Blog Jay Leiderman Law

Sweet Brown’s lawsuit: Apple iTunes didn’t have time for that

About  (from know your meme

Sweet Brown is a pseudonym used by Kimberly Wilkins, an Oklahoma City resident who was interviewed by local news station KFOR News Channel 4 after evacuating from her apartment building that was set on fire. Sweet Brown’s emphatic testimony of the chaotic scene quickly led to massive exposure on YouTube.

The definitive version of the “Ain’t Nobody Got Time for That” remix is found here.

Sweet Brown

Sweet Brown recognized her apartment was on fire when she got up in the middle of the night when she got herself a cold pop


On the morning of April 7th, 2012, a three-alarm fire broke out at Sweet Brown’s Oklahoma City apartment complex in Oklahoma, leaving one person hospitalized for smoke inhalation and five units damaged.  The local station KFOR News Channel 4 was among the first to arrive on the scene and interview one of the displaced residents Sweet Brown. During the interview, she stated that she had woken up to get a “cold pop” when she thought someone was grilling before she realized there was a fire. Brown then proceeded to run out of the apartment without shoes. In describing the heavy presence of smoke from the fire, she uttered “ain’t nobody got time for that!” which became one of the more memorable lines.

Sweet Brown / Ain’t Nobody Got Time for That


The video was reposted on multiple sites and exploded in popularity overnight. 

Follow-up Interview

On April 12th, NBC conducted a follow-up interview with both Sweet Brown and her son, who were apparently shocked by the amount of YouTube views her original news report had received. This interview appeared on MSNBC the same day.

On April 13th, lucusmarr, who uploaded the original new clip 4 days prior, found Sweet Brown via her son. He brought her 4 cases Royal Crown Cola, which Sweet Brown responded “I really got time for this!”

Sweet Brown


Copyright Lawsuit

On March 9th, 2013, Oklahoman daily newspaper NewsOK reported that Kimberly Wilkins has filed a federal copyright infringement lawsuit and a compensation of $15 million against Apple Inc., Seattle-based radio program The Bob Rivers Show and a number of other parties for unauthorized use of her likeness for commercial purposes. According to the article, Wilkins filed her first complaint against “I Got Bronchitis,” a remix based on audio samples from her KFOR news interview clip (shown below), which became available for purchase via Apple’s iTunes store in April 2012. While the song has been since taken down from iTunes, the suit has since moved to the United States District Court for the Western District of Oklahoma and remains pending.

A lawsuit filed by local Internet celebrity Kimberly “Sweet Brown” Wilkins over a song briefly sold on Apple Inc.’s online music store has been dismissed due to “failure to prosecute,” court records show.

Wilkins, who gained Internet fame with the catchphrase “Ain’t nobody got time for that!” was suing Apple and a Seattle-area radio show in federal court over a song that was sold for a little more than two months on the iTunes online music store.

In the suit, Wilkins claimed she was defrauded when her voice and likeness were used to sell the song on iTunes without her permission. 

twitter Facebooktwittergoogle_pluslinkedinmail

College campus discrimination against applicants convicted of a felony

The Marshall Project


The Obstacle Course (“The country’s largest state university system says it doesn’t discriminate against former prison inmates. Applicants say otherwise.”)

As of 2018, students who apply to a two-year or four-year college within the State University System of New York will no longer have to disclose whether they have been convicted of a felony.


Felony vs. Misdemeanor

SUNY officials, who oversee the nation’s largest public university system, voted on Wednesday to “ban the box” on student applications that asks about criminal history. An internal memo outlining SUNY’s decision credited a 2015 analysis that found nearly two-thirds of applicants who disclosed having a felony record had dropped out of the application process.


When he checked the box on the New Paltz application owning up to his felony record, the demands began. The school wanted letters from the prison psychologist, the prison superintendent and his parole officer, and his full criminal record. Cadwallader replied that Mt. McGregor did not have a psychologist and that he never interacted with the superintendent. He submitted letters from his current psychologist, psychiatrist and parole officer, and braced for the screening committee. There, he says, he was grilled about his record — including arrests for misdemeanors and for charges that had been dismissed.


According to a forthcoming analysis of state records by the Center for Community Alternatives, an advocacy group that lobbies for alternatives to incarceration, about three out of five applicants with felony records drop out between application and admission, discouraged from pursuing an education that might equip them for a crime-free future. Among applicants without criminal records, the dropout rate is only about one in five, according to the report, believed to be the first such study of a major public university system.


twitter Facebooktwittergoogle_pluslinkedinmail

The worst passwords

Here’s the list of the worst passwords. If you recognize your password on it, it’s time to rethink your password security and change your login:

  1. 123456 (Unchanged)
  2. password (Unchanged)
  3. 12345678 (Up 1)
  4. qwerty (Up 1)
  5. 12345 (Down 2)
  6. 123456789 (Unchanged)
  7. Football (Up 3)
  8. 1234 (Down 1)
  9. 1234567 (Up 2)
  10. baseball (Down 2)
  11. welcome (New)
  12. 1234567890 (New)
  13. abc123 (Up 1)
  14. 111111 (Up 1)
  15. 1qaz2wsx (New)
  16. dragon (Down 7)
  17. master(Up 2)
  18. monkey (Down 6)
  19. letmein (Down 6)
  20. login (New)
  21. princess (New)
  22. qwertyuiop (New)
  23. solo (New)
  24. passw0rd (New)
  25. starwars (New)

Password complexity is critical in the age of the security breach

From Microsoft:

Although many alternatives for user authentication are available today, most users log on to their computer and on to remote computers using a combination of their user name and a password typed at their keyboard. Some retailers will configure their Point of Service terminals to auto login on boot. Some retailers will allow the user to select their own password. To make it easier to remember their passwords, users often use the same or similar passwords on each system; and given a choice, most users will select a very simple and easy-to-remember password such as their birthday, their mother’s maiden name, or the name of a relative. Short and simple passwords are relatively easy for attackers to determine. Some common methods that attackers use for discovering a victim’s password include:

  • Guessing—The attacker attempts to log on using the user’s account by repeatedly guessing likely words and phrases such as their children’s names, their city of birth, and local sports teams.
  • Online Dictionary Attack—The attacker uses an automated program that includes a text file of words. The program repeatedly attempts to log on to the target system using a different word from the text file on each try.
  • Offline Dictionary Attack—Similar to the online dictionary attack, the attacker gets a copy of the file where the hashed or encrypted copy of user accounts and passwords are stored and uses an automated program to determine what the password is for each account. This type of attack can be completed very quickly once the attacker has managed to get a copy of the password file.
  • Offline Brute Force Attack—This is a variation of the dictionary attacks, but it is designed to determine passwords that may not be included in the text file used in those attacks. Although a brute force attack can be attempted online, due to network bandwidth and latency they are usually undertaken offline using a copy of the target system’s password file. In a brute force attack, the attacker uses an automated program that generates hashes or encrypted values for all possible passwords and compares them to the values in the password file.

Each of these attack methods can be slowed down significantly or even defeated through the use of strong passwords. Therefore, whenever possible, computer users should use strong passwords for all of their computer accounts. Computers running Windows Embedded for Point of Service (WEPOS) support strong passwords.

Passwords are case-sensitive and may contain as many as 127 characters. A strong password:

  • Does not contain the user name.
  • Is at least six characters long.
  • Contains characters from three of the following four groups:


Lowercase letters:  a, b, c,…

Uppercase letters: A, B, C,…

Numerals: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9

Symbols (all characters not defined as letters or numerals)` ~ ! @ # $ % ^ & * ( ) _ + -={ } | [ ] \ : ” ; ‘ < > ? , . /


Change your passwords every six months to ensure continued security

Now you know.  Go get more secure.

twitter Facebooktwittergoogle_pluslinkedinmail
war on drugs

By Jay Leiderman,* originally published in the Ventura County Star on June 17, 2011, the 40th anniversary of the war on drugs. It was then titled: Unhappy 40th anniversary, war on drugs. The article has been updated.

On June 17, 1971, President Nixon started his so-called War on Drugs.

“This nation faces a major crisis in terms of the increasing use of drugs, particularly among our young people,” Nixon said. “Public enemy No. 1 in the United States is drug abuse. In order to fight and defeat this enemy, it is necessary to wage a new, all-out offensive.”

It has now been almost 44 years of the War on Drugs, a war lasting longer than almost all wars in American history combined. The winners of this war are government contractors, the law enforcement “business” and the prison industrial complex.

Since 1971, the federal government has spent almost a trillion taxpayer dollars fighting drugs. A report from the Senate Homeland Security and Governmental Affairs Committee disclosed that the government awards the majority of counter-narcotics contracts to five large defense corporations. The U.S. Government Accountability Office recently reported that the State Department does not even evaluate whether its counter-narcotics program is successful.

Our tax dollars are also being spent on the prison system and the criminal enforcement of the narcotics laws. Currently, there are 2.3 million people incarcerated in America — triple the amount in 1987 and a quantum leap over those incarcerated in 1971. An estimated 25 percent of incarcerations are for drug offenses including drug possession, drug trafficking and drug dealing.

drug war

The war on drugs has been an unmitigated disaster. Since its inception, drug use has massively increased

Americans spend nearly $70 billion a year dealing with these prisoners. The U.S. has the highest incarceration rate of any country in the entire world. Moreover, minorities are incarcerated at significantly higher rates than whites, despite the numerous studies showing whites engaging in drug use at similar or higher rates than minorities.

We cannot sustain this incarceration rate. In May, the U.S. Supreme Court acknowledged that our over-incarceration policies have produced a crisis in California prisons, where extreme overcrowding creates unconstitutional conditions mandating the release of prisoners. Justice Anthony Kennedy called California prisons “incompatible with the concept of human dignity.”

Drug war losers are the American taxpayers, drug addicts and civil liberties. The War on Drugs has not resulted in fewer drug addicts. In 2005, James Anthony, Ph.D., reported that the number of teenagers who experiment with recreational drugs is nearly equal to its peak years in the early 1970s.

Drug Enforcement Administration statistics assert the rate of addiction in the U.S. has remained constant at 1.3 percent of the population over the past 40 years. This directly contrasts with the Substance Abuse and Mental Health Services Administration’s numbers, which put drug addicts at 6.7 percent of the population today using the DSM-IV criterion (used by health care professionals, not law enforcement). The Centers for Disease Control and Prevention says drug overdoses have “risen steadily” since the early 1970s to more than 20,000 last year.

Moreover, the ACLU recently said: “Future generations will look back on the ‘war on drugs’ as a crude, barbaric and inhumane response to the social and public health problem of drug abuse. And they’ll look back with dismay at how our primitive ‘drug war’ had ugly repercussions in so many areas.

“One of those areas is the growth of government surveillance [in other words, the ushering in of the “tin foil age’]. It is a ‘war’ that takes place not on some foreign battlefield, but in the lives of Americans — their homes, cars, phones, purses and bodies — and in fighting this war the authorities have found justification for extending their power into all such realms.”

We are not safer from the problems that drugs have caused, nor are we free of drug abuse in our society. We are, however, systematically relieved of our rights to be free from intrusions into our persons, homes, effects and liberties.

After almost 44 years and nearly a trillion dollars, we have seen no success in the War on Drugs. Rather, we have only failure. Law enforcement admits that drugs today are cheaper, higher quality and more readily accessible, even to children. Casual use has either increased or remained level for 40 years, despite law enforcement’s efforts to stop drug use altogether.

We need a renewed debate about the wisdom of continuing this war as presently prosecuted. A paradigm shift is needed.

Earlier this month, the Global Commission on Drug Policy called for the legalization of some drugs and an end to the criminalization of drug users. The panel includes former world leaders and international luminaries.

If certain drugs were decriminalized, the panel stated, and the money instead spent on treatment and rehabilitation, fewer people would be incarcerated and would instead be contributing to society. Based upon the failure of a 40-year policy that is unsustainable going forward, this approach deserves serious study and discussion.

According to Sen. Claire McCaskill, D-Mo., “We are wasting tax dollars and throwing money at a problem without even knowing what we are getting in return.”

U.S. drug czar Gil Kerlikowske admitted to the Associated Press, “In the grand scheme, (the War on Drugs) has not been successful. Forty years later, the concern about drugs and the drug problem is, if anything, magnified, intensified.”

Mr. President, Mr. Governor, it’s been almost 44 years … please end the War on Drugs. America is not winning.

* Ventura County, California criminal defense lawyer and State Bar Certified Criminal Law Specialist Jay Leiderman handles all types of drug-related cases, including drug dealing, drug trafficking, drug possession, DUI, and medical marijuana cases involving the CUA or Prop 215 and SB 420 also known as the MMPA, as well as cases of all types involving the mentally ill who “self medicate” due to a lack of treatment. Jay has spent a lot of time and resources fighting against the drug war.

twitter Facebooktwittergoogle_pluslinkedinmail

What Hacking Software Out There as a result of the NSA Hack

According to NSA whistleblower Edward Snowden, a recent leak of supposedly secret NSA hacking tools reflects an escalation of tensions between Russia and the United States. For others, however, he points to concerns about what, if any, privacy is still available to the general public.

Snowden, just as the movie bearing his name was released, sent Twitter alight on Tuesday with suggestions of “Russian responsibility” in the recent release of the NSA hacking instruments, noting as well that “Russia did it” would likely be the response to the accusations of the Hillary Clinton campaign, as conventional wisdom and the best investigation results also suggest Russian hackers leaked internal Democratic National Convention emails that damaged Clinton and DNC chair Debbie Wasserman-Schultz and cast a dark cloud over the convention.

A series of tweets sent by Snowden on August 16th should get the discussion started:

Edward Snowden

Edward Snowden has done more to protect constitutional rights that anyone in recent memory. He has exposed the fact that the government has been intruding on our privacy in a shocking and despicable manner.

The hack of an NSA malware staging server is not unprecedented, but the publication of the take is. Here’s what you need to know: (1/x)

  1. NSA traces and targets malware C2 servers in a practice called Counter Computer Network Exploitation, or CCNE. So do our rivals.
  2. NSA is often lurking undetected for years on the C2 and ORBs (proxy hops) of state hackers. This is how we follow their operations.
  3. This is how we steal their rivals’ hacking tools and reverse-engineer them to create “fingerprints” to help us detect them in the future.
  4. Here’s where it gets interesting: the NSA is not made of magic. Our rivals do the same thing to us — and occasionally succeed.
  5. Knowing this, NSA’s hackers (TAO) are told not to leave their hack tools (“binaries”) on the server after an op. But people get lazy.
  6. What’s new? NSA malware staging servers getting hacked by a rival is not new. A rival publicly demonstrating they have done so is.
  7. Why did they do it? No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack.
  8. Circumstantial evidence and conventional wisdom indicates Russian responsibility. Here’s why that is significant:
  9. This leak is likely a warning that someone can prove US responsibility for any attacks that originated from this malware server.
  10. That could have significant foreign policy consequences. Particularly if any of those operations targeted US allies.
  11. Particularly if any of those operations targeted elections.
  12. Accordingly, this may be an effort to influence the calculus of decision-makers wondering how sharply to respond to the DNC hacks.
  13. TL;DR: This leak looks like a somebody sending a message that an escalation in the attribution game could get messy fast.

Bonus: When I came forward, NSA would have migrated offensive operations to new servers as a precaution – it’s cheap and easy. So? So…

The undetected hacker squatting on this NSA server lost access in June 2013. Rare public data point on the positive results of the leak.

You’re welcome, @NSAGov. Lots of love. (emphasis added, just for funziez)

1st Reply: Nimjeh / NoName 2016 ‏@MyTinehNimjeh  Aug 16: “Thanks for the insight, helpdesk Snowden. @Snowden @NSAGov”

TL;DR: This leak looks like a somebody sending a message that an escalation in the attribution game could get messy fast.

Thanks indeed.  Let’s move on to some further analysis.

The origin of the source code has been a matter of heated debate for weeks (notwithstanding Snowden’s tweets) and has been scrutinized at length by cyber security experts. Although it is unclear how the software was leaked, again, notwithstanding Snowden’s tweets, one thing is beyond speculation: the malware is covered from top to bottom with virtual fingerprints of the NSA and it is clearly from the agency. The hacking tools are in the possession of a group that calls themselves the Shadow Brokers.  They have put a good deal of the leaked data on the open net for public inspection.  Proof that ties the Shadow Brokers dump the NSA comes in an NSA agency manual for implanting malware that was classified as top secret.  IT was also provided by Snowden in the treasure trove of leaked material that he possessed, but, like so much of the Snowden data, it was not previously available to the public. The draft manual instructs NSA operators to monitor their use of a malware program using a specific 16-string sequence: “ace02468bdf13579.” That exact same sequence appears throughout the Shadow Brokers data and in the code associated with the same program Snowden possessed called SECONDDATE.

“SECONDDATE plays a specialized role inside a complex global system built by the U.S. government to infect and monitor what one document estimated to be millions of computers around the world. Its release by ShadowBrokers, alongside dozens of other malicious tools, marks the first time any full copies of the NSA’s offensive software have been available to the public, providing a glimpse at how an elaborate system outlined in the Snowden documents looks when deployed in the real world, as well as concrete evidence that NSA hackers don’t always have the last word when it comes to computer exploitation.”  See The Intercept: THE NSA LEAK IS REAL, SNOWDEN DOCUMENTS CONFIRM Sam Biddle; Aug. 19 2016


The tin foil age – you are no longer crazy if you think that the government is spying on you. Tin foil hats are needed more now than ever before ;)

A cache of hacking tools with code names like Epicbanana, BuzzDirection, and Egregiousblunder mysteriously appeared online in mid-August, putting the computer security world is a position where they were racing against each other attempting to ascertain both the origin and authenticity of a treasure trove, the likes of which never have been seen, all the while buzzing with speculation about whether the NSA was truly involved and what the fallout would be. The files, of course, turned out to be real.  Indeed, no doubt could be reasonable after former NSA personnel that worked in the hacking division of the agency, known as “Tailored Access Operations (TAO)” confirmed that the hacking tools were indeed authentic and had an unmistakable NSA fingerprint. “Without a doubt, they are the keys to the kingdom,” said a former TAO employee, who spoke on condition of anonymity in order to discuss sensitive internal operations. “The stuff you’re talking about would undermine the security of many large government and business networks, both here and abroad.”  Moreover; “Faking this information would be monumentally difficult, there is just such a sheer volume of meaningful stuff,”  Nicholas Weaver, a computer security researcher at the University of California at Berkeley, said in an interview. “Much of this code should never leave the NSA.”

Said a second former TAO hacker who saw the file: “From what I saw, there was no doubt in my mind that it was legitimate.”

The file contained 300 megabytes of information, including several “exploits,” or tools for taking control of firewalls in order to control a network, and a number of implants that might, for instance, exfiltrate or modify information.

The exploits are not run-of-the-mill tools to target everyday individuals. They are expensive software used to take over firewalls, such as Cisco and Fortinet, that are used “in the largest and most critical commercial, educational and government agencies around the world,” said Blake Darche, another former TAO operator and now head of security research at Area 1 Security.

In politics, as in love and war, all is fair.  War is hell.  Cyber war too is H377

The software apparently dates back to 2013 and appears to have been taken then, experts said, citing file creation dates, among other things.

“What’s clear is that these are highly sophisticated and authentic hacking tools,” said Oren Falkowitz, chief executive of Area 1 Security and another former TAO employee.

Some of the exploits were pieces of computer code that make use of “zero-day” or previously unknown errors or vulnerabilities in firewalls, which do not seem to be committed to this day took, said one of the former hackers. The disclosure of the documents means that at least one other party – possibly another country spy agency – access to the same hacking tools used had the NSA and could turn them against organizations that use vulnerable routers and firewalls. It can also see what the NSA is directed and spying. Now that the tools are public, as long as the flaws remain unpatched, other hackers can take advantage of them, too.

In a typical chickenshit government move, the NSA did not respond to requests for comment.  Why bother letting the citizens of the very nation they are … um … trying to protect(?) know what they have unleashed upon them.


Edward Snowden has been the voice guiding the masses through the often confusing world of cyber espionage

The instruments were released by the aforementioned group the Shadow Brokers using both websites such as text sharing site Pastebin and file sharing programs such as BitTorrent and DropBox. As usual in such cases, the true identity of the person who put the tools out in the public domain remains hidden. Attached to the cache was an “auction” note that purported to be selling the second set of tools to the highest bidder: “Attention!!! Government sponsors of cyber-warfare and those who benefit from it!!! How much would you pay for enemies’ cyber weapons?”

The group also said that if the auction increased all the way to 1 million Bitcoins – equal to about $500 million U.S. Dollars – it would release the second file for free to the whole world. The auction “is a joke,” says Weaver. “It’s designed to distract. It’s total nonsense.” He said that “Bitcoin is traceable so that a doctor Evil scheme of laundering $ 1 million, let alone $ 500 million, is nothing short of madness.”

One of the former TAO operators said he suspected that whoever found the tools doesn’t have everything. “The stuff they have there is super-duper interesting, but it is by far not the most interesting stuff in the tool set,” he said. “If you had the rest of it, you’d be leading off with that, because you’d be commanding a much higher rate.”

TAO, a secret unit that helped craft the digital weapon known as Stuxnet, has grown in the past decade or so from several hundred to more than 2,000 employees in the NSA’s Fort Meade, Md., Headquarters. The group dates back to early 1990. The nickname, Tailored Access Organization, suggests a precision technique that some officials compared to brain surgery.  The name also reflects how encryption whizzes make beautiful and dangerous instruments from scratch, the same way a fine tailor takes a spool of wool and fashions a custom-made suit – just computer geeks work more often in jeans and T-shirts. “We break out the Nerf guns and have epic Nerf gun fights,” said one of the former hackers.

Some former agency employees suspected that the leak was due to a mistake by an NSA operator, instead of a successful hack by a foreign government’s so-called “state sponsored hacking” agency. When NSA staff hack foreign computers, they do not move directly from their own intelligence systems to the targets’, fearing that the attack would be too easy to trace. They use a form of proxy server a “redirector” that masks the origin of hackers. They use to disallow one or more of such servers trace a trick.  One wonders if they use TOR and a commercial VPN service as well.

Looking back at Edward Snowden’s tweets at the top of this article, it is clear that the US is engaging in state-sponsored espionage.  At the same time, other state run spy services, such as Russia, are doing the same to the United States. It is not unprecedented for a TAO operator to accidentally upload a large file of out “sacred” resources to a redirector, said one of the former employees. “What is unprecedented not to realize that you made a mistake,” he said. “You would know,” Oops, I uploaded that set ‘and remove it. ”

it is clear that the US is engaging in state-sponsored espionage

Critics of the NSA have suspected that the agency, when it discovered a software vulnerability, would never disclose the issue, thereby compromising the cyber security of everyone that it is supposed to protect. This new file disclosure shows why it’s important to tell software makers when errors are detected, instead of making a secret of them, said one of the former agency employees, because now that the information is publicly available for anyone to use too many hacks using simple internet infrastructure will be testing the limits of new toys.

Snowden, Weaver and some of the former NSA hackers say they suspect Russian involvement in the release of the cache, although no one has offered hard evidence. They say the timing – in the wake of high-profile revelations from the Russian government’s state-sponsored hacking of the Democratic National Committee and other party organizations – is remarkable.

Snowden is fast becoming the go-to resource for simple answers to the complex world of cyber espionage.  HE tweeted:  It seems that “someone sending a message that” retaliation against Russia “could get messy quickly.” Hacks are always political in one way or another.  Whether you’re hacking your ex-girlfriend’s Facebook account or trying to change your grades in the school’s computer.  There is a point that you are trying to make beyond the physical act of hacking.  “I can get you.”  “I own you.”  “I win.”  In politics, as in love and war, all is fair.  War is hell.  Cyber war too is H377.

twitter Facebooktwittergoogle_pluslinkedinmail