Isn;t this just like the Schwarzenegger gaffe which was stolen off a California state computer hacked by his opponent's campaign.

Seems like a cottage industry of digital larceny has taken root in Democrat ranks

When you have no plans, in fact the democrats don't have a clue, then you have to steal the other guys work.

Interesting development. The question is how much ink will this generate? If Klobuchar was the Republican we could expect a lot. However, I suspect the Strib will spend a lot of time looking the other way and deciding other things are more worthy of being covered. The Kennedy campaign, party leaders and allies in the new media will more than likely have to do the heavy lifting to make sure this gets the play it deserves.

Ken

I'm working on a Minnesota Stories Investigative Report showing just how easy and legal it is to find campaign ads on the unsecure web site of Mark Kennedy's ad man. That's assuming knowing how to use a web browser is legal...

Power Line and MDE: Crazy liars?

Yeah Chuck -- we'll be looking for that report.

If it's so legal Chuck, why did the Klobuchar campaign feel it prudent to report it to the FBI?!?

Perhaps MN dem bloggers can use their web browsers to access a law dictionary and look up the definition of "larceny".

Hints. the crime does not require force or even the knowledge of the victim at the time it is committed. And negligence on the victim's part is no defense to the crime.

I also wonder that since Howell's firm is in Dallas whether the perp can be prosecuted under TEXAS criminal statutes?

Hey, Kevin, great post! It's stories like this that show why I visit this site numerous times a day. :)

I think it shows the Republicans also need to start getting their system administrators to brush up on security as well. Not excusing the Dems at all by this. A thief sneaking through an open window is still a thief. But a security guard who leaves a window open needs his job re-evaluated as well.

Since it's obvious there is a culture of hacking and electronic Watergating in the Democratic party the Reps need to be more vigilant.

>I think it shows the Republicans also need to start getting their system administrators to brush up on security as well.

That was my initial accessment as well...

But after thinking about it I changed my mind.

The damage done to the Dems by them breaking the law is worth far more than a few campaign vids. Heck, I think Republicans should make it as easy as possible for the Dems to break the law.

I don't want Republican Sys Admins tighening serurity, I just want them keeping very good server logs. lol

When?

1) Calling the FBI was a way for Klobuchar to play it safe, look tough, and distance herself from this incident. Pretty smart, but quite an overreaction IMO.

2) The giant problem with what you posted here is that the page in question was a publicly available page. All that so-called-password page does is redirect to a public client page. Kunin could have easily forwarded that direct link to anyone and they wouldn't have needed any password to watch the video. It was all unprotected and public.

Chuck, you cannot be that dense. The moment that clown entered a password that was *not* assigned to him by the firm's system administrator he committed a crime. Whether he guessed right the first time or ran a cracker program to come up with one that would allow him to proceed is irrelevant; whether the page he was directed to was "public" to all approved users of the system is irrelevant. He falsely assumed the identity of the person whose password he used to gain access to the ad agency's property, and then disseminated said property.

Ipso facto, he's down for committing fraud, theft, and dealing in stolen goods.

You're wrong on all accounts.

Most importantly, this is not a password screen - it's a redirect. Here's proof. I'm sure the word "password" made his poor clients feel better, but this screen is completely useless.

Besides that, because the page redirects to a public page that you could discover and access anyway, typing a word in this page is not illegal.

Furthermore, providing a link to a public web page is not "disseminating stolen property."

Information Warfare,
It's not just for breakfast anymore.

No matter how poorly it's implemented, the "password" request makes the INTENT of the ad agency clear, and that's what matters legally. I suspect that the Klobuchar folks turned themselves in because they knew it would be traced back to their informant, and from him, then to the campaign.

If we're talking about the Digital Millennium Copyright Act, it states that a technological measure “effectively controls access to a work” if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.

Here, one can gain access to the work without any such requirements. But yeah, it's in the hands of lawyers now.

Chuck, if you accidentally go out one day and leave your door unlocked, is it OK for me to go in and take whatever I want? After all, your door didn't actually implement any security controls, it just redirected me to another part of your house. And presumably your house can be seen from the street, so you should have no expectation of privacy.

You gotta be the most obtuse dude I've run into this month, chuck (and with some of the clients I have, that is saying something!).
You cannot gain access from that page to *anything* without "the application of information." No matter how shoddy the underlying code might be constructed (and you can be sure the idiot who built that site is unemployed now for being... well, an idiot), it does not say "click here to proceed." The firm's intent is clear when it asks for a password. If there is a sign on a door that says "Do Not Enter" or "Employees Only," saying "it was wasn't locked!" is not a defense for crossing the threshold without permission.

No judge or jury is gonna give a damn about the code being flawed.

Say, by chuck's "logic," maybe crime didn't really go up during Klobuchar's tenure as County Attorney in Hennepin County after all.

Maybe the citizens she was supposed to serve failed to protect their own lives and property from crime. How can we blame the poor criminals for breaking through such flimsy locks?

Chuck, when can we expect your report? I'm not interested in the part about how easy it was, I don't doubt that part of the story, but rather the expert legal analysis of accessing the video. Just because it was easy doesn't make it legal.

Cousin Dave: If you come to my web site, and download one of my videos, can I throw you in jail? That analogy doesn't work. We're talking about PUBLICLY AVAILABLE FILES, which you people don't seem to understand.

Leather Penguin: I take it you're not a lawyer either, so you're talking out of your ass. I'm sure intent is a factor, but so is the functionality and the fact that these pages are publicly available, regardless of whether the client redirect page even exists.

Tom: I'm not a lawyer, so there will be no "expert legal analysis." But you don't need to be a legal expert to know we can access public web pages without breaking the law.

As to whether Noah broke the law - I posted what I think is the relevant bit of the DMCA above. You'll draw your own conclusions regardless of whatever I say here. Like I said, it's really up to the lawyers. But there's strong support of no law being broken.

Ethics -- that's another matter. I think most people agreee it was not smart to send this to the Klobuchar campaign. The Klobuchar campaign took rather decisive and moral action. Most voters won't really give a rat's ass about the minutae of how a blogger accessed the ad anyway.

The page that was linked to by this redirect was a public page, simply not otherwise directly linked to from the site's top level pages. On my dinkytoy home page I still have old pages sitting there that are no longer directly linked from the top page, but which one could get to simply by typing the complete URL to that page in the browser. These pages can also be located if you search for the right keywords in Google.

Now at this point the "Allen" page has been removed or closed off due to this brouhaha, but what if, instead of finding it by typing in the "password" field, Noah had come across it via Google or some other search?

Saying that this is a crime is like saying that "I left a box on the curb in front of my house. I can get to it from my yard via an unlocked gate. Someone looked in the box after coming through my yard. Crime!! Oh, but if they looked in it after walking up the street, that would be OK."

Kunin is quite ensconced in the Culture of Corruption, as illustrated by his company's client list:
* The Democratic National Committee

* MoveOn.org Political Action

* Democratic Congressional Campaign Committee

* The Center for American Progress

* Working America

* People For The American Way

* Yes on C&D (Colorado Referenda)

* Forests Forever

* The Media Fund

* Common Cause

* ACORN

* Pennsylvania Coordinated Campaign

* Washington Coordinated Campaign

* Amnesty International

Dirty tricks are to be expected. I hope he's prosecuted big time.

Kunin a liberal blogger? Never would have guessed that from the photo.

Sorry, guys I think Chuck is dead right on this one and there's no way anyone will be convicted of a crime here.

Your analogy of locks and signs and doors makes sense only if you understand that this site is like a house with a door but no walls!

You're basically arguing that having a door with a sign on it saying "No Admittance" would allow you to convict someone of breaking and entering if they *look* at what's plainly visible behind the door.

The problem with the story is that the relevant evidence probably isn't archived on google cache or archive.org

What's relevant is whether the virtual directory listing was allowed prior to the breach. If you could browse the directory simply by chopping off a legitimate URL that's not a security system, it's fair game. Any Scott Howell & Company client would know the relevant directory and could pass that on to this blogger who could browse through the portfolio to his heart's content without ever getting to that password screen, without ever *seeing* the password screen.

In other words, the logs may tell us the story but it's not a slam dunk case and we should be cautious on this one.

My credentials on this are over 15 years as a network administrator starting in the early 90s and my continuing work in the field. Personally, I'm a libertarian with a strong antipathy toward the Democrat party but diving into the fever swamps doesn't do anybody any favors no matter how tempting.

Rheinhard-

How convaluted is your "analogy"? Try again-it's awful.

If your analogy is correct than why did Klobuchar ask McGuiness to resign? Why did she report it to the FBI?

Honestly I could take you step by step through what is so wrong with your analogy but it would take too long and I think you are beyond being just.

Ashley Tate

Same question to you.

Tim Lutas

That doesn't work. The blogger has already admitted to typing in the *password*-Allen. Also his mal-intent is evidenced by his passing the *info* gained to the OPPOSITION.

I think the analogy to someone not locking the door the their home is pretty poor. It's more like not locking the door to your business. Public websites are in general places that their owners want others to visit.

The blogger who guessed a password that gave him access to the ad might have some legal liability; but if that 'password' page really is as ludicrously bad as chuck says it is, and returns a direct link to the add, then no one else who viewed it using that link should have any liability at all. Firing the staffer seems to me like a huge overreaction in an attempt to limit political damage.

You are all wrong.
the Democracts are on the side of RIGHT. It is obvious by their policies, and we who disagree with them can only do so because we are morally wrong.
Therefore, it is ok to violate the law, the law only applies to civilized people on the side of RIGHT. i.e. those who agree with me.

Hitler, Lenin, Stalin, Mao, Che, Castro, all knew this simple truth. All of them were also on the political left. It is time we woke up and smelled the proletariat.

they did nothing wrong, in fact, we should commend them!

Rory:

"just" (n) = in all cases, the conclusion which makes Republicans happy.

Yeah I guess I'm just incapable of being "just".

As to the FBI deal, I think it's generally the case that most politicians and campaigns have not a clue how the Internet really works. Witness Lieberman's campaign lying about how their website was "hacked", when in fact it collapsed due to their own technical incompetence and inability to handle high traffic loads expected on the day of one of the most closely watched primaries in the nation. In Klobuchar's case, I'm pretty sure it's a case of wanting to avoid even an appearance of impropriety, even if there is, in fact, nothing illegal about the underlying act.

Well nevermind trying to answer the questions-Klobuchar's OWN spokesman has-

In a prepared statement, Klobuchar campaign manager Ben Goldfarb said that communications director Tara McGuinness was contacted by a local blogger last Saturday who sent her a link to the Kennedy ad.

"The blogger indicated to Ms. McGuinness that he had gained access to the advertisement by use of passwords," Goldfarb said in the statement. "Exercising poor judgment, Ms. McGuinness opened the link, watched the advertisement and asked others on our campaign to watch it."

Source Channel 11

Chuck:

Furthermore, providing a link to a public web page is not "disseminating stolen property."

Why defend the indefensible? Kunin was a naive fool. (This is made even more apparent by the fact that he's found himself in a hole and has decided to get out of it by digging harder. He writes that the access page "Was in no way secured." That's going to play well for your average technically-challenged juror when they see the word "password" on the access page. Get a lawyer quick, Noah.) McGuinness was simply an idiot.

For what it's worth, at least Klobuchar's campaign recognized the problem and dealt with it, no matter how clumsily; and who knows, maybe they can document an FBI request to keep quiet about it pending initial inquiries. In my opinion people should give Klobuchar the benefit of a doubt on this one.