mostlysignssomeportents:

Alex Stamos, a computer security and forensics expert, was one of the expert witnesses in US v Swartz, the vindictive case
brought against Aaron Swartz for walking into an unlocked computer
closet, and downloading a large number of academic articles from JSTOR,
using MIT’s network. Stamos has very good perspective on the “crimes”
for which Aaron was being hounded by the state:

*   At the time of Aaron’s actions, the JSTOR website allowed an
unlimited number of downloads by anybody on MIT’s 18.x Class-A network.
The JSTOR application lacked even the most basic controls to prevent
what they might consider abusive behavior, such as CAPTCHAs triggered on
multiple downloads, requiring accounts for bulk downloads, or even the
ability to pop a box and warn a repeat downloader.

*    Aaron did not “hack” the JSTOR website for all reasonable
definitions of “hack”. Aaron wrote a handful of basic python scripts
that first discovered the URLs of journal articles and then used curl to
request them. Aaron did not use parameter tampering, break a CAPTCHA,
or do anything more complicated than call a basic command line tool that
downloads a file in the same manner as right-clicking and choosing
“Save As” from your favorite browser.

* Aaron did nothing to cover his tracks or hide his activity, as
evidenced by his very verbose .bash_history, his uncleared browser
history and lack of any encryption of the laptop he used to download
these files. Changing one’s MAC address (which the government
inaccurately identified as equivalent to a car’s VIN number) or putting a
mailinator email address into a captured portal are not crimes. If they
were, you could arrest half of the people who have ever used airport
wifi.

*     The government provided no evidence that these downloads caused
a negative effect on JSTOR or MIT, except due to silly overreactions
such as turning off all of MIT’s JSTOR access due to downloads from a
pretty easily identified user agent.

*     I cannot speak as to the criminal implications of accessing an
unlocked closet on an open campus, one which was also used to store
personal effects by a homeless man. I would note that trespassing
charges were dropped against Aaron and were not part of the Federal
case.

Aaron hanged himself two years, to the day, after his arrest. The DoJ asked for the maximum penalty: 30 years.

https://boingboing.net/2013/01/13/expert-witness-describes-aaron.html