Update: Judge orders self-described hacker's computer seized without warning
The court was worried developer Corey Thuen might erase evidence
Computerworld - In a rare move, a federal court in Idaho recently ordered a software developer's computer seized and its contents copied without prior notice because the developer described himself as a 'hacker' on his website.
Judge Lynn Winmill, of the U.S. District Court for the District of Idaho, issued the ruling even as he acknowledged it was "very rare" and "extraordinary." Nonetheless, he maintained it was necessary under the circumstances. "The tipping point for the Court comes from evidence that the defendants - in their own words - are hackers," Winmill wrote.
"By labeling themselves this way, they have essentially announced that they have the necessary computer skills and intent to simultaneously release the code publicly and conceal their role in that act."
The ruling has potential Fourth Amendment implications against unreasonable search and seizure and involves Battelle Energy Alliance and Southfork Security, a software startup established this year by former Battelle employee Corey Thuen.
Battelle Energy Alliance is based in Idaho Falls. It manages and operates the Idaho National Laboratory (INL) on behalf of the U.S. Department of Energy.
In 2009, Battelle was commissioned to build a monitoring tool capable of detecting and stopping anomalous behavior on INL's network. The result of that effort was a security tool dubbed Sophia. Thuen was part of the team that helped develop Sophia.
In 2012, after successful tests of the tool, Battelle decided to license Sophia out to other owners and operators of industrial control systems and Supervisory Control and Data Acquisition (SCADA) systems.
Since Battelle did not have the ability to commercialize the product on its own, it opened up a bidding process for companies interested in doing so. Thuen left Battelle and set up Southfork Security so his new company could bid for exclusive rights to the product.
Southfork submitted a proposal for licensing the product early this year but withdrew it shortly thereafter.
Battelle claims that a few months later, Southfork began marketing a tool called Visdom that was very similar to Sophia. Battelle also claimed that Southfork planned to offer Visdom as an open-source product available to all.
In a complaint, the company urged the court to issue a Temporary Restraining Order on Southfork preventing it from marketing Visdom or releasing it to the open-source community. Battelle claimed copyright infringement, trade secret theft, breach of contracts and other misdeeds by Southfork.
Battelle also asked the court to issue the restraining order without any notice, because it feared Thuen would release the software as open source if he were given notice.
In complying with that request, Winmill offered several explanations as to why Battelle's numerous claims were strong enough to merit a restraining order. However, it was the judge's reasons for issuing the order without notice to Southfork raised questions.
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Confront consumerization with convergence Virtualization expert Elias Khnaser spotlights the security, compliance, and governance issues that arise when enterprise users "consumerize" with shadow IT and public cloud...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Legal White Papers | Webcasts