←back to thread

Man jailed for parole violations after refusing to decrypt his Tor node

(reddit.com)
988 points heavyset_go | 8 comments | 16 Sep 25 12:10 UTC | HN request time: 0.839s | source | bottom
Show context
tptacek ◴[16 Sep 25 13:26 UTC] No.45261951[source]
For whatever it's worth, the Reddit story here says that the federal courts used "fraudulent warrants to jail my husband again". Maybe! The other side of that story, via PACER, is a detailed parole violation warrant (you can hear the marshal refer to it in the video); the violations in that warrant:

1. Admitting to using cannabis during supervised release

2. Failing to make scheduled restitution payments and to cooperate with the financial investigation that sets restitution payment amounts.

3. Falling out of contact with his probation officer, who attempted home visits to find him.

4. Opening several new lines of credit.

5. Using an unauthorized iPhone (all his Internet devices apparently have keyloggers as a condition of his release).

These read like kind of standard parole terms? I don't know what the hell happened to get him into this situation in the first place, though.

replies(13): >>45261987 #>>45262004 #>>45262031 #>>45262032 #>>45262053 #>>45262096 #>>45262107 #>>45262359 #>>45262427 #>>45262489 #>>45262691 #>>45263190 #>>45263322 #
tptacek ◴[16 Sep 25 13:33 UTC] No.45262053[source]
OK, I think I found the original thing Rockenhaus was convicted of.

Back in 2014, Rockenhaus worked for a travel booking company. He was fired. He used stale VPN access to connect back to the company's infrastructure, and then detached a SCSI LUN from the server cluster, crashing it. The company, not knowing he was involved, retained him to help diagnose and fix the problem. During the investigation, the company figured out he caused the crash, and terminated him again. He then somehow gained access to their disaster recovery facility and physically fucked up a bunch of servers. They were down a total of about 30 days and incurred $500k in losses.

(He plead this case out, so these are I guess uncontested claims).

replies(12): >>45262123 #>>45262144 #>>45262161 #>>45262367 #>>45262384 #>>45262386 #>>45262724 #>>45262818 #>>45262976 #>>45263837 #>>45263945 #>>45264601 #
kstrauser ◴[16 Sep 25 14:00 UTC] No.45262386[source]
Good grief. This is also part of the reason why I have a pact with my coworkers: if I’m terminated, kill my access immediately and universally, and I’ll do the same for them. I don’t even want to have the ability to look at stuff anymore. Remove any shred of possibility that I could get into shenanigans later.
replies(3): >>45262488 #>>45262671 #>>45263176 #
1. dsr_ ◴[16 Sep 25 14:10 UTC] No.45262488[source]
That shouldn't require a pact, that should be part of the standard check list for ending employment. (The list is longer for those who have root, but it should still be a list.)
replies(1): >>45262758 #
2. kstrauser ◴[16 Sep 25 14:30 UTC] No.45262758[source]
For sure, and I’m often the one who makes the list, and one with root. But the big thing is to do it quickly, like within the hour, and diligently. Don’t say, oh, I’ll give him a chance to access his email and download stuff, or whatever. No! Like, cut me off completely right now.

Then, if something breaks down the road, there’s no temptation for them to wonder if I had anything to do with that weird failure.

(And obviously, don’t freaking hack your ex employers! But also don’t even leave the impression that you could.)

replies(2): >>45264025 #>>45264073 #
3. terminalshort ◴[16 Sep 25 15:59 UTC] No.45264025[source]
I agree with the overall point. (And WTH would you ever have things you need to download in your work email?) But there's not an employer I have ever left that I couldn't have done extensive damage to without any permissions at all. Not that I would ever add a felony charge to even the most bitter firing, but I could.
replies(2): >>45264265 #>>45264550 #
4. vidarh ◴[16 Sep 25 16:02 UTC] No.45264073[source]
Yeah, I usually stress to employers and clients that I want to be cut off quickly, and usually remind them of what they need to lock me out of when I leave.

Even then, I've had clients for whom things have broken come to me in despair hoping I'd kept access. The day one of them for whatever reason decides to suspect that I was the one to break things, I will be very happy to be able to point to consistently having done what I can to ensure I get locked out.

replies(1): >>45264239 #
5. kstrauser ◴[16 Sep 25 16:14 UTC] No.45264239{3}[source]
I've had that, too! Fairly recently, an ex client who sold their business to someone with a full-time IT staff asked me if I had the password to unlock their NAS. No, I didn't. I turned all those over to the IT staff, strongly recommended that they change them, and deleted my local copies. Sorry, but no, I can't help you with that.
6. kstrauser ◴[16 Sep 25 16:16 UTC] No.45264265{3}[source]
I'm sure that's probably true for all of us, to some extent. Things holding me back:

1. It's wrong. That's not how my parents raised me.

2. I value and protect my reputation.

3. I want to be able to have another job in the field without being permanently deny-listed.

4. Prison sounds awful.

7. nerdsniper ◴[16 Sep 25 16:37 UTC] No.45264550{3}[source]
> And WTH would you ever have things you need to download in your work email?

Because you got a university email as a student 20-30 years ago back when .edu emails were "for life". Then you started working at the university as a staff-person under the same email. Then 20-30 years later you're leaving, and much of your digital identity is inextricably linked to that old "personal" email.

replies(1): >>45269061 #
8. terminalshort ◴[16 Sep 25 22:27 UTC] No.45269061{4}[source]
There was a time when I could be sympathetic to that, but it's long past.