nCircle purges posts after researcher's arrest for explosives

Won't say why

Security and compliance firm nCircle quietly purged several blog posts written by a former researcher who was arrested this week by Canadian authorities in charge of securing the G8 and G20 summits taking place in Ontario.

Byron Sonne, a certified information systems security professional who has been highly visible in research circles for almost a decade, was arrested on Tuesday in Toronto. Officials with Canada's Integrated Security Unit haven't officially fleshed out the charges beyond the contents of this press release (PDF), which lists "Intimidation of Justice System Participant by Threat," "Intimidation of Justice System Participant by Watch and Beset," "Mischief interfere with property," "Attempt mischief," "Possess explosive for unlawful purpose," and "Weapons dangerous."

An ISU spokeswoman declined to comment on Friday, other than to say a bail hearing in the case is scheduled for Saturday.

Friends and colleagues of Sonne say they've never known him to be violent and suspect the charges are in response to recent videos like this one, in which he documented the erection of a security fence in preparation for the G20 event or Tweets such as those here and here, in which he criticized summit officials for training surveillance cameras on protester gathering spots and advised people questioned by police to simply "walk away."

Within 48 hours of the arrest, nCircle removed at least four posts Sonne made to the company's blog in 2005 and 2006. "Have people forgot what it means to be a real hacker?" he asks in this censored post that's still available (for now) in Bing's cache. "To explore and learn about the world. To create and reveal new knowledge. That is where respect should come from." Elsewhere, he spars with Weev, one of the hackers behind the mass compromise of iPad users, who coincidentally was himself arrested last week.

The purges have stuck in the craw of Sonne's supporters, among them Mike Murray, who was Sonne's boss in the mid 2000s when both worked at nCircle.

"They've derived benefit from having his stuff up for five years since he left the company," said Murray, who is now a managing partner with Mad Security. "It seems a little two-faced and disingenuous. You have the presumption that someone is innocent until proven guilty in Canada and the US. They're distancing themselves from him."

A spokeswoman for nCircle declined to comment.

According to this report from The Globe and Mail, Sonne's common-law wife has also been arrested and their home has been extensively searched. It went on to say that police have accused both of collecting ingredients to make powerful explosives commonly associated with terrorist bombings and possessing potato guns with the aim of endangering the public.

A Facebook group here indicates Sonne recently participated in a group formed out of "surveillance issues around the upcoming G20 summit." Murray suspects this may also have played a role in the arrest.

"I think Byron was going around pointing out things very publicly that other people didn't want pointed out," he said "It's an overreaction to arrest someone and his wife and rip their house out for 24 hours for a bunch of Tweets and stuff he bought online. They're treating him like he's Timothy McVeigh." ®

Sponsored: Network DDoS protection