Newspaper Editorial Insists Hackers Must Be Punished, While Misunderstanding Nearly Every Detail

from the apparently-never dept

A Montreal school is being widely criticized for expelling a student who hacked into its computer system and helped expose flaws in the system’s security. The student now has been offered jobs by computer security companies, including the one that ran the system he hacked into. In the Internet age, the hacker is celebrated as a hero and the school is pilloried for being an overbearing, defensive holdover from a bygone age. It’s an unfair presumption that needs to be corrected.

... Mr. Al-Khabaz then went on and carried out what the company considered to be a “cyber-attack” on the school’s production servers. The company notified the school, and Mr. Al-Khabaz was hauled on the carpet. The company accepted the student’s explanation and noted that he “demonstrated great talent in computer science.” They dropped the matter and offered Mr. Al-Khabaz a job, but Dawson’s administrators felt the student had gone too far and expelled him on the grounds he had violated the college’s code of conduct.

Dawson’s officials are right: Rules exist for a reason, and students cannot expect to break them without consequence. Why have them, otherwise?

Swartz, who had a history of depression, was facing a slew of charges for allegedly downloading publicly funded academic journals from a large database that charged a fee for access. His family and supporters blame overzealous prosecutors for his death; the prosecutors insist – again, quite rightly – that “stealing is stealing.”

In the age of the Internet, the massive downloading for free of music and movies and other copyrighted material has muddied the waters for many people.

They seem to have forgotten that privacy rights and copyright laws are among the foundations of our economy. These are things that are not to be shoved aside by the absolutism of Internet activism.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

We just recently wrote about a trio of recent situations -- all involving young hackers probing for information, leading to either criminal charges or threats of criminal charges against them -- that show what happens when people in power don't understand how technology works. They were all cases where the individuals involved may have done things that some would think, but that hardly should rise to the level of "criminal" behavior -- especially with threats of many years in jail. Presenting the flipside to that argument: the editorialists at the Toronto Globe and Mail, who show why those who don't understand technology have no business writing about it. The editorial is headlined When did it become wrong to punish hackers? , which already suggests problem number one. Hacker is a generic term that does not automatically imply malicious attacks, yet the Globe and Mail immediately seems to assume otherwise. That might be news to the US government, which just announced its own National Day for Civic Hacking (despite filing charges against such civic hackers...).That's one version of the story. The hacker is celebrated as a hero because he did something useful: exposed a security flaw that could have been used by someone malicious for nefarious purposes. We generally want to celebrate those who spot danger and warn people away from it. And the school is being pilloried because it expelled this person. Without Ahmed Al-Khabaz's help, the data of students would be at risk. Doesn't it seem somewhat overbearing to blame the messenger? What exactly is "unfair" about the presumption? After pointing out that Al-Khabaz "discovered a serious flaw" the editorial still supports his expulsion, apparently entirely based on the fact that the company, Skytech, felt his probing was an attack:What the company considered a "cyber-attack" could also be described as "checking to see if the flaw was fixed." And, clearly, they didn't think it was a huge problem if they offered him a job, and noted his "great talent." So why does the school still think he went too far?Ahhhhhh. Rules are rules. Rules exist for reasons, but sometimes those reasons are bad. And punishing people for breaking rules in ways that help people seems like sending the exact wrong message. Sometimes rules should be broken, because the rules are wrong.The editorial then moves on to Aaron Swartz:Uh, "stealing is stealing" is a tautology, so of course it's right. But what's "wrong" is arguing that what Swartz did was "stealing." He stole nothing. He downloaded papers from MIT'snetwork, which was set up with a site license from JSTOR allowingdownloading of those journal articles, all of which remained on the site for anyone else to download.Go ahead, explain what was "stolen"?It seems to have "muddied the waters" for the editorial writers of the Toronto Globe and Mail who don't seem to realize that neither case had anything to do with the "massive downloading for free of music and movies."Oh really? If privacy rights are the foundation of the economy, then, er, isn't it athat Al-Khabaz alerted officials to a hole thatthe private info of students. He did nothing to compromise anyone's privacy rights at all. Similarly, Aaron Swartz did not violate any copyright law, and he was not charged with copyright law violations.So, seriously, how does a huge mainstream publication like the Globe and Mail get away with writing a piece of garbage this ridiculous? It claims things that simply aren't true, completely flips around reality, and then seems to wrap it up in some bizarre "rules are rules" argument, that makes no sense since the rules it says people violated... weren't even violated.And the Globe and Mail thinks people should pay its meter to access this kind of crap?

Filed Under: aaron swartz, ahmed al-khabaz, globe and mail, hackers, punishment, rules