Exhibit from search warrant of USA vs. Matthew Keys
Matthew Keys, Reuters' deputy social media journalist has been suspended from his job, but the liberal news outlet is keeping him on the payroll. They've dismantled his work station, but not his computer. So that sums up their attitude: doing the minimum to still look like a capitalist corporation that has to do due diligence when one of their own is found to be charged with hacking their fellow news media, but expressing their tacit support by waiting to see if the charges stick.
The search warrant is now online, and makes for interesting reading, where you can discover the following:
o Yahoo turned over email materials to the investigation
o There isn't just some minor hack of a news article on the LA Times, as the tech symps keep claiming, restored in 30 minutes, but the issue of the theft of the Fox affiliate's email address list, which seems to include government email lists
o Damage to Tribune Media's server is set at $17,650.40 for 333 man hours and doesn't include costs related to the stolen email list affecting Fox 40 News in Sacramento nor ad revenue losses taken as a result of the attack
o There are at least two different IP addresses attached to the AESCracked account said to be run by Matthew Keys
o Other non-news stuff like "Adrian Lamo is gay"
Best quote? In the title of this blog -- about taking part in a hacking operation and thinking it will have no consequences. AESCracked says "Boomerangs don't always return to the thrower" after giving the hackers the passwords. And one of the hackers says: "This one will." Indeed.
So today Keys -- who is back perkily tweeting today and accepting well-wishers' concern and seeming to stave off one offer of Anonymous "court support" (does that mean stalking the prosecutors to their homes like Anon is doing to Carmen Ortiz from Swartz's case?!) -- announced that he had a pair of crack lawyers already notable (notorious) for defending Anonymous.
As @revmagdalen, a Twitter user who is often critical of Anonymous and WikiLeaks pointed out, if you are trying to show that you were *not* with Anonymous on a hacking operation, it hardly seems prudent to have accepted the pro-bono assistance of Anonymous-associated lawyers, but Keys said forthrightly that he didn't care about their past cases.
The Reverand is concerned about the defendant's rights in the hands of these lawyers and thinks it's not good if these work for The Cause through their client.
The attorneys do have a "progressive" agenda and seem to be trying to "write new law" as aggressive and vain lawyers are wont to do, and at least one of whom, Jay Liederman, loves the idea of the "DDoS as a sit-in" like the Woolworth's counter. Nonsense. The blacks in the 1960s demonstrating for their civil rights were asking for equality before the law, not taking other people's rights away. They politely entered stores, paid for a few purchases, then sat normally at the lunch counter like other folks. They were not disruptive. They didn't close down the entire store or make it unusable for other people. But that's what Anonymous does -- takes away other people's rights to freedom of association and expression, and closes down their business or nonprofit for varying periods, causing damage for clean-up and restoration. It's completely ridiculous to compare these very different types of protest, one non-coercive and the other coercive.
I don't know quite why Reverend is running a Bide-A-Wee Home for Wayward Anons (see Franny and Zooey) on her Twitter stream and worrying about their legal defense, to the effect that crusading lawyers shouldn't turn their clients into poster boys for their causes and should try to get them off. But... There will be plenty of others to worry about them getting off, and I'm more interested in seeing that justice is served -- and I believe that the feds would not bring this case after a year unless they felt they could make it airtight in court.
The operative point today from the lawyers speaking on the Kremlin tool Alyona Minkovsky's live Huffpo show is that -- surprise, surprise -- their client is not guilty (she used to run her propaganda spigot more directly at the Kremlin-funded RT, but now she is one thin layer removed at Huffpo, which makes it more "respectable," I guess).
And Jay Liederman, the attorney associated with the pro-DDoS position, says that Matthew Keys did not hack the site. When pressed rather gingerly by a Huffpo anchor who in fact was very supportive of the hacker throughout the show, as to whether or not his client was AESCracked, the pseudomyn of the person who gave the passwords to the Tribune news sites, he gets vague and starts saying that some of the time AESCracked was his client, but some of the time he was not.
Now, just a minute here. How is that going to be established? The problem with this IRC channel stuff is that the people operating the channel might scrub this information, but maybe some of it is retrievable from the ISP. It's true that when you log on to channels, you can just make up a name. So different people could use different names.
But the channel operator or moderator will have your IP address. And that's just what kayla -- that notorious kayla of LulzSec infamy -- asks for in this chat.
Now, here's what needs explanation -- and either it has one, that isn't going to be favourable to Keys, or it will prove his lawyers' point that he wasn't in control of this account or this name the entire time.
First, the search warrant from the agent says this:
p. 11 "cybertroll69x@hotmail.com was registered by someone purporting to be MATT KEYS from a zip code of 95824 for Sacramento, California; these values are set by the user upon account creation and are not subject to verification. The account was activated on December 2, 20010 and accessed only once by the user. The IP addressed used to access this account was 98.208.49.74 and resolved to a location in Sacramento, California. An attempt to identify the user of this IPO address was unsuccessful.
Now, that's the alibi that could be used throughout -- oh, IP addresses are dynamic. Oh, you can't figure out who really owns them, blah blah blah. But as we know perfectly well, this is just geekitude, and in fact IP addresses can stay static; they can also be dynamic but still on a range that still shows location; and it can be triangulated with other information to pinpoint identity. As I've pointed out many times, the very reason that every website in the Metaverse uses your IP address to enable your log on or your history or your access to certain things is because this is indeed an identifier, and good enough of one for the purposes of the functioning of the Internet -- and identification of you on a persistent basis. People who keep warbling on about how this isn't the case are just trying to Fisk and distract from the smoking guns.
Even so, there's this:
When the Anonymous hacknarchists (I don't like the cutesy name "hacktivist" and won't use it on them as it implies they do good social activism which they mainly do not) suspect that AESCracked is an informant, they expel him from the chat room. Then kayla asks for his IP address:
Client connecting at belldandy.anonops.ru:A2SCracked (A2SCracked@75-53-171-204.lightspeed.nscrca.sbcglobal.net)
Then kayla says: "that's a real IPS" -- and indeed it is, because it shows a Sacramento location, it's not an anonymizer.
Then later, another LulzSec operative asks for and gets the IP addresses of AESCracked and gets these: 78.129.220.46 78.129.220.46
These could be anonymizers and they show the UK as a location -- that's my understanding of it but someone who is a "computer scientist" can examine all this and tell me what they think.
So the alibi is either/and a) you can't tell what my client's IP address is because it doesn't show that much information to locate him b) IP addresses aren't identifiers because they are dynamic c) look at these different ones ascribed to him in this one chat log.
Mkay, but yah, whatever. No sale from where I sit. It's really a stretch to think that first AESCracked comes on and offers passwords and eggs the hackers on, then somebody else hijacks/hacks/takes/uses his account from somewhere else, to do other stuff, more serious, like take Fox affiliate emails? I find that hard to believe.
This is just my first rough take from reading this quickly and I will try to find more time to study it later.
Meanwhile, some other interesting Anoniana: one of them says at one point "never the media" at the offer of hacking the Fox affiliate. As if Anonymous as some thieves' law that they don't hack media, so that they are not accused of harming the First Amendment freedom they seek. Nonsense, of course, because they've hacked Gawker, PBS and other media sites and they do all count as media.
Then AESCracked argues essentially, "but Fox isn't media". And the Anon reasons thusly, even with bad spelling:
"you're correct but people percieve them to be media, and that would be very bad for us"
Yeah. Truly. But you are bad. So meh.
And they go and hack the Fox stuff anyway. So much for thieves' law.
As we know, Parmy Olson, who wrote the door-stop book on Anonymous, says that she asked Keys if he did the hack and he denied it.
But she didn't put all of this in her book, and I challenge her about this at the Forbes site, because I think she is just protecting her journalsts' tribe there (and it's part of minimizing the crimes of Anonymous and their infection of society, too).
In fact, she seems to be part of what has outed his involvement, as her book is mentioned in the search warrant. But Keys himself bragged of his involvement. Motivation? Well, it looks to me like it's this -- wanting to belong:
It disappoints me because there was a good chunk of time when I didn't fit in anywhere, and finally I fit in somewhere, even if it was among a group of renegade criminals. You guys were funny and smart and very patient even though I'm internet dumb. And then this happens and it sucks balls
He's disappointed that they are accusing him of leaking to the feds. Not clear exactly how that worked, with Sabu deliberately, or because Sabu was working for the feds and leaked him.
But the lawyers claimed today that Keys was "on assignment," that he did this hack merely as part of a caper whereby he wanted to gain the confidence of Anonymous hackers that he was studying in the IRC channel, in order to "do a story".
Well, I instantly thought of the Food Lion defense and how that notion didn't work. That is, Food Lion was specifically about using the deception of an employment application at a supermarket, to enable journalists to work undercover in the store to cover bad conditions. But it's in the larger sense philosophically (even if not technically or legally) about how you can't commit a felony, then get exonerated from it by saying you were "doing a story" as a journalist, and you "needed" to do it this way for cover. This case is taught everywhere as an ethics issue in journalism schools, and I've never seen anybody claim in the press freedom community claim that this court decision should have been different. You don't get to feign employment and defraud an employer, or commit a felony like hacking and stealing and defacing, in order to "get the story".
I couldn't help thinking how this comes back to my muting and defriending by Anthony de Rosa, the director of social media for Reuters, whom I confronted on Facebook for his tendentious coverage of OWS on the Brooklyn Bridge, and asked him to stop trying to make the news, and just cover it. Because indeed, these that's what happens when he joins the Jacobins and the Marxist-Leninists in trying to justify bridge occupation.
Reuters should ditch these social media mavens who are just crypto-revolutionaries in their midst trying to overthrow the institution. Yes, I mean that. It's not journalism.
I will be watching very carefully to see if the Committee to Protect Journalists caves under the ferocious pressure they have been under now for years by the Electronic Frontier Foundation, who has one of their operatives now on the staff, and takes up Keys as a "journalist's case".
It doesn't at all appear to be one, whatever the lawyers are bluffing with.
Some other noise on the Internet -- the wacky Internet life of Matthew Keys, who led a "double life," as a journalist by day and a nerd nuisance by night trolling people. Did you know that Keys is a "famous Internet troll" and has an entry at Encyclopedia Dramatica? And so on. There are plenty of comments around, i.e. on Gawker to let us know that Keys is a douche -- stalking people, playing the victim, being an ass, whatever. It's immaterial to his case, however. Sabu or any number of "Internet enforcers" may have felt that this guy needed to go down -- and maybe they set him up and burned him, especially because he wrote negatively about them.
But really what this case comes down to is whether these lawyers can make the case that their client's attachment to AESCracked and these IP addresses sticks or not. We don't know everything the feds may have come up with to show that these things all stick, but I have a feeling that they do have the goods.
"you've been part of this operation," says tflow, one of the Lulzsec hackers.
Here's Mr. Alibi coming down the tracks:
"AESCracked: I've never been part of the operation.
AESCracked: Just a lurker ; )"
And yet he distinctly came in the chat room, gave the passwords, then said "go get 'em". So we'll see.
Adrian Lamo said on Twitter, after reading the search warrant, "There are some aspects of alleged e-mails to @FOX40 that don't quite fit the conclusions. Details."
Hey, I should apply to be the Reuters deputy social media journalist, I have an entry at Encylopedia Dramatica, too!
Please don't think I'd condone the conduct Keys is accused of. Beyond the legal violations, it's a completely unacceptable breach of professional ethics that shows a total contempt for the profession of journalism. Sabotage of other journalists, biased misrepresentation of his relationship with his subjects, creating events he then reported on -- these are violations of the public trust that are worse, in my opinion, than even the monetary damage done.
I want Keys to get a non-biased, regular lawyer because I don't want to see another media hype cycle make the rounds, with Jay Leiderman attempting to convince the masses of his ridiculous DDoS-as-protest theory, which you so clearly pointed out the flaws in.
If Keys is guilty, the best thing for everyone would be if he took a plea deal, served his time or probation, and moved on with his post-journalism-career soul-searching. With Leiderman at the helm, we can be pretty sure of a not-guilty plea and extended, expensive trial with associated hashtags, media blitzes, twibbons & hoopla.
The Food Lion case is indeed interesting to compare with this one. Food Lion was outraged that reporters had infiltrated to expose them. Now, Keys claims he had the same motive for joining Anon chats, but instead of being outraged, their top lawyer volunteers to represent him? If Anon is the Food Lion in this story, why is Leiderman even offering to help Keys, the infiltrator?
It seems like Leiderman's constructing some bizarre Orwellian narrative, where the infiltrator broke in only in order to reveal how secretly glorious the great Party leaders really are, which the oppressive regime media was trying to hide, so he's actually a freedom fighter.
Strange events indeed, and I'm always glad to read your thoughts about them.
Posted by: Revmagdalen | 03/16/2013 at 12:54 PM
Tweets don't always do justice to thoughts and I'm glad you elaborated yours here.
I realize you aren't condoning his behaviour, and I'm glad you've played up some of the subtleties that no one else has reported on: the violation of journalistic ethics. Instead of examining these and expressing the norms about them, the tech media and the "progressives" that have been techified like The Atlantic rush to find the "free expression" angle and think it needs shoring up.
Everyone needs a lawyer and everyone deserves and gets a lawyer under the law, pro bono if he cannot afford it. In this case, he's got pro bono lawyers eager to serve their cause and the supposedly higher cause of the copyleftists and hacksters.
It seemed to me you were saying, "Poor Matthew Keys, he hasn't really done the big-time crime, and by making much of him, we're distracting from the larger fish that I'd really like to see punished". To which I could only say, "Let's not worry about poor Matthew, he will have a zillion people defending him, let's take the critical approach and let justice be done -- because we do have faith in the system that it will be done."
You may not have that faith in the system of justice, given your own case and everything you have been through. I also have seen many injustices in the justice system, particularly with the stop-and-frisk and the DAT system in New York with its huge conveyor-belt of cases, where you can particularly see race-based justice -- white people with expensive private lawyers go free or get bail and eventually get out, black people can't raise bail, have to use pro-bono lawyers, they end up taking the plea just to move along, and get a record and jail time often. I've seen this in action, and I don't need persuasion of the unfair nature of many aspects of our justice system.
But I've also seen how justice works in Russia or other countries up close, and there are many things for which we have to be grateful and which do more or less work, especially in combination with a free press.
So you're saying here that you don't want to see these particular hucksters use the media circus to disguise their client's likely guilt and try to forge new ground in the law with the DDoS "sit-in" theory. And I agree that's unappetizing and adverse.
But I trust in the system to withstand *even that*. In fact, it has to, if it is to retain its credibility as an independent justice system. In Sacramento, California, I think it will.
I'd be happy to see a not-guilty plea so that everyone can get off their scarifying with 50-year sentences and their endless ranting about the plea-bargaining system in general(because most of them never watch court cases in action, except perhaps on TV, they don't seem to concede that a lot of plea-bargainers are guilty).
And I don't think that in this day and age, the Electronic Frontier Foundation, circus-running lawyers, the frenzied tech media, etc. are going to be able to throw a jury as they could in 1990s in the crackdown on the phreakers -- the crackdown that failed, and set us up for the age of Anonymous and Chinese hackers by weakening the system.
That's because the ordinary people that will wind up on the jury are that much more savvy about the Internet than the juries of the 1990s era.
Back then, you could waive a a few pages of paper about the 911 system and make the jury think it was a nothing, and shouldn't have cost anything, if some other paper like it didn't cost anything, and that the intracies of boards and networks and copying would baffle people.
Now, they will have their own experience of being hacked and losing privacy, more often than not. They will have been harmed, if nowhere else, in a game or on social media by people they thought were their friends. They'll know what an IP address is -- people really aren't that stupid. They'll know because they may have blocked one on their blog or pasted it into their Second Life land menu for a radio station.
They will have thought about the issues of new and old media journalism because they consume it every day, even if it is unlikely they'll be one of the producers, and they will be that public whose trust is violated and they won't like it.
I'm a big believer in the state having to make its case to the random jury, then selected by the voir-dire system. Yes, it means people influenced by the press, but that means they will have read an awful lot about hacking and even the liberal Obama having to issue denunciations of hacking. Unlike the cadre of geeks around EFF and the Google lobby, they are not going to be kind -- they will understand right from wrong. That is my faith and hope. I may be misguided here.
Food Lion isn't exactly a legal precedent, I don't think, because of the technical differences between fraud to gain employment to do an expose, and fraud in the IRC channel -- that is, the case isn't about Anonymous suing this journalist for faking them out in their IRC channel and then setting them up to hack something that they got in trouble for. They aren't the ones suing. That would be a funny case, of course, hackers indignant that they've been hacked.
But still, the philosophical issues are similar for me because it's about this idea that journalists get to suspend the notion of crime as applying to themselves "for the sake of the story," and the system doesn't buy that, and shouldn't buy that, as it is unethical and is fraud.
Instead, the government is bringing a case for a journalist colluding with hackers in hacking. And it's all part of a larger set of cases also involving Sabu, who has not yet been tried yet.
Liederman's narrative is not only Orwellian, in that he is trying to exonerate the glorious lunch-counter like hackers fighting The Man in the media -- oh, that evil monolith of corporate media in which Fox News, of course, is a proper target. Mike Massing in the New York Review of Books wasn't enough to "get them" with his "let's scrutinize them and see if we can come up with a legal case on them" -- so let's "get them" another way, through glorious freedom-fighter hacking. I'm glad you have brought all that up.
But he's also constructing another narrative that we've heard a million times before online in every game or social media or chat group: "My IP is not me".
"I am not the thing I was," they could be crying, as in Shakespeare.
But your IP *is* you, dumbass, that's why Facebook let's you log in without more screens demanding security checks -- try logging in from overseas and you will get how your IP is you, der. To cite one of many examples of how your IP is you.
Duh, we get that it isn't *exactly* you. But when that "you" shows up in Sacramento, and you're in Sacramento, and you don't deny using that handle, and you don't deny doing a story on Anonymous, do you think *that* alibi will stick?!
The lawyers and Matthew Keys in fact aren't thinking it will stick -- although they will likely invoke it on the way, and the feds have noted this in the search warrant precisely as a reason to get the search warrant, if you will.
So they're going to go even bolder "I wuz hacked" -- some other evil person used my account. Or used my name, logging on from somewhere else. Or tampered with the chat logs you see before you, somehow.
Ok, tell me another, kids. No one in the jury will be allowed to look at Matthew's history of assholery. You don't go to jail just for being an asshole online, more's the pity from the perspective of many Plurk Princesses.
So what will happen next? Matthew already told Parmy Olsen that he didn't do it, and now his lawyer says he didn't do it, so they are flying directly into the wind on this one.
And I'm counting on the feds here to have some more pieces of evidence, whether from records from Yahoo or some other place, that will help them make their case. I'm counting on them being smart enough to do that before bringing that case. Many think feds aren't smart and don't even understand how "the Interwebz" work. I don't think that.
Thanks for leaving an explication of your thoughts, it's helpful.
Posted by: Catherine Fitzpatrick | 03/16/2013 at 04:36 PM