Perl's Chip Salzenberg Sued, Home Raided 698
Chip continues: "The key evidence in the search warrant was so ridiculous as to be surreal: CVS logs indicating that I downloaded more than I uploaded, and that I sometimes accessed the company network from home. Apparently, for company management, the police, and a judge, working at home through a gateway the company set up for that very purpose, and refraining from editing every source file for every code change, is a sign of nefarious behavior.
My behavior in accessing the company network was entirely within my job description and in no way involved misappropriation of anything. For the more than two years that I worked at HMS, I used ssh and CVS to access company files with my laptop both from work and home, with management knowledge and approval.
What would lead management to such a sudden action? Days beforehand, I had made an internal report of unethical and apparently illegal behavior by the company: Use of open proxies for web harvesting to avoid blockage by web site operators. HMS apparently decided that working with me to address their use of open proxies was not an option.
Health Market Science is a large corporation with, compared to me, effectively infinite resources. My legal bills have topped $40K already over just two months. If HMS succeeds in tarring me with their false accusations, what's to stop your employer or client from doing the same to you, should your relationship sour?
Friends have set up GeeksUnite.net, an informational web site and Legal Defense Fund. The site includes the search warrant, my letter about open proxy abuse, and court documents.
Please contribute to my Defense Fund to fight this attack on the normal and legal work practices of millions of tech workers. Every little bit counts! If every person who visits the site contributes only ten dollars, that will make a huge difference. Only through community effort can we protect ourselves."
Re:I'm the pimpking for our product! (Score:2, Informative)
Re:I'm the pimpking for our product! (Score:5, Informative)
Re:I'm the pimpking for our product! (Score:2, Informative)
Here's the first hit: http://www.perl.com/doc/manual/html/Porting/pumpk
Re:I'm the pimpking for our product! (Score:5, Informative)
Prey (Score:3, Informative)
(Could be that I just read it yesterday...)
The company's website and contact info (Score:4, Informative)
Why write to this management? (Score:3, Informative)
Get out or be prepared for a long and costly fight!
Re:Pumpking? (Score:2, Informative)
It says (Score:3, Informative)
skip to: page content [slashdot.org] | links on this page [slashdot.org] | site navigation [slashdot.org] | footer (site information) [slashdot.org]
We need your support - Please mirror this site. Donate Now.
Welcome to GeeksUnite.net -->
About the Site Content Who is Chip? [slashdot.org] About A & C [armstrongcarosella.com] Open Source [opensource.org] perl [perl.org] Parrot [parrotcode.org]
[slashdot.org]
CONTRIBUTE NOW to the Chip Salzenberg Defense Fund...
MIRROR THIS SITE
Spread the word. This can be any one of us.
To email us the url, get the latest info or just say "Hi" info@geeksunite.net [mailto]
Come back frequently for the latest site and case updates.
Last updated 6/29/2005.
Join our mailing list info@geeksunite.net [mailto]
PA Code by Case Subject Search & Seizure
Return of Property
Misappropriation
Trade Secrets
Harvesting/Open Proxies
Related Link
Case Documents The OMITTED Letter [slashdot.org] The Search Warrant [slashdot.org] Plaintiff [slashdot.org] Defendant [slashdot.org]Interveners
Timeline of Events [slashdot.org]
[slashdot.org] Please Contribute. Thank you for spending time on our site. It will be updated frequently. Please come back.
None of the views expressed in the website constitute the views of the Armstrong & Carosella PC law firm, or any
principals or employees, or agents or experts who have been retained in any capacity in connection with the case.
Information on this site is for educational purposes. Case Caption: Health Market Science, Inc. v Charles H. Salzenberg, Jr..
Court of Common Pleas of Montgomery County, Pennsylvania. Case Number: 05-11918
Chip Salzenberg Defense Fund
Please mirror this site. Learn from it and protect yourself.
We need your financial assistance to continue the fight. [slashdot.org]
Donate Now.
OMITTED from the Company's Pleadings,
UN-INVESTIGATED by the Detective,
it caused IMMEDIATE ACTION by the CEO, [slashdot.org]
READ the LETTER that started it all!
Why 23 million telecommuters need to be worried about this case
Or: How your life can land into the "wrong hands".
Twenty-three million telecommuters (IATC 2003) access their employer's network from home. Some use their own personal computers, while others use a computer their employer assigned to them by their employer. Some bring their laptop to and from work. Do you? Should a dispute [slashdot.org] arise between you and your employer, you may be exposed to the legal tactics and strategies used by Chip's employer.
The company can file a police report, show logs of your network activity, convince the often insufficiently sophisticated police that your behavior is suspicious and claim they are in "fear" of the loss of their property and/or trade secrets and potentially millions of dollars of profits . If you're a programmer, that is your job description permits you to "appropriate" [slashdot.org]huge source code downloads with only even less uploads - exposing you to a "claim" of theft of your company's confidential and proprietary information and trade secrets [slashdot.org]. All the while you are having an exchage with the CEO by
Own grave dug (Score:3, Informative)
Re:The moral of this story (Score:3, Informative)
Read the last paragraph of the letter again -- he was definitly threatening them with exposure to the legal authorities.
And hey, more power too him -- that was certainly the morally right thing to do. But as a practical matter, you want to make damn sure you have all of your ducks in a row and have an old-school carnivore lawyer in your corner before you throw that kind of threat down.
Pumpking Definition (Score:1, Informative)
To explain: David Croy once told me once that at a previous job, there was one tape drive and multiple systems that used it for backups. But instead of some high-tech exclusion software, they used a low-tech method to prevent multiple simultaneous backups: a stuffed pumpkin. No one was allowed to make backups unless they had the "backup pumpkin".
The name has stuck. The holder of the pumpkin is sometimes called the pumpking (keeping the source afloat?) or the pumpkineer (pulling the strings?).
Therefore, the person in charge of making sure that things arent duplicated/mixed up/general weirdness is the keeper of the pumpkin, or the pumpking.
Better yet -- contact the customers! (Score:5, Informative)
Here is where these slease balls brag about their customers. Contact them:o mers.html [healthmarketscience.com]
[healthmarketscience.com] http://www.healthmarketscience.com/customers/cust
Re:Any lega rights? (Score:5, Informative)
Depends on which "what he was doing" you mean: if what the company is accusing him of doing were true, whistleblower laws would not protect him. But the charges they are leveling reek of retaliatory accusations with no substance. He is protected from that.
If the actions he took at the company's behest (ie, developing software to work around ISP blocks of their spyders) is illegal, whistleblower laws do protect him, provided he reports the illegal actions to the proper authorities when he becomes aware of their illegality.
Mirror of the donation insturctions (Score:5, Informative)
principals or employees, or agents or experts who have been retained in any capacity in connection with the case.
Information on this site is for educational purposes. Case Caption: Health Market Science, Inc. v Charles H. Salzenberg, Jr..
Court of Common Pleas of Montgomery County, Pennsylvania. Case Number: 05-11918
Donate today, to the
Chip Salzenberg Defense Fund. Over $40k in legal defense fees incurred since April 23, 2005.
Protect yourself from the same thing happening to you. Learn from this site, mirror it. Please donate. We thank you for your help.
OMITTED from the Company's Pleadings,
UN-INVESTIGATED by the Detective,
it caused IMMEDIATE ACTION by the CEO,
READ the LETTER that started it all!
Why care?
We didn't ask for this fight but we do hope that the telecommuting community learns from it. As a well known contributor to OpenSource and perl for many years, Chip continued his efforts to protect the spirit of opensource and the internet by attempting to inform his employer...sadly it brought on serious consequences in the form of an ugly legal battle with results that can affect all employees and consultants who hook up to an employer's network. We urgently need your help. The Chip Salzenberg Defense Fund is an escrow account sponsored by the law firm of Armstrong and Carosella to help pay the mounting legal defense fees for Chip Salzenberg and his family. The funds will only be used for legal costs to defend Charles Salzenberg and his family against Health Market Science, Inc. Donations are NOT tax deductible. Thank you in advance. We would love to hear from you.
Donate by email
You may send us your email address, name, phone number and pledge amount. We will email you back a "Request for payment".
You'll be able to pay by credit/debit card or using your Paypal account. Send email to: gifts@geeksunite.net.
Donate by Mail
If you would prefer to mail your donation, please send it to the following address:
Chip Salzenberg Defense Fund Escrow
Care of: Armstrong & Carosella
882 S. Matlack Street
Ste. 101
West Chester, PA 19382
Make Checks payable to Chip Salzenberg Defense Fund Escrow" (NOT tax deductible).
If you have questions or need additional information about making a gift to the Chip Salzenberg Defense Fund,
please call 925-457-6634 or email gifts@geeksunite.net.
Time line of events (Score:5, Informative)
June 21, 2005 Intervener's Too Late? - DA Gives Away Computers Early. Company Already Imaging.
June 20, 2005 Emergency Stays Filed by All Parties - In an Attempt to Keep Property from falling into the Wrong Hands
June 17, 2005 Judge Awards Personal Property to Company - Admits to NOT Reading Salzenberg's Opposition.
June 16, 2005 Company Runs Interference - Files Motion to Intercept Released Computers Contrary to the May 2, Order and the "Return of Property" laws.
June 6, 2005 DA Drops Criminal Investigation - Annouces Return of the Seized Property to Salzenberg.
May 2, 2005 Company Agrees Not to Enforce Exparte Orders - Property to be Returned to Salzenberg unless another motion is filed.
April 26, 2005 Company files Exparte - Receives orders to intercept equipment from police to start imaging.
April 25, 2005 Salzenberg receives back dated letter from company "accepting his resignation"
April 21, 2005 Salenberg's Property Seized within hours of police report made by CEO.
April 20, 2005 Salzenberg and CEO exchange emails and faxes in an attempt to negotiate a face to face conversation. CEO finally gives the OK to Salzenberg bringing an attorney with him.
April 19, 2005 Salzenberg sends compliance letter to CEO. Salzenberg also sends follow up message to COO that he has "not resigned". CEO immediately locks Salzenberg out of company email and network.
April 18, 2005 Another employee leaves company after voicing compliance issues.
Mirror of the original letter (Score:5, Informative)
Charles H. Salzenberg, Jr.
P O Box 537
Southeastern, PA 19399
Health Market Science
2700 Horizon Dr. Ste 200
King of Prussia, PA 19406
Attn: Mark Brosso, Matt Reichert, Rich Ferris, Rob DiMarco, Dorothy O'Hara
Re: Legality and Morality of Harvesting Operations
It has recently come to my attention that that HMS is continuing the illegal and immoral web harvesting operation that I brought to Rich Ferris's attention over a month ago, in a conversation including Tim McCune. HMS's continued harvesting operations are a threat to me legally, morally, and professionally.
That HMS systematically collects data from web sites without the express permission of their owners is well known (inside HMS). Some web site operators are not pleased when (if) they figure out that their sites are being harvested. They sometimes respond by blocking the network addresses of the harvesting machines. This was a common problem in harvesting when I hired on to HMS in December of 2002. At that time, the accepted strategy for getting around such blocks was to obtain multiple web hosting accounts to act as proxies for HMS's harvesting systems. I did not then realize that knowingly bypassing blocks placed by web server operators was illegal. (As a result of other research, detailed below, I now know that has been illegal all along.)
As bad as HMS's past harvesting practice was, current practice is worse ... much worse.
HMS has taken a page from the spammer playbook and is, deliberately and under
management direction, hijacking thousands of vulnerable machines all over the
Internet, using them and their network bandwidth without the knowledge or
permission of their owners as unwitting accomplices in HMS's data harvesting
operation.
I have confirmed these facts in conversations with several people with first-hand knowledge, including Tim McCune and John Marquart. I asked Tim McCune about HMS's proxy hijacking in the presence of Rich Ferris, a vice president of HMS and a company founder. In that conversation, Tim McCune confirmed to Rich Ferris and me that proxy hijacking was standard practice. Shocked, I informed Tim and Rich that proxy hijacking is very illegal and immoral. They were unmoved. I also have witnesses for other conversations.
I have also confirmed that the Harvester source code - which I, as a Senior Programmer, am authorized to access - includes Java code which collects lists of such vulnerable computers, called "open proxies," from web sites that maintain lists of them. I have also found the Java code which uses such proxies, without the permission of their owners, to connect to the sites that HMS harvests. The offending source code was written by Rob DiMarco, Tim McCune, and Jason Franklin.
This deplorable activity by HMS has serious legal, moral, and professional implications.
First, the legal.
I am not a lawyer, but I can read the plain English of the Pennsylvania Consolidated Statutes, and it is clear to me that hijacking the computers of random people is a crime in Pennsylvania. Under PSC 3933, every instance - every single instance - of hijacking an open proxy is a misdemeanor of the first degree.
HMS is committing these misdemeanors by the tens of thousands, under explicit management direction, and in accord with corporate strategy. One petty theft may draw little attention; but tens of thousands of petty thefts, all made by one company, at explicit management direction, and in accord with company strategy, might well lead to unpleasant legal consequences. Even a small fine is painful when multiplied by a hundred thousand.
HMS thus makes itself an attractive target for prosecution by a state's attorney who wants to show himself tough on corporate crime. HMS could be a stand-in for the spammers who commit the same crimes.
HMS's legal exposure is not limited to Pennsylvania. A number of the sites that HMS harvests are run by governments of other states who would be
Encrypt your disks... (Score:3, Informative)
Your computer can be seized -- and pretty quickly. All non-trivial data (including risky photos of your partner) should be encrypted on disk. Major operating systems support this option -- including FreeBSD [freebsd.org], Windows, and, no doubt, Linux.
Certainly, "honest people have nothing to hide", but it is not even so much about winning the case (you will, likely, prevail), but also saving yourself a lot of time and money. Your adversary will go through all data found on your machine and your lawyer (don't even think of not hiring one) will be billing you in proportion to the amount of things, the other party brings up. Even if all of it ends up being nothing.
True, the opponent may demand, that you decrypt the data -- but you (your lawyer) can fight that demand -- it will likely be cheaper, than explaining away all messages in your ExEmployer-folder.
Do not rely on mere obscurity -- I found out first-hand, that even FreeBSD is "mainstream" enough for professionals (yes, there is a good market for these services) to know it. They came with software (something from SourceForge) to search through filesystems (very easy -- "grep" for the disk devices). For Linux they'd probably even have GUI.
Treat these guys decently -- they are just doing their jobs. If you do, they are more likely to overlook your older computer, which will let you post about your troubles on Slashdot when they are gone.
Set up encryption. Encrypt your back-ups, before they leave your computer. Do not automate decryption so that it happens by itself on boot (duh!)
When you are done, treat yourself to "Cryptonomicon" [amazon.com] for fun and more behind-covering ideas.
Criminal and Civil case status and link to docket (Score:5, Informative)
CRIMINAL MATTER: Docket Number: CP-46-MD-0002495-2005. Filed 4/27/2005. CASE STATUS: CLOSED. Last event was a hearing on the return of property, on 6/10/2005 before Judge William J. Furber, Jr.
CIVL MATTER: Docet Number: 05-11918 (Judge Hodgson). A deep link to the docket sheet is http://12.40.122.125/FCP2.WEB8/0/P12DIS?CASE-NO=0
Re:Uh... (Score:4, Informative)
Re:Am I missing something? (Score:3, Informative)
He made an internal memo to save the company from public embarassment. He didn't make anything public until they had raided his house.
What an idiot (Score:1, Informative)
Comment removed (Score:3, Informative)
Opening Line (Score:4, Informative)
Chip is engaging in a legal crusade against Health Market Science, and doing it without legal advice. Naturally, HMS does have lawyers, and consults them as to the best way to screw him over. Screwing precedes. Gosh that's a suprise.
Deep link to miscellaneous matter (Score:3, Informative)
Looking at it closer, it might just be the petition for return of property seized pursuant to the warrant. Thinking about the timing, I wouldn't be surprised if the charges never made it to the grand jury...
In any event, the geeksunited.com timeline says that on June 6 the "DA Drops Criminal Investigation".
Re:How Health Market Sciences screwed with me (Score:3, Informative)
It sucks to be on either end, trust me.
RTFC (Score:2, Informative)
Re:What about the next day? (Score:3, Informative)
Saved from from getting fired.
Though overall? It was more for my own "vindication". The woman was a MAJOR *sshole, had covered up some mistakes that had cost the company several hundred thousand/year...Only problem?? it was coming out of MY budget.
So when I found it and called her on it, it got pretty ugly.
Best part of the story???
The corporate division that was getting taken for a ride, HIRED ME BACK as a consultant just two days later...
Same staff, same meeting room, except THIS time I was sitting on the "other" side of the table...
That first meeting was SO much fun..............
Re:The moral of this story (Score:3, Informative)
The corruption is extremely widespread. (Score:5, Informative)
It's all part of a wider corruption. Large corrupters spend huge amounts to get lazy judges elected, and work for the defeat of judges who do a good job.
Part of the way corruption of the courts is accomplished by not giving the courts enough money to operate. A 2003-06-24 op-ed article by Charles Williamson, then president of the Oregon State Bar, in The Oregonian, the Northwest's largest newspaper, said, "The crippling loss of nearly one-third of their staff have left our courts unable to hear criminal cases such as car theft, shoplifting, prostitution, fraud and identity theft."
The corruption of the patent office is part of the same thing. Large corrupt corporations want stupid patents because they can scare others away from coming close to their technology. They don't care if they lose a few court cases. Taking something to court is so expensive that they win just because of the threat.
The book Other People's Money [fetchbook.info] discusses corporate corruption. It's excellent.
35 Books and 3 movies say the Bush administration is the most corrupt the U.S. has ever had: Unprecedented Corruption: A guide to conflict of interest in the U.S. government [futurepower.org].
Many Americans don't want to know that their government has become corrupt, so you can expect hostile comments if you try to talk about corruption.
Re:One small recommendation to other readers.... (Score:1, Informative)
This is why you NEED A LAWYER!
There was a case in Florida some years back where a woman filed date-rape charges. Florida is another of the four states. Long story short: Guy recorded her consenting to have sex. Tape was ruled inadmissible. Guy was convicted of rape.
Re:Time line of events (Score:5, Informative)
his personal property in an expeditious manner, he should seek out a criminal law attorney and file a
Jencks motion for the return of said property. It will be heard by a different Judge, and he'll be able
to show the Company's prejudicial actions. I had to file same to have the FBI return my property to
me, and (though expensive) it worked like a charm.
Here's a link to a Jencks Motion [ipsn.org] for the return of property.
Re:Redirects to Google? (Score:3, Informative)
nslookup www.hmsonline.com
Server: 68.2.16.25
Address: 68.2.16.25#53
Non-authoritative answer:
www.hmsonline.com canonical name = mosquito.hmsonline.com.
Name: mosquito.hmsonline.com
Address: 64.233.161.104
WHOIS results for 64.233.161.104
Generated by www.DNSstuff.com
Location: United States [City: Mountain View, California]
NOTE: More information appears to be available at ZG39-ARIN.
Using 10 day old cached answer (or, you can get fresh results).
Hiding E-mail address (you can get results with the E-mail address).
OrgName: Google Inc.
OrgID: GOGL
Address: 1600 Amphitheatre Parkway
City: Mountain View
StateProv: CA
PostalCode: 94043
Country: US
NetRange: 64.233.160.0 - 64.233.191.255
CIDR: 64.233.160.0/19
NetName: GOOGLE
NetHandle: NET-64-233-160-0-1
Parent: NET-64-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.GOOGLE.COM
NameServer: NS2.GOOGLE.COM
Comment:
RegDate: 2003-08-18
Updated: 2004-03-05
TechHandle: ZG39-ARIN
TechName: Google Inc.
TechPhone: +1-650-318-0200
TechEmail: ************@google.com
OrgTechHandle: ZG39-ARIN
OrgTechName: Google Inc.
OrgTechPhone: +1-650-318-0200
OrgTechEmail: ************@google.com
The scumbags are having Google absorb the cost of the Slashdot effect they are receiving.
Re:EFF? (Score:4, Informative)
(Actually, in practice, *I'm* the majority of the lobbying bit. If I had any influence on dropping people, I'd be like all "Hey drop *him*! Now pick him up! Now drop him again! You other lawyers, bring me a mojito!". But that's not really how lawyers work, alas.)
Re:Am I missing something? (Score:3, Informative)
That'll be because the first thing the bad guys do in that situation is either claim ignorance, or trott out a prepared excuse.
The police can't take everything they're told at face value, or they'd let everyone go. Yes, it sucks when you're on the receiving end of it, but what's the alternative?
Re:A little back story-let's mix lies up w/ truth (Score:3, Informative)
1. The fact is no, Lisa Perdichizzi was NOT terminated for incompetance. There is tons of proof for this that will eventually come to light. Brosso gave credit of her work to the young marketing director, This proof is in very tangible form, email and witness testimony.
2. Lisa had got a nice new job with a very nice company and was making twice as much $$ as HMS...her contract was even renewed with this company. So why would Chip or Lisa care about her position at HMS?
3. HMS is a perl company. The major applications run on perl and they are continuing to hire perl programmers.
4. Web harvesting was definitely happening at the company for years. Just not the way Chip thougt. He found out just before the uproar that the methods weren't what he had expected. Again there is proof of this.
5. I think the Anonymous Coward that wrote this posting needs to put his name up there because it sounds like the same story Brosso told Lisa's new employer, after she had been on the job for 4 months.
Watch the court documents...
Re:A little back story-one other thing (Score:3, Informative)
I went to Capsicum and took an inventory of everything, down to what was imaged and what wasn't. It better all still be there too. It was surreal seeing all my equipment and the children's equipment sitting in a giant conference room.
Yes, most of the inventory is on the search warrant is mine. The kids have been without their computers for months. They are now scared when they see strangers in the house because it reminds them of the police raid.
regards, Lisa Perdichizzi
Chip did NOT steal Trade Secrets (Score:3, Informative)
Chip does not hold grudges against anybody. Not against HMS, not Brosso. Not anyone. It's not in his character. He is sooo honest he gets himself into trouble...as we can see. He would easily help somebody to his own detriment.
Chip did NOT take "trade secrets" from HMS. Again this is not possible...it's just not in his character.
When the cowards give back the evidence they took from us we'll all have a look see.
Thanks for all your creative help and your financial support! We appreciate it and will continue to fight.
Lisa
Why didn't the cops pursue the criminal thing? (Score:3, Informative)
Chip got a new job *before* he left HMS (Score:1, Informative)
Re:Question: what are open proxies and web harvest (Score:1, Informative)
Proxies can also be used to hide the source of the request. In the university example a request for slashdot.org will appear to come from the university proxy, not the computer of the student requesting the site itself. So, proxies can be used to hide the source computer.
by "Open proxy" I beleive they mean a proxy which is setup on the internet but not restricted. In the university example the university would likely restrict the use of the proxy to only students on the campus. "Open proxy" I take to mean a proxy without restrictions. More often than not companies and even universities setup proxies without realizing the are open. But there are also "open proxies" that are setup intentionally, expecting people to use them.
For this reason I disagree where Chip claims the company was "hijacking" computers. Perhaps what they are doing is somewhat shady, but not as bad as hijacking, imo.