←back to thread

Man jailed for parole violations after refusing to decrypt his Tor node

(reddit.com)
989 points heavyset_go | 1 comments | 16 Sep 25 12:10 UTC | HN request time: 0.345s | source
Show context
tptacek ◴[16 Sep 25 13:26 UTC] No.45261951[source]
For whatever it's worth, the Reddit story here says that the federal courts used "fraudulent warrants to jail my husband again". Maybe! The other side of that story, via PACER, is a detailed parole violation warrant (you can hear the marshal refer to it in the video); the violations in that warrant:

1. Admitting to using cannabis during supervised release

2. Failing to make scheduled restitution payments and to cooperate with the financial investigation that sets restitution payment amounts.

3. Falling out of contact with his probation officer, who attempted home visits to find him.

4. Opening several new lines of credit.

5. Using an unauthorized iPhone (all his Internet devices apparently have keyloggers as a condition of his release).

These read like kind of standard parole terms? I don't know what the hell happened to get him into this situation in the first place, though.

replies(13): >>45261987 #>>45262004 #>>45262031 #>>45262032 #>>45262053 #>>45262096 #>>45262107 #>>45262359 #>>45262427 #>>45262489 #>>45262691 #>>45263190 #>>45263322 #
tptacek ◴[16 Sep 25 13:33 UTC] No.45262053[source]
OK, I think I found the original thing Rockenhaus was convicted of.

Back in 2014, Rockenhaus worked for a travel booking company. He was fired. He used stale VPN access to connect back to the company's infrastructure, and then detached a SCSI LUN from the server cluster, crashing it. The company, not knowing he was involved, retained him to help diagnose and fix the problem. During the investigation, the company figured out he caused the crash, and terminated him again. He then somehow gained access to their disaster recovery facility and physically fucked up a bunch of servers. They were down a total of about 30 days and incurred $500k in losses.

(He plead this case out, so these are I guess uncontested claims).

replies(12): >>45262123 #>>45262144 #>>45262161 #>>45262367 #>>45262384 #>>45262386 #>>45262724 #>>45262818 #>>45262976 #>>45263837 #>>45263945 #>>45264601 #
petcat ◴[16 Sep 25 13:42 UTC] No.45262161[source]
If all of that is true, then that is a very serious CFAA charge. It makes sense that they would want to downplay it as "minor" and "not relevant". It sounds like the parole violations came later? In any case, thank you for researching. There is always more to the story.
replies(3): >>45262268 #>>45262432 #>>45262527 #
mothballed ◴[16 Sep 25 14:13 UTC] No.45262527[source]
Weev 'violated' the CFAA for incrementing a GET request, with his overturned conviction only for wrong jurisdiction. So the government has put us in a position where it's hard to take the CFAA seriously.

We also know from prosecutions in other statutes that the government will often prosecute a a broad crime with many separate sub-definitions of the various way you can break it, then refuse to tell you under which sub-definition you're being charged, meaning you have no way to know if the jury even were unanimously convicting for the same thing and no way to know what you're even defending against.

replies(8): >>45262557 #>>45262571 #>>45262622 #>>45262628 #>>45262637 #>>45262699 #>>45263111 #>>45269890 #
1. tptacek ◴[16 Sep 25 14:22 UTC] No.45262637[source]
As you probably know, it's everything that happened after they incremented that HTTP request that formed the basis for his charges. Message board discussions tend to want to distill "hacking" CFAA cases down to the specific shell script that ran, but these cases are almost always heavily situational and fact dependent.

Interestingly, Rockenhaus's isn't --- it's more or less exactly the circumstance foreseen by the authors of CFAA, who believed that even though existing law covered most hacking-type scenarios, they didn't form a clear basis for felony charges for purely destructive computer abuse.