Bradburn et al v. North Central Regional Library District
Filing
56
DECLARATION by Bennett Haselton in Opposition re 28 MOTION for Summary Judgment of NCRL filed by all plaintiffs. (Caplan, Aaron)
<![CDATA[
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 I, Bennett Haselton, declare as follows: 1.
The Honorable Edward F. Shea
UNITED STATES DISTRICT COURT EASTERN DISTRICT OF WASHINGTON SARAH BRADBURN, PEARL CHERRINGTON, CHARLES HEINLEN, and the SECOND AMENDMENT FOUNDATION, Plaintiffs, v. NORTH CENTRAL REGIONAL LIBRARY DISTRICT, Defendant. No. CV-06-327-EFS DECLARATION OF BENNETT HASELTON IN OPPOSITION TO DEFENDANT'S MOTION FOR SUMMARY JUDGMENT
I am over the age of 18 and competent to testify to the matters stated herein. I
make this declaration on personal knowledge. 2. I am the CEO of Peacefire, Inc., a company created in 1996 to represent the
interests of people under 18 in the debate over freedom of speech on the Internet. Peacefire currently has over 7,000 members. 3. I am also a freelance computer programmer. For the last nine years I have
worked as an independent computer security consultant. In that capacity I have analyzed numerous software programs and computer setup plans for security holes. My work often entails determining whether any particular feature of a program or network poses a genuine DECLARATION OF BENNETT HASELTON IN OPPOSITION TO DEFENDANT'S MOTION FOR SUMMARY JUDGMENT Page 1
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
security risk. Over the years my clients have included Anonymizer, Inc., Google, Adobe, Netscape/AOL and E-Gold. From 2000 to 2006 I worked as a contract employee at
Microsoft, Inc., where I was directly employed by Volt, Inc. My work at Microsoft included performing software testing and security testing on various software products, including Microsoft Operations Manager, MSN and Internet Explorer. A true and correct copy of my resume is attached hereto as Exhibit A. 4. I have reviewed Defendant North Central Library District's Motion for
Summary Judgment ("Defendant's Motion for Summary Judgment"), Defendant North Central Regional Library District's Statement of Facts In Support of Motion for Summary Judgment, and the Declaration of Dean Marney. Defendant's Motion for Summary Judgment states that the Fortinet filtering categories Hacking, Proxy Avoidance, Phishing, Malware and Spyware are blocked because allowing access to Web sites in these categories "could damage the very network which makes such sites available," and that Web Chat is blocked because of the risk of "software-borne viruses or other malfunctions associated with such software." The Declaration of Dean Marney states that pages in these categories contain "information that could dismantle NCRL's entire computer network." inaccurate for the reasons discussed below. 5. "Phishing" Web sites imitate well-known sites such as Bank of America and These statements are technically
attempt to trick users into entering personal information and passwords. It is the computer user's responsibility to verify a site's identity before entering personal information, and the risks associated with "Phishing" sites are assumed only by the user. The viewing of such sites poses no security risks to NCRL's computers or network. 6. Regarding "Hacking" Web sites, there are two reasons why there is no security
benefit associated with blocking these sites in the library. First, many sites classified by Fortinet as "Hacking" sites (such as http://www.happyhacker.org/) provide defensive information to users about how to guard against hacking. Second, even in the event that a site DECLARATION OF BENNETT HASELTON IN OPPOSITION TO DEFENDANT'S MOTION FOR SUMMARY JUDGMENT Page 2
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
did provide instructions for hacking activities that could be used to harm NCRL computers, a malicious library patron could just as easily access those instructions from an unfiltered computer (either at home or at another location such as an Internet café), then go to the library to carry them out. The sites themselves pose no intrinsic security threat to the library, and the library gains nothing by blocking them on its computers. 7. Regarding sites blocked as "Malware" or "Spyware," such sites often
encourage computer users to download and install software that could pose a security risk if installed on the user's computer. But computers (including library computers) can be
configured with common desktop security software (not filtering software) that limits the changes users can make to the computer. Installing such security software will prevent users from downloading and installing any software (whether malicious or not), rendering the blocking of "Malware" and "Spyware" sites unnecessary. It bears noting that if the library were not using desktop security software, a computer user would be able to install malicious software by downloading it from, for example, his or her own personal Web site or by uploading it from a disk brought into the library, and the blocking of "Malware" and "Spyware" sites would again be rendered moot. 8. NCRL states that the "Web Chat" category is blocked because of the risk of
"software-borne viruses or other malfunctions associated with such software." First, as noted above, if the library's computers are properly configured with desktop control software, users will be unable to download chat software anyway, and will be limited to using chat sites for Web-based chat (which does not require downloading and installing programs). Second, even in the event that users were able to download chat software, such software is published by reputable companies such as Yahoo and America Online and the chance of it being infected with a virus is essentially zero. Virus infections are caused by running programs from untrusted third-party sources, not by running programs published by Yahoo, AOL or other similar entities. DECLARATION OF BENNETT HASELTON IN OPPOSITION TO DEFENDANT'S MOTION FOR SUMMARY JUDGMENT Page 3
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
9.
Finally, "Proxy Avoidance" Web sites pose no threat to the security of library
computers or the network itself. Proxy Avoidance sites merely allow computer users to bypass Internet filters and access blocked sites, but that concern would be rendered moot if NCRL were to be required to disable its filter at the request of adults. I declare under penalty of perjury that the foregoing is true and correct. Executed this 25th day of February, 2008 at Seattle, Washington.
By: Bennett Haselton
DECLARATION OF BENNETT HASELTON IN OPPOSITION TO DEFENDANT'S MOTION FOR SUMMARY JUDGMENT Page 4
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
CERTIFICATE OF SERVICE I hereby certify that on February 25, 2008, I electronically filed the foregoing document with the Clerk of Court using the CM/ECF system, which will send notification of such filing to the persons listed below: Thomas D. Adams Celeste Mountain Monroe KARR TUTTLE CAMPBELL 1201 Third Avenue, Suite 2900 Seattle, WA 98101 Attorneys for Defendant DATED this 25th day of February, 2008. AMERICAN CIVIL LIBERTIES UNION OF WASHINGTON FOUNDATION By: /s/ Aaron H. Caplan Aaron H. Caplan, WSBA #22525 American Civil Liberties Union of Washington Foundation 705 Second Avenue, Third Floor Seattle, WA 98103 Tel. (206) 624-2184 Fax (206) 624-2190 caplan@aclu-wa.org
DECLARATION OF BENNETT HASELTON IN OPPOSITION TO DEFENDANT'S MOTION FOR SUMMARY JUDGMENT
]]>
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?
