Alleged Ohio rapists may not get fair trial: defendant's lawyer

(Reuters) - Two Ohio high-school football players accused of raping a teenage girl may not get a fair trial after a photo and video allegedly associated with the case were posted on the Internet by the computer hacking group Anonymous, a lawyer for one of the accused said on Friday.
Ma'lik Richmond and Trenton Mays, both 16 and members of the Steubenville High School football team, are charged with raping a 16-year-old fellow student last August, according to statements from their attorneys to local and national media.
Their juvenile court trial is scheduled for February in Steubenville, a city of 19,000 about 40 miles west of Pittsburgh.
The case shot to national prominence this week when Anonymous activists made public a picture allegedly of the rape victim, being carried by her wrists and ankles by two young men, and of a video that showed several other young men joking about an alleged assault.
Richmond's lawyer, Walter Madison, said on CNN that his client was one of the young men in the photograph, but does not appear in the video.
But the picture "is out of context," Madison said. "That young lady is not unconscious," as has been widely reported.
"A right to a fair trial for these young men has been hijacked," Madison said, adding that social media episodes such as this have become a major threat to a criminal defendant's right to a fair trial.
"It's very, very serious and fairness is essential to getting the right decision here," he said.
Mays' attorney Adam Nemann could not immediately be reached for comment on Friday. In an interview on Thursday with Columbus, Ohio, broadcaster WBNS-10TV, Nemann raised concerns about the effect the Anonymous postings could have on potential witnesses in the case.
"This media has become so astronomically ingrained on the Internet and within that society, I am concerned witnesses might not want to come forward at this point. I would be surprised now, if there weren't witnesses now who might want to start taking the Fifth Amendment," Nemann told the station.
The Fifth Amendment to the U.S. Constitution offers protection against self-incrimination in criminal proceedings.
The case has also been a challenge for local officials because of conflicts of interest. Both the local prosecutor and police have close ties to the school that the defendants attend.
As a result, the case is being investigated and prosecuted by Ohio Attorney General Mike DeWine's office.
Interviewed on CNN on Friday, DeWine said it was not unusual for his office to prosecute or investigate cases in small towns where close ties within the community caused conflicts of interest to arise.
He also voiced concern about how social media may affect the case.
"This case needs to be tried not in the media, not in social media," DeWine said.
He said Anonymous' attempt to shame the alleged attackers had actually harmed the victim.
Not only is the victim hurt by the initial crime, but "every time something goes up on the Internet, the victim is victimized again," DeWine said.

Read More..

Leader of Online Movie Group IMAGiNE Gets five Years for Piracy

LOS ANGELES (TheWrap.com) - Jeremiah B. Perkins, the former leader of internet movie group IMAGiNE, was sentenced to five years in prison on a piracy charge, the U.S. Department of Justice said Thursday.
Perkins, 40, pleaded guilty to one count of conspiracy to commit criminal copyright infringement in August.
In addition to the prison sentence, Perkins was sentenced to three years of supervised release and ordered to pay $15,000 in restitution.
The five-year prison sentence and three years supervised release represent the maximum sentence that Perkins faced, but he could have received a maximum fine of $250,000.
According to the Justice Department, IMAGiNE specialized in pirating movies playing in theaters. Court documents indicated that Perkins, of Portsmouth, Va., and his cohorts used receivers and recording devices to capture the audio tracks for movies in theaters, then sync the audio tracks to illegally recorded video files. The group would then share the completed files with members of the IMAGiNE Group and others.
ExtraTorrent reports that the recipients of IMAGiNE's pirated movies included buyers in Asia, who would then make copies and distribute the pirated films in the Asian underground market.
During Perkins' trial, an MPAA representative testified that IMAGiNE was "the most prolific motion picture piracy release group operating on the Internet from September 2009 through September 2011," the Justice Department said.
The Justice Department said that Perkins admitted to renting computer servers in France and other locations for IMAGiNE's use, and also to registering internet domains for IMAGiNE and setting up PayPal and email accounts to facilitate the group's transactions.
Three of Perkins' co-defendants - Sean M. Lovelady, Willie O. Lambert and Gregory A. Cherwonik - also pleaded guilty to one count each of conspiracy to commit criminal copyright infringement and received sentences ranging from 23 to 40 months.
A fifth co-defendant, Javier E. Ferrer, was charged in September and also pleaded guilty to the charge. His sentencing is scheduled for March.
Perkins and his co-defendants were arrested by the Immigration and Customs Enforcement's Homeland Security Investigations division, which also conducted the investigation.

Read More..

New Jersey man accused of trying to hire "cannibal cop" to kidnap woman

NEW YORK (Reuters) - A New Jersey man offered to pay $5,000 to the so-called "cannibal cop" to kidnap a woman and deliver her to be raped, U.S. officials alleged on Friday.
Federal authorities arrested Michael Vanhise, 23, and charged him with conspiracy to commit kidnapping with Gilberto Valle III, a New York police officer who was arrested in October and charged with conspiring to kidnap, torture, cook and eat women.
In a series of emails last year, Vanhise tried to bargain down the kidnapping fee and urged the police officer to "just make sure she doesn't die before I get her," according to a criminal complaint unsealed Friday.
"No need to worry," Valle replied in an email, prosecutors allege. "She will be alive. It's a short drive to you."
Vanhise admitted to investigators he sent the emails, prosecutors said.
Valle, nicknamed the "cannibal cop" by New York media, was accused of targeting women whose names were discovered in a file on his computer.
In November, Valle pleaded not guilty and said he was merely engaged in online fantasy role play.
Vanhise was charged with one count of conspiracy to commit kidnapping. He was expected to appear in court Friday afternoon. His attorney, Alice Fontier, did not immediately return a call for comment.
The emails between the two men "read like a script from a bad horror film," Manhattan federal prosecutor Preet Bharara said Friday in a statement.
Vanhise was also accused of emailing photos and the home address of a girl from his Hamilton, New Jersey neighborhood to two unnamed people, according to a criminal complaint, which said Vanhise solicited the girl's kidnapping.
Prosecutors said Vanhise tried to bargain down the price for the kidnapping to $4,000.
"Could we do 4?" Vanhise asked Valle in an email last February, according to the complaint.
"I am putting my neck on the line here ... $5,000 and you need to make sure that she is not found," Valle responded. "She will definitely make news."
Valle's estranged wife tipped off authorities after she discovered a disturbing file on his computer, a law enforcement official said at the time.
The file, called "Abducting and Cooking: A Blueprint," contained the names and pictures of at least 100 women, and the addresses and physical descriptions of some of them, according to court documents.
Authorities charged last fall that Valle had undertaken surveillance of some of the women at their places of employment and their homes.
Valle was denied bail by a judge who called the charges "profoundly disturbing."
Both men face a maximum sentence of life in prison if convicted. The case has disturbed even veteran criminal investigators.
"No effort to characterize the defendant's actions is necessary," said FBI Assistant Director-in-Charge George Venizelos in a statement. "The factual allegations more than suffice to convey the depravity of the offense.

Read More..

Five Best Thursday Columns

Jonathan Cohn in The New Republic on Starbucks In hopes of inspiring latte-sipping lawmakers to reach a deal on the fiscal cliff, yesterday Starbucks started writing "come together" on every cup it sells in the DC area. Cute effort, right? More like misguided, argues Jonathan Cohn. He thinks the issue isn't about two warring parties reconciling—it's about convincing the Republicans to quit hijacking the negotiation process. "One party, the Democrats, is already acting responsibly. And one party, the Republicans, is not," Cohn writes. "Washington doesn't need two parties that can 'come together.' It needs one party to 'get it together.' Maybe [Starbucks CEO Howard] Schultz should put that on a coffee cup."

RELATED: When Zuck Met Medvedev

Jacob Sullum in Reason on mental health With so many voices crowding the debate around gun violence, which issue should we be focusing on to prevent another horrible mass shooting like the one at Sandy Hook Elementary—gun control or mental health? Jacob Sullum remains skeptical about the latter. "Even if the mental-health criteria for rejecting gun buyers (or for commitment) were expanded, there is little reason to think [mental health professionals] could distinguish between future Lanzas and people who pose no threat," Sullum writes, citing data that says around half of Americans will become mentally ill at one point in their lives.

RELATED: Anti-Putin Protesters Huddle on Facebook to Plan Weekend Demonstration

James Bessel in The New York Times on Hagel's pro-Israel critics One of the many camps that doesn't want to see Chuck Hagel become the Secretary of Defense includes the pro-Israel lobby. Groups like the Emergency Committee for Israel are already swinging at Hagel for remarks he made about the Jewish state years ago. "Support for the Jewish state remains strong among both parties on Capitol Hill and across the American electorate, and it won't disappear anytime soon," James Bessel writes. "But that support will wither if Aipac and other mainstream Jewish leaders don't forcefully reject the zealots in their midst."

RELATED: What Threat Did 11 Russian Spies Pose?

Leonid Bershidsky in Bloomberg View on Russia This time last year, Russia's dissidents seemed primed to remake the country, taming its corruption through massive protests. But 2012 hasn't seen those hopes borne out, argues Leonid Bershidsky. Instead, Vladimir Putin has squashed his opposition and launched "a new cold war" with the U.S. "By pushing back his opponents instead, Putin showed that, at 60, he still knows what cards to play with most Russians: traditional values, Orthodox Christianity, anti-Americanism," Bershidsky writes. "As a man deeply rooted in the Soviet past, he has fallen back on the old regime's tested recipes for suppressing dissent, and he has succeeded in annihilating the threat of peaceful revolution that seemed so real a year ago."

RELATED: Europe Is the X Factor in Palestinian Statehood Bid

William H. Janeway in the Los Angeles Times on venture capital When it comes to juggernauts like Facebook and Spotify, Silicon Valley venture capitalists might not have built that, but they would say such innovations wouldn't have gotten built without their money. But one venture capitalist—William H. Janeway—wants to give credit to who really built the platform for all this development: government. "My colleagues and I and the entrepreneurs whom we backed were all dancing on a platform constructed by the federal government," Janeway writes. "Government cannot play the role either of entrepreneur or venture capitalist in creating the low-carbon economy. But entrepreneurs and venture capitalists cannot build this new economy by themselves."

Read More..

Why Apple's First American-Made Mac Minis Wouldn't Create Jobs

If the latest rumors are true, Apple's made-in-America shift will be an extremely experimental, low-cost operation — and if you look at the supply chain, that may point to more of a symbolic gesture than a genuine engine of job creation. The whispers, which have increasingly better sourcing, now say the tech giant will move its Mac Mini production line from China's Foxconn to the the U.S., possibly near California or Tennessee, per the rumor site DigiTimes. It's still a rumor, of course, but it would make sense for Apple CEO Tim Cook to choose the cheapest and simplest of Macs in fulfilling what he promised earlier this month would be a move "to bring some production to the U.S. on the Mac." It's not going to be a massive Apple factory on these shores, not nearly. Here's why the market and the product specs will dictate less man power:
RELATED: Apple Still Isn't Doing a Very Good Job Creating U.S. Jobs
Low-demand equals low-supply equals a smaller operation. Apple does not break down individual Mac Mini sales in its quarterly reports, but DigiTimes guesses 2012 sales totaled somewhere around 1.4 million units. In one quarter last year, the company sold 1.48 desktop computers, which includes the Mac Mini, iMac, and Mac Pro. Say those sales divided equally; then over a year Apple would sell just under 2 million Mac Minis. Even with that higher estimate, it's a teeny-tiny number compared to the 3 million iPads (Minis and normals) it sold over one weekend in November.
RELATED: Apple Will Be Made in America, Finally
With demand relatively low, Apple won't have to run a huge operation in the U.S., which means fewer jobs necessary at any new or converted factory.
RELATED: Obama's Awkward Steve Jobs Reference at the State of the Union
Tiny product equals fewer parts equals a smaller operation. You can see from the photo above just how little the littlest, lowest-end Mac computer really is. The iFixit teardown for the latest Mac Mini takes 14 steps compared to the iMac, which takes 25. Meaning, the reverse — putting it back together — takes around that amount of work (plus, you know, factory speed), which may point to a much, much lower percentage of workers per product to get the new line of Minis built here.
RELATED: Why on Earth Is Rick Perry Giving Apple Money?
The smaller box also has fewer parts, some of which will come from American suppliers. (To get the "Made in America" stamp requires a certain amount of parts and labor built in and working on U.S. soil.)
RELATED: How iPhone Overcame Hardware Concerns to Massive Sales
Perhaps Apple's making a smart choice by starting small, as TechCrunch's Darrell Etherington argues. All of this smallness means lower costs for Apple. It also means fewer possibilities for something to go wrong in the supply chain. Or you could take the cynical road, and see Apple's choice not as a test model for the future, but as a way for the company to say it makes something here. And then go back to China.

Read More..

Survey finds increase in e-reading, drop in paper

The tastes of the reading public are turning digital.
A Pew Internet Research Center survey released Thursday found that the percentage of Americans aged 16 and older who read an e-book grew from 16 percent in 2011 to 23 percent this year. Readers of traditional books dropped from 72 percent to 67 percent. Overall, those reading books of any kind dropped from 78 percent to 75 percent, a shift Pew called statistically insignificant.
Those owning an e-book device or tablet jumped from 18 percent to 33 percent, with much of that increase coming from last year's holiday season, when millions received Kindles, Nooks and other e-readers as gifts.
Awareness that libraries offer digital texts grew from 24 percent to 31 percent.
The telephone survey of 2,252 people aged 16 and older was conducted from Oct. 15 to Nov. 10. It has a sampling error margin of plus or minus 2.3 percentage points.

Read More..

New purported BlackBerry Z10 specs emerge: 1.5GHz processor, 2GB RAM, 8MP camera

Another week, another batch of purported leaks for Research In Motion’s (RIMM) first BlackBerry 10-powered Z10. BBin claims to have most of the Z10′s final specs confirmed and it is shaping up to be a powerful device. Rumored specs for the Z10 include a TI OMAP 4470 1.5GHz dual-core processor (Qualcomm Snapdragon MSM8960 for the U.S. and Canada), a 4.2-inch display (1,280 x 768 resolution), quad-band LTE, 2GB of RAM, 16GB or 32GB of internal storage, an 8-megapixel rear camera with LED flash, a 2-megapixel front camera, a microSD card slot, and an 1,800 mAh removable battery. On the connectivity side, the Z10 is also rumored to have NFC, Bluetooth 4.0, dual-band 802.11 a/g/n Wi-Fi, A-GPS, a Micro USB port and a Micro HDMI-out port. BlackBerry 10′s January 30th unveiling in New York City can’t come soon enough.

Read More..

Instagram gains users in December despite recent uproar as Zynga gets pecked to death by rivals

Zynga (ZNGA), the Facebook (FB) app behemoth, still reigns supreme on its most important platform. But the erosion of its dominant position continues as smaller rivals keep chipping away at its market share. On December 26, Zynga-owned Facebook applications had 267 million Monthly Active Users, down 20 million in two weeks. Far behind it followed Microsoft (MSFT) with 70 million MAU, King.com with 65 million MAU and Instagram with 43 million MAU.
[More from BGR: Samsung looks to address its biggest weakness in 2013]
But whereas Zynga lost nearly 7% of its Monthly Active Users in the two-week run-up to Christmas, Microsoft managed to inch up by 700,000 users, King.com by 600,000 users and Instagram by 2.1 million users.
[More from BGR: New purported BlackBerry Z10 specs emerge: 1.5GHz processor, 2GB RAM, 8MP camera]
Of course, the Facebook crackdown on aggressive customer acquisition techniques has limited the growth of all third-party app developers. But the most important of Zynga’s smaller rivals have been able to avoid the kind of MAU erosion that is now plaguing the Facebook app champion.
What really pops out from Christmas Facebook app trends is the way Instagram has been able to ride a wave of negative publicity to perky 5% monthly user growth over the past two weeks.
The tsunami of wrath and sarcasm unleashed on Twitter has not reversed Instagram’s momentum. It might even be possible that floating an outrageous-sounding privacy policy and then quickly reversing it could have simply increased Instagram’s brand recognition and piqued consumer interest among those who are not deeply involved in app trends.
This certainly adds some piquancy to the breathless commentary about Instagram’s “fatal blunder” and “possibly irreversible damage.

Read More..

Hackers hook the Nexus 4 onto AT&T’s LTE network in limited markets

LTE on the Nexus 4 — it’s not just for Canadians anymore. Android Police points out the some members of the XDA-Developers forum have been able to use AT&T’s (T) LTE network on their Nexus 4 smartphones, but only in limited markets. The reason, as Android Police explains, is that the Nexus 4′s radio can pick up frequencies on the AWS band that spans from 1710 to 1755 MHz on the uplink and from 2110 to 2155 MHz on the downlink. But while AT&T uses this band for LTE services in some markets, it mostly deploys LTE on the 700MHz band that has significantly better propagation than the AWS band. All that said, Android Police notes that if you own a Nexus 4 and live in Phoenix, Raleigh, San Juan, Los Angeles, Las Vegas, Oklahoma City, Dallas, Chicago or Charlotte, you might want to see if you can pick up on AT&T’s LTE services, since the carrier owns the rights to AWS spectrum in those markets.

Read More..

Cyber attacks on Gulf infrastructure seen rising

DUBAI (Reuters) - The former chief of the United Arab Emirates' air force said his country's advanced cyber infrastructure made it a favorite target for hackers, especially when tension heightened in the Israeli-Palestinian conflict. "The last war in Gaza led to a barrage of cyber attacks because UAE has advanced telecommunications infrastructure," retired Major General Khaled al-Buainnain said. "The biggest attack was during the 2006 Israel-Lebanon war which was carried out by pro-Israeli hackers who did not understand the nature of the conflict and its parties." His comments came a few months after a virus infected 30,000 computers at Saudi Arabia's national oil company, Saudi Aramco, which said on Sunday the attack was aimed at stopping oil and gas production at the world's biggest oil exporter. The attack failed to disrupt production, but was one of the most destructive cyber strikes against a single business. Cyber attacks on infrastructure by hostile governments, militant groups or private "hacktivists" have the potential to disrupt oil and gas supplies to power plants and desalination plants, on which the Gulf states are heavily reliant. "There is an interest at the political level in cyber security which has prompted investments in protection systems to protect the interest of the people, the government and national security," Buainnain said, speaking on the sidelines of a cyber security conference in Dubai. "All the evidence that we have confirms that the attacks will increase," said Robert Eastman, vice president for global solutions at Lockheed Martin. Eastman said Lockheed Martin, the Pentagon's top supplier, was in discussions with officials in Qatar, Saudi Arabia and the United Arab Emirates about the company's training and vulnerability analysis systems. A company official estimated last month that 5 to 8 percent of Lockheed's revenues in the information systems sector were related to cyber security. Lockheed generated $9.4 billion sales in that division in 2011. CYBER RISKS "All companies have to prepare response plans," said Hervi Meurie, general manager of C4 Advanced Solutions LLC, an Abu Dhabi-based technology and security firm. "What happens if the electricity network gets hit by a virus and goes down for three days?" Iran, the target of international economic sanctions focused on its oil industry over its disputed nuclear program, has been hit by several cyber attacks in the last few years. In April, a virus targeted Iranian oil ministry and national oil company networks, forcing Iran to disconnect the control systems of oil facilities including Kharg Island, which handles most of the country's crude exports. Iran has blamed some of the attacks on the United States, Israel and Britain; current and former U.S. officials told Reuters this year that the United States built the complex Stuxnet computer worm to try to prevent Tehran from completing suspected nuclear weapons work. Buainnain said he believed Iran would remain the target of cyber attacks rather than a source for them. "I don't think Iran poses any threat," he said. "I think their activity is less aggressive and more focused on intelligence gathering, they are in fact subject to cyber attacks because of the nuclear program." He said the UAE was in the process of creating a government body that will be responsible for handling cyber threats, adding that the National Electronic Security Authority was expected to be officially launched within the next few months. While it is standard industry practice to shield plant operating networks from hackers by running them on separate systems, these have not been enough to fend off cyber attacks. Qatar's natural gas firm Rasgas was hit by a cyber attack in September, although it has not said how much damage was caused or whether it was the same virus that hit Aramco. Theodore Karasik, director of research at the Institute for Near East and Gulf Military Analysis which organized the conference, said governments and companies must stay on high alert. "You're always in catch-up mode because the bad guys can out-think the good guys faster," he said. "The Gulf states need to stay as far ahead as possible given their enemies who may be more technically savvy."

Read More..

Android 4.2′s built-in antivirus software only detects 15% of malware

The latest version of the Android operating system has been called one of the most bug-ridden releases since Honeycomb, although it has also been recognized as the safest version yet. With Android 4.2, Google (GOOG) integrated a unique and high-powered security feature into the platform that scans for malicious or potentially harmful codes in apps that are loaded onto a user’s device. According to a study conducted by researchers at NC State University, however, the company’s malware protector was found to be less than satisfactory. Google’s app verification service was found to identify malicious apps only 15.32% of the time, compared to various anti-virus programs that varied from 51% to 100% accuracy. The experiment used 1,260 samples of malware, to which the built-in feature in Android 4.2 only detected 193 of them. “By introducing this new app verification service in Android 4.2, Google has shown its commitment to continuously improve security on Android,” Xuxian Jiang, an associate professor of computer science at NC State University, said. “Based on our evaluation results, we feel this service is still nascent and there exists room for improvement.” It should be the noted that in real world situations a majority of users will not experience malware, which is generally found in pirated software.

Read More..

Russia backs down on proposals to regulate the Internet

DUBAI (Reuters) - A Russia-led coalition on Monday withdrew a proposal to give governments new powers over the Internet, a plan opposed by Western countries in talks on a new global telecom treaty. Negotiations on the treaty mark the most sustained effort so far by governments from around the world to agree on how - or whether - to regulate cyberspace. The United States, Europe, Canada and other advocates of a hands-off approach to Internet regulation want to limit the new treaty's scope to telecom companies. But Russia, China and many Arab states, which want greater governmental control, have been pushing to expand the treaty beyond traditional telecom operators. Representatives from about 150 countries - members of the International Telecommunication Union (ITU) - have been negotiating for the past eight days in Dubai on the new treaty, which was last revised in 1988, before the advent of the World Wide Web. The Russia-led proposal could have allowed countries to block some Internet locations and take control of the allocation of Internet addresses currently overseen by ICANN, a self-governing organization under contract to the U.S. Department of Commerce. An ITU spokesman said this plan had now been scrapped. "It looks like the Russians and Chinese overplayed their hand," said American cyber security expert Jim Lewis of the Centre for Strategic and International Studies. U.S. ambassador Terry Kramer welcomed the decision to withdraw the Russia-led plan. But he also said: "These issues will continue to be on the table for discussion in other forms during the remainder of the conference." China, Saudi Arabia, Algeria, Sudan and the United Arab Emirates had co-signed the aborted proposal. The UAE insisted the document had not been withdrawn. "It may come down to the wire," said a Western delegate on condition of anonymity. "There are a lot of other (similar) proposals so I don't think this represents a substantial conclusion and could be just maneuvering." The ITU usually takes decisions by consensus, but the intransigence of both sides means it could come to a vote in which the United States and its allies might be in the minority. The United States' position is that the Internet has flourished with minimal state interference. It wants this to continue, arguing that many of the proposed treaty changes could allow governments to stifle free speech, reduce online anonymity and censor Internet content. Russia and its allies have insisted they need new powers to fight cyber crime and protect networks. Countries can opt out of parts of the revised treaty when it is finalized or even refuse to sign it The talks are due to end on Friday.

Read More..

Editorial: If Barrett Brown's Guilty, Then So Am I

Dallas writer Barrett Brown, who was involved with the "hacktivist" movement Anonymous until earlier this year, was indicted last Tuesday (Dec. 4) on 12 counts related to possession of stolen credit-card numbers. The indictment alleges that Brown possessed at least 10 stolen credit-card numbers and card-verification values (CVVs), and also shared a link to a document that contained thousands more stolen credit-card numbers. He faces 45 years in prison if convicted on all counts. However, the indictment does not allege that Brown himself stole the credit-card numbers or that he profited from having them. It states that merely possessing the numbers shows "intent to defraud." What Brown actually did was post a link to a "data dump" of stolen information, including credit-card numbers, on his own Internet Relay Chat forum. He also had one or more text files containing about 10 stolen credit-card numbers on his own computer. If that's the case, then dozens of technology journalists, including possibly this writer, as well hundreds of technology researchers, might be considered just as guilty as Brown. Many online news reports include links to websites where politically motivated hackers post their manifestos, and those manifestos in turn often contain links to file-sharing sites that house stolen data. Are journalists who post those links trafficking in stolen goods? Because of those manifestos, data dumps themselves are easy to find, copy and analyze. To security researchers, they provide a good look at how bad digital security can be. To journalists who cover digital security, they are primary sources for news stories. Are researchers and journalist who possess copies of the data dumps guilty of "intent to defraud," even if they never plan to use the information for ill-gotten gain? The Stratfor connection Last week's indictment stems from the December 2011 hack into servers belonging to Stratfor Global Intelligence (formerly Strategic Forecasting, Inc.), an Austin, Texas, firm that consults corporations and government agencies on geopolitical matters. Hackers working with the Anonymous offshoot AntiSec (which included a government informant) broke into Stratfor's servers looking for evidence to support their suspicions that the firm was operating as a private spy agency. AntiSec copied everything it could access in Stratfor's servers and posted the information online. There was a lot of it — approximately 860,000 email addresses and encrypted passwords, 68,000 unencrypted credit-card numbers and 50,000 telephone numbers, most of them belonging to subscribers of Stratfor's email newsletter. But the real find was 5 million internal company emails, which Wikileaks later posted online, again as part of an attempt to prove that Stratfor was deeply involved with secret governmental and corporate skullduggery. (Disclosure: This writer subscribed to Stratfor's emailed newsletter for several years and still finds the company's analyses informed and insightful.) "Stratfor was not breached in order to obtain customer credit-card numbers, which the hackers in question could not have expected to be as easily obtainable as they were," Brown wrote in an online posting after the breach was revealed. (Stratfor had unwisely stored the card numbers in plain text.) "Rather, the operation was pursued in order to obtain the 2.7 million e-mails that exist on the firm's servers." The AntiSec hackers said at the time that they used some of the stolen credit-card data to make donations to the Red Cross, Save the Children, WikiLeaks and other charities. That was never fully confirmed, but some people on the Stratfor email list were tricked into seeing Rick Astley videos. Brown is not accused of taking part in the Stratfor hack. By his own admission, he's not technically skilled. But he did learn of it before it was publicly disclosed, and sent out tweets promising that something big was about to be revealed. Once AntiSec made the data breach public on Christmas Day 2011, Brown, as he had done before, became the public face of Anonymous, explaining the group's methods and motivations to the media without claiming to be part of it. [5 Steps to Better Credit-Card Security] The alleged crimes "On or about December 25, 2011," last week's indictment states, "defendant Barrett Lancaster Brown … did knowingly traffic in more than five authentication features knowing that such features were stolen and produced without lawful authority." Specifically, "Brown transferred the hyperlink 'http://wikisend.com/download/597646/stratfor_full_b.txt.gz' from the Internet Relay Chat (IRC) channel called '#AnonOps' to an IRC channel under Brown's control called '#ProjectPM.' "Said hyperlink provided access to data stolen from the company Stratfor Global Intelligence, to include in excess of 5,000 credit card account numbers, the card holders' identification information, and the authentication features for the credit cards known as the Card Verification Values (CVV), and by transferring and posting the hyperlink, Brown caused the data to be made available to other persons without the knowledge and authorization of Stratfor Global Intelligence and the card holders." For this, Brown was indicted on one count of trafficking in stolen authentication features. According to the press release by the U.S. Attorney's Office for the Northern District of Texas, the count carries a maximum penalty of 15 years in prison. Brown is also alleged to have possessed "at least 15 ... unauthorized access devices," i.e., "stolen credit card account numbers" and CVVs. According to the indictment, that constitutes access device fraud, which could bring 10 years in prison. Brown was also indicted on 10 separate counts of aggravated identity theft, each of which carries a mandatory two-year sentence and a possible $250,000 fine. The identity-theft charges stem from the allegation that Brown "knowingly transferred and possessed without lawful authority the means of identification" of 10 separate individuals identified in the indictment only by their initials and cities of residence. Brown allegedly possessed those 10 individuals' names, addresses, telephone numbers, email addresses, Stratfor usernames, credit-card numbers and CVVs — just as would anyone else who had downloaded and examined the data dumps that were posted online. Pressure to talk? To someone versed in digital security, the government's case against Brown sounds weak. But to the average American juror, the indictment could make it sound like Brown's a master cybercriminal, the equivalent of the Russian crooks who steal millions from American bank accounts every year. The U.S. government seems to be cracking down on nuisances like Brown just as ardently as it does on online organized crime. Prosecutors may be exploiting the general public's lack of understanding of digital security in order to bring charges for trivial or non-existent offenses. The technology is ahead of the law by a generation or two, and there's no easy way to fix that problem. Just last month, "gray hat" hacker Andrew "Weev" Auernheimer was convicted of conspiracy to hack into a computer and of personal-information fraud, even though all he did was show a reporter data that a friend had collected from a publicly accessible website. Brown never tried to sell the information he had, which might have netted him a few dollars in underground criminal bazaars. Auernheimer's information, a collection of email addresses, might have been of interest to spammers or online marketers, but he made no attempt to sell it either. Perhaps the government feels emboldened by the Auernheimer conviction. Perhaps prosecutors plan to use Brown's indictment to pressure him into giving up what he knows about Anonymous. (Brown has been jailed since September for allegedly threatening an FBI agent.) What is clear is that federal prosecutors seem to be stretching the definition of digital-information crimes to include a wide range of activities that would, in the physical world, be considered lawful. In the real world, it's not a criminal offense to know a stranger's name, address or license-plate number. It's not a crime to find and pick up a credit card that someone else dropped in the street. In the physical world, you don't actually commit a crime until you take action by stealing the stranger's car, breaking into his house or using his credit card. But according to Barrett Brown's indictment, merely knowing the digital equivalents of these items is enough to send you to prison for 45 years.

Read More..