[raldi]

> He also had every right to access MIT's network, just like any other member of the general public does.

You're conflating two networks. He had every right to access the public wifi network at MIT, which has numerous security and bandwidth-control mechanisms in effect.

He did not have every right to connect directly to MIT's core network infrastructure, which bypasses most of the above.

[cma]

Was it properly labeled? Presumably some ports (outside of closets) don't go into the core; did he actually try and fail with one of those before going to the closet?

If an MIT professor left his laptop plugged into one of the public ports downloading a linux tarball unattended over night, is he liable under CFAA? What the professor left it in the unlocked closet instead, to minimize the risk of getting his laptop stolen?

[rayiner]

I don't even know what to make of this. You think you need a label to tell you that you shouldn't open up random network closets at MIT (a billion dollar a year defense contractor) and plug in your laptop?

[cma]

Then charge him with trespassing. To charge him under CFAA due to him getting on the privileged part of the network, I think you should have to show he knew it was the privileged prat of the network. Maybe they had evidence that he did, but just connecting his laptop in a closet after covering his face with a bike helmet isn't evidence of hit.

He could have covered his face after his experience with PACER where he was legally in the right, but still got hounded by the FBI.

[rayiner]

> To charge him under CFAA due to him getting on the privileged part of the network, I think you should have to show he knew it was the privileged prat of the network. Maybe they had evidence that he did, but just connecting his laptop in a closet after covering his face with a bike helmet isn't evidence of hit.

To indict someone, you don't have to prove your interpretation of the facts. You have to present evidence that supports your interpretation of the facts. The fact that he hid is face is perfectly reasonable evidence to suggest he knew he was accessing MIT resources he should not have, sufficient to support an indictment.

Now, maybe he could have argued that he nonetheless didn't know it wasn't meant for public access. I doubt the prosecutor would have believed that claim, or a jury. I don't believe it, and I honestly don't think you believe it either. So why drag us both down this ridiculous hypothetical?

The miscarriage of justice here is that they dropped the trespassing charge because the CFAA charge was so much more lucrative. There is no reason a minor network intrusion should carry a firmer penalty than an equivalent physical trespass. I wholeheartedly agree on that point. But to make the stronger argument that Aaron did nothing wrong, you have to put aside common sense to the point where you're arguing that a grown man didn't know he wasn't supposed to be doing something when even a child could have parsed the situation correctly.

[cma]

Not being supposed to do something is different than legally not being supposed to do something.