College Police Target Linux User; Bloggers Up in Arms
We've all heard arguments about whether the command line is a powerful and elegant tool or an unnecessary pain, but does using a no-pretty-colors interface constitute suspicious behavior? That's the way it looked in the case of a Boston College student whose computer was confiscated during an online harassment investigation. Some say a deeper reading of the police's warrant yields a different conclusion.
Apr 20, 2009 4:00 AM PT
Mention "Linux" and "police" in the same sentence, and you're pretty sure to get bloggers' attention. Mention them in such a way as to suggest that Linux was a motivating factor behind a police investigation, and you're likely to have a virtual riot on your hands.
Sure enough, that's exactly what has been going on in the Linux blogosphere over the past few days following reports suggesting that a Boston College student is being investigated and has had his property seized at least in part because he uses "a black screen with white font which he uses prompt commands on."
Hard to believe? Read on.
It all apparently began when an email was sent to a Boston College mailing list alleging that a particular student was gay, according to the Electronic Frontier Foundation (EFF). "Police say they know who sent the email and that the sender committed the crimes of 'obtaining computer services by fraud or misrepresentation' and obtaining 'unauthorized access to a computer system,'" the EFF explained.
The police in question then obtained a search warrant to search the Linux user's room, citing "suspicious activities" including "being seen with 'unknown laptop computers,'" using multiple names to log on to his computer and using two different operating systems -- including one that is not the 'regular B.C. operating system,'" the EFF said.
The student was also guilty of working for the college's IT department, according to the warrant application.
'A Fishing Expedition'
"However, nothing presented by the investigating officer to obtain the warrant, including the allegation that the student sent the email to the mailing list, could constitute the cited criminal offenses," added the EFF, which is now representing the student.
"The police used inapplicable criminal laws as a basis for a fishing expedition to determine the author of an anonymous email," charged EFF Senior Staff Attorney Matt Zimmerman. "Now, this student has been suspended from his job, and he is without a laptop and other devices he needs to do his schoolwork. His private communications and papers are in the hands of police who are searching for evidence without just cause. Even his cell phone and iPod were taken, clearly an overreach if the goal is tracking the source of an email."
On Friday, the EFF and the Fish and Richardson law firm filed an emergency motion to quash and for the return of seized property on behalf of the student in question.
'Using Linux Is a Crime'
Now, as is so often the case, bloggers' reactions to this bit of news have been at least as interesting as the news itself was.
"Should Boston College Linux users be looking over their shoulders?" the EFF's Zimmerman asked on his blog.
Even more so: "Apparently, using Linux is a crime at Boston College," charged ZDNet's Christopher Dawson.
'Command Line Interface Terrorism'!
"This would be funny except it's scary instead ..." wrote Slashdot blogger platypussrex.
"What's scary about it?" shot back Anonymous Coward. "The Police are merely guarding our rights and preventing any of those terrifying terrorist hacker nazi communist muslims from setting off a dirty bomb and infecting us with anthrax.
"Don't you feel that giving up a few freedoms is worth the security that the Boston College Campus Police can give you in return?" quipped Anonymous Coward.
Alternatively: "Hey, is it any surprise campus security are afraid of Command Line Interface Terrorism?" pondered Red Flayer.
In response: "Yes, actually it is surprising," wrote Shakrai. "Anybody who has ever seen 24 knows that terrorists and the Government both rely on a single GUI interface for everything from tracking motor vehicles to taking over nuclear power plants."
If ever there was a story to inspire controversy, this one is it. So we here at LinuxInsider took to the streets to see what we'd find.
'Panic and Paranoia'
"From time to time and definitely since 9/11, folks in charge of public places panic or show paranoia for anything they do not understand," blogger Robert Pogson told LinuxInsider. "Fifteen years ago everyone using DOS had occasion to use typed commands, but with the advent of the GUI (graphical user interface) on PCs, this is less common. All many know about typed commands is what they see on TV/movies/news, suggesting that evil 'hackers' use it."
The police's own technology may also be a factor, Slashdot blogger hairyfeet told LinuxInsider --specifically, the fact that most of their forensic tools work only on Windows. "By using Linux, an OS that law enforcement is unfamiliar with and [on] which the tools normally used in their investigations won't run, you will automatically raise a red flag with the police," he explained.
On the other hand: "I actually read the warrant application, and the police are not nearly as ignorant as the EFF's press release makes it seem," Slashdot blogger Mhall119 told LinuxInsider. "They weren't claiming that using a command line made him suspicious; it was used as an example of the defendant's computer knowledge and skills, to justify a more extensive search of all his personal electronics."
'Nothing to Do With Linux'
At the heart of the actual charges, Mhall119 added, were "rather incriminating network logs provided by Boston College showing what appears to be the defendant falsely representing himself to a third-party Web site in order to create a profile depicting another student as being gay."
Bottom line? "The charges have nothing whatsoever to do with the defendant's use of Linux," Mhall119 asserted.
Indeed, "I am quick to defend Linux from spurious attacks," Slashdot blogger yagu began. Nevertheless, "you need only to read the actual warrant to find nothing could be further from the reality" than what much press coverage of the case has suggested, he pointed out.
Specifically, among the claims on the warrant are that:
- "the accused had been involved in other and previous illegal computer shenanigans"; and
- "he used a university mailing list for inappropriate messages," yagu told LinuxInsider.
"Heck, after reading the warrant, *I* would like to see the guy arrested!" yagu exclaimed.
'Guilty of FUD'
Yet "the warrant barely references a 'non-standard' computer as justification for seizing computers -- it is merely one item mentioned," he added.
Translation? "The ones screaming foul on this are every bit as guilty of FUD as Microsoft, but they use FUD to claim unfair treatment of the Linux user community," yagu charged. "In this case, they're wrong."
The case doesn't serve the Linux community well, yagu added. "I don't know who to be most irritated with: The online rag posting the original article, or the Diggs and Slashdotters who piled on. There are worthy examples of bizarre negativity around Linux, but this isn't one of them."
'Stretching the Law'
The issue has been "overhyped," Chris Travers, a Slashdot blogger who works on the LedgerSMB project, agreed.
"The computers were seized not just because they had secondary operating systems, but because of an informer who had previously given reliable tips to the police in other investigations," Travers told LinuxInsider.
A far more serious issue, however, is that "the crimes alleged do not match the accusation," as mentioned in the EFF blog, Travers noted. "The police appear to be attempting to stretch the law to cover an activity that they think should have been a crime in retrospect.
'A Very Real Threat'
"In this regard, this is an important case, and I am glad the EFF is involved," he said.
It's parallel in many ways to the case of Lori Drew, Travers asserted. Specifically, both focused on "unauthorized access," he said -- that allegation "is being brought up here, with an argument that sending an email accusing someone of being gay to the college's email server somehow constituted 'unauthorized access,'" he said.
"We are supposed to be free from arbitrary government according to our Constitution," Travers concluded, "so stretching 'unauthorized access' so far as to effectively criminalize nearly everyone is a very real threat to our rule of law."