Skip to comments.Call yourself a 'hacker', watch your ex-boss seize your PC without warning
Posted on 10/24/2013 6:14:50 PM PDT by markomalley
A US district court has ruled that self-confessed "hackers" have all the skills needed to swiftly destroy evidence, allowing anyone suing them to seize their equipment without warning.
The court in Idaho decided that a software developers computer could be confiscated without prior notice primarily because his website stated: We like hacking things and dont want to stop.
The ruling [PDF] came down in a case brought by Battelle Energy Alliance against ex-employee Corey Thuen and his company Southfork Security.
Thuen, while working for Battelle, helped develop an application today known as Sophia, which fires off alerts if it detects industrial control equipment coming under electronic attack. Battelle which was tasked with beefing up the computer security of US electricity plants, energy sources and other critical sites wanted to license this technology, but Thuen hoped to open source the code, according to the plaintiffs.
Sophia, which had been in development since 2009, underwent testing in 2012 and attracted the attention of power companies.
Thuen left Battelle before setting up Southfork Security. According to Battelle, Southfork Security competed against other firms to license Sophia from Battelle before withdrawing in April 2013, a month before an outfit called NexDefense was awarded the right to negotiate an exclusive commercial licence.
Around the same time, in May 2013, Southfork Security began marketing a situational awareness program called Visdom that Battelle alleges is a knockoff of Sophia.
Battelle Energy Alliance sued Thuen, claiming that Visdom was based on stolen code, and accused Southfork and Thuen of copyright infringement, trade secret misappropriation and breach of contract, among other allegations, according to legal filings seen by The Register.
What elevates the case from a run-of-the-mill intellectual property dispute is that Battelle persuaded the court to allow it to seize Thuen's computer to copy its files. The district court ruled that the programmer has the skills, as a "hacker", to release the contested code publicly, cover his tracks and destroy any evidence, if he knew a seizure was imminent:
The court has struggled over the issue of allowing the copying of the hard drive. This is a serious invasion of privacy and is certainly not a standard remedy... The tipping point for the court comes from evidence that the defendants in their own words are hackers. By labeling themselves this way, they have essentially announced that they have the necessary computer skills and intent to simultaneously release the code publicly and conceal their role in that act. And concealment likely involves the destruction of evidence on the hard drive of Thuens computer. For these reasons, the court finds this is one of the very rare cases that justifies seizure and copying of the hard drive.
The plaintiff also obtained a temporary restraining order against Thuen and Southfork Security without prior notice primarily because, again, the Southfork website declared we like hacking things and we dont want to stop".
This statement was used to prop up the claimants' argument that Thuen and Southfork "have the technical ability to wipe out a hard drive [and] will do precisely that when faced with allegations of wrongdoing". That would seem to fall short of the usual legal test for granting a restraining order, that the defendants have a history of disposing of evidence or violating court orders, but the district court granted the restraining order nonetheless.
The order prevents Thuen and his company from releasing any of the contested source code.
Battelles lawyers also raised national security concerns by arguing that releasing the Sophia utility as open-source code would hand strategic and vital information to wannabe power-plant hackers. Thuen and Southfork were not given the opportunity to appear before the court and contest this argument before the seizures were carried out and the restraining order on the business imposed.
A good overview of the whole contentious case so far can be found in a blog post by control system security consultancy Digital Bond. ®
There is a debate over whether the court's ruling ran roughshod over a person's rights against unreasonable seizures, enshrined in the US Constitution's Fourth Amendment: some have argued that such protections do not extend to discovery requests in private civil cases.
If it’s the company’s computer, that is their right.
It sounds like they are confusing Hacking with Cracking.
you do not need special skills to destroy evidence quickly. just a screw driver and a hammer.
software is a black art to most of society. hell, most of them are mystified by the mouse
meanwhile, it would make sense to never be w-2 with any company... just subcontract and be done with it
Well, it wasn’t their computer so it isn’t their right.
But they got an ignorant judge to sign off on it so there you go.
Is that Lindsey Graham in the very back?
You don’t even really need those tools if you have a rare earth magnet to throw on your drive.
A$$holes. The word “Hacker” means a person who spends a lot of time at the computer, working to get a program to work. When the media first heard the word several years ago, naturally it didn’t understand it, and gave it the meaning of “person trying to break into a computer.”
They still are a$$holes.
In this context, I’m not sure there is a functional difference between a cracker and a hacker.
The person is publicly declaring he has the necessary skill set to do either, and that’s what the argument came down to: Did he have the ability, and was he likely to do more damage to the company with what was on his computer, then cover the tracks? He says he did and he was, so it was reasonable to take him at his word.
This case covers some novel ground because, as the article states, it doesn’t meet the legal test for a restraining order. Maybe the Judge thought that a declaration of “being a hacker” was sufficient historical behavior?
Not sure, but Obama is driving.
I’ve got an old hard drive here on the shelf that I took out of the computer when it went to hell and I dumped the computer at an electronics store.
Doesn't have to be if it's their Intellectual Property on it.
Fully automatic assault computer Hacker.
I have a couple, too. I ordered an adapter so I can copy their images through a USB port. I suppose I’ll get on that project this weekend...
“Doesn’t have to be if it’s their Intellectual Property on it. “
But how do they know/prove that it is their intellectual property on it?
You need probable cause for a search. They can’t just go fishing around someone’s hard drive to see what they can find.
But apparently bragging that one is a skilled computer programmer is enough probable cause for an ill informed judge.
so anyone can spoof an email from you with you saying you’re a hacker and there goes your cmputers. great.
LMAO! No, it applies to each and every thread!
...and based on the new definition of mentally deficient, or terrorist, there go your guns, too.
The Judge decided to err on the side of evidence preservation, which I’m not sure is a good idea. The act of “erring” might be evidence of the Judge being an idiot, so we’ll see. I bet most Judges are not learned in the ways of “hacking” vs “cracking.”
Solution is propose an independent 3rd party analyze the drive. Obviously the defendant is in a like business and it would be bad if his competitor (plaintiff) had a look at his future work, or even past work non-related.
They cannot fish around like that. Shame on the judge, but even more shame on the defendant and his lawyer for not putting up an adequate defense. What was this guy, a $60 an hour attorney?
Luckily Obama nullifies the Constitution. So they can seize anything anytime.
Everybody is forgetting ..... What did the defense lawyer do?
This is not new territory for this type of civil action. I’ve been on all 3 sides of this type of problem. As the ‘company’, as the ‘consultant’ and as an employee.
Apparently the Defense did not do much of anything. The novelty of this seems to be, “Does declaring oneself a ‘hacker’ impute a likelihood of malfeasance, even in the absence of a history of behavior?” I have a feeling this is going to be shredded on appeal.
Read this story carefully and then reflect on the fact that these are civilian companies writing code for security of electricity plants.
Makes one all warm & fuzzy, don’t it? /s
Besides, if he was a real Hacker, Molten Thermite would have been burning thru those disks as they entered the premises.