fascism...

    That all unauthorized speech is automatically a major criminal act, punishable by maximum legal reaction.

    Peasants need only labor for the state, sleep and eat, and need no voice or thought beyond that necessary to fulfilling the task assigned them by the state to insure the continuity of the state. That is the goal of fascism - that the state becomes a commercial operation owned and run by the ruling class and the peasants become the feedstock from which the wealth of the ruling class is derived.

    This is the way life has been on earth for most of human history.

    The fact that fascism always leads directly to dissolution of the nation in which it flourishes changes nothing, as fascists have no plan beyond draining a place of its wealth before moving on to greener pastures.

    The resemblance to a virus, or the legendary vampires of Hollywood is telling.

    The last thing the fascist owned state needs is uppity peasants discussing the fact - verbally or in writing - that the state is nothing more than a gang of lizard brained greedy millionaires mindlessly sucking the life out of the earth like fleas on a dog.

    It would be lovely to perceive a future where the heads of tycoon CEOs, mob bosses, billionaire politicians, lawyers and their kin, could be seen adorning the pointy ends of pikes along the roads of a nation awakened from a nightmare, but all my limited fore-sight conjures up is empty streets.



    ---

    link to this | view in thread ]

  66. identicon
    Anonymous Coward, 22 Jan 2015 @ 7:23pm

    They said 'would' (indicating certainty) but you paraphrased it as'could' meaning within the realm of possibility.


    Big difference. Very big difference. Very,very big difference, actually.

    link to this | view in thread ]

  67. identicon
    herp, 22 Jan 2015 @ 8:57pm

    And Pastebin will shutdown.

    link to this | view in thread ]

  68. icon
    Sheogorath (profile), 23 Jan 2015 @ 6:32pm

    Re: Re: Re: Re: Re: Re: Re: Re: Re: DOJ to white-hats: If you see something, shut up, or face a felony

    It's like grabbing the wrong leg in a pig wrestling contest.
    Isn't that what much 'law enforcement' consists of, nowadays? Someone wrestling a 'pig' on the ground so as to avoid assault, praying that the guy (as they generally are) doesn't shoot, tase, or pepper spray them.

    link to this | view in thread ]

  69. identicon
    Jake, 28 Jan 2015 @ 7:01am

    Re: Re: Wait isn't everything capable of being a password

    This is the correct angle on this I think, a list of "potential bad passwords" is just a list of combinations of letters and numbers (not likely to be any special chars in there). They do not become passwords until connected with a username and an account at a specified service.

    To bring the idea proposed by the law into the real world, would a list of gases used in various types of blowtorch be considered an intentional aid to safecrackers?

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.