On the home page of Florida Today, there are right now 9 different articles defending or supporting Rebekah Jones, some of them linked multiple times, for a total of 12 links on the home page with the following headlines;
Rebekah Jones pushes back after dashcam released
Exclusive interview with Rebekah Jones
Evidence 'weak' for warrant on Rebekah Jones home
Jones reacts to release of FDLE raid footage
FDLE releases bodycam video of Rebekah Jones raid
Fired FDOH scientist denies wrongdoing
Rebekah Jones described equipment seized
Fired FDOH scientist: ‘I spoke out of necessity'
Rebekah Jones talks whistleblower complaint
How can the state claim the access was unauthorized when it shared password between users and also published it on a document on its website? The former may be irresponsible but is commonly excused but the latter?
If I leave a pie on the windowsill, it is still wrong to take it even if it’s easy.
Bad security practices doesn’t mean it is open season for any activity. Being fired and logging back on to work computers is really hard to defend as not knowingly wrong.
Everyone knows the evidence and information supporting the raid was nonsense. She refused to bend the knee to a conservative administration while people were dying, and the political machine decided to lash out.
Having not read the court filing that granted the search warrant I know nothing about the information supporting the seizure.
I know that she tried to make an emotional appeal on social media, I know that she has been accused of really sketchy behavior with a coworker, and I know that people who read her messaging are going to jump to conclusions about her being wronged with no information besides her being fired by republicans.
What evidence was presented which got the warrant granted? Why was it nonsense, and what led the judge to grant it anyway?
Why did she delay officers executing a legally granted search warrant for twenty minutes, hanging up on them and refusing to answer the door?
It very much strikes me as a “more than meets the eye” kind of situation that jumping to conclusions based on political affiliation does not do justice.
>She refused to bend the knee to a conservative administration while people were dying, and the political machine decided to lash out.
Nope, that isn't what happened at all. The facts [1] show that she got the wrong end of the stick when the state epidemiologist asked to temporary remove one data field in order to validate the data (according to the emails seen). She didn't have all the facts, and she then incorrectly assumed that the data was being censored.
The complaint alleges that 1750 messages were posted on an communications system urging employees to blow whistles.
Those messages were linked to an IP address which Comcast pointed at Jones’ home.
Is that enough for a conviction? No, it’s not hard to establish reasonable doubt with that.
But that’s damn well enough for a search warrant to sieze electronics from somebody’s home. Being fired for insubordination, she had motivation, the terrible security practices gave her opportunity, and IP logs are a clear piece of evidence that it could be her.
That’s a pretty solid ground for granting a search warrant.
Hanging up on officers and denying them entry for twenty minutes is a good way to make them nervous about your intentions as well.
IPs can be spoofed? Sorry it would take a hell of a lot of sophistication for that to be what happened or outright evidence falsification on the prosecution. Is it more likely that a somewhat troubled woman logged in to work computers to try to stir up trouble or that a sophisticated act of framing occurred?
A man got a restraining order against her, and after it expired she started harassing him again and posted explicit pictures of him on a wordpress site and sent it around to people who knew him. She was arrested and charges are pending trial.
This sounds like exactly the kind of woman capable of doing something like the search warrant accused.
"is it more likely" if you want to base criminal acts on "more likely" then you're making vast assumptions similar to tabloid drama. You or I don't know the facts of any of this until it's brought and argued in court. People lie, prosecutors lie, defendants lie and neither you nor I can magically predict the outcome. It can very well be occam's razor applies, however occams razor is a logical fallacy.
Officers have a well known history of not having a warrant and acting like they have a warrant so you'll give them implicit permission to search and seize. I don't blame anyone for denying them entry.
You don't have to spoof an IP. Depending on the system you just need a text editor. Are their access logs under good chain of custody? How would a tech illiterate judge know?
These are reasons why I wait for the text of the case.
The point is why on earth would you send essentially a SWAT team for such a warrant. And no, it's not unsurprising that the data used to back a warrant or prosecution would be falsified. The US system is rife with all kinds of people being railroaded with shaky witness and cops lying about events.
The seeking of a (potentially plausible) search warrant by the state to silence a publisher that is publishing things the state doesn't want published is the issue here, not the relative merits of the search warrant itself.
The state was using this as retaliation, not to further the investigation of a crime. That's just the cover story. Even if they make the hacking charges stick, this isn't about hacking at all, it's about publishing.
It's astounding to me to see people regurgitating unsubstantiated cop claims with no evidence.
Their expert isn't: "Butler, at the University of Florida, said making an IP address that appears to come from elsewhere isn't that complicated."
And the legal analysis is weak, but that's apparent from the title: "Experts: evidence to support search warrant on Rebekah Jones' home flimsy"
Yes, search warrants are to search for evidence. If the evidence wasn't flimsy they'd have had an arrest warrant.
It offers as a defense that there were no damages.
"What (Jones) did, didn't cause any damage," she continued. "Normally you don't see prosecutors prosecuting for computer crimes something that didn't cause any harm... it seems to be a very sketchy use of discretion to try to use this very serious statute against somebody who didn't cause any harm to your systems."
But it neglects to recognize that the damaging act is the message, and whatever actions or defamation it may cause, not the stolen CPU time.
It quotes the EFF to say that an IP alone isn't good evidence, "It's a thin read to just use the IP address, and it's one that we really, really discourage," said Cindy Cohn, the EFF's executive director. But it misses that they had an IP and it coincided with a small set of people who had access and motive.
They note that the police had an IP, but no linkage of IP/customer/date. This does allow challenging the warrant, but doesn't make it instantly null and void.
It says "Cybersecurity and digital rights experts also said the fact that the emergency system in question relied on a shared user name and password further complicates the case."
No, it doesn't. Fired people are not authorized users. And they have an IP address which points to a specific one of those users, so that's not complicated.
It then attempts to conflate misuse of data with unauthorized access of the system at all by claiming that this case is similar to Van Buren v. United States which is about a police officer using his authorized access to do something which was forbidden.
I have no opinion about the case but this article is trying to give me one. Not facts, it just wants to skip straight to opinions.
The main problem I have with the article is that it's factually incorrect about it being easy to spoof an ip address in a situation like this. It's easy to send off a fake ip address if [1] your ISP permits spoofed ips (which it shouldn't) and [2] you don't care about a response. But in this case the user had to actually log into the system, which is pretty tricky to do with ip spoofing. (There is some debate about it potentially just requiring an email to be sent to a mailing list, but even SMTP requires various responses).
Given the level of technical difficulty to do this, it seems extremely implausible that someone would go to all that effort just to send out this message.
I get your points, but I disagree with your contention that the fact that all users of the system used a shared username and password doesn’t complicate the case. We’ve established that an IP address is not strong evidence for identifying an individual. IP address != authentication. What _could_ have established strong evidence tying the alleged unauthorized access to an individual’s identity would have been _actual_ authentication of the _specific_ user. But they don’t have that, either, since they shared one set of credentials.
You said, “they have an IP address which points to a specific one of those users,” but that’s not actually the case. They have an IP address which has somehow been related to the accused (though how is unclear to me since you note above there’s no linkage of IP/customer/date) — maybe they know she sent an email from that IP address at some point around the time of alleged crimes. But in any case, without providing evidence that the IP address is _only_ associated with the accused, and _not_ with any others with similar opportunity and motive (for example, any others with access to the shared username and password who might want to access the data for similar reasons, or wanted to frame the accused for hacking and put an end to the her very public/politicized efforts), then they don’t really have strong evidence of anything - basically only enough _not_ to rule the accused out of the probably large pool of possible suspects. How many other current or former employees had access to the shared username and password? When were they last changed? How many others who _weren’t_ ever authorized to access the system but could have compromised/gained access to these credentials since then? How many times have they been written down and left on a sticky note in some public or semi-public place? Do they ever have controls in place to prevent guessing/brute forcing the credentials (with one login for shared between all users, automatic account lockouts or resets seems very unlikely).
[+] [-] itronitron|5 years ago|reply
[+] [-] dang|5 years ago|reply
Earlier threads on the story:
https://news.ycombinator.com/item?id=25339510
https://news.ycombinator.com/item?id=25349759
https://news.ycombinator.com/item?id=25348695
[+] [-] zaroth|5 years ago|reply
[+] [-] byecomputer|5 years ago|reply
[deleted]
[+] [-] heisenbit|5 years ago|reply
[+] [-] colechristensen|5 years ago|reply
Bad security practices doesn’t mean it is open season for any activity. Being fired and logging back on to work computers is really hard to defend as not knowingly wrong.
[+] [-] x86_64Ubuntu|5 years ago|reply
[+] [-] colechristensen|5 years ago|reply
Having not read the court filing that granted the search warrant I know nothing about the information supporting the seizure.
I know that she tried to make an emotional appeal on social media, I know that she has been accused of really sketchy behavior with a coworker, and I know that people who read her messaging are going to jump to conclusions about her being wronged with no information besides her being fired by republicans.
What evidence was presented which got the warrant granted? Why was it nonsense, and what led the judge to grant it anyway?
Why did she delay officers executing a legally granted search warrant for twenty minutes, hanging up on them and refusing to answer the door?
It very much strikes me as a “more than meets the eye” kind of situation that jumping to conclusions based on political affiliation does not do justice.
[+] [-] cpncrunch|5 years ago|reply
Nope, that isn't what happened at all. The facts [1] show that she got the wrong end of the stick when the state epidemiologist asked to temporary remove one data field in order to validate the data (according to the emails seen). She didn't have all the facts, and she then incorrectly assumed that the data was being censored.
[1] https://www.tampabay.com/news/health/2020/05/19/florida-heal...
[+] [-] colechristensen|5 years ago|reply
The complaint alleges that 1750 messages were posted on an communications system urging employees to blow whistles.
Those messages were linked to an IP address which Comcast pointed at Jones’ home.
Is that enough for a conviction? No, it’s not hard to establish reasonable doubt with that.
But that’s damn well enough for a search warrant to sieze electronics from somebody’s home. Being fired for insubordination, she had motivation, the terrible security practices gave her opportunity, and IP logs are a clear piece of evidence that it could be her.
That’s a pretty solid ground for granting a search warrant.
Hanging up on officers and denying them entry for twenty minutes is a good way to make them nervous about your intentions as well.
IPs can be spoofed? Sorry it would take a hell of a lot of sophistication for that to be what happened or outright evidence falsification on the prosecution. Is it more likely that a somewhat troubled woman logged in to work computers to try to stir up trouble or that a sophisticated act of framing occurred?
[+] [-] colechristensen|5 years ago|reply
A man got a restraining order against her, and after it expired she started harassing him again and posted explicit pictures of him on a wordpress site and sent it around to people who knew him. She was arrested and charges are pending trial.
This sounds like exactly the kind of woman capable of doing something like the search warrant accused.
[+] [-] devwastaken|5 years ago|reply
Officers have a well known history of not having a warrant and acting like they have a warrant so you'll give them implicit permission to search and seize. I don't blame anyone for denying them entry.
You don't have to spoof an IP. Depending on the system you just need a text editor. Are their access logs under good chain of custody? How would a tech illiterate judge know?
These are reasons why I wait for the text of the case.
[+] [-] x86_64Ubuntu|5 years ago|reply
[+] [-] dylan604|5 years ago|reply
[+] [-] sneak|5 years ago|reply
The state was using this as retaliation, not to further the investigation of a crime. That's just the cover story. Even if they make the hacking charges stick, this isn't about hacking at all, it's about publishing.
It's astounding to me to see people regurgitating unsubstantiated cop claims with no evidence.
[+] [-] unknown|5 years ago|reply
[deleted]
[+] [-] HexagonalKitten|5 years ago|reply
Their expert isn't: "Butler, at the University of Florida, said making an IP address that appears to come from elsewhere isn't that complicated."
And the legal analysis is weak, but that's apparent from the title: "Experts: evidence to support search warrant on Rebekah Jones' home flimsy"
Yes, search warrants are to search for evidence. If the evidence wasn't flimsy they'd have had an arrest warrant.
It offers as a defense that there were no damages.
"What (Jones) did, didn't cause any damage," she continued. "Normally you don't see prosecutors prosecuting for computer crimes something that didn't cause any harm... it seems to be a very sketchy use of discretion to try to use this very serious statute against somebody who didn't cause any harm to your systems."
But it neglects to recognize that the damaging act is the message, and whatever actions or defamation it may cause, not the stolen CPU time.
It quotes the EFF to say that an IP alone isn't good evidence, "It's a thin read to just use the IP address, and it's one that we really, really discourage," said Cindy Cohn, the EFF's executive director. But it misses that they had an IP and it coincided with a small set of people who had access and motive.
They note that the police had an IP, but no linkage of IP/customer/date. This does allow challenging the warrant, but doesn't make it instantly null and void.
It says "Cybersecurity and digital rights experts also said the fact that the emergency system in question relied on a shared user name and password further complicates the case."
No, it doesn't. Fired people are not authorized users. And they have an IP address which points to a specific one of those users, so that's not complicated.
It then attempts to conflate misuse of data with unauthorized access of the system at all by claiming that this case is similar to Van Buren v. United States which is about a police officer using his authorized access to do something which was forbidden.
I have no opinion about the case but this article is trying to give me one. Not facts, it just wants to skip straight to opinions.
[+] [-] cpncrunch|5 years ago|reply
The main problem I have with the article is that it's factually incorrect about it being easy to spoof an ip address in a situation like this. It's easy to send off a fake ip address if [1] your ISP permits spoofed ips (which it shouldn't) and [2] you don't care about a response. But in this case the user had to actually log into the system, which is pretty tricky to do with ip spoofing. (There is some debate about it potentially just requiring an email to be sent to a mailing list, but even SMTP requires various responses).
Given the level of technical difficulty to do this, it seems extremely implausible that someone would go to all that effort just to send out this message.
[+] [-] TheFinalDraw|5 years ago|reply
You said, “they have an IP address which points to a specific one of those users,” but that’s not actually the case. They have an IP address which has somehow been related to the accused (though how is unclear to me since you note above there’s no linkage of IP/customer/date) — maybe they know she sent an email from that IP address at some point around the time of alleged crimes. But in any case, without providing evidence that the IP address is _only_ associated with the accused, and _not_ with any others with similar opportunity and motive (for example, any others with access to the shared username and password who might want to access the data for similar reasons, or wanted to frame the accused for hacking and put an end to the her very public/politicized efforts), then they don’t really have strong evidence of anything - basically only enough _not_ to rule the accused out of the probably large pool of possible suspects. How many other current or former employees had access to the shared username and password? When were they last changed? How many others who _weren’t_ ever authorized to access the system but could have compromised/gained access to these credentials since then? How many times have they been written down and left on a sticky note in some public or semi-public place? Do they ever have controls in place to prevent guessing/brute forcing the credentials (with one login for shared between all users, automatic account lockouts or resets seems very unlikely).