On the home page of Florida Today, there are right now 9 different articles defending or supporting Rebekah Jones, some of them linked multiple times, for a total of 12 links on the home page with the following headlines;
Rebekah Jones pushes back after dashcam released
Exclusive interview with Rebekah Jones
Evidence 'weak' for warrant on Rebekah Jones home
Jones reacts to release of FDLE raid footage
FDLE releases bodycam video of Rebekah Jones raid
Fired FDOH scientist denies wrongdoing
Rebekah Jones described equipment seized
Fired FDOH scientist: ‘I spoke out of necessity'
Rebekah Jones talks whistleblower complaint
How can the state claim the access was unauthorized when it shared password between users and also published it on a document on its website? The former may be irresponsible but is commonly excused but the latter?
If I leave a pie on the windowsill, it is still wrong to take it even if it’s easy.
Bad security practices doesn’t mean it is open season for any activity. Being fired and logging back on to work computers is really hard to defend as not knowingly wrong.
You ask the ISP who owns the IP who was using it at a specific time, when it turns out to be your former employee’s home, you ask for a search warrant to sieze her computers as evidence. Then you try to match logs on a device with logs on your servers, and additional evidence perhaps as well in order to establish beyond reasonable doubt that this woman did indeed do what is being accused.
Everyone knows the evidence and information supporting the raid was nonsense. She refused to bend the knee to a conservative administration while people were dying, and the political machine decided to lash out.
Having not read the court filing that granted the search warrant I know nothing about the information supporting the seizure.
I know that she tried to make an emotional appeal on social media, I know that she has been accused of really sketchy behavior with a coworker, and I know that people who read her messaging are going to jump to conclusions about her being wronged with no information besides her being fired by republicans.
What evidence was presented which got the warrant granted? Why was it nonsense, and what led the judge to grant it anyway?
Why did she delay officers executing a legally granted search warrant for twenty minutes, hanging up on them and refusing to answer the door?
It very much strikes me as a “more than meets the eye” kind of situation that jumping to conclusions based on political affiliation does not do justice.
>Why did she delay officers executing a legally granted search warrant for twenty minutes, hanging up on them and refusing to answer the door?
I can think of several reasonable reasons why she might do so:
1. To contact the court WRT the validity of such a search warrant;
2. To contact an attorney to obtain legal advice WRT how to respond to an attempt to enter and search her home;
3. To remove her small children (who obviously have no involvement) and protect them from the police;
4. To put on appropriate clothing so as to be fully dressed when police enter her home.
I'm sure there are a myriad of other reasonable reasons she might have delayed answering her door.
I don't know if any or all of the above (or any other) reasons are relevant, but it seems to me that such a delay doesn't imply wrongdoing on her part.
23 minutes. The police showed overwhelming restraint in not breaking the door down. Whatever she was doing, she could have been trying to destroy evidence the entire time. The police serving a warrant aren’t supposed to wait outside for half an hour for you to answer the door.
>23 minutes. The police showed overwhelming restraint in not breaking the door down. Whatever she was doing, she could have been trying to destroy evidence the entire time. The police serving a warrant aren’t supposed to wait outside for half an hour for you to answer the door.
You wouldn't happen to be a member of the Arizona Republican Party[0], would you? I shouldn't be surprised if you were.
Allegedly sending messages[0] to former colleagues is now hacking? The credentials for accessing the system to send such messages was shared by hundreds, if not thousands of people and posted on intranet sites.
So sending messages (albeit unauthorized ones) using a widely-known set of shared credentials is worthy of a whole bunch of cops descending, guns drawn, on a couple with young children?
I'd also point out that the biggest ISP in that area is Comcast, which routinely sets up free wifi for anyone in range[1] by sharing their customers' links.
As such, any one who had access to the credentials (hundreds to thousands of people) could have just driven over to her house and used her Wifi.
And the cops come with guns drawn? With small children in the house?
From the linked article:
"The search was part of a criminal investigation into unauthorized messages sent last month to a group of health department employees using an internal emergency alert system.
[...]
According to the affidavit, the users on the emergency alert group account shared the same username and password, which cybersecurity experts said left the system vulnerable to a breach that could be difficult to trace."
You’re right, I should have said allegedly hacking. Unless you’re claiming there is some doubt that she should have had access to that system to send that message, then yes it is hacking. Plain and simple.
I run a SaaS business. As part of logging into that company my users send their username and password to my servers which my servers see in clear text.
Just because it would be absolutely trivial to save all those passwords in clear text and use the 50% of them that are re-used credentials to login to my customers’ accounts doesn’t mean that it wouldn’t be illegal to do so.
The complexity of the hack is irrelevant. Whether you have the correct password is irrelevant. Whether it was authorized access or not, and whether the perpetrator believed it was authorized access or not, is what matters.
And as part of the process to determine that, serving a warrant on the home of the IP address of the person who performed the action is appropriate.
And waiting at the door for 23 minutes while making multiple phone calls with the homeowner to try to serve the warrant is more than reasonable. It’s frankly how I would hope they would treat me in the same situation if for some reason I refused to come to the door. (Plenty of time to destroy evidence, that’s for sure)
They haven’t even charged her at this point. It was serving a warrant as part of the investigation! What, you want them to not investigate? This is bizarre-land politics and disinformation campaign territory.
There's the video, they're all wearing khakis, the officer talking to the woman has a not-so-stylish short sleeved plaid shirt, and one of them has some kind of stick? Not exactly a SWAT raid.
Claim an IP was found by examining logs (no logs shown)
Claim they used “investigative procedures” to identify the IP as belonging to Ms Jones.
Both seem weak but I don’t know usual practice.
Seems odd no actual logs (easily forged) are included. Also odd they don’t just say “Comcast said at time X the IP belonged to her” so unclear what strength of evidence they really had.
That seems reasonable enough. Look at your logs, find an IP that did the unauthorized thing, do a WHOIS, then call the ISP and ask who had that IP at the time.
Is it possible to fabricate all of this evidence? Sure, but finding the lady's IP in order to have it confirmed by Comcast seems pretty sophisticated without a pretty advanced conspiracy. One would assume a lot of that would come out at trial, if the defense could convince a jury of those doubts.
But this is a search warrant, that's all some pretty convoluted fraud of the justice system to smear this woman. Criminals are pretty stupid usually, intimidation would take a lazier form. Keeping with the "criminals are stupid" line, a person with an axe to grind posting on a work network after being fired from their home? That seems about right.
Lots of downvotes are going on around here that make it evident that people only really care about their political alignment and their ideas of justice depend on whether or not a person is on their side. I thought people were generally above that here.
>... I thought people were generally above that here.
This place has never, not once, been "above that". What you are astonished at is that the discourse is anti-right wing. Other times when it is pro-right-wing/an-cap/libertarian/anti-POC you don't notice it because that's the baseline for normalcy for the userbase.
There's a difference between having a political slant and straight up denying reasonable action because it is against someone of your political alignment.
>She refused to bend the knee to a conservative administration while people were dying, and the political machine decided to lash out.
Nope, that isn't what happened at all. The facts [1] show that she got the wrong end of the stick when the state epidemiologist asked to temporary remove one data field in order to validate the data (according to the emails seen). She didn't have all the facts, and she then incorrectly assumed that the data was being censored.
It's not. I never even mentioned that. The article was supporting my comment above by showing the emails between the state epidemiologist and her dept. I havent found any better source for those emails.
>Also your article goes literally against what you said.
No, it doesn't, if you read the article you will see it supports the facts I gave (see my other comment in this thread).
If you look at the first article, you will see that it does in fact support the facts I presented:
[1] The state epidemiologist asked her supervisor to temporily remove the data: "“Per Dr. Blackmore, disable the ability to export the data to files from the dashboard immediately. We need to ensure that dates (date fields) in all objects match their counterpart on the PDF line list published,”"
[2] Rebekah assumed this was censorship: “This is the wrong call,”
[3] Her supervisor asked her to re-instate the data one hour later: "Then, just after 6 p.m., the I.T. director emailed both Jones and Dr. Blackmore. “Re-enable for now please.”"
Your correct, but she became a useful tool for MSNBC and the Democratic party in the effort to turn any GOP governor who wanted to open their states up into evil, callous villains. As a result, any attempt to inject the reality of her being completely wrong and rightfully fired immediately solicits downvotes from the resident partisan hacks on HN. They don't get the fact that she made false claims in May about a conspiracy to hide deaths, and has a history of being sensationalist and dishonest.
Rebekah Jones reminds me of Alex Jones:
Loyal following, every bad thing that happens to her further bolsters her conspiratorial claims, and she grossly exaggerates her own credentials.
You're not saying she deserved the police raid and neither am I. We are just trying to point out the reality that she isn't some whistleblower hero but that doesn't fit the political narrative that the partisan hacks on here have accepted so we will be downvoted into oblivion.
The partisan hacks will continue to call her a data scientist when she never even called herself that and is not remotely trained for that because it makes their narrative more powerful. That's what politicization does:
any statement of fact that counters the narrative will be ignored or rejected or reacted to with hostility.
Your facts support the claim of censorship. As noted in the article you cite, the reason the state epidemilogist wanted the data removed was to stop journalists from asking about covid confirmation dates, which were earlier than the state was claiming. Rebekah pushed back with her supervisor, who agreed that the request was censorship. The state (not her supervisor), acting at the behest of the governor, then removed Rebekah the following morning, alleging a "pattern" of insubordination though they could only ever document the 1 instance. (The governor's involvement was confirmed by the governor's press office giving the press release informing the public of her termination.)
>the reason the state epidemilogist wanted the data removed was to stop journalists from asking about covid confirmation dates
No, that is just your assumption, but is not supported by the facts. According to the article, the data disappeared for an hour, and then came back again. That is hardly censorship.
> then removed Rebekah the following morning, alleging a "pattern" of insubordination though they could only ever document the 1 instance.
Given that she has been booked on police battery, and has 3 felonies (one for sexual cyberstalking, and another for robbery), it wouldn't really be surprising.
The complaint alleges that 1750 messages were posted on an communications system urging employees to blow whistles.
Those messages were linked to an IP address which Comcast pointed at Jones’ home.
Is that enough for a conviction? No, it’s not hard to establish reasonable doubt with that.
But that’s damn well enough for a search warrant to sieze electronics from somebody’s home. Being fired for insubordination, she had motivation, the terrible security practices gave her opportunity, and IP logs are a clear piece of evidence that it could be her.
That’s a pretty solid ground for granting a search warrant.
Hanging up on officers and denying them entry for twenty minutes is a good way to make them nervous about your intentions as well.
IPs can be spoofed? Sorry it would take a hell of a lot of sophistication for that to be what happened or outright evidence falsification on the prosecution. Is it more likely that a somewhat troubled woman logged in to work computers to try to stir up trouble or that a sophisticated act of framing occurred?
A man got a restraining order against her, and after it expired she started harassing him again and posted explicit pictures of him on a wordpress site and sent it around to people who knew him. She was arrested and charges are pending trial.
This sounds like exactly the kind of woman capable of doing something like the search warrant accused.
"is it more likely" if you want to base criminal acts on "more likely" then you're making vast assumptions similar to tabloid drama. You or I don't know the facts of any of this until it's brought and argued in court. People lie, prosecutors lie, defendants lie and neither you nor I can magically predict the outcome. It can very well be occam's razor applies, however occams razor is a logical fallacy.
Officers have a well known history of not having a warrant and acting like they have a warrant so you'll give them implicit permission to search and seize. I don't blame anyone for denying them entry.
You don't have to spoof an IP. Depending on the system you just need a text editor. Are their access logs under good chain of custody? How would a tech illiterate judge know?
These are reasons why I wait for the text of the case.
The point is why on earth would you send essentially a SWAT team for such a warrant. And no, it's not unsurprising that the data used to back a warrant or prosecution would be falsified. The US system is rife with all kinds of people being railroaded with shaky witness and cops lying about events.
There was no SWAT team. They rang the bell, stood outside her house, called her on the phone multiple times, and eventually resorted to... knocking loudly.
You don't need to "get officers fired up" to get them concerned for their safety to the detriment of basically everybody else - the training that they get from the likes of Dave Grossman is basically all about getting them "fired up" permanently. Numerous examples of cops going in guns blazing, shooting dogs that run away from them, shooting random people, throwing flashbangs like they are candy etc.
Thing is, nothing that she is accused of requires this level of force, even if she's stalling. If they want her so bad, they can just starve her out.
> That’s how you get officers fired up and concerned for their safety.
What a sad statement about the US. There is something fundamentally wrong when police has to be so afraid of a person without any violence charges that they bring in the same specialists they use to resolve hostage or active shooter situations.
Sure, it's possible, but in order for that to make sense they would also have to compromise a computer in that house in order to post from so a search warrant could find that.
That's a pretty heavy duty conspiracy, and it would involve some pretty solid red-team skills. I really think it's beyond a dumb-ass politician to orchestrate such a fraud as a hit against a really low key political adversary. How hard do you think it would be to find a hacker capable and willing to do such a thing, and money to fund that?
On one hand you have this pretty advanced conspiracy which would require high level coordination with very skilled people in order to frame someone who barely matters.
On the other you have a woman who was recently arrested and charged with stalking after enduring a year long restraining order... and the question is if there is enough evidence that she logged on to work computers to write inflammatory things to old colleagues.
What's out there is surely enough for a search warrant. You have to believe a lot of advanced conspiracy theories to say this search warrant isn't valid. Even then the justification is... well it stretches the imagination. State-level framing for an inconsequential thorn in a republican governor's side.
It is possible, but it isn't reasonable.
I would fully expect a guilty plea in a month or two.
The seeking of a (potentially plausible) search warrant by the state to silence a publisher that is publishing things the state doesn't want published is the issue here, not the relative merits of the search warrant itself.
The state was using this as retaliation, not to further the investigation of a crime. That's just the cover story. Even if they make the hacking charges stick, this isn't about hacking at all, it's about publishing.
It's astounding to me to see people regurgitating unsubstantiated cop claims with no evidence.
If she did do it, logged on to a work system after being fired to spam a communications system encouraging people to blow whistles... I guess I don’t really care if the motivation to prosecute is political. That’s a pretty clear cut case of a crime being committed.
The defense about the justification for the warrant being dubious is just false. Unless somebody wants to claim the evidence is fabricated, don’t go searching for “experts” to come up with nonsensical refutations.
Their expert isn't: "Butler, at the University of Florida, said making an IP address that appears to come from elsewhere isn't that complicated."
And the legal analysis is weak, but that's apparent from the title: "Experts: evidence to support search warrant on Rebekah Jones' home flimsy"
Yes, search warrants are to search for evidence. If the evidence wasn't flimsy they'd have had an arrest warrant.
It offers as a defense that there were no damages.
"What (Jones) did, didn't cause any damage," she continued. "Normally you don't see prosecutors prosecuting for computer crimes something that didn't cause any harm... it seems to be a very sketchy use of discretion to try to use this very serious statute against somebody who didn't cause any harm to your systems."
But it neglects to recognize that the damaging act is the message, and whatever actions or defamation it may cause, not the stolen CPU time.
It quotes the EFF to say that an IP alone isn't good evidence, "It's a thin read to just use the IP address, and it's one that we really, really discourage," said Cindy Cohn, the EFF's executive director. But it misses that they had an IP and it coincided with a small set of people who had access and motive.
They note that the police had an IP, but no linkage of IP/customer/date. This does allow challenging the warrant, but doesn't make it instantly null and void.
It says "Cybersecurity and digital rights experts also said the fact that the emergency system in question relied on a shared user name and password further complicates the case."
No, it doesn't. Fired people are not authorized users. And they have an IP address which points to a specific one of those users, so that's not complicated.
It then attempts to conflate misuse of data with unauthorized access of the system at all by claiming that this case is similar to Van Buren v. United States which is about a police officer using his authorized access to do something which was forbidden.
I have no opinion about the case but this article is trying to give me one. Not facts, it just wants to skip straight to opinions.
The main problem I have with the article is that it's factually incorrect about it being easy to spoof an ip address in a situation like this. It's easy to send off a fake ip address if [1] your ISP permits spoofed ips (which it shouldn't) and [2] you don't care about a response. But in this case the user had to actually log into the system, which is pretty tricky to do with ip spoofing. (There is some debate about it potentially just requiring an email to be sent to a mailing list, but even SMTP requires various responses).
Given the level of technical difficulty to do this, it seems extremely implausible that someone would go to all that effort just to send out this message.
> Given the level of technical difficulty to do this, it seems extremely implausible that someone would go to all that effort just to send out this message.
I agree. I think the two most plausible scenarios are that she too technologically illiterate to know that IP addresses are logged by ISPs and login systems, or the Governor has it out for her and hired someone to do it. I think both scenarios are totally feasible, though it's really hard to imagine she'd never heard of IP addresses before...
The original text from the parent post is "Butler, at the University of Florida, said making an IP address that appears to come from elsewhere isn't that complicated."
There is no specific mention of IP Spoofing, so I wouldn't assume that. By far the easiest method of making an IP address appear to come from somewhere else would be a proxy, but it's never precisely claimed, because that's not how rules of evidence work. The burden of proof is on the prosecutor, and we don't know exactly what is being alleged, nor how it will be defended. I assume that the search warrant is somewhere on the Internet, but without at least the warrant to add context, we fart into the wind.
But a proxy would have the proxy server ip, unless Rebekah was hosting a tor node or some other proxy at her home. Even in that case the ip is still at her home.
The state may well have had her wifi password from her work laptop she may have used at home at one time. The technical difficulty would be driving to her home then. If it is still possible I would try to secure logs from that device.
I get your points, but I disagree with your contention that the fact that all users of the system used a shared username and password doesn’t complicate the case. We’ve established that an IP address is not strong evidence for identifying an individual. IP address != authentication. What _could_ have established strong evidence tying the alleged unauthorized access to an individual’s identity would have been _actual_ authentication of the _specific_ user. But they don’t have that, either, since they shared one set of credentials.
You said, “they have an IP address which points to a specific one of those users,” but that’s not actually the case. They have an IP address which has somehow been related to the accused (though how is unclear to me since you note above there’s no linkage of IP/customer/date) — maybe they know she sent an email from that IP address at some point around the time of alleged crimes. But in any case, without providing evidence that the IP address is _only_ associated with the accused, and _not_ with any others with similar opportunity and motive (for example, any others with access to the shared username and password who might want to access the data for similar reasons, or wanted to frame the accused for hacking and put an end to the her very public/politicized efforts), then they don’t really have strong evidence of anything - basically only enough _not_ to rule the accused out of the probably large pool of possible suspects. How many other current or former employees had access to the shared username and password? When were they last changed? How many others who _weren’t_ ever authorized to access the system but could have compromised/gained access to these credentials since then? How many times have they been written down and left on a sticky note in some public or semi-public place? Do they ever have controls in place to prevent guessing/brute forcing the credentials (with one login for shared between all users, automatic account lockouts or resets seems very unlikely).
> We’ve established that an IP address is not strong evidence for identifying an individual.
Well no, we haven't. There's one standard of evidence for conviction and another for a search warrant. You'd never get a conviction on that alone though.
> in any case, without providing evidence that the IP address is _only_ associated with the accused, and _not_ with any others with similar opportunity and motive
Because no other fired employee lives at her address? But that's not relevant because they got a warrant to search her address, not simply her person.
> I disagree with your contention that the fact that all users of the system used a shared username and password doesn’t complicate the case.
I do agree that it's not open and shut, but I don't think that the specific fact of the password being shared will complicate this case further.
Having the IP provides the linkage to her that is otherwise lacking because of the shared account.
> for example, any others with access to the shared username and password who might want to access the data for similar reasons, or wanted to frame the accused for hacking and put an end to the her very public/politicized efforts
There's even less evidence from which to come up with conspiracy theories than simply to blame the accused. Sure, it could have gone down in some complex and unlikely way, but why are we discussing zebras instead of horses?
And, any investigation of a conspiracy to frame her would necessarily start with the only clue - that the communication came from her IP.
