Microsoft Tricks Hacker Into Jail

CompotatoJ writes "Wired News reported that William 'IllWill' Genovese was sentenced to prison after being tricked by a Microsoft Investigator offering to pay $20 for a copy of the secret source code. From the article: 'The investigator then returned and arranged a second $20 transaction for an FBI agent, which led to Genovese's indictment under the U.S. Economic Espionage Act, which makes it a felony to sell a company's stolen trade secrets ... [Microsoft] has also expressed fears that making its source code public could allow hackers to find security holes in Microsoft products -- though, so far, intruders are doing fine without the source.'"

Summary wrong, $20 not $200

[Agelmar]

The summary is wrong. It says the investigator paid $200. From TFA:
"According to court records, an investigator hired by Microsoft took Genovese up on his offer and dropped two Hamiltons on the secret source code". Hamilton is on the $10 bill, not the $100 (That would be Franklin). Two Hamiltons is $20, hence the next sentence saying "...another $20 transaction..."

Re:Semantics...

[Richard_at_work]

Entrapped means the person was talked into doing something they otherwise wouldnt have done, tricked has similiar connotations. In this case I would say Microsoft caught him fair and square, and the transaction provided all the evidence required to jail him. Good riddance I say.

Story from a first-person perspective

[nstrom]

You can read about this arrest from a first person perspective at William Genovese's website here [illmob.org]. An interesting read, and he lists some of the e-mail and snail mail addresses used in the sting against him.

Re:Those guys at Microsoft are smarter

[NetRAVEN5000]

No, they're not - they didn't even catch the person who stole it.

It even says in TFA:
"Genovese would have had a viable defense had he gone to trial, because the documents were widely available on peer-to-peer networks at the time of the sale, said Mark Rasch, a former Justice Department cybercrime prosecutor.

'This guy didn't participate in the misappropriation, and probably didn't conspire with anybody to misappropriate it,' said Rasch, a vice president at security company Solutionary."

Not entrapment

[msobkow]

For it to be entrapment, someone would have had to approach him with an offer to buy the stolen source code. He posted an offer to sell the source code on a website, so he initiated the exchange.

Re:Semantics...

[Shihar]

Parent is absolutely right. The "summary" couldn't be any more wrong then it is.

First, this guy was not a 'hacker'. He downloaded the source from a P2P program. My mother could do that.

Second, if anyone had bothered to read the actual article, they would see there was absolutely no entrapment here. He downloaded the software and offered it up for sale on his website. The only 'entrapment' was that an agent bought what he was already offering. This guy was an idiot. He wasn't pushed by the authorities into doing anything illegal. Hell, he was the only one to be indited even though everyone and their dog has thsi source code because he was the only one stupid enough to try and sell what was freely avaliable. Not only that, but he already had a rap sheet.

This guy was just a moron, pure and simple.

Re:Ah, so THAT'S how they can get away w' entrapme

[Jamesonius]

For everyone who's ready to jump on this and scream "Entrapment!" let's do two things first:

1. Read TFA. From TFA: "Like many others, Genovese downloaded a copy. Unlike others, he posted a note to his website offering it for sale."

2. Learn TFD of Entrapment. From Wikipedia [wikipedia.org]: Entrapment is when someone is "induced (or entrapped) by the police to commit [a crime]. For the defense to be successful, the defendant must demonstrate that the police induced an otherwise unwilling person to commit a crime."

Come on everybody, think. You hear Microsoft and US Government and you assume they set the guy up, cuz they are *always* wrong.... He knowingly broke the law, he did that a lot. No news here.

Re:Ah, so THAT'S how they can get away w' entrapme

[Anonymous Coward]

I'm commenting on his side of the story.

On his website he CLAIMS that he never offered it for sale -- only bragged that he had it. He claims the microsoft shill sent him an anonymous email asking to buy the software and he thought it might be a good idea to make a little extra cash. He claims that he never once thought of selling it, nor offered it for sale, before the shill had contacted him.

My point is that even if his side is entirely correct and that he hadn't initially done anything wrong except lie about having stolen ip, he was entrapped. Legally. And he deserved it.

To be honest, the gov't could be entirely correct and he did offer it for sale before they even contacted him. I'm taking the 'hackers' point of view for this exercise. Its the closest we have to the truth and still implicates him fully. The Gov'ts side is more clear cut...but taking the lesser of the two, we still come to the same conclusion that he broke the law.

If the gov't is right, then there was never entrapment.

If he is right, there was entrapment -- but it was from a NGO and thus legal.

Do you see my point?

Again, as a coward as I work for a governemental agency...they don't like shades of grey here -- even when I am essentially backing them up.

Re:Microsoft Entraps Downloader into Jail

[Americano]

Wow. You need to actually RTFA, and understand that words have specific meanings.

Entrapment [wikipedia.org]:

In jurisprudence, entrapment is a procedural defense by which a defendant may argue that they should not be held criminally liable for actions which broke the law, because they were induced (or entrapped) by the police to commit said acts. For the defense to be successful, the defendant must demonstrate that the police induced an otherwise unwilling person to commit a crime. However, when a person is predisposed to commit a crime, offering opportunities to commit the crime is not entrapment, such as in the widely held misconception that policemen must answer questions truthfully if they are asked the same question three times, or that they must say "yes" if asked if they are a police officer.

This guy offered the code for sale. He was not unwillingly "induced", or "coerced" to sell it. This is NOT entrapment.

That said, he is also not a simple downloader. Before your heart starts bleeding for him too badly, look at his criminal history, discussed in the article. Mostly small-time stuff, but, FTFA:

Government court filings show the Connecticut man has an extensive record of mostly petty crimes, beginning with a 1996 conviction for criminal trespass for spray painting a bridge, followed by a rash of thefts from motor vehicles and a burglary conviction. In 1999 he was convicted of "breaching the peace" by assaulting the mother of his child, according to court records. At the time of the source-code sale, Genovese was on probation for computer trespass and eavesdropping after breaking into some private computers and installing keystroke-logging software.

So let's see. He downloaded a copy of proprietary source code. He then tried to make money by selling it on his "hacking-related" web site which he operates. He also is on probation for breaking into some private computers & installing key logging software. In the very BEST light possible, he's a small-time cracker & pirate, with a history of stupid criminal behavior.

Just because Microsoft chooses not to release its source code does NOT give someone else the right to take it, and then attempt to profit by reselling that source code. Like it or not, whether or not they open-source their operating system is their CHOICE (isn't that one of the fundamental principals of the F/OSS movement?), not yours. You may not like their choice, but that doesn't give anyone the right to "correct" Microsoft's choice because it's not the same choice RMS would make.

Re:Ah, so THAT'S how they can get away w' entrapme

[Uber Banker in China]

The English language is a wonderful thing. Part of it being wonderful is having a variety of words to accurately describe a variety of situations, another part is the 'fuzzy' comprehension of words writers or readers may not be familiar with.

Your parent presented the difference of enticement and entrapment. The article details enticement and a 'sting' rather than entrapment.

You state (in the parent) Entrapment is not illegal -- its just not allowed by gov't agents. This is true. It is even legal for government agents to entrap (it is against their rules of conduct, rather than laws of legality), but they may not bring a case to prosecution on the basis of entrapment, and a case may easily be thrown out if it becomes clear they have used entrapment.

Entrapment can be non-governmental -- but there is not a law on file for it BECAUSE IT IS NOT BREAKING THE LAW. Of fucking course they will specifically only talk about police and gov't officials in a law SPECIFICALLY BARRING POLICE AND GOV'T OFFICALS FROM ENGAGING IN THIS ACTIVITY.

Now this is where you logic of "I was talking in laymans terms and nothing more. Any non-dumbfuck would have understood this is EXACTLY what I was saying" breaks down. You firstly talked about the legal definition, even citing your perceptions of the law relating to government bodies, then contradicted yourself by saying (after the event) this is not what you meant.

That is why the English language (and practically almost every other human language on the planet) is a wonderful thing. There are words which mean certain things. That is also where human comprehension is a wonderful thing; we cannot expect everyone to speak like a PhD thesis so we piece together potentially inconsistent uses of words with the context they are used in (as is grammar and spelling to other degrees). You, sir, failed to use the word correctly, but more importantly "I was talking in laymans terms and nothing more" failed to help a lay(or any other)man understand what you actually meant, by being internally inconsistent.

Re:Technically Speaking . . .

[slavemowgli]

A pirate? You mean he sailed the seven seas, sunk other ships, stole their goods, raped their women and murdered the crew?

I agree that the headline is typical Slashdot flamebait and that it's important to point out the difference between hackers and crackers, but it's also important to point out the difference between copyright infringment, stealing and piracy - those are three very distinct things (and only two of them are criminal offenses, too, FWIW).

Re:Notice corporate rights vs personal rights

[PatHMV]

Your AC comment would indeed be "insightful," were it not completely wrong. In the end, at least one company was forced to pay Pamela and Tommy Lee substantial damages for making the video available on the internet. The only battle that the porn people won was its claim that the couple signed away their rights in their initial settlement agreement with the porn people who first aired it. After the trial judge's throwing the case for internet distribution out of court was overturned on appeal [bizreport.com], the porn people threw in the towel and judgment was rendered against them [bbc.co.uk] for the illegal distribution of the video.