[PLUG] Creator of RSS passes away

Praveen A pravi.a at gmail.com
Fri Jan 18 14:41:28 IST 2013

2013/1/15 ag at gmail <amarendra.godbole at gmail.com>:
> Thanks for this article - from various reading I had the same opinion. I think social activists should as well stop playing Robin Hood... They do more harm to the open software movement than good by such antics!

I disagree. He is an inspiration. It is like the civil rights movement
and civil disobedience. Was Gandhi breaking the law when he made salt
at Danti? Was Martin Luther King breaking the law when he broke
segregation law? Yes, but those resulted in changing laws. And there
is already a new law being proposed in the US House that would fix
CFAA, the archaic law that was used against Aaron.

What we need is more of Aaron Swartz.

Downloading research papers, which should be public anyway, does not
deserve jail term of 35 years nor a fine of over 1 million dollars. It
is maximum a terms of use violation and JSTOR did not press charges
further. And the trespassing charge was not pushed by MIT either. So
it is just "making an example" by US government.

>From The Truth about Aaron Swartz’s “Crime”

"I know a criminal hack when I see it, and Aaron’s downloading of
journal articles from an unlocked closet is not an offense worth 35
years in jail.

The facts:

    MIT operates an extraordinarily open network. Very few campus
networks offer you a routable public IP address via unauthenticated
DHCP and then lack even basic controls to prevent abuse. Very few
captured portals on wired networks allow registration by any visitor,
nor can they be easily bypassed by just assigning yourself an IP
address. In fact, in my 12 years of professional security work I have
never seen a network this open.
    In the spirit of the MIT ethos, the Institute runs this open,
unmonitored and unrestricted network on purpose. Their head of network
security admitted as much in an interview Aaron’s attorneys and I
conducted in December. MIT is aware of the controls they could put in
place to prevent what they consider abuse, such as downloading too
many PDFs from one website or utilizing too much bandwidth, but they
choose not to.
    MIT also chooses not to prompt users of their wireless network
with terms of use or a definition of abusive practices.
    At the time of Aaron’s actions, the JSTOR website allowed an
unlimited number of downloads by anybody on MIT’s 18.x Class-A
network. The JSTOR application lacked even the most basic controls to
prevent what they might consider abusive behavior, such as CAPTCHAs
triggered on multiple downloads, requiring accounts for bulk
downloads, or even the ability to pop a box and warn a repeat
    Aaron did not “hack” the JSTOR website for all reasonable
definitions of “hack”. Aaron wrote a handful of basic python scripts
that first discovered the URLs of journal articles and then used curl
to request them. Aaron did not use parameter tampering, break a
CAPTCHA, or do anything more complicated than call a basic command
line tool that downloads a file in the same manner as right-clicking
and choosing “Save As” from your favorite browser.
    Aaron did nothing to cover his tracks or hide his activity, as
evidenced by his very verbose .bash_history, his uncleared browser
history and lack of any encryption of the laptop he used to download
these files. Changing one’s MAC address (which the government
inaccurately identified as equivalent to a car’s VIN number) or
putting a mailinator email address into a captured portal are not
crimes. If they were, you could arrest half of the people who have
ever used airport wifi.
    The government provided no evidence that these downloads caused a
negative effect on JSTOR or MIT, except due to silly overreactions
such as turning off all of MIT’s JSTOR access due to downloads from a
pretty easily identified user agent.
    I cannot speak as to the criminal implications of accessing an
unlocked closet on an open campus, one which was also used to store
personal effects by a homeless man. I would note that trespassing
charges were dropped against Aaron and were not part of the Federal

In short, Aaron Swartz was not the super hacker breathlessly described
in the Government’s indictment and forensic reports, and his actions
did not pose a real danger to JSTOR, MIT or the public. He was an
intelligent young man who found a loophole that would allow him to
download a lot of documents quickly. This loophole was created
intentionally by MIT and JSTOR, and was codified contractually in the
piles of paperwork turned over during discovery."

Read the full report

പ്രവീണ്‍ അരിമ്പ്രത്തൊടിയില്‍
You have to keep reminding your government that you don't get your
rights from them; you give them permission to rule, only so long as
they follow the rules: laws and constitution.

More information about the Plug-mail mailing list