Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Not addressing claims of her data accuracy she <strike>did break</strike> apparently broke CFAA:

> "FDLE began an investigation November 10, 2020, after receiving a complaint from the Department of Health (DOH) regarding unauthorized access to a Department of Health messaging system which is part of an emergency alert system, to be used for emergencies only," Plessinger said.



> All authorized users use the same user name and password.

Having shared credentials for an account is going to make it very difficult to prove who accessed the system.

Also, the single user for a common system typically means that they didn't want to pay extra to have multiple users. Makes me wonder if this incident will open Florida to a lawsuit by the vendor.


> Having shared credentials for an account is going to make it very difficult to prove who accessed the system.

As others have said, if she actually used the system, access from her home IP might be enough to convict.

> Makes me wonder if this incident will open Florida to a lawsuit by the vendor.

Possibly, but that'd be civil law. I definitely wouldn't want to be in that agency's shoes right now.


Somewhat on tangent but interesting fact I just read about the CFAA - two cofounders of HN (Morris and Swartz) were convicted of breaking CFAA - Morris being the first ever.


Assuming Morris and Swartz here are Robert Morris and Aaron Swartz - Morris is a cofounder of YC, but I don't believe he had much to do with HN. Swartz was involved with Reddit, not HN.


Ah you might be right about Swartz. I thought Morris developed the HN we use today?


He was a co-developer on the Lisp variant that HN is written in, but as far as I know the HN codebase was PG doing a POC that said Lisp variant could write software (and given he was more concerned with Lisp then and Reddit, then a company YC had investments in, had just rewritten from Lisp to Python, maybe making the case that Lisp could be used)


I'd say administrative work is considered involvement no? [1]

[1] https://news.ycombinator.com/item?id=5229364


Sure. But if it turns out her allegations are correct, and the state was manipulating the data, I think that more than excuses it, and makes the police action malicious (criminal?) retaliation. If the state wasn't manipulating any data, then it's disorderly and improper (though doesn't call for armed officers still...).

Like most things, you have to sort out the details of the case before you can pronounce judgement.

Call me biased, but for some reason, when people sacrifice their careers and freedoms to send out a warning about corruption, I usually give them a lot more trust than the institution under scrutiny. Time will tell.


She may or may not have broken CFAA. I haven't seen any evidence proving it was she who sent the unauthorized message.


There was enough evidence to obtain a search warrant which was executed. It won't be public until her case goes to court.


Looks like you're right. The warrant affidavit links her IP address to the unauthorized message.

https://www.miamiherald.com/latest-news/article247682356.ece...


> she did break CFAA

Allegedly




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: