The information is in the original New York Times story.
"Ms. Worden [the 'estranged spouse'] put her intelligence background to work, asking her bank about the locations of computers that had recently accessed her bank account using her login credentials. The bank got back to her with an answer: One was a computer network registered to the National Aeronautics and Space Administration."
Tangential question I don't think anyone here can answer: what did the Times mean by 'put her intelligence background to work'?
Does that mean her training suggested a possible thing she should check? Or does it mean she somehow used her position or contacts within the intelligence community to get information which would not otherwise be provided?
I've never asked my bank for this type of information; I've no idea whether or not a bank would provide it (although it seems a reasonable request)... But if she used her official position to get information she would not otherwise be provided, that's a pretty clear ethics violation.
I'm not throwing stones here;I just wish the Times quote was clearer.
I would assume the bank may have provided her with more specific information than it was some NASA network, including the date. Furthermore, the person making the complaint pretty much knew who it was (and that person subsequently admitted it). This isn't about tracking down a random person at NASA.
If Comcast can tell you which customer had a given IP address at a given time, I’m sure NASA can figure out that a given IP address was the one used for ISS traffic.
If it happened during the time that Anne McClain was on the ISS, and she was the only person within NASA with credentials to this account, it seems like a plausible conclusion that she accessed the it from space.
it's plausible but it's not true/factual (imagine a bank that didn't expire credentials, somebody broke into her computer at work and logged in there, etc, etc). However, she did apparently admit she did this. I was just hoping the article had a line line, "and NASA verified the IP was coming from space" or something like that. Otherwise, it's circumstantial.
A complaint was filed. We don't know why the NASA employee still had access to the (formerly joint?) account. [ADDED: One would have thought the person whose account was accessed would have been savvy enough to have changed their password unless there's some important detail that's missing.]
Space law is obviously the somewhat interesting story angle. Other than that it's certainly a complete non-story.
Sure, but for this to be an easy case to prosecute, it helps if there's documentation of that revocation (as a personal example: I've known plenty of family members and acquaintances who maintained accounts with ex-spouses, especially for things like childcare and other responsibilities that don't exactly go away just because a relationship went sour).
Also, if one does want to make sure a previously-authorized individual can no longer access something, the responsible thing is to change the locks ASAP, thus revoking that implicit authorization.
This is true, courts always measure motive and balance the actions with how divergent it was from how a reasonable person would act.
There's plenty of reasonable reasons for her to have access. Especially if she had access to the account previously in a shared role and only read the information instead of modified it somehow. But that of course depends on whether the individual made it clear it was now off limits because (for example) it is now a strictly personal account again or the divorce was finalized and there was zero financial connection which exists between them.
Plus things like how reasonable it would be to not say anything about it but expecting them to know better. Which is why the exact details of the arrangement needs to be clear.
Sure, IANAL and don't know the legality of handing out my password to people because I've never had the need to do so. But I take it that you agree the "unlocked window" analogy is not a good one.
No, I don't agree. I might give my neighbour a key for emergencies, for example. That does not imply that they have permission to enter whenver they want for whatever reason they want.
Exactly. If McClain has the credentials, then it means either
1) she somehow got them illicitly (e.g. stealing them from Worden)
or
2) she previously had legitimate and authorized access to the account (e.g. while she and her spouse were not yet estranged / filing for divorce)
If #2, then I reckon this becomes a much harder case to prosecute, given that McClain was implicitly authorized to access the account (else, Worden would have changed the password or otherwise revoked that access). Unless, of course, there's documentation of Worden having told McClain not to access it (and yet still didn't change the password...).
"Ms. Worden [the 'estranged spouse'] put her intelligence background to work, asking her bank about the locations of computers that had recently accessed her bank account using her login credentials. The bank got back to her with an answer: One was a computer network registered to the National Aeronautics and Space Administration."