Tesla Motors does sell directly from their website and is getting a lot of flak from car dealerships because of it. WSJ article.

This is only true if you have a shite sound card which doesn't support multiple audio streams.

When did the NSA and Facebook become separate entities?

It might act as an incentive to voluntarily keep the console always connected.

And sometimes people are afraid to outwardly admit agreeing with said acts.

Does it really matter whose "fault" something is? Discrimination based on assumptions, regardless of the basis, should certainly be illegal. However, discrimination based on objective, observable things shouldn't be. For example, it should be illegal to discriminate against potential employees based on ethnicity. It should not be illegal to discriminate against people with a measurably low IQ when the job can be shown to require a higher IQ. It doesn't, or shouldn't, matter that a person's intelligence quotient isn't exactly their fault.

This information was on a public webserver without any type of authentication. If a large company like AT&T is irresponsibly handling customer data in this way the public should absolutely be informed immediately. Mr. Aurenheimer could have handled the situation better, but I do not think his actions should be criminalized at this level. Did he endanger people by blowing a whistle? Yes. Did he compromise a secure computer system to do so? No. IMHO this should fall more under "creating a panic" or something.

Is it so hard to believe that something like that may actually be happening already? Afterall, many of the operations conducted by our intelligence agencies (namely the CIA) are aimed at people many would consider civilians.

If I'm a national intelligence service and I want to create a botnet for military purposes, I also want to have plausible deniability. So, I construct my botnet the same general way criminals do. I hijack civilian computers, I purchase services through stolen credentials and fake ID's, etc.

I think the point still stands that it's possible for an attack to appear to originate from a location different from where it actually did. What is to stop someone from using a hijacked wifi access point to attack servers in, let's say France, and then use those French servers to launch attacks on Australian businesses?

I have personally witnessed an attack where computers owned by an American company were infected with a persistent agent designed to infect computers in a specific business in China (during a visit of the American execs to the Chinese location), for the purpose of then using the hijacked Chinese computers to conduct industrial espionage against another American company which also conducted business with that Chinese company. The actual attackers were neither American nor Chinese.

I often wonder how the origin of all of these attacks is determined without actually tracking down the culprits. In today's world it is simple to stage an attack seeming to originate from anywhere in the world.

Perhaps we should be asking the same of our government? Whose to say that many of these "Chinese hackers" we keep hearing about aren't, in fact, hackers from elsewhere using compromised machines on Chinese networks?

In addition to that, many people fail to realize that sentencing modifications made in a plea bargain are generally not binding. The prosecution can recommend whatever, but the actual sentence is entirely up to the judge.

Part of what is being protested here is the legal system itself and the (often) ridiculous sentences it doles out. Yes, activists should be prepared to face the consequences of their actions, but should not be expected to be quiet about them.

The CFAA makes it a crime to violate the Terms of Service of a web site. A ToS is a form of contract between the site and the user, and should fall squarly into civil law. A person who violates the ToS of a website or provider should be held accountable (in civil court) if their actions caused some sort of damage. Criminal charges and incarceration should only ever be on the table when such damage was caused with the intention of causing damage.

One of the issues here is the lack of mens rea in the CFAA. While Aaron admittedly breached JSTOR's ToS, he did not do so in a manner intended to cause damage to anybody. JSTOR's servers buckled under the load, but that shouldn't make this criminal as it wasn't Aaron's intention to overload them. Imagine if you were arrested on Federal felony charges because a water main broke while you were filling your swimming pool.

What Aaron did by utilizing the premises of MIT without consent is definitely tresspassing (at the least), but there is no reason his actions should have carried the possibility of so much prison time.