Thursday, April 17, 2014

2014-04-17: Is former Sacramento media employee Matthew Keys a victim of overzealous, misguided cybercrime prosecution?

Is former Sacramento media employee Matthew Keys a victim of overzealous, misguided cybercrime prosecution?

His trial here in Sacramento in federal court to wrap up soon


This article was published on .

Some say the U.S. Department of Justice’s priorities are out of whack when it comes to cyberterrorism prosecutions.
The trial of former KTXL Fox40 Web producer Matthew Keys in Sacramento federal court appears to be approaching its anticlimax.

The 27-year-old blogger and journalist is accused of helping hackers break into the Los Angeles Times website, where they changed the headline of a story. Keys has even confessed to the substance of the crime, though it hardly qualifies as misdemeanor vandalism. So why make a federal case out of it? Couldn’t Department of Justice resources be better directed elsewhere?

It’s a question of priorities, according toSurviving Cyberwar author Richard Stiennon. “For those in justice, your career path is to get a whole bunch of successful prosecutions and get noticed,” Stiennon says. “So you’re going to go after the low-hanging fruit.”

Lately, prosecutors have been taking advantage of the wide latitude afforded them by the Computer Fraud and Abuse Act to press cases involving “network security.” And they press hard.

Last January, Internet entrepreneur and activist Aaron Swartz killed himself while under felony prosecution for downloading academic journals. Swartz, who helped create the crowdsourced entertainment site Reddit, was facing 50 years and $1 million in fines.

“The days of ’Let’s haul this kid in front of the judge, scare him and send him home with a warning’ are long since gone,” says attorney Jay Leiderman, who represents Keys. “Prosecutorial discretion is a great thing if it’s exercised, but it doesn’t happen in any meaningful way these days, because prosecutions are so politicized.”

That’s the crux of the problem for Keys, the former Reuters social-media editor and possessor of 23,000 Twitter followers. In December 2010, he crossed paths with Hector Xavier Monsegur, a.k.a. Sabu, the eventual leader of AntiSec, a more mischievous offshoot of hacktivist group Anonymous. Keys passed them the credentials he once used to log into KTXL’s computers, which were linked to the Tribune Company network.

Keys left KTXL two months earlier, and he’s since expressed surprise that the credentials still worked. An AntiSec member used them to access the L.A. Times website and change a story headline from “Pressure Builds in House to Pass Tax-cut Package” to “Pressure Builds in House to Elect CHIPPY 1337,” a reference to another hacker group. Within 30 minutes, the hacker was frozen out and the headline corrected.

Keys might have expected, at worse, a stiff warning and small fine. But he literally messed with the wrong guy. Sabu had been an FBI informant since his arrest in June 2011, right around the time he started AntiSec.

For months, Monsegur encouraged his followers to commit cybercrime while under the FBI’s control. He was the “honeypot” attracting would-be perps into an operation seemingly designed to intimidate future hackers and anyone who might associate with them, like Keys.

“Part of this is [the feds’] broader push to send a message that anything and everything is going to go punished that appears to suggest that the control of the Internet is up for grabs,” says Hanni Fakhoury an attorney at Electronic Frontier Foundation in San Francisco. “It is not a coincidence that this was linked to behavior undertaken in the name Anonymous.”

It wasn’t always like this. Keys and Swartz were charged under CFAA, a 28-year-old law whose contours, like the shore, have worn away with time, yielding to much wider application.

The CFAA was conceived in the wake of the Matthew Broderick movie WarGames, about a hacker who inadvertently almost starts a nuclear war. The original drafters focused narrowly on government computers and the intent of the intrusion.

But changes in the law and vague wording have turned “unauthorized access” to a computer into a prosecutorial blank check.

Eleven years ago, nearby Fiddletown resident Bret McDanel was jailed under the CFAA for a crime the government later admitted he hadn’t really committed.

McDanel noticed a security flaw in his firm Tornado Development’s Web-based communications software. He told his supervisors, but his concerns went unaddressed. After leaving their employ, he sent an email to all the software’s users informing them of the issue. The Amador County resident was charged with undermining the “integrity of a computer system.”

By the time the feds admitted the law wasn’t meant to protect a software company’s reputation, he had already served his 16-month sentence. He’d lost his fiancée and was living with his parents, while his former employer had gone out of business. But McDanel can surely tell you which way the railroad runs.

As Keys has discovered, the feds lean hard and wear you down. He faces up to $750,000 in fines and 25 years in prison.

Swartz initially faced only 35 years, but four months before his death (20 months after his initial arrest), they added nine more felony counts, raising his jeopardy to 50 years. The idea, critics say, was to squeeze a plea out of him; Swartz found a different way out.

Swartz’s act of martyrdom generated a firestorm of protest. It caught the attention of Bay Area Congresswoman Zoe Lofgren, who sponsored (still-stalled) legislation known as Aaron’s Law to change some CFAA provisions.
“In talking to Aaron’s family and others who were involved in his situation, it was a real eye-opener to what happens in the criminal-justice system,” says Lofgren. “What they felt was very abusive was this sort of thing where you more or less try to extort concessions through the use of overprosecution.”
Keys’ odyssey appears to be drawing to its close, for better or worse. His last court appearance, on April 2, was accompanied by news that the case had gone to “reverse proffer.” This involves the prosecution sharing their case with the defense, generally with an eye toward an agreement.

Nearly all those swept up in the feds’ Anonymous-related enforcement actions have been processed. The sole remaining exceptions are Keys and cooperating ringleader Monsegur. In January, Monsegur’s sentencing was delayed for a third time, so it’s not difficult to believe he’s the bow on the whole operation.
Keys is certainly guilty of something, but probably not a felony. In that respect, he’s perhaps a victim of cybercrime’s intrigue and a prosecutor’s desire to leverage that publicity.

“Any case that has the word ’cyber’ in it brings headlines, because it’s interesting. There’s a degree to which careers are made this way,” says Leiderman. “’Cyber prosecutor blah-blah-blah.’ Nobody reads the ’blah-blah-blah.’ They just go, ’They caught a cybercriminal. Fantastic.’”

Lofgren continues to push changes in the law to make it less prone to abuse. Unfortunately, there’s precious little to be done about overzealous prosecutors.

“You really can’t impose good judgment legislatively,” Lofgren says, “but we do need to have better oversight over the Department of Justice.”

Thursday, April 3, 2014



After Signing a Plea Deal, Barrett Brown Could Leave Prison This Year

Illustration by Dell Cameron

On Monday, US Attorney Sarah Saldaña filed a superseding indictment in the government’s case against Barrett Brown.
“It’s conceivable,” attorney Jay Leiderman told me yesterday, that the prosecution, which dismissed 11 of Brown’s charges last month, “is about to reach a plea deal with Barrett.”
It appears now, that a plea deal has been reached. After bringing multiple cases against Brown, three of which he had pleaded "not guilty" to, federal prosecutors have salvaged a minute victory over Brown. Originally, they sought to put him behind bars for 105 years. The prosecutors were granted a seal on the plea agreement by the court.
Of the two counts pleaded to in the indictment, one, of “Accessory After the Fact,” links Brown to Jeremy Hammond a/k/a “o,” and the 2011 Stratfor hack. The otherclaims that Brown, having been “aided and abetted by another person,” (his mother), obstructed the execution of a search warrant on March 6, 2012, the day after Hammond’s arrest.
Leiderman, who was driving while we spoke, had me read the three-page indictment to him. If Brown pleaded to the two counts, we calculated together that he would face a maximum punishment of 4.5 years: the accessory charge carries a 2.5 year punishment, and the second count carries two maximum punishments (18 U.S. Code § 1501-1502) of “not more than one year.”
“Realistically, what he faces is 30 months with 19 already served,” said Kevin M. Gallagher, director of Free Barrett Brown. He added that Brown will likely petition the court for leniency, and told me, “We believe he has a strong chance of getting time served, and ultimately will be out of jail this year.”
The new indictment illustrates just how differently the government and his supporters view Brown's actions. Federal prosecutors state that he intentionally diverted attention away from Hammond, misleading the authorities (and Stratfor) with regards to his identity.
Brown is, however, a credentialed journalist who has been published by numerous respected outlets. As such, supporters would argue he had a constitutional right to defend his sources against prying federal investigators. The prosecution has continuously shifted its tactics in pursuing the case, and "has thoroughly embarrassed itself," said Leiderman. He reflected on the Government's dismissal of charges that sought to criminalize Brown's sharing of a hyperlink, citing a clear inability for prosecutors to hold their case together.
A re-arraignment is scheduled to take place in the Dallas federal courthouse on April 29th, according to electronic filings.
"Yeah," said Gallagher, "he's coming home soon."
TOPICS: journalismbarrettBrownfederalcourtcasehackingJeremyHammond,AnonymoustexasDallaspower