Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
The Courts Government The Internet Perl Programming News

Perl's Chip Salzenberg Sued, Home Raided 698

Posted by jamie from the whistleblower dept.
Chip Salzenberg writes "In April of this year, Health Market Science of King of Prussia, PA, told police that they feared I was misappropriating trade secrets. That very afternoon, police raided my house with a search warrant to seize every computer in the house, paper files, CDs, and DVDs... even my wireless router and cable modem!" Chip was the pumpking for perl's 5.004 release. Keep reading for his description of his current legal troubles, and for a shortcut into what he says prompted his former company's actions, read his letter warning about abuse of open proxies.

Chip continues: "The key evidence in the search warrant was so ridiculous as to be surreal: CVS logs indicating that I downloaded more than I uploaded, and that I sometimes accessed the company network from home. Apparently, for company management, the police, and a judge, working at home through a gateway the company set up for that very purpose, and refraining from editing every source file for every code change, is a sign of nefarious behavior.

My behavior in accessing the company network was entirely within my job description and in no way involved misappropriation of anything. For the more than two years that I worked at HMS, I used ssh and CVS to access company files with my laptop both from work and home, with management knowledge and approval.

What would lead management to such a sudden action? Days beforehand, I had made an internal report of unethical and apparently illegal behavior by the company: Use of open proxies for web harvesting to avoid blockage by web site operators. HMS apparently decided that working with me to address their use of open proxies was not an option.

Health Market Science is a large corporation with, compared to me, effectively infinite resources. My legal bills have topped $40K already over just two months. If HMS succeeds in tarring me with their false accusations, what's to stop your employer or client from doing the same to you, should your relationship sour?

Friends have set up GeeksUnite.net, an informational web site and Legal Defense Fund. The site includes the search warrant, my letter about open proxy abuse, and court documents.

Please contribute to my Defense Fund to fight this attack on the normal and legal work practices of millions of tech workers. Every little bit counts! If every person who visits the site contributes only ten dollars, that will make a huge difference. Only through community effort can we protect ourselves."

This discussion has been archived. No new comments can be posted.

Perl's Chip Salzenberg Sued, Home Raided More

Perl's Chip Salzenberg Sued, Home Raided

Comments Filter:

  • Uh... (Score:5, Insightful)

    by Anonymous Coward on Thursday June 30, 2005 @05:34PM (#12954862)
    If his version of events is true, then wouldn't there exist whistleblower protection laws he can seek refuge under?

    • Re:Uh... (Score:5, Insightful)

      by n0-0p ( 325773 ) on Thursday June 30, 2005 @05:43PM (#12954994)
      Laws do exist, but the simple reality is that most whistle blowers still get screwed and are never able to work in their respective industry again. That's probably why he tried to resolve the problem internally first, although creating a paper trail exposing misconduct can scare management just as bad.

    • Time line of events (Score:5, Informative)

      by cursion ( 257184 ) on Thursday June 30, 2005 @06:09PM (#12955331) Homepage
      Pulled this off the site ...

      June 21, 2005 Intervener's Too Late? - DA Gives Away Computers Early. Company Already Imaging.

      June 20, 2005 Emergency Stays Filed by All Parties - In an Attempt to Keep Property from falling into the Wrong Hands

      June 17, 2005 Judge Awards Personal Property to Company - Admits to NOT Reading Salzenberg's Opposition.

      June 16, 2005 Company Runs Interference - Files Motion to Intercept Released Computers Contrary to the May 2, Order and the "Return of Property" laws.

      June 6, 2005 DA Drops Criminal Investigation - Annouces Return of the Seized Property to Salzenberg.

      May 2, 2005 Company Agrees Not to Enforce Exparte Orders - Property to be Returned to Salzenberg unless another motion is filed.

      April 26, 2005 Company files Exparte - Receives orders to intercept equipment from police to start imaging.

      April 25, 2005 Salzenberg receives back dated letter from company "accepting his resignation"

      April 21, 2005 Salenberg's Property Seized within hours of police report made by CEO.

      April 20, 2005 Salzenberg and CEO exchange emails and faxes in an attempt to negotiate a face to face conversation. CEO finally gives the OK to Salzenberg bringing an attorney with him.

      April 19, 2005 Salzenberg sends compliance letter to CEO. Salzenberg also sends follow up message to COO that he has "not resigned". CEO immediately locks Salzenberg out of company email and network.

      April 18, 2005 Another employee leaves company after voicing compliance issues.

      • Re:Time line of events (Score:5, Informative)

        by Lew Payne ( 592648 ) on Friday July 01, 2005 @01:34AM (#12958294) Journal
        Judging from the Company's actions, if Salzenberg wants to litigate the matter of the return of
        his personal property in an expeditious manner, he should seek out a criminal law attorney and file a
        Jencks motion for the return of said property. It will be heard by a different Judge, and he'll be able
        to show the Company's prejudicial actions. I had to file same to have the FBI return my property to
        me, and (though expensive) it worked like a charm.

        Here's a link to a Jencks Motion [ipsn.org] for the return of property.

    • Re:Uh... (Score:4, Informative)

      by jbolden ( 176878 ) on Thursday June 30, 2005 @06:56PM (#12955862) Homepage
      The state of Pennsylvania has a whistleblower protection law for employees of public companies. Judges have tried to extend it to some extent to companies that recieve their revenue from government. That wouldn't apply in this case at all. The law explicitly does not protect Chip.

  • Lesson to be learned here (Score:5, Insightful)

    by Anonymous Coward on Thursday June 30, 2005 @05:36PM (#12954907)
    Any time you're going to be challenging the mental giants that are in charge, ALWAYS have a lawyer in your pocket and all your ducks in a row. And offsite backups.
    Seriously, what the hell did he expect - if they can use open proxies like this, that they would play nice with him?

    • Re:Lesson to be learned here (Score:4, Insightful)

      by egarland ( 120202 ) on Thursday June 30, 2005 @11:21PM (#12957652)
      Any time you're going to be challenging the mental giants that are in charge, ALWAYS have a lawyer in your pocket and all your ducks in a row. And offsite backups.

      I absolutely agree. Speak softly and carry a big stick.

      This was a loud letter full of scarrey words for a CEO like "illegal" and "under explicit management direction" and it ends with "notifying the appropriate authorities". Hell, if I was a CEO and I got this letter, I'd freak out too.

      DON'T EVER send a letter like this without already having talked to a lawyer and given the lawyer everything you'd need. The unfortunate fact is that police will raid the house of an employee in a heartbeat, take all your computers with evidence on them and hand them over to the criminal employer who can then accidentally delete all the evidence. There's no way in hell they'd be able to get to anything you've given your lawyer though.

      Honestly.. I'd want to have already talked to the appropriate authorities before sending a letter as explosive as the one he sent.

  • The moral of this story (Score:5, Insightful)

    by Doktor Memory ( 237313 ) on Thursday June 30, 2005 @05:37PM (#12954918) Journal
    Retain, and have a very long chat with a very good lawyer before you threaten your bosses with police action.

    • Re:The moral of this story (Score:5, Interesting)

      by XaXXon ( 202882 ) * <xaxxon@@@gmail...com> on Thursday June 30, 2005 @05:41PM (#12954978) Homepage
      While this is sound advice, it doesn't necessarily follow from this story.

      He said he made an internal report of unethical and possibly illegal behaviour. It doesn't say he took this up with police at all. It sounds more like he was trying to warn them that they were doing something they shouldn't be so they could stop before they got caught.

      And just in general about this story: *sigh*
      • He said he made an internal report of unethical and possibly illegal behaviour. It doesn't say he took this up with police at all.

        Read the last paragraph of the letter again -- he was definitly threatening them with exposure to the legal authorities.

        And hey, more power too him -- that was certainly the morally right thing to do. But as a practical matter, you want to make damn sure you have all of your ducks in a row and have an old-school carnivore lawyer in your corner before you throw that kind of th

    • Re:The moral of this story (Score:5, Insightful)

      by Anonymous Coward on Thursday June 30, 2005 @06:38PM (#12955691)
      Retain, and have a very long chat with a very good lawyer before you threaten your bosses with police action.

      Amen. I learned the hard way through several companies (some I started, some I helped turn around, and some I was wise to leave) that unless you're old money, your best option is to walk away. Notify the authorities anonymously and under extreme caution if you must, but make sure it's darn near impossible to pin it on you that you were the whistleblower, and even then, expect them to still come after you (who do you think the authorities work for, the people? LOL!). Old money and its network will blacklist you further than you'd ever imagine possible. Old money continues to keep making money by having idealistic middle class hard working entrepreneurs achieve great successes, only to discover old money eats first. After they are full, they may decide to leave you with some scraps.

      The most important lesson I learned is that in any company, figure out quickly who is just like you (assuming you're a member of the unpriviledged middle class) and who's old money nobility. They're special people - the equivelent of "made men" - and middle class folks are not permitted to touch them. I learned at one company that even a psychotic, cocaine abusing, chair-sniffing and female harassing sexual predator, old money company owner who kept on blowing through family millions had more clout than a the technology manager who rebuilt the dying company product.

      If you have to get into battle, get an old money law firm and get some old money patrons on your side. Let them protect you and understand you'll have to pay back the favor if you haven't already earned it. Just because the United States is technically a representative republic doesn't mean Machievelli's world doesn't rule here. I've had too many attorneys explain otherwise (if you've ever had a hearing moved to a different judge that your attorney used to clerk for, you know what I mean). As long as you understand that several thousand years of civilization has been about those in power making sure that the rest of us keep them in power and luxury, and you don't mess with that rule, you'll do fine.

  • false police report (Score:5, Insightful)

    by Deton8 ( 522248 ) on Thursday June 30, 2005 @05:38PM (#12954930)
    You should take your original letter to the police who raided you. Hopefully they will then prosecute your employer for filing a false police report.

  • Two lessons (Score:5, Insightful)

    by Otter ( 3800 ) on Thursday June 30, 2005 @05:38PM (#12954933) Journal
    1) Past and future Ask Slashdot questioners: when we tell you to document your situation and to see a real lawyer, do it! This is why!

    2) Working for obvious scumbags is going to burn you in the end.

    (Assuming his version of the story is accurate -- I realize there's another side. I also realize that both of my suggestions are frequently easier said than done.)

  • Prey (Score:3, Informative)

    by Necromancyr ( 602950 ) on Thursday June 30, 2005 @05:40PM (#12954953)
    Is it just me or does this sound similar to the begining of the Crichton book Prey?

    (Could be that I just read it yesterday...)

  • Heh (Score:5, Funny)

    by OverlordQ ( 264228 ) on Thursday June 30, 2005 @05:41PM (#12954982) Journal
    Friends have set up GeeksUnite.net, an informational web site and Legal Defense Fund.

    and slashdot has blasted it off the web.

  • The company's website and contact info (Score:4, Informative)

    by waynegoode ( 758645 ) * on Thursday June 30, 2005 @05:43PM (#12955001) Homepage
    The website of Health Market Science [healthmarketscience.com] of King of Prussia, PA and their contact page [healthmarketscience.com] and their email address info@healthmarketscience.com [mailto].

  • In April of this year, huh? (Score:5, Interesting)

    by greenguy ( 162630 ) <estebandido.gmail@com> on Thursday June 30, 2005 @05:44PM (#12955018) Homepage Journal
    If anyone else was as confused as me about the intro, there's a town called "King of Prussia" in Pennsylvania. Go figure.

  • Why write to this management? (Score:3, Informative)

    by Teun ( 17872 ) on Thursday June 30, 2005 @05:44PM (#12955023)
    Why write up such a paper about the companie's (il)legal activities when it's quite clear the managament expressely supports it/ sees it as a business model?

    Get out or be prepared for a long and costly fight!

  • I can't send money (Score:4, Interesting)

    by stoolpigeon ( 454276 ) * <bittercode@gmail> on Thursday June 30, 2005 @05:45PM (#12955039) Homepage Journal
    because all I know about the case is what I read on slashdot and a site set up by this guys friends. I have no idea what is going on and I don't have time to fly to Kind of Prussia (wtf?) and look into it. Even if I did, I don't think the suits at his former employer are going to take the time to go through interviews with me so I can decide whether or not I should contribute to his legal fund.

    Sucks for him if he didn't do anything wrong. If so I hope it works out. If it goes to court and he is found innocent-- then giving to the fund would be a lot easier.
    • I won't pay for a different reason. I steadfastly refuse to help those that choose to write headlines in the third person.

  • No probable cause... (Score:5, Insightful)

    by jhoger ( 519683 ) on Thursday June 30, 2005 @05:48PM (#12955058) Homepage
    Based on the evidence at hand there was no probable cause for the search.

    If he didn't keep any of the company's information, they likely have no case.

    Crossing your fingers for summary judgment, a directed verdict :-) or a nice juicy settlement favoring the plaintiff.

    Pretty scary though that the judge would authorize grabbing all your equipment with no genuine evidence of theft/misappropriation of trade secrets. There ought to be a high bar set for the kind of disruption that causes. There's no reason discovery couldn't have been allowed to proceed in a less violent manner unless he wasn't cooperating.
    • If he didn't keep any of the company's information, they likely have no case.

      If he was still working for the company at the time of the seizure, than chances are he had a full source tree on his home computer so that he could do test builds at home. All of which is perfectly normal and necessary to do his job. To the non-technical, the argument "why did he need copies of files he was not charged with maintaining?" may sound valid. However, anybody who has ever maintained software can tell you that you usua

  • Start reporting them (Score:5, Interesting)

    by david_anderson ( 896517 ) on Thursday June 30, 2005 @05:48PM (#12955070)
    Every company I have ever worked for has violated all sorts of labor laws. Start giving them a pile of minor regulatory headaches.

    Then make sure you have a good shark for a lawyer. Make sure he has a technologically savy partner or associate that can understand the CVS and gateway issues.

    Then countersue. They may have infinite resources compared to you, but they also have much deeper pockets to go after. If they are vunerable on this point, your lawers will be more than happy to go after that big paycheck.

    If all you do is try and defend yourself, then they will steamroll all over you.

  • EFF? (Score:3)

    by The Amazing Fish Boy ( 863897 ) on Thursday June 30, 2005 @05:50PM (#12955103) Homepage Journal
    Why shouldn't the EFF be handling this? Or the ACLU? Do we really need a new fund?

    • Re:EFF? (Score:4, Interesting)

      by bladesjester ( 774793 ) <slashdot@jamesho ... m ['lin' in gap]> on Thursday June 30, 2005 @07:03PM (#12955940) Homepage Journal
      The EFF is a lobying organization. They don't want to get involved in anything that may paint them in a bad light to legislators (who receive large contributions from companies like HMS).

      They're notorious for dropping people like hot potatoes if they think there is a chance that it will negatively impact their political lobying.

      • Re:EFF? (Score:4, Informative)

        by ntk ( 974 ) on Friday July 01, 2005 @03:01AM (#12958612) Homepage
        Actually, the EFF is a 501(c)3 organization, which means that its specifically restricted as to how much lobbying it can do. Instead, the EFF concentrates on being an advocacy organization, representing defendants and plaintiffs in cases where there's a chance of making good case law.

        (Actually, in practice, *I'm* the majority of the lobbying bit. If I had any influence on dropping people, I'd be like all "Hey drop *him*! Now pick him up! Now drop him again! You other lawyers, bring me a mojito!". But that's not really how lawyers work, alas.)

  • Own grave dug (Score:3, Informative)

    by petesmart ( 317037 ) <petesmart@gmail.com> on Thursday June 30, 2005 @05:53PM (#12955142) Homepage
    It's disgusting that they can do this, particulary at such personal expense. Sadly, Chip has dug his own grave, I don't know much about US emplyment law, but I don't think whistle bower type protection will be any good, as he approached the company first, and not the authorities who are now chastising him. Working for an ethically dubious employer is tough, say something, and they'll throw the book of selective dismissal conditions at you, say nothing, and, well, like myself, sometimes the roof over your head is worth keeping whilst you seek employment elsewhere.

    • Re:Own grave dug (Score:3, Insightful)

      by lifeblender ( 806214 )
      No, that's not how it's supposed to work. As an employee, loyal to the company, you are supposed to have internal recourse available to bring illegal activity to the attention of your seniors, and all the way up the chain if you direct supervisor won't listen. You are not supposed to have to go to the police, since a company should be capable of cleaning up its own act. Going to the police means that the normal channels of reporting issues have failed.

      Everything I wrote there is how it works in ethical

  • warrant (Score:3, Funny)

    by jotux ( 660112 ) on Thursday June 30, 2005 @05:58PM (#12955208)
    The warrant is halarious. If you read the bottom, it basically says:

    the company president called me, and said that one of his employees has accused him of illigal acts. Please go to my employees house, and remove everything that he has that could be used to prove that we have committed illigal acts.

  • Perl = Legal Trouble?? (Score:5, Funny)

    by Captain Bumpsickle ( 56719 ) on Thursday June 30, 2005 @05:59PM (#12955218) Homepage
    What is it with people high up in the Perl community and legal troubles?? Didn't Randal L. Schwartz also get into trouble with a past employer?

    This should be reason #1 to use Python.

    I'm just joking everyone...nothing to see here...carry on.
    • Didn't Randal L. Schwartz also get into trouble with a past employer?

      Yeah, Intel. He was convicted of three felonies [lightlink.com]. He was running a password cracking program on their servers. He had cracked computers not only on Intel's machines, but on the machines of some of their partners, as well. He'd also installed some backdoor programs on several machines at Intel. It was really stupid of him to do all of this.

  • SLAPP (Score:4, Insightful)

    by BrookHarty ( 9119 ) on Thursday June 30, 2005 @06:01PM (#12955242) Journal
    I think you should check into SLAPP protection.

    http://en.wikipedia.org/wiki/SLAPP [wikipedia.org]

    Heres the little secret, Judges do not like to read long legal briefs, if someone makes a case and references some case law, they might just get the warrent, action or restraining order.

    Its a messed up country where the legal system is in a horrible state by lazy judges/commissioners that have to actually think the about the case. Whats worse, some are voted into office...

  • Mirror of the donation insturctions (Score:5, Informative)

    by Fiery ( 21015 ) * <rsoderberg@gmail.com> on Thursday June 30, 2005 @06:05PM (#12955291) Homepage
    None of the views expressed in the website constitute the views of the Armstrong & Carosella PC law firm, or any
    principals or employees, or agents or experts who have been retained in any capacity in connection with the case.
    Information on this site is for educational purposes. Case Caption: Health Market Science, Inc. v Charles H. Salzenberg, Jr..
    Court of Common Pleas of Montgomery County, Pennsylvania. Case Number: 05-11918

    Donate today, to the
    Chip Salzenberg Defense Fund. Over $40k in legal defense fees incurred since April 23, 2005.
    Protect yourself from the same thing happening to you. Learn from this site, mirror it. Please donate. We thank you for your help.
    OMITTED from the Company's Pleadings,
    UN-INVESTIGATED by the Detective,
    it caused IMMEDIATE ACTION by the CEO,
    READ the LETTER that started it all!

    Why care?

    We didn't ask for this fight but we do hope that the telecommuting community learns from it. As a well known contributor to OpenSource and perl for many years, Chip continued his efforts to protect the spirit of opensource and the internet by attempting to inform his employer...sadly it brought on serious consequences in the form of an ugly legal battle with results that can affect all employees and consultants who hook up to an employer's network. We urgently need your help. The Chip Salzenberg Defense Fund is an escrow account sponsored by the law firm of Armstrong and Carosella to help pay the mounting legal defense fees for Chip Salzenberg and his family. The funds will only be used for legal costs to defend Charles Salzenberg and his family against Health Market Science, Inc. Donations are NOT tax deductible. Thank you in advance. We would love to hear from you.

    Donate by email

    You may send us your email address, name, phone number and pledge amount. We will email you back a "Request for payment".
    You'll be able to pay by credit/debit card or using your Paypal account. Send email to: gifts@geeksunite.net.

    Donate by Mail

    If you would prefer to mail your donation, please send it to the following address:

    Chip Salzenberg Defense Fund Escrow
    Care of: Armstrong & Carosella
    882 S. Matlack Street
    Ste. 101
    West Chester, PA 19382

    Make Checks payable to Chip Salzenberg Defense Fund Escrow" (NOT tax deductible).

    If you have questions or need additional information about making a gift to the Chip Salzenberg Defense Fund,
    please call 925-457-6634 or email gifts@geeksunite.net.
  • Perl Programming Considered Harmful

    I am continually shocked and dismayed to see people write test cases, install scripts, and other random hackery using Perl. Perl is seductive because of the abundant CPAN modules and its TIMTOWTDI philosophy, so the path of least resistance is followed and a Perl script is written. Sadly, programming in Perl inevitably leads to one's employer taking legal action against the programmer.

    The most common problem encountered with Perl programmers is pointing out embarrassing things about their employers. All they are able to do is white-hat hack or whistleblow. While some educators have fixed some of Perl programmers' flaws (closed-minded disciplinarians do much better here), many have added new ones. Most of their problems can never be solved because they're not inadequacies per se, but rather the direct consequences of intelligence and free-thinking.

  • Courts do nothing to stop unethical co. behaviour (Score:4, Interesting)

    by philovivero ( 321158 ) on Thursday June 30, 2005 @06:12PM (#12955369) Homepage Journal
    I worked for a company out of Reno, NV (yeh, a hotpot of corrupt companies, I know) and when I found out they were trying to bilk millionaires out of VC capital, I just turned in my laptop and said that was my final day.

    The company refused to pay me for my last two weeks of service or any vacation time I had built up.

    When I attempted to get the money from them, they produced a list of dates I was not in the office (exceeding my vacation pay plus 10 days for the last two weeks of service). These were days I worked from home (and I actually WORKed from home).

    I tried to appeal to the legal system, but got a big runaround. This same company sued other ex-employees for frivolous things, and the courts took this company (that had a history of this sort of thing) quite seriously for years.

    The courts have it in their best interest to make sure lawsuits keep happening and go on for extended periods of time. It's job security for them, and they just don't care that it's a drain on the rest of society.

  • Face it... (Score:3, Insightful)

    by HPNpilot ( 735362 ) on Thursday June 30, 2005 @06:14PM (#12955393) Homepage
    Money and power are clinching their position in this country, and VERY rapidly. Combine the "Patriot" act with limiting freedom of the press to gutting of whistleblower laws to widespread corruption and add in a good dose of "liberal" bashing taking the form of "get tough on crime" and you get what we have.

    Too late now, I'm afraid, and it will ge a *LOT* worse before getting any better.

    What kind of mess have we left for our kids?

  • Mirror of the original letter (Score:5, Informative)

    by Fiery ( 21015 ) * <rsoderberg@gmail.com> on Thursday June 30, 2005 @06:15PM (#12955397) Homepage
    19 April 2005

    Charles H. Salzenberg, Jr.
    P O Box 537
    Southeastern, PA 19399

    Health Market Science
    2700 Horizon Dr. Ste 200
    King of Prussia, PA 19406

    Attn: Mark Brosso, Matt Reichert, Rich Ferris, Rob DiMarco, Dorothy O'Hara
    Re: Legality and Morality of Harvesting Operations

    It has recently come to my attention that that HMS is continuing the illegal and immoral web harvesting operation that I brought to Rich Ferris's attention over a month ago, in a conversation including Tim McCune. HMS's continued harvesting operations are a threat to me legally, morally, and professionally.

    That HMS systematically collects data from web sites without the express permission of their owners is well known (inside HMS). Some web site operators are not pleased when (if) they figure out that their sites are being harvested. They sometimes respond by blocking the network addresses of the harvesting machines. This was a common problem in harvesting when I hired on to HMS in December of 2002. At that time, the accepted strategy for getting around such blocks was to obtain multiple web hosting accounts to act as proxies for HMS's harvesting systems. I did not then realize that knowingly bypassing blocks placed by web server operators was illegal. (As a result of other research, detailed below, I now know that has been illegal all along.)

    As bad as HMS's past harvesting practice was, current practice is worse ... much worse. HMS has taken a page from the spammer playbook and is, deliberately and under management direction, hijacking thousands of vulnerable machines all over the Internet, using them and their network bandwidth without the knowledge or permission of their owners as unwitting accomplices in HMS's data harvesting operation.

    I have confirmed these facts in conversations with several people with first-hand knowledge, including Tim McCune and John Marquart. I asked Tim McCune about HMS's proxy hijacking in the presence of Rich Ferris, a vice president of HMS and a company founder. In that conversation, Tim McCune confirmed to Rich Ferris and me that proxy hijacking was standard practice. Shocked, I informed Tim and Rich that proxy hijacking is very illegal and immoral. They were unmoved. I also have witnesses for other conversations.

    I have also confirmed that the Harvester source code - which I, as a Senior Programmer, am authorized to access - includes Java code which collects lists of such vulnerable computers, called "open proxies," from web sites that maintain lists of them. I have also found the Java code which uses such proxies, without the permission of their owners, to connect to the sites that HMS harvests. The offending source code was written by Rob DiMarco, Tim McCune, and Jason Franklin.

    This deplorable activity by HMS has serious legal, moral, and professional implications.

    First, the legal.

    I am not a lawyer, but I can read the plain English of the Pennsylvania Consolidated Statutes, and it is clear to me that hijacking the computers of random people is a crime in Pennsylvania. Under PSC 3933, every instance - every single instance - of hijacking an open proxy is a misdemeanor of the first degree.

    HMS is committing these misdemeanors by the tens of thousands, under explicit management direction, and in accord with corporate strategy. One petty theft may draw little attention; but tens of thousands of petty thefts, all made by one company, at explicit management direction, and in accord with company strategy, might well lead to unpleasant legal consequences. Even a small fine is painful when multiplied by a hundred thousand.

    HMS thus makes itself an attractive target for prosecution by a state's attorney who wants to show himself tough on corporate crime. HMS could be a stand-in for the spammers who commit the same crimes.

    HMS's legal exposure is not limited to Pennsylvania. A number of the sites that HMS harvests are run by governments of other states who would be

  • Sounds pretty clear to me (Score:5, Insightful)

    by suitepotato ( 863945 ) on Thursday June 30, 2005 @06:15PM (#12955399)
    They got caught with their hand in the cookie jar and immediately attempted a smear campaign to draw attention away from themselves.

    Further, on nothing more than the company's say-so, they got a search and seizure warrant from a judge who was obviously unfit for service by the very fact of his signing it. Actual investigation and evidence is required usually for this kind of thing and it seems to be a case of "he-said, got the warrant, screw what the other guy said" sort of thing. Having been the victim of this myself, I am not surprised. Saddened that it continues, but not surprised. People who love increasing the powers of the state for their political aims can just as quickly be the nail getting pounded down by that same state.

    What is so shocking is that they think they will get away with it. All that are needed are logs from servers harvested by this scumbag outfit despite their attempts at a polite no through robots.txt, etc., and it will become a landslide against them with the first lawsuit for the intrusion.

    If I had any money, I'd send some.
  • Purchase a small micro-cassette recorder for use when entering potentially "heated" discussions with management. (or sometimes even other employees)

    You will want to check your local law, but MOST states permit a concealed recording device on a person when there is no "perceived expectation" of privacy (don't record anything in the bathroom) or when more than 2 people are party to the conversation.

    I've only had to resort to this tactic once, but it saved my job and cost the Veep his....

    was it worth the $20????

    d*mn straight it was.....

  • Encrypt your disks... (Score:3, Informative)

    by mi ( 197448 ) <slashdot-2017q4@virtual-estates.net> on Thursday June 30, 2005 @06:22PM (#12955501) Homepage Journal
    Although your person is pretty well protected by the Constitution, your property is not.

    Your computer can be seized -- and pretty quickly. All non-trivial data (including risky photos of your partner) should be encrypted on disk. Major operating systems support this option -- including FreeBSD [freebsd.org], Windows, and, no doubt, Linux.

    Certainly, "honest people have nothing to hide", but it is not even so much about winning the case (you will, likely, prevail), but also saving yourself a lot of time and money. Your adversary will go through all data found on your machine and your lawyer (don't even think of not hiring one) will be billing you in proportion to the amount of things, the other party brings up. Even if all of it ends up being nothing.

    True, the opponent may demand, that you decrypt the data -- but you (your lawyer) can fight that demand -- it will likely be cheaper, than explaining away all messages in your ExEmployer-folder.

    Do not rely on mere obscurity -- I found out first-hand, that even FreeBSD is "mainstream" enough for professionals (yes, there is a good market for these services) to know it. They came with software (something from SourceForge) to search through filesystems (very easy -- "grep" for the disk devices). For Linux they'd probably even have GUI.

    Treat these guys decently -- they are just doing their jobs. If you do, they are more likely to overlook your older computer, which will let you post about your troubles on Slashdot when they are gone.

    Set up encryption. Encrypt your back-ups, before they leave your computer. Do not automate decryption so that it happens by itself on boot (duh!)

    When you are done, treat yourself to "Cryptonomicon" [amazon.com] for fun and more behind-covering ideas.

  • My name is Douglas Muth, and I live not too far from King of Prussia, PA.

    Back in 2001, I was laid off from my previous job and looking for work. I interviewed with Health Market Sciences sometime around that July for a Software Engineer position, and it was an interesting experience. I met some of the people from that company and was finally interviewed by one of the Vice Presidents, a guy by the name of Rich Ferris. Rich seemed pretty impressed with my resume and said something to the effect of "we'll get you an offer by the end of the day".

    So, I went home and gave Rich a call at the end of the day. But suddenly his story changed, and it was, "I had problems getting the offer through HR (or somesuch), I'll have one for you on Wednesday".

    Wednesday came, and I was told, by Rich, to call back again on Friday. Friday came, and they were having money issues and would get back to me on Wednesday. Finally, next Wednesday rolls around and I'm suddenly told, "Well, we really want to hire you, but we don't have the money right now, so we cannot make you an offer".

    So what it boiled down to is that I was led on by that company for over a week with the promise of employment, only to have it yanked out from me because they didn't have their stuff together. It was a total waste of my time, and the time of the job recruiter I was working with. If they didn't have the money, they shouldn't have been hiring in the first place. The whole experience left me rather bitter.

    I hope Chip sues that company into oblivian.

  • The letter that started it all (Score:3, Interesting)

    by TwistedSpring ( 594284 ) on Thursday June 30, 2005 @06:29PM (#12955579) Homepage
    Having just read the letter, I can only conclude that HMS was right in seeking legal defence against Salzenberg immediately to protect themselves. Perhaps he should have sought legal advice immediately instead of [i]threatening the company he works for with legal action[/i]. He made some hefty allegations in that letter, and also disclosed that he had been snooping around software that he wasn't involved with but had "the right to access" as a Senior Programmer. IANAL and I obviously haven't read Salzenberg's contract with HMS, but I would imagine that if he's not working on the code and browsing other people's projects from home in the interests of taking legal action, this gives HMS grounds to file a suit against him or at least gives them an incentive to shoot first.

    This all looks to me like an ill considered vigilante mission gone horribly wrong. It's like shouting "hay guys, you're all crooked bastards and you should be in jail. I'm thinking about taking you fuckers to court! Can I keep my job though? Don't sue me!" What he should have done was file for legal action immediately, and/or resign from the company on legal/moral grounds. Resignation would have looked a lot better, would have relieved him of some of the moral issues, and would not look like he was about to try and sue the company for a ton of money.

    I agree with his stance and his moral position, but this was a perfectly stupid and arrogant way to handle the situation. As a Perl hacker I wish Salzenberg the best, but I can't agree with the way he's fought this battle so far.
  • Ok, the Pennsylvania Common Pleas Court is partially online, and the docket sheets are available with a little digging. Too bad the full text isn't available.

    CRIMINAL MATTER: Docket Number: CP-46-MD-0002495-2005. Filed 4/27/2005. CASE STATUS: CLOSED. Last event was a hearing on the return of property, on 6/10/2005 before Judge William J. Furber, Jr.

    CIVL MATTER: Docet Number: 05-11918 (Judge Hodgson). A deep link to the docket sheet is http://12.40.122.125/FCP2.WEB8/0/P12DIS?CASE-NO=05 -11918 [12.40.122.125]. Looks like a motion for a temporary restraining order and for expedited discovery and preservation of documents was filed on April 26, and was granted ex parte (without the defendant being able to argue) by Judge Joseph J. Smyth. The latest emergency motions appear to be filed to reinstate this order, presumably as a result of the computers being released after the criminal matters were dismissed. I am very curious to know what's going on with the intervenors - Radian Guaranty and Lisa Perdichizzi. It's Perdichizzi who filed a motion for sanctions against the Plaintiffs on June 22, and there's nothing on the docket sheets since then.

  • Opening Line (Score:4, Informative)

    by fm6 ( 162816 ) on Thursday June 30, 2005 @07:44PM (#12956229) Homepage Journal
    When somebody says, "I'm not a lawyer, but I know that..." there's a good chance that something nasty is about to happen.

    Chip is engaging in a legal crusade against Health Market Science, and doing it without legal advice. Naturally, HMS does have lawyers, and consults them as to the best way to screw him over. Screwing precedes. Gosh that's a suprise.

  • Posting anonymously here because I've lived it (Score:5, Interesting)

    by Anonymous Coward on Thursday June 30, 2005 @08:17PM (#12956442)
    I've been in a very similar situation recently, and also ran into huge legal bills, from a contracting client who made outrageous claims. It was the worst experience of my adult life. I can't go into any details, but it was terrible, and the case turned on the same kind of criminal trade secret laws. These trade secret laws are so prone to abuse because they take what are effectively civil issues (ie, business disputes) and get the criminal justice system involved. Let me tell you, all this thing about "innocent until proven guilty" is nonsense. Yes, you are "innocent until proven guilty" when you actually get to trial... but by the time you get to trial you've already gone through hundreds of thousands of dollars in legal bills. Where does the average guy come up with that kind of money? I'll give you the answer: he sells all of his assets (house, everything) and he still doesn't have that kind of money, so he ends up getting a public defender, and public defender = plea bargain = no trial.

    Basically these trade secret laws let big guys with resources or connection punish small guys (us) without any legal process. We're out tens of thousands of dollars just from the moment the process begins, without a court or a judge even having seen the issue.

    There's also the emotional factor. It's terrifying. If I got a criminal trade secret conviction, I would never be able to work in the programming field again. What else could I do? My life would be ruined even if I got probation only. The fear is incapacitating. It's like someone telling you "you have cancer." Even if the cancer is treatable, it is terrifying.

    Anyone in the programming field needs to be aware of these risks. You don't think about it because a) these things usually do not result in convictions (in TFA's case, if his telling is accurate, there is no evidence of any wrong-doing) and b) when they go away without a conviction, we're all scared to talk about them (like I am posting as AC right now). But even if the case goes nowhere, running into a $40k legal bill is disastrous. That's a downpayment on a house. That's 100% of your after-tax income for more than a year (probably). That's your new-car and vacation fund for several years. That could cause so much financial stress as to lead to divorce, family estrangement, etc. That's "liquidate all of your assets right now and borrow from all of your relatives" disastrous. That's a penalty this guy is suffering without any trial or judicial overview. That's (possibly) without even having a grand-jury rubber-stamp the police side of the story.

    I'm afraid to even post this lest it have some bearing on my situation, but I'm posting because I want all of us Slashdot crowd to be aware of it.

    I don't really have a solution, but one thing that seems to help is to put up a very aggressive and determined defense from the very beginning. Let everyone involved know, "there will be no plea bargain. There will be a vigorous defense. Trying to bring a civil matter into the criminal system will not work and I'm not going to beg for mercy. If it gets to a trial, we're fighting all the way and there will be an acquital."

    This guy is brave to even be talking about this publicly. I'm sure his lawyer advised him not to (mine did). Most of us who are victims of this are silent victims like me.

  • Had a similar situation (Score:5, Interesting)

    by Anonymous Coward on Thursday June 30, 2005 @09:15PM (#12956831)
    I moved out West in 1997 to work for a company (heading up a software division for Windows) that a friend had bought into. Long story short, he and I found massive corruption (embezzlement) within weeks. He brought it up at a board meeting, and the next day was kicked out of the building, voted off the board (illegally it turns out) and his stuff left on the curb. I quit the same day.

    At 7 AM the next morning, the sheriff was at my door with their lawyers in tow. Fortunately for me, they screwed up the warrant and were unable to seize my hardware, but they took a very detailed inventory of everything. Even more fortunately, my friend HAD consulted a lawyer before confronting the board and he (the lawyer) had the whole thing search/seizure suspended. The courts finally found the company's motions meritless (and fined them!!) They ended up with a huge lawsuit against them from several board members once the whole picture came to light, the BSA came down on them like the wrath of God (thanks to a cover your ass maneuver by the CIO) and the whole thing went into the crapper within 8 months.

    ALWAYS consult a lawyer when doing any sort of confrontation with your employer. You need something to back you up. If they are doing something scummy, there is NOTHING that will stop them from doing something scummy to you in return. I should have done so before the board meeting, even though I wasn't directly involved. But my friend saved my ass. He lives 2000 miles away now, but I still send him thank you notes.

Slashdot Top Deals

If you teach your children to like computers and to know how to gamble then they'll always be interested in something and won't come to no real harm.

Close