Comments
For whatever it's worth, the Reddit story here says that the federal courts used "fraudulent warrants to jail my husband again". Maybe! The other side of that story, via PACER, is a detailed parole violation warrant (you can hear the marshal refer to it in the video); the violations in that warrant:
1. Admitting to using cannabis during supervised release
2. Failing to make scheduled restitution payments and to cooperate with the financial investigation that sets restitution payment amounts.
3. Falling out of contact with his probation officer, who attempted home visits to find him.
4. Opening several new lines of credit.
5. Using an unauthorized iPhone (all his Internet devices apparently have keyloggers as a condition of his release).
These read like kind of standard parole terms? I don't know what the hell happened to get him into this situation in the first place, though.
OK, I think I found the original thing Rockenhaus was convicted of.
Back in 2014, Rockenhaus worked for a travel booking company. He was fired. He used stale VPN access to connect back to the company's infrastructure, and then detached a SCSI LUN from the server cluster, crashing it. The company, not knowing he was involved, retained him to help diagnose and fix the problem. During the investigation, the company figured out he caused the crash, and terminated him again. He then somehow gained access to their disaster recovery facility and physically fucked up a bunch of servers. They were down a total of about 30 days and incurred $500k in losses.
(He plead this case out, so these are I guess uncontested claims).
If all of that is true, then that is a very serious CFAA charge. It makes sense that they would want to downplay it as "minor" and "not relevant". It sounds like the parole violations came later? In any case, thank you for researching. There is always more to the story.
By mothballed 2025-09-1614:138 reply Weev 'violated' the CFAA for incrementing a GET request, with his overturned conviction only for wrong jurisdiction. So the government has put us in a position where it's hard to take the CFAA seriously.
We also know from prosecutions in other statutes that the government will often prosecute a a broad crime with many separate sub-definitions of the various way you can break it, then refuse to tell you under which sub-definition you're being charged, meaning you have no way to know if the jury even were unanimously convicting for the same thing and no way to know what you're even defending against.
By tptacek 2025-09-1614:22 As you probably know, it's everything that happened after they incremented that HTTP request that formed the basis for his charges. Message board discussions tend to want to distill "hacking" CFAA cases down to the specific shell script that ran, but these cases are almost always heavily situational and fact dependent.
Interestingly, Rockenhaus's isn't --- it's more or less exactly the circumstance foreseen by the authors of CFAA, who believed that even though existing law covered most hacking-type scenarios, they didn't form a clear basis for felony charges for purely destructive computer abuse.
By Aurornis 2025-09-1614:21 This case has far more than the CFAA violation, though. There were multiple parole violations after the first incident, multiple attempts to evade the parole restrictions on Internet use, discovery of a pedophilia relate search query on his computer, a history of intentional damage to a company’s infrastructure to disrupt their operations, and more.
Being angry at the CFAA is one thing, but this case has no relation to modifying a simple GET request.
> We also know from prosecutions in other statutes that the government will often prosecute a a broad crime with many separate sub-definitions of the various way you can break it, then refuse to tell you under which sub-definition you're being charged, meaning you have no way to know if the jury even were unanimously convicting for the same thing and no way to know what you're even defending against.
Could you give some examples of this?
By mothballed 2025-09-1614:342 reply Yes, https://www.courtlistener.com/docket/63291773/united-states-....
Navy sailor was convicted of possessing machine guns and destructive devices.
The ATF for example put back together de-milled RPGs, which could be a destructive device
However the statute says the following:
The ATF took his demilled RPG, put another gun (owned by the ATF) inside of it, then fired it to prove it had a bore over 0.5 inch capable of expelling projectile.(2) any type of weapon by whatever name known which will, or which may be readily converted to, expel a projectile by the action of an explosive or other propellant, the barrel or barrels of which have a bore of more than one-half inch in diameter, except a shotgun or shotgun shell which the Secretary finds is generally recognized as particularly suitable for sporting purposes; and (3) any combination of parts either designed or intended for use in converting any device into a destructive device as defined in subparagraphs (1) and (2) and from which a destructive device may be readily assembled.But the state didn't tell him under what definition he was charged, so they didn't know if they were defending against the collection of parts the ATF took (falls under 3), or against the weapon the ATF claimed it was after they put the parts together (which falls under 2).
By DannyBee 2025-09-1616:40 The normal answer to this is to request a bill of particulars, which was not requested here (afaict from the docket).
I think there is some slightly down-in-the-weeds confusion here - what does an indictment require vs ...
I think they screwed this up at trial and then tried to argue the indictment was insufficient, but i doubt they will get any appeals court to bite on this.
I posted it elsewhere, but you can listen to the oral argument of the appeal here:
https://www.ca4.uscourts.gov/OAarchive/mp3/23-4451-20250912....
It is a very accessible argument (in the sense of not need legal knowledge to usefully process it).
You can hear the judges sort of struggle to understand how this is an indicment opportunity, but really do seem to be trying to understand. They give counsel an opportunity to try to distinguish and explain things. Att around 10 minutes, one of the judges asks counsel for the bset case he has that says he's right, and he can't come up with one at all.
Which is probably the point at which he lost this appeal. :)
As i said elsehwere, i don't blame the lawyer - this seems like it woudl be a very hard case to win because of choices made at the level below. They are essentially arguing things they know will lose because nobody objected to things they should have at the level below.
Thanks for the reference! For the convenience of anyone else reading, the appeals docket is at https://www.courtlistener.com/docket/67566242/united-states-.... Note that there are two appeals briefs; it seems the defendant replaced their attorney at some point during the appeals process.
For what it's worth, I think this is the government's response to the argument you raise (on page 22 of the response brief, PDF page 30):
> Section 5845, captioned “[d]efinitions,” is a definitional provision, not a criminal prohibition. As relevant here, § 5845(b) defines the term “machinegun,” and § 5845(f) defines the term “destructive device.” These definitions do not create additional elements of the offenses charged under §§ 5861(d) and 922(o). Therefore, the government was not required to charge the applicable definition(s) in the indictment. See, e.g., Robbins, 476 F.2d at 30 (holding that an indictment under § 5861(d) need not refer to the definitions in § 5845 to “fairly notify a defendant of the charge against him”); United States v. Hoover, 635 F. Supp. 3d 1305, 1316 (M.D. Fla. 2022) (rejecting the argument that the government “was required to plead the specific facts supporting its contention that the [firearms] at issue fall within the definition of a machinegun”); cf. United States v. Pennington, 168 F.3d 1060, 1065 (8th Cir. 1999) (“The indictment’s failure to cite [18 U.S.C.] § 1346, a definitional provision, and to use its specific term, ‘honest’ services, does not mean no crime was charged.”).
And defendant's response, page 5:
> The question is whether the indictment “fully, directly, and expressly, without any uncertainty or ambiguity, set forth all the elements necessary to constitute the offence intended to be punished” and whether the indictment complied “with the necessity of alleging in the indictment all the facts necessary to bring the case” within the intent of the statute. United States v. Carll, 105 U.S. 611 (1881) (emphasis added). The government’s failure to give any specificity in the indictment cannot be remedied by wriggling as to whether the missing information can be considered an “element” or not. Even if the government were correct that the particular definition (or definitions) the prosecution is proceeding under does not change “elements,” it changes the “facts” underlying the scope of the statute.
I have no idea who is correct legally, and since oral arguments appear to have been held a few days ago I suppose I'll have to wait to see who is right.
The appeals court did not seem very impressed.
The oral argument is here: https://www.ca4.uscourts.gov/OAarchive/mp3/23-4451-20250912....
The first question they asked is "why didn't you ask for a bill of particulars?".
Overall, they seemed very confused as to the argument made here - why is the indictment actually insufficient, and what words did you want them to use instead.
I don't think this will be a successful appeal at all - they seem to all agree this is not stuff that goes in an indictment, and to the degree that there was ambiguity, the correct answer was to request a bill of particulars.
At around 10 minutes, one of the judges asks counsel for the best case he has that says he's right, and he can't come up with one at all.
Which is probably the point at which he lost this appeal. :)
To be fair, i don't blame the lawyer, and i expect why the judges are being not too hard on him, is because he's doing his best to argue a losing case because of choices made at the district court level.
By aw1621107 2025-09-172:30 Thanks for the additional info! That does seem like a bit of a sticky situation for the defense.
By 1vuio0pswjnm7 2025-09-1623:59 Would the evidence in the Auernheimer case support a CFAA conviction today, after Van Buren (USSC) and HiQ (9th Circuit)
The CFAA claim was never decided in HiQ. The chances of success on that claim did not look good and Microsoft settled
Even in 2014, 3rd Cir. COA seemed doubtful there was a valid CFAA claim
"5 We also note that in order to be guilty of accessing without authorization, or in excess of authorization under New Jersey law, the Government needed to prove that Auernheimer or Spitler circumvented a code- or password-based barrier to access. See State v. Riley, 988 A.2d 1252, 1267 (N.J. Super. Ct. Law Div. 2009). Although we need not resolve whether Auernheimers conduct involved such a breach, no evidence was advanced at trial that the account slurper ever breached any password gate or other code-based barrier. The account slurper simply accessed the publicly facing portion of the login screen and scraped information that AT&T unintentionally published."
https://web.archive.org/web/20140513205343if_/http://cdn.ars...
By akerl_ 2025-09-1614:21 In this case you have the evidence of what he did and it does in fact look pretty serious.
By stockresearcher 2025-09-1614:522 reply > his overturned conviction only for wrong jurisdiction
What are you getting at?
If an appeals court says “wrong jurisdiction”, that’s an “rm -rf” on the whole entire case. There’s nothing left to argue about.
By mothballed 2025-09-1615:001 reply Yes there is, they can reargue the whole thing in another jurisdiction since he was never 'in jeopardy.'
Considering he was convicted in another jurisdiction, and they can retry him in the 'right' one, why wouldn't a reasonable person anticipate that might happen?
I don't think Weev is living in Ukraine/Transnistria to practice his Slavic languages.
And the reason why I brought up it was overturned, was because I knew someone would mention his case was vacated, and I wanted to make clear it wasn't vacated because there was something improper found about the legal question of the CFAA.
By stockresearcher 2025-09-1615:141 reply They could start over in the correct jurisdiction. Yes. The case that was being appealed is gone. Gone.
I think that the type of person that excels at software development would also excel at lawyering. But they should probably go to law school and pay attention in class.
> > his overturned conviction only for wrong jurisdiction
> What are you getting at?
> If an appeals court says “wrong jurisdiction”, that’s an “rm -rf” on the whole entire case. There’s nothing left to argue about.
I think your parent comment meant something like "the case wasn't overturned on the basis of deficiencies in the legal theory of the crime."
By kemayo 2025-09-1616:18 Generally this is a good thing to happen, because it's fairly quick and easy to argue you're in the wrong jurisdiction... and if that's the case, it doesn't matter what the legal theory was, since the court couldn't convict you anyway.
Perhaps selfishly, I'd rather get out of a trial in the motion to dismiss stage, rather than having to very-expensively argue the merits all the way to the end.
By torstenvl 2025-09-1615:56 "jurisdiction" literally means "the power to say what the law is"
If the court had no jurisdiction, it is not possible for them to rule on "deficiencies in the legal theory of the crime" in that case.
By stockresearcher 2025-09-1615:001 reply If it’s in the wrong jurisdiction, the court doesn’t get to the point where they look at the legal theory.
By JadeNB 2025-09-1617:02 Right. I think your parent comment was pointing out that it's not that the legal theory failed, but that it was never tested, and so might (or might not) still be sound.
By ambicapter 2025-09-1614:152 reply What does "incrementing a GET request" mean?
As an example: Take a look at the URL of this page (https://news.ycombinator.com/item?id=45261163). Add 1 to that ID value (45261164) in your address bar. Hit Enter, your browser will GET whatever exists at the next ID.
Ok, that makes sense but why is this so serious? Is this a grave crime in some context?
By ecb_penguin 2025-09-1615:551 reply Because people think they are clever and are trying to separate the act from the intent.
Unlocked doors, open windows, any lack of security doesn't give you permission to enter. Just as "incrementing a GET request" doesn't mean anything outside of the intent.
The intent was to do damage.
By Dylan16807 2025-09-171:50 He did have permission to "enter". He was authorized to use the server.
His intent of releasing the data was bad (assuming he started with that intent!) but he wasn't committing any fraud when collecting it. He didn't bypass any authentication or damage the server. CFAA is the wrong law to use.
If a restaurant puts a bunch of proprietary documents in a dusty corner of the public lobby, you shouldn't browse through them but you're not breaking and entering if you do so. No matter what your intent is.
By tptacek 2025-09-1615:18 It's not about the actual HTTP request. Per se unauthorized access is just one predicate in these kinds of cases. It's about what the prosecutors claim you were doing when you made the access.
By mothballed 2025-09-1614:191 reply He incremented a number in the query string of a get request
By JambalayaJimbo 2025-09-1615:54 Okay but what information did he obtain by doing that? If I break into a mistakenly locked police station, surely I cannot use the excuse "I was simply turning a door knob"
The CFAA isn't super complicated. It basically boils down to:
Don't fuck with other people's shit if they don't want you to.
By tptacek 2025-09-1614:41 The CFAA is in fact pretty complicated. The text of the law isn't, but the implications of that text are, and so is the jurisprudence. Rockenhaus's CFAA case does not appear to have been at all complicated, though.
By boston_clone 2025-09-1614:234 reply Are you a lawyer by chance?
I seem to remember cases or interpretations of the CFAA in which even guessing the username password combo of "admin:admin" would violate the act, resulting in teenagers or children being caught up in cYbEr FrAuD
It doesn't matter if you brute forced their crappy login with commonly-used credentials. You think it's OK for someone to rummage around in your garage just because they correctly guessed your keycode was 12345? Of course not.
By boston_clone 2025-09-1614:381 reply I'm more focused on the assertion that "The CFAA isn't super complicated."
Which raises sincere doubts about the commenter's credibility to make such a claim.
How does „you’re not allowed to guess credentials“ mean it’s complicated?
By boston_clone 2025-09-1616:08 I think that's a massive oversimplification of how the CFAA has been applied.
By RankingMember 2025-09-1615:072 reply Doesn't this posture also criminalize white-hat hackers, whose disclosures would protect you from the people who actually want to do damage?
By ecb_penguin 2025-09-1615:581 reply > Doesn't this posture also criminalize white-hat hackers, whose disclosures would protect you from the people who actually want to do damage?
There is no law for "white-hat hackers". You don't get to break into a system because the color of your hat.
"White-hat hackers" have contracts, or very specific rules of engagement. Having run many a bug bounty, if someone was malicious, we would absolutely work to prosecute.
You can also find bugs in software freely, as long as you don't obtain unauthorized access to other people's systems.
By tptacek 2025-09-1616:03 This isn't true: there is, jurisdictionally dependent and I think also dependent on DOJ norms, a broad exception for good-faith white hat vulnerability research that would otherwise violate CFAA. Like I said, CFAA is very complicated in practice.
(I don't know enough about the CFAA to know whether this is true so I'll assume it is.)
To continue the garage door analogy, you wouldn't walk up to any random garage door and try code 12345 to help protect the owner's stuff, would you?
By RankingMember 2025-09-1617:27 To stick with this analogy: I think a white hat equivalent would be more like driving down the street with a garage door remote set to a default code and then notifying anyone whose door opens in response that they should change their code. I don't think that should be illegal.
You think walking through an unlocked door should result in federal charges?
By ptero 2025-09-1616:35 Walking through an unlocked door that has a sign "private property, do not enter", searching for sensitive information, finding it and exposing it surely could.
Or not, depending on how the party who owns what's inside that door feels. But if it feels he should be prosecuted, then hell yes, the state should do that. My 2c.
So what about using rakes or bump keys? Very low tech, very easy. Can defeat some poor quality locks.
By account42 2025-09-178:20 Still sounds like petty crime that doesn't need the FBI to roll in.
The point is that in the physical world there is some notion of proportionality in the response to trespassing depending on the actual damage done and sophistication and premeditation of the act. We don't generally lock up people because they accidentally walked into an area they shouldn't have. But once computers are involved we have laws that automatically make even even minor infractions into a big scary issue that allows the government to essentially destroy someone's live.
So now the door is unlocked?? Where are the goal posts?
Don't mess with people's stuff if they don't want you to. This seems very simple to me. But I'm aware that you're trying to find some fringy gray area where you think it will be OK to mess with people's stuff even though they don't want you to.
By Dylan16807 2025-09-171:58 If we're making an analogy to the Weev case then yes the door was unlocked, with the explicit intent that the general public could come through that door and access some of the documents.
If those teenagers or children enter someone's house and vandalize or steal because the door (or window) isn't locked, is it no big deal?
By aveao 2025-09-1810:22 Strictly speaking, unless you do destructive actions, it's not stealing, but instead unauthorized access.
If I walk into your house, take a picture of your financial documents, that's not theft. That's still (potentially:) breaking and entering, trespassing, and depending on what I do with those pictures also fraud, but it's not theft.
This is all semantics of course, but I just really dislike the idea that digital data can be "stolen".
---
But also: No one deserves to get their things broken into, but if you expose things to the internet without proper security, you can't cry too much if you get broken into I think. It's not okay (and possibly illegal? idk) for me to read other patients' medical records if they're in open display when I go to the doctor's office, but they also have an obligation to secure this information.
I do like the approach of "Mens rea" / "Guilty mind" overall, to differentiate of children/teenagers fucking around (ofc depends on the extent of what they do), white hat researchers finding vulnerabilities (should not be criminalized), and black hat people doing things with criminal intent.
Breaking in in a system, whether or not the password was easy to guess, sounds like a crime to me.
It is a crime!
But CFAA charges should, and this is the issue a lot of people have with them afaict, have a sliding scale for premeditation though.
If I knock on a door, it swings open, and I walk inside and steal something, then imho there should be a lesser maximum charge for possessing burglary tools than if I show up with a lock gun, crowbar, and concrete saw.
A lot of the CFAA excesses are maximum penalties from the CFAA being thrown at people using minimally sophisticated / premeditated methods, in addition to charges about the underlying crime.
That doesn't seem just or fair.
In practice it's turned into an if(computer){increase maximum penalty} clause, solely at the government's discretion.
By JambalayaJimbo 2025-09-1615:583 reply >If I knock on a door, it swings open, and I walk inside and steal something, then imho there should be a lesser maximum charge for possessing burglary tools than if I show up with a lock gun, crowbar, and concrete saw.
Why? (I'm not a lawyer...) - shouldn't intent and harm (i.e. the value of the stolen item) be the only relevant details? Now of course its much easier to demonstrate intent if there's a crowbar involved, but once that's already established, it seems irrelevant.
By ethbr1 2025-09-1616:45 Because that's the way most method-specific laws work, at least in the US.
There's an underlying result crime (eg causing business harm by destroying a database), then the method by which one chose to do it (eg exceeding authorized access to a computer with the intent to cause harm).
The CFAA was originally passed under the erroneous worry that existing laws wouldn't be enforceable against cybercrime, which turned out to generally be false.
When you cause damage, there's almost always a law by which someone can sue you for those damages.
What there wasn't, and what the CFAA created, were extra penalties for computer crimes and an ability to charge people with computer crimes where there were no damages (eg Aaron Swartz).
And why should those things need to exist? Theft is theft. Destruction is destruction.
It was an underspecified law, ripe for prosecutor overreach. See: https://www.congress.gov/crs_external_products/R/HTML/R47557...
It fit with 'premeditated intent' intensifiers (where penalties escalate if premeditated intent can be proven)... but that wasn't actually how it was written or how it is used. Instead, it's a method-based checkbox that allows prosecutors to tack on additional charges / penalties. If a computer was used to destroy this thing, add X years the sentence.
By Strat296 2025-09-1723:44 Am a lawyer - You're correct. Intent is key and almost all laws are based around intent or, in legal parlance, "Mens rea" or the guilty mind. That is what separates a legal act from an illegal act: the intention behind it.
Suppose you are leaving a store and heading to your car. For whatever reason, the button on your keys unlocks someone else's car that is the exact same make and model as yours. You hop into the car, your key starts the ignition, and you drive off (Yes, this has really happened). That isn't legally theft because you legitimately believed that was your car - aka you didn't intend to take something that wasn't yours.
For 98% of laws, in order to be convicted, the government needs to prove you intended to commit the crime. Obviously, I'm oversimplifying what is a very complicated topic you spent two years learning, but that's the gist
By Dylan16807 2025-09-172:06 If you're saying there should only be theft charges either way, that's fine.
But if there are burglary tool charges, they should depend on whether you used burglary tools to burgle, not how much theft you did.
By efdee 2025-09-1615:36 You have a point. But on the other hand you have no idea of what tools the intruder possesses, only (at best!) what they used.
I think intent probably matters a lot more than the technicality of how you succeeded.
By NoMoreNicksLeft 2025-09-1615:312 reply It does sound like a crime to me too. But was it a password or other credential that was guessed, or was it just some sequential primary key? The latter is not an authorization system, and I do not believe it a crime to do that unless you have specific knowledge that it is likely to cause damage and/or the intent to cause that damage.
As far as I am concerned, I am allowed to send any traffic I wish to public-facing hosts, and if they respond with content that the owners would not wish me to see, I have no responsibility to refrain. The only traffic I am not permitted to send are credentials I am not authorized to use (this would include password guessing, because if I manage to guess correctly, I was still not permitted to use it).
So which was it?
By ecb_penguin 2025-09-1616:011 reply You are not allowed unauthorized access regardless of how the key works.
> I am allowed to send any traffic I wish to public-facing hosts
No you're not. Denial of service is a federal crime.
> I have no responsibility to refrain
Yes you do, and this is just beyond silly. The nuance of how you obtained it will be decided in a court. Stop making everything so reductionist and lazy.
> The only traffic I am not permitted to send are credentials I am not authorized to use
Absolutely not. Use of a vulnerability to cause a data breach is OBVIOUSLY a federal crime.
This is beyond absurd.
By NoMoreNicksLeft 2025-09-1618:491 reply > You are not allowed unauthorized access regardless of how the key works.
You and I seem to both speak/write English, but there is a language barrier. For me, "authorization" means that they have given me credentials, and any content locked down under those credentials is off-limits.
For you, "authorization" is a magical term that has no real meaning. It means that they want me to have the content. But I am no telepath, and I do not know what they want me to have or do not want me to have. The only way, from my point of view, to know what they want me to have or not is to try to retrieve the content without credentials, and if it succeeds, it's legal.
Of course, there are a few corner cases. What if I discover some software defect that very clearly shows they intended to require credentials, and a test without credentials shows that it is indeed off-limits, but exploiting the defect produces that content? I wouldn't do that, that'd be illegal.
But your way of (non-)thinking is alien to me, and no reasonable judge or legislator could possibly mean what you claim that law states. Or at least what you seem to claim.
>No you're not. Denial of service is a federal crime.
Only with intent. If I send reasonable content that shouldn't be DoS, how was I to know? I intend no crime.
>Yes you do, and this is just beyond silly.
You're the one being silly. You can't even decide what you mean by "authorized".
>The nuance of how you obtained it will be decided in a court.
I'm never going to trial, I'm not even going to be noticed.
>Use of a vulnerability to cause
Use of a clear defect. The biggest and most dangerous vulnerabilities are the apathy and stupidity of their employees, their lack of a sane business model and attainable vision, and so on. Using those is just common sense. There is a popular magazine that is subscription only. But they have the pdf download links hidden with display: none CSS. These links require no authorization. Just knowledge. I retrieve those quite punctually.
You're both veering out of CFAA jurisprudence in different ways. But you know you're in trouble when you start saying things like "I am no telepath", because in fact a big part of an ambiguous CFAA case will be determining what a reasonable person (ie: the jury) would think confronted with the computer system under discussion. There will in fact be mind reading involved; your intent would in fact be tried.
There's nothing at all CFAA-specific about this; this is really basic US criminal law and it comes up in all sorts of different criminal justice contexts. The terms you're both dancing around are mens rea and actus reus.
By NoMoreNicksLeft 2025-09-171:111 reply >But you know you're in trouble when you start saying things like "I am no telepath",
I'm not in trouble. There is virtually zero chance of this ever being noticed by law enforcement, and even less chance than that of them giving a shit.
Also note, I am not arguing what the worst possible interpretation might falsely convict someone of, but how the law should be viewed, or, if someone can demonstrate to my satisfaction that the law disagreed with, then how it should be altered.
If I have to guess what retards (read: juries) might think is reasonable, then there can be no public internet. We're just a few years after journalists were arrested for looking at html source with "view source", aren't we?
>The terms you're both dancing around are mens rea
I'm only mildly ignorant. Has CFAA ever been considered to describe strict liability crimes?
You're in trouble rhetorically, is what I mean, because your argument is completely alien to criminal law.
By NoMoreNicksLeft 2025-09-1813:51 Only as much as criminal law is alien to fairness, decency, and pragmatic interests.
Maybe as far as you are concerned, but not as far as the law is concerned ;-)
By NoMoreNicksLeft 2025-09-1615:53 Well, I guess it's a good thing for me that they're unable to notice or care and in general incompetent.
I am still permitted to do this. None of the details of this case give me the impression that they're using CFAA in such a way as to offend my sensibilities. Sounds like he sabotaged a former employer and caused hundreds of thousands in (tort not physical) damages. I guessed the urls for some issuu.com links that aren't available in search, and downloaded the page images to make a pdf. I was never prompted for a password. Arrest me, I'm a notorious hacker.
I mean... if someone walked into your house cause you only closed the screen door while running to the store quick you'd still call the cops cause there was someone breaking into your house lol.
Sure but I wouldn't expect that guy to get locked up on federal charges simply for being in the house without authorization.
By codyb 2025-09-1619:59 Probably depends on the House.
I suppose if it's the White House the guy'd just get pardoned by the next president anyways.
By ajsnigrutin 2025-09-1613:51 Yep...
Shutting down the server (you solely maintained) before leaving would be "minor" to me... intentionally causing damage, earning money from that, getting caught, and again causing physical damage.. that's pretty "major" to me.
And yet fraudulent warrants, if they are indeed fraudulent, are still illegal and immoral and a violation of this criminal's rights.
As far as i can discern, the warrants aren't fraudulent.
Warrants (in the US anyway) require reasonable belief that the crimes listed were committed.
They don't have to be right, mind you (after all, that's what trial is for), they just need reasonable belief.
They also can't recklessly disregard the truth (IE deliberately write lies they know are wrong).
Again, it's okay for them to be wrong about their belief. It's just not okay to know they are wrong and write it anyway.
Here, reading the warrant, etc, there is nothing obviously fraudulent here.
Perhaps it is, of course, but i read everything i could find and it's completely non-obvious which part of the warrant is supposed to be fraudulent.
Even the sort of retaliation claim made here is strange - Arresting you when you appear to actually hvae broken the law is generally only considered retaliation if (among other things) the enforcement of the law is uneven - IE targeted at you and nobody else.
Given the arrest was for a parole violation and they arrest parole violations like this all the time, ....
Like if you are at a traffic stop becuase you ran a red light, call a cop an asshole, and they arrest you because you have 50kg of cocaine bricks in your back seat, it's not retaliation.
Retaliation would be if you call a cop an asshole on facebook, and they come arrest you for violation of an 1825 law that hasn't been used against anyone in 200 years.
By nerdponx 2025-09-1619:08 Totally valid. And I also didn't check into the warrants themselves.
I was responding to the implication I keep seeing here that it's OK that he got arrested because he did bad things, regardless of how the arrest came about.
By no_wizard 2025-09-1615:54 >He plead this case out, so these are I guess uncontested claims
In a technical sense, this may be true as part of the plea agreement.
In reality, a lot of plea deals are made because of various factors, which unfortunately is often not that the person accused is guilty, rather the risk of going to trial or especially the cost of going to trial is too large.
I feel the need to point this out as too many folks look at “accepted plea deal” to mean that the person accepting is the guilty party when it can be more complicated than that in reality even if technically by judicial process they are by accepting that considered guilty.
That said, in this particular case, the hard evidence suggests that indeed, the person accused committed the crimes they pleaded out for
By Aurornis 2025-09-1614:00 Thanks. The overly aggressive arrest was not warranted, obviously.
However, I suspected there was a lot more to this story when the original post buried the actual reason for the arrest several paragraphs down and tried to dismiss it as “minor”. Intentionally damaging a company’s infrastructure with an intent to disrupt their operations is a very serious charge. Not a “minor” disagreement with a former employer.
Good grief. This is also part of the reason why I have a pact with my coworkers: if I’m terminated, kill my access immediately and universally, and I’ll do the same for them. I don’t even want to have the ability to look at stuff anymore. Remove any shred of possibility that I could get into shenanigans later.
By everforward 2025-09-1614:241 reply I also follow the closely related addendum: I do not want standing admin access to your system, unless I need it often enough it really impacts my productivity. Doubly so if it's not hooked up to SSO. If the database gets breached, I don't want my name on the list of people who had the admin password.
Most big businesses are good about that, but I've helped a couple family members with their business' WordPress and just have standing access that I really don't want. They don't want to juggle activating/de-activating my account though, so /shrug.
By kstrauser 2025-09-1614:37 Same all around for me. I have a couple of longstanding accounts on local businesses I help out, but it’s all via VPNs that send the owner an email when I connect. I also refuse to do any work unless they ask me in writing. Text is OK, and I screenshot it. “Why did you give such-and-such rights to that employee?” “I have it in writing where the owner asked me to, Your Honor.”
This has never come up before, but it’s easy enough to be diligent about it.
Also: I keep a little paper notebook where I log the work I do for everyone, and occasionally have someone else sign and date it. It’s basically a cheap blockchain IRL. “How do you know you did this before you stopped doing work for them?” “Because the owner signed and dated the logbook after I did the work but before they hired the new IT person.”
I’m suuuuuper nitpicky about diligence in all this, for the protection of everyone involved, and especially me.
That shouldn't require a pact, that should be part of the standard check list for ending employment. (The list is longer for those who have root, but it should still be a list.)
For sure, and I’m often the one who makes the list, and one with root. But the big thing is to do it quickly, like within the hour, and diligently. Don’t say, oh, I’ll give him a chance to access his email and download stuff, or whatever. No! Like, cut me off completely right now.
Then, if something breaks down the road, there’s no temptation for them to wonder if I had anything to do with that weird failure.
(And obviously, don’t freaking hack your ex employers! But also don’t even leave the impression that you could.)
By terminalshort 2025-09-1615:592 reply I agree with the overall point. (And WTH would you ever have things you need to download in your work email?) But there's not an employer I have ever left that I couldn't have done extensive damage to without any permissions at all. Not that I would ever add a felony charge to even the most bitter firing, but I could.
By nerdsniper 2025-09-1616:371 reply > And WTH would you ever have things you need to download in your work email?
Because you got a university email as a student 20-30 years ago back when .edu emails were "for life". Then you started working at the university as a staff-person under the same email. Then 20-30 years later you're leaving, and much of your digital identity is inextricably linked to that old "personal" email.
By terminalshort 2025-09-1622:27 There was a time when I could be sympathetic to that, but it's long past.
By kstrauser 2025-09-1616:16 I'm sure that's probably true for all of us, to some extent. Things holding me back:
1. It's wrong. That's not how my parents raised me.
2. I value and protect my reputation.
3. I want to be able to have another job in the field without being permanently deny-listed.
4. Prison sounds awful.
Yeah, I usually stress to employers and clients that I want to be cut off quickly, and usually remind them of what they need to lock me out of when I leave.
Even then, I've had clients for whom things have broken come to me in despair hoping I'd kept access. The day one of them for whatever reason decides to suspect that I was the one to break things, I will be very happy to be able to point to consistently having done what I can to ensure I get locked out.
By kstrauser 2025-09-1616:14 I've had that, too! Fairly recently, an ex client who sold their business to someone with a full-time IT staff asked me if I had the password to unlock their NAS. No, I didn't. I turned all those over to the IT staff, strongly recommended that they change them, and deleted my local copies. Sorry, but no, I can't help you with that.
By Almondsetat 2025-09-1614:561 reply This is exactly what all big corporations (rightly) do, and when layoffs come around you see waves of people making sob stories about how nobody told them and suddenly their work laptop stopped working from one minute to the next, or they didn't even let them inside the office because they were terminated during their morning commute.
By kstrauser 2025-09-1615:32 Yeah. That’s actually a favor in disguise. Now they can’t accuse you of stealing or destroying stuff on your way out.
BTW, last time I posted stuff like this, someone thought I was treating this like an alibi: “ah ha! Now I can run amok and not get blamed for it!” No. Don’t do that, lest ye end up with a felony and permanent unemployability. I just mean that when things inevitably break due to natural entropy, the first question is often of who had access, and you don’t ever want your name to be on that list.
By heavyset_go 2025-09-1615:461 reply Here's what the wife says about that[1], for the record:
> The Origins of a Retaliatory Prosecution (Texas, 2019-2022)
> Early 2019: Conrad Rockenhaus, a supporter of free speech, runs Tor exit nodes used by journalists and activists. Federal agents demand he assist them in decrypting traffic; he repeatedly refuses, asserting his constitutional rights.
> The Coerced Confession: The case against him began when he was forced to confess to a non-violent CFAA (computer crime) offense while under the influence of prescribed painkillers and not lucid following a major surgery.
> The Pretextual Arrest: Just months before the 5-year statute of limitations was set to expire, the federal government arrests Conrad on the CFAA charge. The family alleges this was a pretext for his refusal to cooperate on the Tor matter.
All that is as may be, but the CFAA charge here isn't pretextual; what he's alleged to have done is pretty serious by any standard. I have no trouble believing that the prosecution was motivated by Tor drama, but all that tells me is that the DOJ had real cards to play, and they played them.
My guess is that things would have gone substantially worse for this person had he taken that case to trial.
By heavyset_go 2025-09-1616:011 reply Having seen the system up close, I hesitate to draw conclusions from cases that don't go to trial. Doesn't really sound like they have the means to afford trial, or at least a chance at a fair one.
By tptacek 2025-09-1616:04 That's a pretty good reason not to break into your former employer's data center to unplug a bunch of servers because you're mad they terminated your contract. That would not have been a difficult case to prove up.
good find, there's often more than meets the eyes in these stories. folks forget that the court/case records will reveal hidden details.
By ranger_danger 2025-09-1613:46 Yep, and people forget that news is often only news because it's not normal. Otherwise you simply wouldn't hear about it.
People take this to the extreme and think that their country is somehow a lawless hellscape where police are openly shooting innocent people, dragging them from cars for seemingly no reason etc... but those stories make the news precisely because it's not the norm.
By Molitor5901 2025-09-1614:431 reply So the post is really click bait and does not tell the whole story?
It’s a calculated appeal by a biased narrator (his wife) who knows how to exploit the anger and sympathies of a community that often doesn’t click links, read documents, or look for facts before passing judgment (Reddit)
This is why in some corners of the internet we adhere to the "not your personal army" mantra.
By fkyoureadthedoc 2025-09-1615:45 > "not your personal army"
4chan in 2010? Is this really ever even said anymore?
By NoMoreNicksLeft 2025-09-1615:36 This may be overly cynical. I suspect that she's getting her biased account from the only person she knows who is technically savvy: her husband. She accepts this uncritically, and that some very large fraction of the spin originates with him. Some stuff (like ignoring that the drug use violates probation) might be hers, but the rest probably isn't.
By Freedom2 2025-09-1619:44 I think that's why I enjoy using HN most of all. People generally dive into the article and don't make judgmental or charged comments, not mention then curious discussion to be found every day.
By nodesocket 2025-09-1615:56 This is why Reddit has become a cesspool. Looking at some of the Reddit comments: “fascist, thank trump” without doing any bit of research on the story. Reddit harbors anger and frankly dangerous thoughts from the habitually outraged and poorly informed on details.
By DharmaPolice 2025-09-1613:39 While I'm sure this is criminal behaviour it seems debatable that this dude is a danger to the public. But there may be more to it I guess.
By JTbane 2025-09-1614:34 Yeah this is why I tell hacker/cracker corporate types to not even joke about time bombs and backdoors in company software.
I believe this is the primary case being currently contested: https://www.courtlistener.com/docket/69848942/united-states-...
This appears to be the earlier filing, but I'm not savvy enough to pull the underlying docs if indeed I can (where I am used to viewing PACER documents I get a permissions error): https://www.courtlistener.com/docket/66960649/united-states-...
(If you install the RECAP extension in your browser you can cache downloaded PACER docs and they will get linked from Courtlistener. Lay users can sign up for a PACER account and if you use less than $30 of document access charge per quarter it will be waived)
Your second case was in the WD of Texas which is where he was arrested - it's just minutia to have him 'removed' to the ED of Texas to face charges where he was indicted - this is the main case there:
https://www.courtlistener.com/docket/16517474/united-states-...
Here's his plea: https://storage.courtlistener.com/recap/gov.uscourts.txed.19...
My recap is acting up a bit so I'll just copy/paste in case it doesn't grab docket entry 158 - the 'factual basis' for the plea:
1. That the defendant, Conrad Rockenhaus, who is entering a plea of guilty, is the same person charged in the Indictment;
2. That the defendant worked as a as a developer services manager, and later an infrastructure architect, for an online company providing travel booking and vacation services to customers (hereinafter, Victim Company );
3. That the defendant had access to and could control computer code located on Victim Company s servers throughout the country, including computer code that controlled business functions such as marketing, scheduling, and payment processing;
4. That on or about November 11, 2014, the defendant remotely accessed, without authorization, the Victim Company s servers from his residence in the Eastern District of Texas;
5. That on or about November 11, 2014, the defendant executed a computer code or command that shut down one of Victim Company s servers, which in turn caused several other Victim Company servers to crash;
6. That the defendant was retained by Victim Company to assist with the restoration of Victim Company’s servers;
7. That during the remediation efforts, the defendant, without authorization, disconnected Victim Company’s servers in Plano, Texas, in the Eastern District of Texas, causing further business disruption;
8. That the defendant’s actions cost Victim Company at least $242,775 in lost revenue and at least $321,858 in recovery and remediation costs.
By mikeyouse 2025-09-1617:24 Edit; Recap worked,
Here's the link to the full docket: https://www.courtlistener.com/docket/16117870/united-states-...
And the factual basis for his plea: https://www.courtlistener.com/docket/16117870/158/united-sta...
By major505 2025-09-1614:27 well the whole thing tells the story of a man with lacks a lot of impulse control and serious anti-social behaviour.
I knew people like that, that where unnable to put their lifes togheter until they where fully medicated.
He was also placed under electronic monitoring program and immediately went about installing a VM to allegedly circumvent the monitoring software along with searching for a very controversial website relating to pedophilia...
He also lied about using his computer, his wife told on him to his parole officer, according to the court documents.
He was on parole for DDOSing* a former employer...
*Ah, I see your update, guess it was less distributed and more direct denial of service with the physical destruction and all.
By whimsicalism 2025-09-1614:411 reply “very controversial website related to pedophilia” -> you are referring to NAMBLA? if so, i think that is not uncommon search for people interested in history/wikipedia deep dives, i don’t think you would search this if you were actually a pedophile as it is a historical thing.
By mercanlIl 2025-09-1615:14 [dead]
By scoopertrooper 2025-09-1613:57 Yeah, I read that transcript supplied in the Reddit thread and I was thinking to myself “why would you include this as evidence to support your case”?
The wife makes a big deal about how one of the agents testified that Spice was an operating system, then she went on to falsely claim that it was merely a “graphic driver”. However, later in the in the transcript another agent corrected the error of the first agent and explained to the court that Spice was a means of accessing remote VMs, which could be used to circumvent monitoring software.
This combined with the fact that there was no internet activity subsequent to the software being downloaded is pretty damning evidence.
From reddit post, from transcript at https://rockenhaus.com/wp-content/uploads/2025/09/U.S.-v.-Ro...
The use of an encrypted Tor node would likely be a violation of that restriction regardless of what is being accessed.8 Q. Due to the nature of the offense charged being a 9 computer-related crime, did he have specific 10 restrictions on his pretrial release as it relates to 11 his computer usage? 12 A. Yes. One of the conditions was that he must 13 participate in the Computer Restriction and Monitoring 14 Program. 15 Q. How is that program enforced? 16 A. That program is enforced -- the defendant has to 17 download a software program onto his computer or iPhone 18 or whatever, any type of device that has access to the 19 Internet. That information is -- the monitoring 20 company, they monitor -- they are able to monitor what 21 he is accessing on the Internet. And the Probation 22 Officer has been allowed to review weekly reports about 23 what sites he's accessing, things like that. 24 Q. And is the defendant notified and made aware and 25 provided with a document that states the terms of that 1 agreement? 2 A. Yes.The chain would then appear to be: convicted of computer crime -> required computer monitoring software during supervision -> installed and used Tor -> supervision violation and revoked to prison.
As I understand it --- I haven't read deeply enough to confirm this, it's what I've pieced together from the Reddit thing --- the Tor stuff came long before any of this. What I gather is:
1. Back in 2014 this person committed a pretty grave computer offense, which was not at the time prosecuted.
2. Some time after that, he became a high-profile Tor relay operator.
3. Some time after that, he was asked to subvert those Tor relays by the DOJ.
4. In 2019 he was prosecuted for the computer offenses, and convicted.
5. In 2021, he was released on parole.
(I think there's a long string of parole issues after that, and then)
6. In 2025 he was accused by the probation office of violating his parole in a bunch of ways and taken into custody.
The setup of Tor has some specific dates in the transcript. Page 10
Page 11 and 123 Q. So, Ms. Routh, having been acknowledged of his 4 obligations to monitor and pay for the service on 5 August 29th, can you please tell the Court how 6 Mr. Rockenhaus complied or didn't comply with the terms 7 of his release? 8 A. Yes. On September 22nd the defendant did 9 successfully download the monitoring software program 10 on his computer. On October 11th Officer Ramos 11 contacted the defendant regarding his lack of computer 12 usage. So he reviewed some reports and realized that 13 nothing was appearing, indicating that he was using his 14 computer.
If I read this correctly... in August he was required to install the monitoring software (likely within 1 month).22 So Mr. -- Officer Ramos spoke to Phillip 23 Danford with IPPC Technology and he stated that, yes, 24 the defendant had downloaded the software. They showed 25 that on September 22nd he said that the defendant -- 1 they see that the defendant looking at, it's called the 2 TOR Network website on September 23rd, which is where 3 you download software to access the dark web.On September 22nd, 2019, the monitoring software was downloaded. On September 23rd, Tor was installed. No internet activity was detected for the remainder of September or October by the monitoring software.
I don't believe that 2 or 3 come into play in terms of the parole violations (including the subverting of the monitoring software).
It would have been extraordinarily dumb for someone on parole electronic monitoring to install Tor, but my understanding of Tor's role in the bigger story is that it's about stuff that was happening many years ago. There's nothing about Tor in the parole violation warrant; just that he had an unauthorized iPhone, and when they did a forensic inspection of it, there were no further violations discovered on that phone.
https://trellis.law/doc/district/8373835/united-states-v-roc...
The defendant plead nolo contendere (no contest) in 2014. Any activity between 2014 and 2019 was under supervision restrictions. Any use of Tor during that period would likely be an issue.
Page 6 of 8:
His activity, no matter how it is framed, was in violation of the supervision orders.You must not purchase, possess, have contact with, or otherwise use any device that can be connected to the Internet or used to store digital materials, other than that approved by the U.S. Probation Office. You must allow the U.S. Probation Office to install software on any approved device that is designed to record any and all activity on the device the defendant may use, including but not limited to capture of keystrokes, application information, Internet use history, e-mail correspondence, pictures, and chat conversations. You will pay any costs related to the monitoring of his authorized device and must advise anyone in the household that may use an authorized device in question that monitoring software has been installed. If you need access to an employer owned Internet-equipped device for employment purposes, you must advise your probation officer before using the device. The probation officer will ensure the employer is aware of the criminal history, and you must agree to use the device for work purposes only. You must not attempt to remove, tamper with, or in any way circumvent the monitoring software, and must disclose all on-line account information, including usernames and passwords, to the U.S. Probation Office. If requested, you must provide a list of all software/hardware on your computer, as well as telephone, cable, or Internet service provider billing records, and any other information deemed necessary by the probation office to monitor your computer usage. You must not access Tor or participate in any online social environment (i.e., Facebook, Twitter, Second Life, Linkedin, Craigslist, FaceTime, WhatsApp, video/audio, etc.) or texting applications, which allow the user interaction unless pre-approved and authorized by the probation officer and Court.Furthermore, he worked to circumvent the monitoring software in September of 2019 and had no internet activity recorded in October of 2019.
> 1. Back in 2014 this person committed a pretty grave computer offense, which was not at the time prosecuted.
> 2. Some time after that, he became a high-profile Tor relay operator.
> 3. Some time after that, he was asked to subvert those Tor relays by the DOJ.
It wasn't prosecuted because he plead no contest. After that, the use of Tor was in violation of supervision. I read #3 as "you're not running the monitoring software as required" which would subvert the exit nodes... but he shouldn't have been running them in the first place.
I don't think this is accurate. I think the charged conduct occurred in 2014, but from what I see on PACER, the prosecution (and subsequent plea) was in 2019.
Hmm... You have something there (and I was likely off in my timeline). The case was filed in August 2019. The document was filed in 2022(?). The transcript was from 2020.
Given the plea in 2019 and those conditions... as shown in the judgement document, the things that were alleged in the 2020 transcript were a clear violation of those conditions.
Where there any pretrial bond conditions prior to 2019?
By tptacek 2025-09-1617:15 There wasn't any "pretrial" before 2019, because he hadn't been charged.
If this is true then it sounds like the FBI targeted him specifically because they figured his previous crimes made for good leverage.
It seems his mistake was not realizing that he was caught between a rock and a hard place. More colloquially he's in the FO stage after FA.
It doesn't seem like anyone is morally in the right, but it also seems like the defendant here was in a legal grey area to begin with.
By __turbobrew__ 2025-09-1619:43 I don’t think willingly destroying your former employers property is a grey area. It is pretty cut and dry it is a crime. The feds used this as a wedge to get him out of the TOR game.
I mean, no, the defendant was definitely not in a legal grey area. You might think it's a moral grey area? But he broke into a data center facility and unplugged a bunch of servers, and brought a company down for a month in the process, out of spite. That's a pretty normal crime. He was lucky not to have been prosecuted, and his luck ran out.
I called it a grey area because there were mentions in this thread that the statute of limitations to prosecute those crimes were close to expiring. That means it looked like he could have gotten away with it without major consequences if not for the fact that he was doing enough shady stuff to attract the attention of the FBI.
By tptacek 2025-09-1718:06 He was prosecuted within the statute of limitations for the crime, and probably not too far out of the normal bounds between a criminal act and a federal prosecution. Federal prosecutions are relatively rare compared to state prosecutions, federal prosecutors don't take nearly as many "flyers" as states do, and the feds very often wait a long time before pouncing; this is all consistent with their M.O.
In this particular case, I don't disagree that there was probably motivation to the prosecution! They probably did want something from Rockenhaus, and, when they didn't get it straight up, looked for leverage. Unfortunately for Rockenhaus, he had given them a lot of leverage. It looks like it was a lay-up case.
You can call that a moral grey area and I won't disagree, but my point is just, it's not remotely a legal grey area. Rockenhaus' experience of this prosecution is probably no different than that of a typical federal defendant.
The funny thing about rights is that you have them even if you've done other bad things. The thinking on display here ("the guy was a criminal anyway") is the primary slippery slope to tyranny that we have seen in the past 100 years.
Seems like he was legally eligible to be arrested for a variety of reasons. The FBI is still not allowed to use fraudulent warrants to that end. The rule of law is no such thing unless it applies to everyone equally.
Help me understand where you're seeing the "fraud" here? The warrant I'm reading is off PACER. It was very definitely approved by a judge.
By nerdponx 2025-09-1619:10 You're right, and you aren't the only one correct me on this.
I was responding to the implication that it's OK for him to be arrested regardless of how, because he did bad and criminal things. The premise of the article being false (i.e. the warrants are fine) wasn't mentioned in the post I responded to.
> "the guy was a criminal anyway"
He violated 6 or 7 criminal things.
I'm on the civil rights and free speech maxxing side, but this was clearly a criminal in the act of actively criminaling.
The danger here is in crying wolf when this isn't a case of rights being violated for a non-perpetrator. This guy was willfully breaking laws left and right.
Don't cry wolf. We need that energy elsewhere.
The part where he sustained a head injury during arrest and was denied medical help is definitely a violation of his rights. The rest ... yeah
By trollbridge 2025-09-1616:18 Yeah - even if George Floyd’s arrest was lawful, arresting him in using such violent force he died is certainly not. Saying “well he was a bad guy and had done bad things” doesn’t justify inflicting head injuries or holding a roadside execution.
By Asooka 2025-09-1615:06 While the abuse by the system needs to be dealt with, if you are going to be a TOR exit node operator (or a thorn in the FBI's side in general), don't do the above. I sympathise with him in spirit, but this is a severe tactical blunder.
By ranger_danger 2025-09-1614:573 reply It gets worse... both the wife and (either their husband or a previous partner) have their own threads on kiwi farms and are closely tied to both Encyclopedia Dramatica and Ethan Ralph. There's videos posted of them showing signs of severe mental illness.
Saying this only because I'm probably speaking for a lot of people here, but: I have no idea what any of that means.
Kiwifarms is a forum for harassing people. Famously Near (the developer behind BSNES/Higan emulator) committed suicide in part due to the abuse he received from that forum. And people on kiwifarms celebrated his death.
Only reason I know of it is from the thread at the time on HN.
By Melonai 2025-09-1621:47 I think it's also important to note that Near identified as non-binary. This isn't just a "respect their pronouns!" type of thing, but an important aspect of the KiwiFarms propensity to target trans and queer people.
Notably this also isn't the only suicide attributed to the forum, another trans woman by the name of Chloe Sagal also was harassed by them into suicide in 2018, alongside a Canadian woman named Julie Terryberry in 2016.
The forum takes credit for this (though of course, not officially by the admins), with it being basically an explicit goal. I believe they also had a "kill counter" in a thread to count the people they brought to kill themselves. And the fact that they love targeting trans people, autistic people, and basically everyone who's different is a big part of the whole culture they've build.
Note that I prefer to not expose myself to that, so I invite other people to add info or refute something I said.
Near admitted to being severely depressed and disillusioned about life years before the KF thread and harassment started. Near was also involved in several internet dramas long before the KF thread. It didn't help that they participated in these threads and admitted to things like self-gratification to shotacon content, etc.
KF is a horrible place, but saying that they bullied this person into suicide is an easy scapegoat and a long stretch. Near/Byuu did a lot, deliberately, to bring negative attention to themselves over the years. For someone deeply involved in the emulation scene, they certainly committed lots of the scene's cardinal sins -- dump hoarding and gloating about it in particular.
They also license trolled commercial users of competing emulators as a source of income... Threw temper tantrums about the existence of FPGA-based emulation because it wouldn't use their code...
You only get a thread on KF by behaving like a lolcow.
By runaround555 2025-09-1623:111 reply >KF is a horrible place, but saying that they bullied this person into suicide is an easy scapegoat and a long stretch >You only get a thread on KF by behaving like a lolcow.
The problem with communities like that is that they leave little to no room for redemption and recovery. Once a group of obsessive nutjobs sets their sights on someone mentally vulnerable pretty much the only way is down.
Any chance to improve your life is just going to be met with an increased levels of harassment to get back the entertainment they so desperately crave. I fully believe that a lot of the more famous "lolcows" that committed suicide or spiraled down to really ugly depths weren't actually lost causes until groups like kf got involved. Just people who were a little bit weird or different who if they got off the net and touched grass for better lack of a term and not been discovered by organized gang stalkers could've lived much different lives.
Nobody deserves that level of harassment even if they are a "lolcow"
By busterarm 2025-09-1623:55 [dead]
By blueflow 2025-09-1615:38 orchestrated harassment campaigns happening. I'm being intentionally vague on who is the perpetrator in this situation because usually its just a chaotic pileup with no reasonable persons involved.
My recommendation: ignore and swipe under the rug anything where KF is in play. Whatever it is, visibility feeds it.
Kiwifarms is a forum that mainly is about chronicling the life events of people it can laugh at, often those suffering from mental illness.
Oftentimes, kiwifarms users directly harass or manipulate their targets to try to provoke more weird behavior, usually directly making the target's life worse in the process.
I can see why it's entertaining for folk (kind of like watching reality television), but overall it seems to have a pretty negative effect. And if you hang out there too long, it seems like you tend to lose human empathy.
By ranger_danger 2025-09-1615:07 I think it means we have very good reason to believe OP/adezero is severely embellishing the story and is simply lying (and has a documented history of it), even without all the actual evidence pointing directly to that.
By trollbridge 2025-09-1616:231 reply People with severe mental illnesses still have Constitutional rights, including one not to get their head bashed in.
Running a Tor exit node is also not a crime, and he ran it long before there was any conviction. And asking to decrypt incoming traffic (from other nodes) is really sus; it has nothing at all do with the accused’s parole or alleged crimes.
By ranger_danger 2025-09-1616:37 > People with severe mental illnesses still have Constitutional rights, including one not to get their head bashed in.
Yes, I wasn't trying to imply that. But according to court records he got hurt because he was being combative during the execution of an arrest warrant.
> Running a Tor exit node is also not a crime
Probably correct, and the original headline seemed to try to imply that it was in fact what they got in trouble for (it has since been changed), but there's way more to this story than OP lets on... by a mile.
. . . which means what, exactly, for those of us who are not Very Online?
By fruitworks 2025-09-1810:57 Don't worry about it man, you clearly can't be bothered with it because you aren't extremely online.
Come to think of it, what are you even doing here, shouldn't you be mowing your lawn or going to a football game or something?
We have to consider that crime on the internet is as real as crime in real life. Funny to say it out loud. Criminals move a certain way and just because you are a nerdy tech dude doesn’t also mean you’re not a gangster.
Edit:
Reminds me a lot of the lives of people in this saga:
https://www.amazon.com/gp/aw/d/B01L8C4WBG/
The poor wife, “can you stop being a criminal for like, one month, please?”.
By nelox 2025-09-1613:38 Yeah, but apart from that …
By zoeysmithe 2025-09-1614:102 reply I mean this is how the law enforcement part of the federal government uses its weight, Aaron Swartz's prosecutor-style to bully people.
Cannabis is harmless and a lot of people use it as medicine, even if they think of it as recreational. "Oh I need it to relax." Then its an anti-anxiety drug, not a 'party' drug. Limiting this is just cruelty and an easy 'win' for LE. Same with justifying the slaying of Philando Castile and others (he had pot, or pot in his system, thus a criminal undeserving of rights or due process).
Once the federal government is onto you with a case like this, all your money is gone. Either to lawyers or your bank accounts are frozen and things like that. Failing to make payments is a feature, not a bug, in this system. I'm not going to tell everyone here how to live, but its ideal to have money that's squirreled away in a place hard to be frozen because tomorrow this can be any of us. You host a vpn on a vpn somewhere? Use tor? Said the wrong opinion online? Heaven knows, but the hammer falls on a lot of people and there's no mercy to it.
Lines of credit, again, fits in with the above. People need to feed themselves, pay rent, pay lawyers, etc. I've never been accused of a crime but I've done a lot of legal stuff in my life with lawyers and such, and everything about this system is unbelievably slow and expensive. It isn't like Hollywood portrays it at all. The money needed here is more than more people can muster just to remotely get a fair trial or deal. Especially when a lot of charges against you are 'stacked' if not entirely dishonest on the assumption of 'well, we're going to court anyway or making a deal so better add some nonsense on top for negotiation.' I can't find the cite, but I've read that if you get a federal arrest, you're looking at $1m starting to begin. How many of us here have $1m they can access, and even if you do, is it accessible if the feds freeze your accounts on 'suspicion?'
Probation stuff, who knows, but he was already being sieged by LE, so who knows what is happening here. There's no shortage of probation horror stories like one's officer cancelling at the last minute or changing location, and other things to guarantee missing meetings. And eventually you can break a man entirely and he'll stop being functional, and he'll fail at a lot of basic things. The stress here can trigger extreme mental illness. I'm a fairly delicate person and if this happened to me, the stress would entirely break me. I'd fall into deep depression. So there's complexity with "he missed x appointment" and "he missed x payment," that's worth exploring.
The government telling you that you can't use a computer of any kind without a keylogger is insane and should be fought entirely. Computers are like paper nowadays. "Everything you write and do should be sent to LE" is unacceptable. Computers arent optional anymore. Everything we do is computer or app based. Also we dont know his motivation for making a private vm or using an iphone. Keeping valuable information about himself from LE for example or hiding a medical condition or heaven knows what else. This is why privacy and speech and rights between you and your counsel are so protected but "We get all your computers" sidesteps many of those protections.
Yes, he's a criminal but he doesn't deserve to be treated like this. These, and his past, are simple white-collar crimes, but he got the bully treatment.
Yes these are 'standard' because they maximally oppress working class people (note very wealthy people just buy themselves out of the above) with the thin veneer of legitimacy. The wealthy, capital owning class, etc if arrested like this just shrug this stuff off usually, and uses its connections and wealth to get ideal terms, but nobodies like this have no chance. The federal government conviction rate is over 90% not because of merit, but because of this kind of bullying and dishonesty and oppression. Imagine if we were discussing near any other nation with a 90+ percent conviction rate, you'd balk and know its corrupt, but we're the same in this regard.
I wish digital culture was more liberal-libertarian like it used to be, than the hard-right turn its made in the past 15+ years. LE does not need a 'devil's advocate.' The accused do. I dont care if liberalizing the above makes more criminals get away with. I'd rather this guy go free, even if he's super guilty, than accept the above as acceptable in our justice system. All this for what's essentially mostly-harmless white collar crime.
Not to mention the incredible violence here for a non-violent crime. Armed LE more or less besieged his home. I'm not sure why people knee-jerk to defending any of this. I hope a new liberal-libertarian movement emerges in tech because I feel like we've lost our way.
No. He wasn't convicted of a cannabis offense. He was convicted of a fairly grave computer fraud/abuse claim, and part of the contract of his early release from federal custody was a set of terms that included monitoring and sobriety. He allegedly violated those terms, and you stipulate those violations here. Like any parolee, he's being put back into custody.
By zoeysmithe 2025-09-1614:253 reply Why is that added, there's an agenda there. Why does "sobriety" matter in a computer crime? This is oppression and this (plus the other conditions) simple set up people like this for a fall.
By steveklabnik 2025-09-1614:451 reply Not a fan of this kind of thing, and I think that weed should be legal, but don't forget that federally, it is still illegal, and "don't do illegal stuff while out on parole" at least has a pretty basic logic to it.
By NoMoreNicksLeft 2025-09-1615:462 reply Booze is legal, and parole can limit your drinking. By law.
If you don't like the terms of parole, you are permitted to refuse it and remain incarcerated for your full sentence, at which point you are released and there are no parole restrictions at all. Parole is "you agree to behave and they release you early". And "behaving" is whatever they want it to mean.
I mean, he was also forbidden from opening up lines of credit (he was in the middle of negotiations with DOJ on making restitution to his victims), something that is perfectly legal and benign --- nonetheless, he was not allowed to do so as a condition of parole.
By NoMoreNicksLeft 2025-09-1621:441 reply Opening lines of credit is an attempt to avoid paying restitution. You pay it off with the credit, declare bankruptcy, then stick someone else with the bill. Courts traditionally despise any attempt to cheat the punishments they hand down.
By tptacek 2025-09-1621:57 Yes. I'm just saying, the terms of someone's parole are not conceptually limited to behavior that is illegal; really, "not committing further crimes" is already implied.
By steveklabnik 2025-09-1616:47 Sure, I'm just saying that you don't need to reach for "Why does "sobriety" matter in a computer crime?" to get at why this might be a term of parole.
Sobriety is a boilerplate parole term. Everybody gets it. If you don't want to comply, you don't accept parole, and you serve your sentence.
By mananaysiempre 2025-09-1620:021 reply A fair few things are boilerplate and also complete bullshit in their conception, and thus far I haven’t been able to determine why this isn’t one of them.
(The only actual argument made in this subthread, as far as I can see, is impaired judgment. Which, maybe? But I’d want to see something other than vibes to weigh the risks of worse judgment against the additional recidivism, and my current intuition is that alcohol probably should make the list of risk factors but cannabis probably shouldn’t.)
It wouldn't have mattered. There were a bunch of things in the warrant, not just the wax.
By mananaysiempre 2025-09-1620:39 Yes, in this particular case, sure. I even find myself in the unusual position of approving of the original CFAA conviction (assuming of course the list of allegations is true as stated), because it does sound like something you might need a separate law for—as opposed to the extra-hard punishment for X-with-a-computer when plain X is already illegal that’s typical of laws involving computers.
I guess what I’m trying to understand is why that particular part is on the boilerplate to begin with, and more importantly whether it’s doing any good there rather than putting people in prison that otherwise wouldn’t need to be. (I pretty much immediately guessed it’s boilerplate, because that’s the only way it makes sense for it to be among the parole conditions for, essentially, a disgruntled sysadmin that took it out on their ex-employer.) It just trips my righteousness alarm, for things that sound right and proper rather than actually helping. And thus the justification of it being there because it’s how we’ve always done it this way annoyed me especially hard.
By Aurornis 2025-09-1615:22 > Why does "sobriety" matter in a computer crime?
The sobriety violation was against his parole terms. People on parole are required to remain sober as drugs like cannabis impair judgement.
He agreed to the parole terms and then violated them.
Regardless, you could strike the cannabis part from this completely and it wouldn’t change anything. He has numerous other parole violations.
By edm0nd 2025-09-1623:25 >Yes, he's a criminal but he doesn't deserve to be treated like this.
Yes he does deserve to be treated like this. He violated his parole terms. That is what happens when you do that.
By slekker 2025-09-1613:32 This needs to be higher up, it is very damning
By iLoveOncall 2025-09-1613:322 reply You forgot to mention that in the hearing linked on the Reddit post it is shown that he made a search about a pedophile association as well right before downloading Spice.
Page 28, lines 3 to 8 on https://rockenhaus.com/wp-content/uploads/2025/09/U.S.-v.-Ro...
By yellowapple 2025-09-1614:211 reply Okay, and? That ain't illegal, and in fact has many benign explanations (like “I just watched South Park and was curious about whether there really is a North American Man/Boy Love Association like in that one episode”).
By cure_42 2025-09-1614:43 Or "I just saw it in a reddit comment, have never heard of it, and want to know what it is before I dismiss this person as a pedo"
By whimsicalism 2025-09-1614:391 reply i’ve made the same search multiple times before late at night and i am not a pedophile, just a wikipedia/history deep diver
e: really? why am i downvoted for this
By iLoveOncall 2025-09-1615:10 This was his last non-obfuscated internet traffic before he switched to his VM.
This always happens though. Every time someone is thrown in a cage unjustly, the state tries to redirect us (yes, us, here in this forum and others like it) to look at other details of the situation, whether it's details of the person's political or personality or, in this case, details of this (also seemingly unjust) probation violation.
Who cares if he smoked weed or installed a VM or evaded a government keylogger? Those are all really shitty reasons to put someone in a cage, whether it's couched as "probation terms" or not.
By perihelions 2025-09-1614:052 reply I'll steelman the unpopular position: I think sobriety is a reasonable condition of freedom for someone with psychiatric self-control issues, that have lead them to commit felonies in the past.
Vandalizing your employer's infrastructure over a grudge is, I suggest, strong evidence of a major impulse control issue. It think it makes sense and is in the public interest, draconian as it is, that this person shouldn't be allowed to get high and have unmonitored internet access. The same place they've committed felonies before, on impulse.
Further context: his own defense lawyer filed a motion asking a court to find this guy mentally incompetent to stand trial,
https://www.govinfo.gov/app/details/USCOURTS-txed-4_19-cr-00...
By vel0city 2025-09-1615:41 One important thing to remember is parole is not freedom. He was still serving a sentence for his crime.
> I think sobriety is a reasonable condition of freedom for someone with psychiatric self-control issues, that have lead them to commit felonies in the past.
Were he high on weed, maybe he'd not commit the felony in the first place. Yeah, banning him from alcohol is fine, from stimulants broadly - also OK, but weed? Honestly? How often, statistically speaking, does smoking weed make a person aggressive? While this person may be an outlier, without precise information on it, I'd say the ban on weed is as sensible as a ban on butter or relanium. If it doesn't serve any obvious purpose (like with alcohol: being drunk makes you do stupid things more often), then maybe it's really just a way of harassing this person?
By IncreasePosts 2025-09-1615:402 reply Weed for normal people isn't a big deal, but weed for people on the cusp of mental illness or even just mental unwellness can exacerbate whatever issue they are facing.
Alcohol on the other hand mostly just knocks you out from doing anything too cerebral after you pass the ballmer peak. I say this as a person who prefers weed to alcohol 100x.
By klibertp 2025-09-1620:53 No, the problem here is not being dead drunk and immobile; it's everything before that. Even if you drink strong alcohol, it's going to take a while before you're that intoxicated - in the meantime, you have enough time to vibe-code Windows ME, so to speak (IOW, to drunk drive, throw fists at random people or harass them, get lost and robbed, etc...). People can spend long hours being drunk before collapsing, which is basically begging for trouble, almost no matter what they decide to do during that time.
As for mental health issues worsening due to THC - that's true, but alcohol has a much higher probability of causing or exacerbating such problems. On the other hand, the therapeutic use of THC has seen much better results than alcohol. If both happen to be legal in that jurisdiction, then banning weed but not alcohol really doesn't make sense. Further, even if possession is illegal, smoking itself (without inhaling, or however that went) isn't against the law in many places.
It really just seems arbitrary and strange, unless there was a psychiatric evaluation that we're not aware of, or this happened somewhere where weed is very strictly illegal (think alcohol in Saudi Arabia-level).
By nerdsniper 2025-09-1616:501 reply > Alcohol on the other hand mostly just knocks you out from doing anything too cerebral after you pass the ballmer peak.
That's pretty minimizing of alcohol's contribution to violent acts (bar fights, escalating disagreements at supermarkets/etc, domestic violence) as well as vehicle collisions.
By IncreasePosts 2025-09-1621:52 Those aren't exactly what I would call cerebral activities.
> the state tries to redirect us (yes, us, here in this forum and others like it) to look at other details of the situation
Isn't the reddit post doing the same thing by trying to imply he was jailed for running a TOR node when he was officially jailed for breaking parole terms? Even if they think those were just excuse to jail him, the refusal to acknowledge those details makes the account at least deceptive.
By jMyles 2025-09-1614:51 Well yes, I do agree with this. I wish people were more up front in these situations. But it's not easy because the waters are so muddied. But yeah, you're absolutely right (typing that phrase now makes me feel like an LLM).
By RandomBacon 2025-09-1613:512 reply It seems like those are very easy terms to follow, that he agreed to.
If someone who did some serious stuff, couldn't follow easy terms, it is cause for concern.
By toast0 2025-09-1614:39 Parole terms aren't usually up for negotiation. It's generally parole or stay in prison. You can agree to the terms offered, but it's a coercive agreement, so I wouldn't put much weight on the parolees agreement. That said, I agree the terms seem reasonable.
But even if you stay in prison for your full term, you're likely to have supervised release which has similar terms.
By qingcharles 2025-09-1616:10 I've helped people released onto parole for years. It's tough. The terms might seem easy, but often aren't in practice. Most people have a history of addiction and/or mental illness and suddenly they are thrown into a world where everything is available for a price, and any medical help they were given is suddenly taken away and the life where everything was done for them (food cooked, clothes washed) is gone.
The majority are returned to prison within days/weeks/months of release.
By pjc50 2025-09-1613:55 I'm reasonably anti-carcerial, but he did actually commit a crime, and one of the conditions of release from that crime was agreeing not to do those things - that's what probation means - an agreement he promptly broke.
There has to be some penalty for noncompliance or you get more of it.
By arp242 2025-09-1614:35 He used encrypted services to commit a bunch of crimes. He was then released on the condition that he would no longer use the encrypted services that he used to commit the crimes with. He then lied and used those encrypted services anyway. It's really that simple.
I am absolutely NOT a fan of "tough on crime" type stuff. By and large I feel the US criminal justice system is an inhumane cruel monstrosity. But the conditions were not all that unreasonable (except the weed stuff) and all of this smells of bad faith on the part of this couple.
By iLoveOncall 2025-09-1613:512 reply You care if he was a pedo?
Go check page 28, lines 3 to 8 on https://rockenhaus.com/wp-content/uploads/2025/09/U.S.-v.-Ro...
By spicybright 2025-09-1614:46 Summary: He was logged doing a search for the "North American Man/Boy Love Association", and then after downloaded some kind of VM access/TOR software the logging ended.
I'm surprised this isn't mentioned much here, there's a lot of reddit comments that picked up on this and the OP (self-identified as the wife) isn't replying to any, only the ones that fit her story.
https://old.reddit.com/r/TOR/comments/1ni5drm/the_fbi_couldn...
The OP here also downplays a lot of what the husband did. He was on probation from DDOSing and then physically damaging company equipment after he was fired. Then on probation from that he smoked weed, ghosted his probation officer, broke the terms.
By jMyles 2025-09-1614:51 Well of course. So try him on that.
By 1970-01-01 2025-09-1613:312 reply It's very important to get the official source on this one. Husband was legally restricted and being monitored by the FBI, so he decided to go install a VM to bypass the monitoring. It's not so much bravery against authority as it is hubris that got him 3 years.
https://rockenhaus.com/wp-content/uploads/2025/09/U.S.-v.-Ro...
By MadnessASAP 2025-09-1615:02 Yeah, that is a significantly more damning then what was given by his wife on Reddit. While SPICE is a normal means to interact with VMs, the defense couldn't offer any legitimate reason for him to be using one. They didn't even make an attempt to. They only established that the monitoring company couldn't say for certain that it was used explicitly to bypass the monitoring.
Also that it occurred right after the search mentioned on Page 28. It's a really bad look.
By NotMichaelBay 2025-09-1614:312 reply Since it seems to have been glossed over in the court transcript, can anyone explain how exactly a VM or client for remote VM could be used to bypass the monitoring?
Wouldn't the monitoring software capture any application's network activities, including a client for a Remote VM? I'm imagining something like Wireshark?
A VM would bypass monitoring software installed on devices the person uses. A VPN would obscure their traffic such that it is encrypted and not easily monitored. Even something like SSH is encrypted and not straight-forward to monitor, so a VPN isn't required to do this anyway.
A remote VM would combine both of these things, where the device/computer is in a location that isn't monitored and accessed by means aimed at bypassing controls in place. Activities carried out from the remote VM are then not monitored.
User + Devices -> VPN/other -> Remote VM -> Unmonitored Activities / Network Access
^ Monitoring is here, but may not capture the rest of the chain
Law enforcement would need to monitor the VM itself to monitor those activities, or I guess request logs from the provider if at all possible.
There's a limit to how much you can monitor someone and I assume there's a degree of good faith in cooperation with these controls. Failure to comply, seemingly, has severe consequences.
> A VM would bypass monitoring software installed on devices the person uses.
Not really, no: a VM is just another userspace application and a monitoring software should be able to capture its traffic just fine. If he was also using a VPN, tor or conneting to a remote machine that's another story, but only saying he was using a VM doesn't really mean much.
It's possible to pass PCI devices directly to the VM at which point they don't exist as far as the host OS is concerned. You can pass an entire USB hub to the VM and anything plugged into it is invisible to the host OS (at least by default).
By rnhmjoj 2025-09-186:53 Ok, but you certainly need root privileges to do that, in that case you could bypass the monitoring software in many other ways.
By NotMichaelBay 2025-09-1615:141 reply Okay, that makes sense. But the monitoring software should capture the connection request to the VPN or Remote VM?
By Shocka1 2025-09-2214:37 Yeah I've been reading the PDF and a lot of finely detailed technical info is missing, making it hard to piece together. If he had the remote VM up and running, there would have at least been one persistent connection.
By Almondsetat 2025-09-1615:01 Monitoring software installed at the OS level can monitor both traffic and what applications generate it. But if the traffic is coming from a VM, it can only do the former.
By exikyut 2025-09-1613:11 This was posted only a month ago: https://thereader.mitpress.mit.edu/the-secret-history-of-tor... (https://news.ycombinator.com/item?id=44838378)
The article provides a good foundation for opposing arguments.
Excerpting:
> The researchers wanted to find a way to do the seemingly impossible — to give the military the benefits of a global, high-speed communications network without exposing them to the vulnerabilities of the metadata that the network relied on to operate.
> ...
> There are other implications, as well. For a CIA agent to use Tor without suspicion in non-U.S. nations, for example, there would need to be plenty of citizens in these nations using Tor for everyday internet browsing. Similarly, if the only users in a particular country are whistleblowers, civil rights activists and protesters, the government may well simply arrest anyone connecting to your anonymity network. As a result, an onion routing system had to be open to as wide a range of users and maintainers as possible, so that the mere fact that someone was using the system wouldn’t reveal anything about their identity or their affiliations.
> ...
> Anonymity loves company — so Tor needed to be sold to the general public. That necessity led to an unlikely alliance between cypherpunks and the U.S. Navy.
> The NRL researchers behind Onion routing knew it wouldn’t work unless everyday people used it, so they reached out to the cypherpunks and invited them into conversations about design and strategy to reach the masses.
