What’s the news here: the lefties hacked Norm Coleman’s donor database and published it,.or that they are trying to wrap themselves in a mantle of phony righteousness for doin it?
John Hinderaker notes:
It’s impossible to say whether Wikileaks hacked Coleman’s site and is now making the information public out of frustration at lack of publicity, or whether a different Democratic Party group did the hacking and passed the information off to Wikileaks to be illegally disseminated. I replied to Wikileaks’ email asking for a name and telephone number and saying that I would like to interview them; needless to say, I didn’t get a response. Like so many leftists, they prefer to hide behind a cloak of anonymity.
Which is no surprise to any of us who’ve dealt with these people, ever.
A week or two after the liberal hacking of Coleman’s site took place, I got a notice from my bank that my credit card numbers had been stolen and patently improper charges were being rung up. As a result I had to cancel that credit card and get a new one. I didn’t know it at the time, but it appears that in all probability, I was one of the victims of the Democrats’ hacking of Coleman’s web site.
Just another day in contemporary American politics. Liberals break the law, violate their opponents’ privacy, either commit or facilitate theft, and meanwhile assure the rest of us that they did all of this because of their moral superiority.
Lefties are claiming that it wasn’t a hack; Paul Schmelzer at the Minnesoros “Independent” carries out his paymasters’ will, tells us “2+2=”orange””:
the database was not revealed by hackers, according to IT professional Adria Richards, who was the first to share news of the unprotected file in late January.
“It’s not hacking,” she said. “I didn’t use any hacking tools. A browser was my tool.”
Richards said she discovered the database by entering normcoleman.com, into OpenDNS’ cache-check tool, which gave her an IP address where the Web site lived.
Simply copying that address into a Firefox browser revealed the Web site directories for colemanforsenate.com.
Richards didn’t download the database herself, but she posted a screen capture of what she’d found online after she made the discovery. An IT consultant for 10 years, she published her findings on her blog to educate others about the risks of improperly managed websites, she said.
“All you needed was a Web browser,” she said. “It’s like I walked over to Norm Coleman’s house and saw his door was open, took a photo of the open door and posted it on the Internet.”
Ah. So the Democrats didn’t have to work especially hard to get the information and puiblish it. That excuses everything!
Attention, ethically-challenged liberals and Minnesoros “Independent” staff (pardon the redundancy): if someone leaves the door to their house unlocked,and you walk inside, take out all their wife’s underwear and put it on and leave the building, you are still a thief and a cross-dresser, even if the door wasn’t locked!
Most of us know this. The rest?
They’re anonymous leftybloggers, obviously.
So it’s OK to steal if it is easy? Nice.
The Pioneer Press also seems to think that it’s all on Normie:
http://www.twincities.com/allheadlines/ci_11891772?nclick_check=1
It’s on the front page of their dead tree edition that way, too.
See the comments section here. It’s not an entirely either-or story and has numerous ethical overtones on all sides.
I also believe that if you take a photograph through an open door into a private residence, that potentially is a privacy violation under Minnesota law.
To me, the insecured information is a legitimate issue. But releasing the actual information undercuts the assertion of concern over the privacy of that information. Also, the manifesto attached on wikileaks makes the motives clear.
Ah. So the Democrats didn’t have to work especially hard to get the information and puiblish it. That excuses everything!
Wasn’t there some instance just a little bit ago where Democrats demanded criminal prosecution for Republicans dissemination of unprotected Democrat files? You know, files that were confidential and supposed to be protected?
Oh, yes! When the Senate Democrats found that their incompetence had exposed “secret” meetings they claimed they were “hacked” by a couple of GOP staffers.
Good to know they’ve changed their minds (again). Situational ethics are wonderful!
The appropriate response response of an IT professional upon finding an open door like that (even in an industry competitor) is to call the IT professional at that company and tell them their fly is open. Get a giggle out of it sure and gossip about it afterward at the bar to your geek friends. But post it on a blog like an invitation? If Ms. Richards is looking for an IT security job in the future I hope her future potential employers google THIS blog.
This a demonstration not only of bad ethics but also the tremendous ill will and thuggishness in politics today. And against a “reach across the aisle” guy like Norm, it seems particularly vicious.
Actually, Noah Kunin’s initial story was that he didn’t hack into a computer to view a couple of Mark Kennedy for Senate ads; he’d just ‘downloaded’ the information.
I wonder how long it’ll take before this lame excuse changes.
This is the standard douchey response from hackers and wannabes when they post private info online they “stumbled” upon: it’s not their fault, they’re not guilty, it’s the fault of the person who had the bad password.
She was asking for it, what with the high skirt and tight shirt and all.
Just like in the Palin email break-in, the victim’s to blame. These guys did nothing wrong and only got a few chuckles out of it.
This a demonstration not only of bad ethics but also the tremendous ill will and thuggishness in politics today. And against a “reach across the aisle” guy like Norm, it seems particularly vicious.
That’s exactly right, Margaret. The comments on Brodkorb’s blog from the usual suspects about this case are just sickening. If I were a candidate, I sure the hell wouldn’t want people like that on my side. And what’s especially dumb about it is that what the hackers and their defenders are doing won’t benefit Franken anyway. It’s just viciousness for its own sake.
I’ve never given money to Normie, but I am on his email list. I have received the two lengthy emails from the Democrats, slamming Norm. I do have a problem with Democrats hacking into Norms systems, getting my email address, then sending me emails at work attacking the Senator.
And yes, I read the article in this mornings newspaper. I actually like the St Paul papers local reporting (their NYT wire service stories have to go), so was dissapointed in how they covered the issue.
“Situational ethics are wonderful”
Actually there is a major difference between the two situations. Both Senate Republicans and WikiLeaks found a data security problem. WikiLeaks notified the public and the Coleman campaign and attempted to derive no benefit for themselves. On the other hand, Senate Republicans told no one about the security breach for about a year and used the access to gain sensitive information and distribute it to the press.
You can debate whether it is OK to find a security flaw and publicize it, but that it far different from finding a flaw and benefiting from it in secret.
Hear ye, hear ye, DickyDFL’s door is unlocked and all of his valubles are right there for the taking; come one, come all!!!
The benefit gained was the harm inflicted to the Coleman campaign along with those innocent citizens on the info lists.
DickyD, you are one ethically-challenged dumb SOB.
K-Rod:
If my door was unlocked, I would be happy if you let me know so I could close it before anyone stole something. Obviously, if someone at WikiLeaks used the data to steal money that is a different matter and just as bad as Senate Republicans. But there is no evidence that happened.
What “harm’ did WikiLeaks do to the Coleman campaign? Discovering the security breach is a benefit to the campagin. Better WikiLeaks, than some criminal who would steal the money of their donors. Disclosing the breach is embarrassing, but it seems unlikely that there was any way to address the problem without publicizing it.
As for the “innocent citizens”, WikiLeaks clearly did them a favor. They are far better off knowing about the data breach. Now they can take action to safeguard their accounts.
As self-indulgent and selective as ever, Rick.
Mitch:
As non-specific as ever.
You know damn well they didn’t just “point out the hole”.
They waved a flag and said “look at all these eeevul Republican donors!”, and as much as said “come and troll through these records”.
And by all means, read the links from Bob Collins’ comment above, as well as the link to Hinderaker.
You are reflexively disingenuous, Rick – I expect your attitude to be “My party, right or wrong”. But on the chance there’s someone out there with a sense of ethics…
What harm? You can’t just undo the dissemination of that database, you moran.
What harm? DickyD, read the post again or ask Mitch to repeat himself. Read Chuck’s comment. Pull your head out.
I imagine the Coleman campaign would have been happy if Richards would have would have told just them so they “could close it before anyone stole something”.
Your support of theft is appalling.
RickDFL said:
“As for the “innocent citizens”, WikiLeaks clearly did them a favor. They are far better off knowing about the data breach. Now they can take action to safeguard their accounts.”
This is clearly the most “reality challenged” thing you’ve said today.
What Margaret said is very close to what should have happened if there was ANY pretense of concern about “innocent citizens”. If embarrassing Norm Coleman was the goal, that could have been accomplished by capturing “proof” that the web site was unsecured, and THEN notifying the administrator of the site, and letting the world know AFTER the site was properly secured.
I guess these villains thought that wouldn’t have the same impact as facilitating identity theft.
Troy:
“by capturing “proof” that the web site was unsecured, and THEN notifying the administrator of the site, and letting the world know AFTER the site was properly secured.” That is what happened except the administrator (Coleman) refused to take the actions legally necessary to secure the information. According to WikiLeaks, proof of the security breach was given to the Coleman campaign last January. Only when he failed to notify his donors, did WikiLeaks notify them directly. It notified them before it released the info to the public. It also took steps to conceal the actual credit card numbers. There is a strong case to make that they made ID theft harder.
K-Rod:
“You can’t just undo the dissemination of that database” But it was the Coleman campaign that left the database unsecured and refused to alert all donors to the potential harm. Given that database had been accessible in theory for a long-time and that information about the breach had been circulating since late January, do the Coleman donors have to do anything today that they would not have to do last week before WikiLeaks took action?
Mitch: You and Powerline seem more concerned about damage to the Coleman image than damage to his donors. That seems to be what got Norm in the trouble when he failed to address the security problem last January.
DickyDFL sounds like the type that would justify rape because “She was askin for it by the way she dressed”. He would seem to be more concerned over the way she dressed than the actual rape.
RickDFL said:
“That is what happened except the administrator (Coleman) …”
OK, now you have me thinking you’re on crack.
K-Rod:
You are confusing two very different cases. There is no legal or moral dress code necessary to prevent rape. For good reason, too, because people should be able to dress anyway they want. People who process credit cards transactions do have legal responsibilities for data security, which the Coleman campaign failed to meet. These legal responsibilities are in place for a very good reason. Card holders need confidence their data will be kept secure.
Troy:
Do you dispute a. the Coleman campaign knew about the issue in late Jan and b. did not inform all donors of the breach?
Otherwise, your confusion when confronted with someone who knows the facts is not very surprising.
RickDFL said:
“There is a strong case to make that they made ID theft harder”
Fool.
They notified people that their names and parts of their CC numbers would be published when? That would be two days ago at earliest, and via an email that looks like spam filter bait. Weak.
And is the original file, with all the data intact, flushed from all internet caching sites? Probably not.
Wikileaks wanted the story, and they got it. The people whose data was exposed? They got the shaft.
RickDFL:
I do not dispute those issues in the least. Your confusing when confronted with English is not surprising.
DickyDFL just keeps repeating “It’s actually her fault; she was askin for it.”
Troy:
“They notified people that their names and parts of their CC numbers would be published when? That would be two days ago at earliest, and via an email that looks like spam filter bait. Weak.” What other option did they have? They don’t have the budget for certified mail or a phonebank. It would have been nice if the Coleman campaign had done those things, starting in January.
Publishing the database allows individuals to check to see if their data was compromised and take actions to protect themselves.
“And is the original file, with all the data intact, flushed from all internet caching sites?” As it was before the leak and for many weeks after Coleman knew about the breach. Only now people can take action to protect themselves.
K-Rod:
“DickyDFL just keeps repeating “It’s actually her fault; she was askin for it.”
No. I specifically denied that. Do you disagree that the Coleman campaign had an affirmative duty to protect the data and notify donors about the security breach? If not, what should WikiLeaks have done when the Coleman campaign did not do it’s duty?
“what should WikiLeaks have done when the Coleman campaign did not do it’s duty? ”
a) nothing
b) call State Attorney General
c) call FBI
d) call Financial Institutions involved
e) post private information on its website
f) anything but e
Do you disagree that the Coleman campaign had an affirmative duty to protect the data and notify donors about the security breach?
The “failure of the affirmative duty” was an error. A piece of bad programming. A bit of network configuration that was not up to current security standards. Not the affirmative act of a bunch of self-adoring jagoffs.
Your failure to lock your door does not justify my walking into your house.
If not, what should WikiLeaks have done when the Coleman campaign did not do it’s duty?
What MoN said. That you think you can excuse this sort of depravity by piling on the obtusion is…well, depressingly typical.
If you leave your door open and waving in the breeze, the proper response for me is to pull it shut and leave you a note; NOT walk in and take pictures of all your belongings and “notify” you by posting those photos on the internet, giggling about how lax about security Rick is.
I doubt you get that, though. Which is scary.
“Your confusing when confronted with English is not surprising. ”
That made me lol.
MON:
“a) nothing”
I am sure the Coleman donors appreciate your concern.
“b) call State Attorney General”
achieved by the public leak.
“c) call FBI”
see above.
“d) call Financial Institutions involved”
see above
e) post private information on its website
“f) anything but e”
So you are in favor of notifying many people, just not the people whose data is at risk.
your confusion when confronted with someone who knows the facts
…as laundered through the DFL’s moral-equivocation machine.
Mitch:
“If you leave your door open and waving in the breeze, the proper response for me is to pull it shut and leave you a note”
But in this case that is not practical. There are very very very many doors and my ability to contact directly each of the people with open doors is very very limited. Indeed the person with the best ability to contact the people with open doors is not taking action. So I make a big public announcement telling people to go home and check their doors.
“a) nothing”
I am sure the Coleman donors appreciate your concern.
Ah. So this concern, you snark about, but “Wikileaks” self-adoring, smug, anonymous, giggly snark is so altruistic.
Gotcha.
“b) call State Attorney General”
achieved by the public leak.
Remember that when it’s your house or website.
“c) call FBI”
see above.
Ibid.
So you are in favor of notifying many people, just not the people whose data is at risk.
So you are in favor of notifying everyone, regarless of their personal or organization risk?
So I make a big public announcement telling people to go home and check their doors.
If you think Wikileaks’ “manifesto” related to this was as you’re describing it, it answers a lot of questions about you.
Really.
You are truly from Planet DFL.
Tic-Rick… does your back hurt when you do that?
“So you are in favor of notifying many people,”
I’m in favor of notifying the right people.
Mitch:
“So you are in favor of notifying everyone, regarless of their personal or organization risk? ”
I don’t know for sure, but notify everyone seems like the best way to notify everyone at risk. What alternative do you suggest?
MON:
“I’m in favor of notifying the right people. ” Who are they? And how do you ensure you have notified them?
It would be preferable to seal the data breach without publicity, but given the size of the breach and the Coleman’s campaign refusal to address it, that does not seem possible.
Mitch:
“Wikileaks” self-adoring, smug, anonymous, giggly snark is so altruistic. ”
What are you talking about? If I had to describe their style, I would call it dull and earnest.
“And how do you ensure you have notified them?”
When they answer the phone “F-B-I”
My God, you’re an ass
I don’t know for sure, but notify everyone seems like the best way to notify everyone at risk. What alternative do you suggest?
So in other words, when I find your door open, I should post “HEY, EVERYBODY! RICKDFL’s DOOR IS OPEN! QUICK! SOMEONE DO SOMETHING ABOUT IT!”?
Gotcha.
Mitch:
Your ignoring the very real difference between a case of one door open and a very very large number of opened doors. If is is just my door, you can quietly close it and maybe leave a note. But if it is thousands and thousand of doors that won’t work as well.
MON:
“When they answer the phone “F-B-I””
So none of the donors are the “right people” to notify? I think many of them will disagree.
RickDFL said:
“What other option did they have?”
1) Give them more than one or two days to respond?
2) Announce the publication of the list BEFORE actually doing it?
3) Publishing only the names first, and later add the last four digits as “proof”?
That is off the top of my head. For someone with sole custody of “the facts”, you don’t seem to marshal them well.
Do you have ANY concern about notifying the “wrong people”?
How did wikileak ensure that they’ve notified everyone?
“I think many of them will disagree. ”
Of course, so would the laws of Minnesota which require they be notified ‘“in the most expedient time possible and without unreasonable delay”.
“laws of Minnesota ”
Which don’t apply to wikileak, so you’re still an ass.
Troy:
“Give them more than one or two days to respond?”
The donors had such notice. The Coleman campaign had weeks.
“2) Announce the publication of the list BEFORE actually doing it? ”
WikiLeaks did.
“3) Publishing only the names first, and later add the last four digits as “proof”?” WikiLeaks only published partial Credit Card #’s. Why not publish partial #’s with the names? It helps people ID themselves on the list.
MON:
“Do you have ANY concern about notifying the “wrong people”?”
Yes. There is a huge trade off. If it could be done without the wrong people knowing, I would do it that way. I just don’t see how that was possible in this case.
Your ignoring the very real difference between a case of one door open and a very very large number of opened doors.
It’s a distinction with no ethical difference, if your response to any number of doors is to indiscriminately titter “look at the open door(s)!”, which is what happened.
If it could be done without the wrong people knowing, I would do it that way. I just don’t see how that was possible in this case.
So posting NAMES AND CREDIT CARD NUMBERS on “Wikileaks” was easier than notifying the WEBMASTER?
Under what perversion of the laws of physics, to say nothing of ethics?
“If it could be done without the wrong people knowing,”
Not to be repetitive but,
b) call State Attorney General
c) call FBI
d) call Financial Institutions involved
and then absolve yourself from any further moral dilemma.
Or you could just go door to door.