Slashdot Mirror
Spammer Pleads Guilty
Rick Zeman writes: "A spammer faces up to seven years in jail after pleading guilty to "computer hijacking." " He apparently hijacked a mail server, and used it
to send millions of forged email to make it come from IBM domains. He's pleaded guilty to forgery and I hope he gets all 7 years. But
then again, I also wish someone would get 7 years every time they mail
me a credit card offer, or call me and ask me to change my long distance service.
Because it's theft. I don't like being stolen from.
But not just because it's theft. The real fight is how we preserve email as a useful communications medium.
> Add to that the fact that I can block senders,[ ... ]
And how much of your time do you spend doing this, when you could be doing other things? You say you've never had more than 10 a week. Before I started reading headers, I was up to 10 a day. And I'm on the light side. Others I know were in the hundreds per day.
Consider this - if we give Jay Garon net.access in prison, and only 1% of legitimate small businesses (ignoring the MMFools and pr0n-hawkers and snake-oil "pharmacists") in the US spam Jay Garon once a year. Jay will have to "just hit delete" 240,000 times a year. That's 657 a day.
As punishment, I think Jay Garon should have to reply to an email from the warden, three times a day, to get his meals served. Failure to answer the mail within an hour results in no meal service.
Now how long do you think it would be before Jay starved to death, "just hitting delete"?
> Now I just delete and forget.
I used to delete spam. Now I delete spammers.
Speaking of whom... hey Garon, seen any sexy babes lately? How's Premier Financial?
The wheels of justice grind slowly - Garon's spamhaus dates back to early 1999 - but they grind extremely fine. I'm gonna eat an 8-oz filet mignon tonight. I'm sure Jay will be eating meat soon too, but of a different sort.
Buh-bye, Jay. You might as well let the door hit you in the ass on the way out. A little tenderizing might make it easier on ya when Bubba comes a knockin'.
- He's pleaded guilty to forgery and I hope he gets all 7 years. But then again, I
also wish someone would get 7 years every time they mail me a credit card offer, or call me
and ask me to change my long distance service.
you gotta be joking... you think SEVENS years of real prison time is adequate for faking emails?!?!sure the guy has to pay a big monetary fine, but this isn't in the league an assault, burglary, rape or kidnapping
spamming is not a violent crime.
______________________________________________
sigamajig...
In the old days it was a big insult to call someone 'a horse thief'.
Imagine trying to implement a reliable security scheme to protect horses from theft.
Horses are easy to steal/hard to secure. They provide their own get away vehicle, and even identification/proof of ownership can be unreliable. (Branding is write once, read many)
The result was that punishment for horse theft was DEATH or worse.
The punishment isn't only based on the value of the thing stolen, but also on the consequences to society if the type of behavior continues...
It is because Spamming is so easy to do and easy to get away with/hard to prosecute that the punishment should be harsher than other crimes.
The punishment is supposed to fit the crime, and I can't agree that it would take 7 years to straighten this guy out. Inprisonment is not to be taken lightly. What would this guy learn in 7 years that he would not learn in 5? 3?
---
Ben Garvey
Ben Garvey
"Life is too short to get on the good rides"
Comment removed based on user account deletion
Why does everyone get so damn pissed off at spam?
I can't post to USENET with an e-mail address that I actually use (I did once, and I'm paying for it now).
I can't read much of USENET with the S/N ratio being as low as it is.
Those are my two main gripes.
--
This kind of crap -- "hijacking", they call it -- wouldn't be possible if sysadmins would LEARN how to SECURE their mailservers!!!
Or if they must run third party relays (e.g. to cope with crippled software.) They make sure that their machine adds IP address, reverse DNS, identd to the headers and has an accurate clock.
Anyway with just about any modern piece of software you explicitally need to set it up to act as a relay in the first place.
make him eat SPAM every day for 7 years.
That would be a deterent.
That's the whole point. It is a non-issue with me because I sheild myself behind a hotmail account. I find it much easier to sift through spam when there are almost no useful messages in the box. As such it takes such a small amount of my time that I can't even be bothered getting upset at it. In fact, I find some of the spam so lame it makes me laugh, and we all know the world could use more laughter.
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
No way this guy does 7 years for this; he'll be out in 6 months.
That fuckhead spammer is going to look like the ``starring attraction'' at goatse.cx. I think millions of mail system administrators and mail users everywhere have just been avenged...
Note that this is supposed to be an in-joke for those that have already inadvertantly been to goatse.cx, I don't advocate going for those of you whose eyes are untarnished. You Have Been Warned.
--
News for Geeks in Austin, TX
The phone spammers have to take you off their list if you ask; if you ask, and they call again in a certain time period (one year?) they are liable for $500 per call. (IIRC)
As for credit card offers; just call the three credit reporting bureaus and ask to be taken off of *their* lists.
He actually passed his guilty plea to the judge in the form of a chain letter:
Please e-mail this plea to 5 people in the courtroom, who will then in turn e-mail it to 5 more people...
Failure to do so will result in the death of your immediate family, increase of Oracle pricing for your employer, and the installation of RedHat 7 on your C++ development machine.
Thank you.
While I'm happy there are laws against this sort of obnoxious behaviour, I'm sickened that someone will go to prison for this and that so many of you (CmdrTaco included) would take that punishment so lightly. Fines, probation, community service, etc. are all acceptable for this sort of offense. Prison should be reserved for truly dangerous criminals.
Wil
--
Wil
wiki
--
send all spam to theotherwhitemeat@ropine.com
--
--
Mod up a post Rob doesn't like and you'll never mod again
Many years ago I worked out a simple way of preventing spam. AFAICT, it'll still work. It's dead simple:
Only allow one message to be sent per second, per client, by each mail server.
To individual users, this is no hardship. (My mailer takes longer than that just to do its housekeeping.) Mailing lists will, of course, need special treatment, but they should be on special mail servers anyway.
But this would be the kiss of death to spammers. Now they can only send 60 messages per minute, 3600 per hour! Now it'll take them just under two weeks of continuous connect time to send a million messages. It's now not worth the effort to do it.
The changes to the mail servers should be pretty simple, too. There'd be a bit of extra overhead, but not much. You'd have to keep track of who connected in the last second to prevent people connecting, sending one message, disconnecting, reconnecting, sending another message, etc.
Any ideas if there's anyone I could suggest this to to find out if it's actually workable? (Other than here?)
The word "hacker" predated computers by decades. It meant someone who who did "quick and dirty" work with no regard to quality. In the building trades, a contracter who works quick and dirty is called a "hack". A general contracter who is behind budget will tell his foreman to "go get a hacker". Or consider the hack writer. He wants to write the next great novel, but he has to feed his family so he hacks out romances.
Does this meaning fit today's computer hackers and "crackers"? Scary, ain't it?
A Government Is a Body of People, Usually Notably Ungoverned
Not even Mitnick got half of it. I think the guy needs another correctional measure. To write 1000 time "I'm sorry" and be kept in jail until he writes up 2,5 million times the stuff... That's a good punishment for a spammer.
Hey if he will write 1000 "I'm sorries" a day, that will mean 7 years... Oh damn...
7 years in prison does seem a bit harsh. On the other hand
"I had to pay $50 and pick up the garbage."
sounds a bit light.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
>heady enjoyment of corrupting spammers'
>databases
Yeah. Damaging their databases unknowingly. Go to their site, manually edit the cookies. Let them retrieve them and corrupt their databases by their own hands.
If there's a software that does this for you. I'll pay for it.
Now is there any?
5-6 years ago, it was. That's why so many servers are still open - they're run by lazy admins, or come configured with relay turned on by default (Sendmail 8.6 on SUN, anyone?)
Today, it's not. The 'net changes. Deal.
> Locks should be to prevent kids from playing with balsting caps, not to keep theives out.
Today, an open relay is an "attractive nuisance" - that is, it's analagous to leaving your garage, full of blasting caps, wide open, and hanging a sign on the door saying "Hey kids, don't come in here and play with the blasting caps!"
I think you're actually trolling, but I'll take you seriously for one more moment.
> An open mail server is likewise a nice thing to provide for those people who have unreliable internet connections.
If you're operating such a relay as a favor to a friend in such a situation, it's your responsibility to make sure it's not abused.
By way of constructive suggestions, you can require that users of your relay authenticate before using it, or you can restrict use of that relay to a specific IP address.
If you want to cure an open relay problem, send the admins a message or contact ORBS. It's absolutely asinine for people to use other's systems without their approval.
Lets see. You advocate the use of ORBS, yet ORBS launches a 15+ test attack on a target machine WITHOUT the premission of the sysadmin of the machine who's accused annonymously of having an open relay.
If it is asinine to use anothers system without premission, then why advocate ORBS, who do exactly that....launch a 15+ probe attack VS a host without that sysadmins premission, all based on submissions which proof can not be provided for?
If it was said on slashdot, it MUST be true!
The subject of "harm" is perhaps one place to look. In the case of check fraud, the money or property probably won't be recovered, or only partially recovered, and either the bank or account holder will take a loss. In the case of spam, a whole lot of users press delete, maybe an ISP bears some bandwidth or mail server load (low incremental cost), and maybe a couple stupid suckers fall for whatever scam the message is hawking, and take a minor loss, but from their own action (any they probably learn something from it).
Now this guy crashed someone server by sending too much stuff so quickly, so there is some real harm, but 7 years in jail? I'd personally like to see him do at least a little time, perhaps only to strike some fear into all the other spammers out there, but 7 years sounds pretty damn harsh.
PJRC: Electronic Projects, 8051 Microcontroller Tools
This is evidence of a judicial system that is more about revenge than correction.
I always thought it was about punishment, neither revenge nor correction. Just good old fashioned punishment for a crime. 7 years is a little extreme and I'm sure he won't get that, but there should be some punishment.
Finkployd
Maybe the ISP's staff spends dozens or hundreds of hours fielding the responses from people who were spammed demanding that the ISP do something about the spammer.
Maybe the ISP finds itself blocked by hundreds or thousands of mail admins around the world, and its subscribers decamp en masse because they can no longer get mail through. The ISP then goes belly-up.
Unless the spammer is willing to bear ALL of those costs (and has an agreement with the ISP holding the ISP harmless, sufficient credit to pay the costs, etc. etc.), s/he should go to jail as the thief and vandal s/he is.
Spam is theft of service. Spammers have no business existing. Anyone who spams should have to pay back the trebled costs of their damages (including people's time to download, recognize and delete the spam) preferably from wages earned from a work-release program shoveling muck out of sewer pipes (one of the few poetically just outcomes). Or they could just die painfully.
"
/ \ ASCII ribbon against e-mail
\ / in HTML and M$ proprietary formats.
X
/ \
Time is Nature's way of keeping everything from happening at once... the bitch.
Although I hate deleting spam as much as the next guy, this is ridiculous. Considering other all other crimes, 7 years is a ludicrous amount of time for anyone to spend in prison for a crime that causes little harm.
I see that the Legislature and "Justice" departments are at it again, they are trying to set punishments so the first people to be punished are examples for those to come.
I detest this bombastic view that has been done in many computer crimes, and when compared to other crimes, the amount of prison time, and monetary punishments just don't jive with other crimes.
It seems that computer crimes are becoming the drug crimes of their time. This is a just another example of a misunderstood boogie monster crime that must exaggerated in media coverage and criminal punishments. All this does in the end is fill our prisons with over punished people. This costs us too much money and causes us to have more criminals in the end.
I think 1-12 months in a county jail would do the trick, don't you? If not subsequent violations could result in a few years of prison, but really, I'd rather delete a few extra e-mail a day then pay more in taxes for prisons, and cause the creation of more criminals.
-My $0.02
--Fac Iustum Nec Time-- --Veritas Prevalibit--
Maybe if Hormel started suing people for using their patent... ;)
~moofbong
If 'con' is the opposite of 'pro', what is the opposite of 'progress'?
> After all, no-one is complaining that having
> open mailboxes outside every post office is a
> security problem
Yes, they are. You can no longer post packages
via public mailbox because of security reasons.
Remember the IMF protests in Washington back in
April? I work half a dozen blocks from the IMF;
I remember when the security guys came and removed
all our street mailboxes to prepare for the
protests. They did put 'em back afterwards, but
still, it was a pain.
Chris Mattern
Please e-mail this plea to 5 people in the courtroom, who will then in turn e-mail it to 5 more people...
Failure to do so will result in the death of your immediate family, increase of Oracle pricing for your employer, and the installation of RedHat 7 on your C++ development machine.
Thank you.
Okay. I agree with you here. Spam is harmful in open forums where there is no way to filter it. Imagine if people started advertising pornography here on slashdot, and there was no way to... oh, sorry.
I figure that if other people aren't using free e-mail accounts to filter out their spam, and then complain about it, they rank on the same level as sys admins who don't apply the latest security patches and whine when a skript kiddie roots their box. I appreciate your "once-bitten twice-shy" scenario, though. I had one of those too.
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
7 yrs is too harsh. make the punishment fit the crime.
Cut off his hands?
Ah, I think you hit on a point here. I'm too lazy to look up the law, but if I walked into a house that had an open door, I can't be charged with "breaking and entering". I think the most I can get is "illegal entry". IIRC, B&E requires that the criminal either break something or open something, with the intent to gain entry and commit another crime.
An open port is an open door. (H|Cr)acking a firewall is B&E.
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
How about we give 7 years in jail to everyone who ever breaks into a computer system? I mean, I sure hate spam as much as the next guy, but "hijacking" mail servers is a crimial offense now? And 7 years jail for doing it? Incredible! How could we endorse this when we as a community often advocate white hat hacking and general system exploration? I mean, a civil action would be merited, and perhaps some monetary penalty, but JAIL??? I don't know, this worries me. It is a dangerous precedent.
It does not specify but they should charge him with fraud for every email he sent. Lets see that would be about a million counts of fraud...that should up that sentance quite a bit. That way the bigger a spammer as person is the more years and bigger fines they can get.
Remove the spam reference to email
I'd argue that a closer analogy would be taking a delivery truck for a spin in the middle of the day, while it's full of merchandise that needs to be delivered. Furthermore, that analogy doesn't cover the resulting backlash of spam complaints back to the source. It'd be as if a number of the thousands (millions?) of people that he cut off in traffic all called your business to complain about your reckless driver.
An open mail server is likewise a nice thing to provide for those people who have unreliable internet connections. I temparly store mail on your server until my buddy gets online, and then you send it while my server is offline.
Well you could have a neat system which works the following way... When you want to send mail you check with something (e.g. DNS) where to send it. Getting back a list of possibilities (which can be spread all over the world. All nicely documented in RFC 974...
Now why exactly do we still need third party relays?
And this seems very reasonable. I don't like unsolicited email as much as the next person, but in the grand scheme of things, computer hijacking is relatively benign... even if it was used for the nefarious purpose of forgery. Unless it can be shown that this guy bilked old people of the money they needed to eat, or that his forgeries created some real hardship for someone else, the crime is a nuisance, but it's hardly an anti-social danger that deserves punishment like being locked in small cages with people who think shooting their friends over sports paraphernelia or minor grudges is a good idea.
I do not have a signature
If I had a dollar for every open relay on the Internet, I'd be a very rich person. This kind of crap -- "hijacking", they call it -- wouldn't be possible if sysadmins would LEARN how to SECURE their mailservers!!! Here's a hint: turn off relaying! It's absolutely asinine to allow the entire Internet to send mail through your machines; hopefully $18,000 in losses has taught this person that.
- A.P.
--
* CmdrTaco is an idiot.
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
I'm all for not coddling people, but seven years for SPAM (yes I hate it too) isn't realistic....
there are no stupid questions, but there are a lot of inquisitive idiots
That's the whole point I'm trying to make. Manage spam by having your real account, as well as a *free* account from hotmail, yahoo, or wherever. Whenever you need to distribute your email on the web, use the free account. When dealing with people you trust, use your real account. Then, when you find you free account getting overloaded, drop it and create a new one.
I agree with you that spam is a Bad Thing(tm), but there are a couple of simple steps you can take to minimize its effect on your life.
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
Comment removed based on user account deletion
Seems more like the guy calls someone's house asking if the homeowner has a gun. The homeowner says yes there's a gun at the house. The guy then proceeds to load the gun with millions of his bullets and shoots lots of people in the mailbox.
Inheritance is the sincerest form of nepotism.
If he gets 7 years, it's a sad day indeed. Mike Tyson got less then 7 for rape, didn't he?
After I have received the wisdom of good teaching, I will untiringly teach all people. - The Teachings of Buddha
In fact, the sympathetic response by many of those on Slashdot suggests to me that maybe punishments need to be made stronger in order to firmly establish that breaking into someone's computer is NO DIFFERENT from breaking into someone's house. If you want to take a look at someone's house, and slip a note in their mailbox if you notice they've left a window open, well that's one thing. If you crawl through the window and take a look around, even if you don't do any damage, that's a problem.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
Imagine this:
Congress is about to pass a change to the tax code that would place a 50% tax (a sin tax, in the spirit of tobacco) on beanie baby sales. As a professional beanie collector who makes his living selling them on ebay, this would put quite a crimp in my business. Although nobody has sympathy for beanie baby collectors, I figure that senior citizens have a lot of clout. (they do) So, I write up a letter on faked AARP letterhead that tells them that the new tax bill will place a 50% tax on Social Security, take it down to Kinko's and make 100,000 copies when nobody is looking, mail them off with a rubber stamp I "borrowed" from behind the counter when the grunt took a bathroom break, and then sneak out before he comes back, without paying. I have them all addressed to a bunch of addresses I found in a dumpster somewhere that may or may not be senior citizens, and figure that at least some will hit their mark and benefit my cause. Most will be ignored because they're mistargetted, but it doesn't matter to me because it didn't cost me anything. It cost Kinko's to make and mail the copies, and it gives the AARP a headache when people start calling complaining about this junk mail that's a lie.
Now, the fact that I lied in the message (common in spam) probably constitutes fraud on its own, but that's harder to prosecute than the much more obvious theft from Kinko's and impersonation of the AARP. That's what's going on in this case, and whether you think the guy has a right to spam or not, he certainly does not have a right to steal someone else's resources or impersonate another party.
WARNING: there is a trojan on your
Don't you think it is about time that the government makes some formal laws related to "hacking" and other computer activities. It always seems that lately whenever someone is caught the penalty is never known. I think the federal government should look into Computer Crime seriously and determine what the penalty is. It would be unfair if someone got punished more then someone else just because one judge thought spamming was more serious then another judge. I think this is another case of technology passing up society. With cyber crime becoming more and more common a lot of people do not know what to do with the criminals.
>neotope
Has anyone noticed that Sam Khuri/Benchmark Print Supply has been sending out Spam under a new company name, despite (or 'to spite') court rulings against him? I recently received several spams with the same "800 number" but no company name, and then more recently I've seen them with other company names.
-Chris
...More Powerful than Otto Preminger...
Commercial email is required to have a real, working unsubscribe link, just as telemarketers have to stop calling if you tell them to take you off their lists. So yeah, most of that spam actually is against the law.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
Just keep sending back your junk mail AND get yourself off the direct marketing mailing list.
Go here to be able to create forms with the address already on it. I am not sure how other countries can do it, but I used this site and I get only a few pieces of junk a week now. Also, Junk Busters is good, but the other site is easier to use.
=-=-=-=-=
"Do you hear the Slashdotters sing,
=-=-=-=-=-=-=-=-=
Oh bother.
s/car/gun/g
s/ran someone over/drove away with the child I was babysitting but left in the back seat when I went to the store/g
People have been charged for precisely those kinds of irresponsibility.
(I'm not advocating criminal charges against admins of open relays - just pointing out that there's plenty of legal precedent for the moral tenet that one should take responsibility to see that one's property is not abused to the detriment of third parties.)
He should get 7 years of trying to secure an Windows computer...that ought to teach him...
Burn Hollywood Burn
Comment removed based on user account deletion
The following is my logic. I'm not sure if it is right, but it can make sense.
How many % of (let's say) US citizens are criminals?
(From now on, I'm assuming the answer to the above question is less than a few percent)
If this % is small, how economic is building jails, hiring polices, putting people on trial, etc. to just correct this minority?
Does the correction of this 2-5% of the whole population actually make a significant difference to the sanity of the society?
On the other hand, the system as a prevention tool makes economical sense, because it purports to keep the rest (i.e. 90% or more) of the population from committing crimes.
A thought experiment: imagine that, you see the news on your local TV channel that "for the next 3 days our local police department is going on a strike. There'll be no street patrol..."
Will you get nervous about the news? Then, think about *why* think you'll get nervous. It likely will point to the crime prevention function of the system.
>Reduce the incentive for murder. Why are people
>murdered? There are many social ills that drive
>people to kill. Try to correct these things, and
>you've prevented more murders than sending >someone to jail--where they get angry, lift
>weights, and prepare for their next crime spree
Yes. Sound in theory. Extremely difficult for practice. Murderers kill people for various reasons, some of which totally out of any stretch of our imagination.
It is not possible to make everyone happy at the same time over a series of many government decisions. Some must be upset, for individual reasons. If we cannot take care of each of them, there're bound to be criminals.
e.g. free food for everybody would definitely make a lot of people happy, and prevents helluva lot of crimes. However, it may create a riot among shareholders of big food companies.
Oh yeah, and we also need real training for the people who leave their bleeding SMTP servers open for relaying to the whole damn world, or leave their wallets on the bar while they go to the bathroom.
---------------------------
'No rational religion claims "supernatural" exists, that's an atheist slander.' - seen on slashdot.
Cobblers.
http://www.2600.org/law/bernie.html
Read it all.
Also FatPhil on SoylentNews, id 863
*sigh*... You and other system administrators wouldn't have to worry about getting vengence on spammers in the first place if you use an MTA like PostFix or qmail. They're a lot easier to configure to filter out all the crap. They're pretty secure, too.
Friends don't let friends use multiple inheritance.
Or is it an utopia?
We will never get rid of spammers. We will never get rid of telemarketers. We will never get rid of Jehova's Witnesses. We will never get rid of television commercials.
I'm afraid that you may just have to swallow the fact that this isn't a perfect world and we must do what we can to protect ourselves. I could be a bastard here and extend your line of thought to home security (why should I have to buy a door lock?), but I won't. Oops. Sorry.
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
There is a big difference between what is right and what we do. When I left my house this morning I locked the door behind me. The right thing to do however would be to leave the door unlocked so that if my neighbor ran out of sugar in her baking she could walk in and get it. I know she will return the favor next time I'm short and egg for my morning omlet.
An open mail server is likewise a nice thing to provide for those people who have unreliable internet connections. I temparly store mail on your server until my buddy gets online, and then you send it while my server is offline.
Trust for your fellow man should be the normal way of dealing with things. Locks should be to prevent kids from playing with balsting caps, not to keep theives out. Fraud and abuse should be completely unknown.
No I agree admins should lock down their mail servers. However everyone should feel very bas about having to do it. Locking down a mail server says bad things about socity.
I completely agree with you, I just wanted to inject a bit of anti-rabid-spammer-hating into the discussion, since rabid anything usually results in faster than desirable erosion of civil liberties (witness the rabid fear of drugs destroying our society and the effect of the so-called War on Drugs). I do think that criminal cases related to computer crimes are going to be a case of "the big guy is always right." so that we will continue to see people like Randal Schwartz and Emmanual Goldstein get whatever legal treatment the law department of a large company decides they should get.
I do not have a signature
The government should be congratulating him, not imprisoning him!
Got friends?
I agree with the other posts that have said that 7 years in jail seems a bit over the top, especially considering that many of us endorse white hat hacking. Maybe even grey hat.
I think computer security law should reflect physical security law, and provide for different kinds of crime. As far as I know, neither "trespassing" nor "breaking and entering" land you seven years in the slammer.
Now, using a mail server to send unauthorized resource wasting mail is probably a crime. Taking someone's car for a spin w/o permission or pirating airwaves on a spectrum allocated to someone else are probably comparable law breaking actions (if you disagree, find something closer). Is 7 years in jail a crime fitting punishment?
There's different grades of trespassing and use of others property. Computer law should reflect this as well.
Tweet, tweet.
It's not like this guy cracked a root shell and used /usr/lib/sendmail to send the mail. He connected remotely to port 25 on this system and did this. The admin is partly at fault! The admin said "Sure take my gun and start shooting people."
Also I agree with other people that 7 years is an awful lot too. It's not like he was killing people. Murderers and rapists don't get that much time usually anyway....
And no I'm not defending him. I think he should do SOME time. But he should get 7 years when rapists get life. And the admin should at LEAST get fired.
--
Garett
I suppose with the demise of UUCP mail (cue for someone with a ! in their email address to pipe up), and the increased connectivity of the internet, no-one really needs to relay email any more.
Even if someone was connected by UUCP you probably couldn't tell from the mail address.
On a UUCP set up you can't assume that connections will be made in real time also there is no equivalent of DNS. Instead UUCP "maps" were propergated as news postings.
I suppose with the demise of UUCP mail (cue for someone with a ! in their email address to pipe up), and the increased connectivity of the internet, no-one really needs to relay email any more. I still think it's sad that this has to be done. After all, no-one is complaining that having open mailboxes outside every post office is a security problem, yet this is the exact real-world analogy (allowing for differences in sender-pays versus recipient-pays).
/. are clear cut. If the guy had hacked in and left the sysadmin a note how he did it, he should walk away. But because he was using the machine for spam (not to be confused with SPAM) he should be hanged, drawn & quartered. And that's only because we're feeling nice. It's the difference between finding a back of US mail & returning it to the Post Office, or filling it with postage-due credit card scams.
I think the sympathies here on
You don't even get that for *murder* in America these days.
You wanna stop being spammed? Use Spamido techniques:
http://www.yelm.freeserve.co.uk/spamido/
Government of the people, by corporate executives, for corporate profits.
So can I go to jail for 7 years for hacking a Quake server?
I agree. People who get carried away with lines like "lock them up and throw away the key" often forget one important question - which is, who pays for it?
It costs over $50,000 a year to keep someone in prison, which is something like twice the average income. Now, why should I pay for someone to sit in a square box and rot away, possibly be abused and develop mental problems of a sexual nature, and then be released into society with no skills? Just because revenge feels good?
Countries that have get-tough-on-crime policies have worse crime rates and a fucked up society. The US has the largest prison population in the developed world, larger than some european nations put together.
I've lived in other countries with different approaches to crime. The ones that focus on lighter sentences + rehabilitation have lower crime rates and less expensive prison systems. Of course, they also don't have electorates that fall for catchy soundbites like 3 strikes and you're out.
One of the features of HouseKeeper is to be able to fetch various items from the household for a person requesting it.
As a default, HouseKeeper is configured to fetch anything for anyone. At page 384 in the manual there are (slightly outdated) instructions on how to restrict access to that functionality, for example set it to refuse to fetch the gun for anybody but you, but happliy lend a neighbour a cup of sugar.
Now due to either a bug in HouseKeeper, a faulty manual or negligence, the owner failed to restrict anonymous access to the fetch(gun) command. This, luckily, did not result in a killing spree, but "only" in some late night target practice, which caused considerable irritation for a lot of people and a lot of work patching bullet holes the following day.
All opinions are my own - until criticized
I agree.
However, is the guy who gets 20 years for pot possession also a danger to society?
The justice system is set up to punish the lower classes and minorities more, regardless or the circumstanses of the crime.
Arn't the guys who run S&L scams and threaten the whole economy doing a lot more damage than those who steal cars or just happen to be carry enough drugs to get counted as a dealer?
http://overwhelmed.org
To: LtBurrito@slashdot.org
Re: Take Time Off From The Daily Grind! Learn How!
Don't delete this email until after you've read it And then you won't at all. Guarranteed system means you will never have to work another day! You'll be going places in no time! You will be waited upon by servants, have people bending over to please you, live in an enormous house wear jewelry and be chauffered everywhere you go!
Call 1-800-555-1212 and ask for information!
To jail, to court, to jail, to prison...
Specifically, civil servants, i.e. prison guards
Or visa-versa
Also known as the Big House
Bracelets anyway
By a guard named Elmo
--
A feeling of having made the same mistake before: Deja Foobar
It seems to me that you're both right, because you're using the word 'right' in two different ways.
;)
When the original poster referred to "the right thing to do", he meant the thing that would be right in an ideal situation. And he was right about this. If I could trust the world with it, I'd much rather give everyone open access to any part of my computer that wasn't specifically private (personal email, etc.) or reserved for something else (say, 2G of disk space that look free, but that I need for the BeOS installation I'm planning). In the absence of misuse (like spamming), an internet of open systems could be used far more efficiently than an internet of closed systems.
On the other hand, you're talking about what's right given the conditions of the real world. This is also a useful thing to consider--indeed, as the original poster seemed to acknowledge (remember, he does lock his house each morning), this is what should guide how we actually behave. When people act as though they're living in an ideal situation, they usually end up hurting themselves and others.
The reason that it's still useful to think about an ideal situation--always remembering that we live in the real world--is that it gives us an absolute standard for how good things could get. If we aren't reaching that standard, we can keep looking for ways to improve the situation.
Just to make things (a tiny bit) more concrete, consider the example of the Prisoner's Dilemma. Ideally, the best strategy should be 'trust always'--if everyone can be trusted to follow this strategy, the total score in the game will be as high as it possibly can[1]. In a random population of different strategies, though, 'trust always' fails miserably. 'Tit for tat' does quite well--probably better than any other general strategy--but still doesn't quite live up to the ideal. The reason to keep the ideal in mind is that it reminds us to keep trying to refine the 'tit for tat' strategy, even though it does better than everything else around, until it can do as well as the ideal of 'universal trust everyone'.[2]
[1] Assuming I'm remembering the scoring correctly. If one player cooperates and the other defects, the sum of their scores is less than it would be if they both cooperated, right?
[2] Such improvements are possible--just not through a change in general strategy. One solution would be to ensure that 'tit for tat' is as widespread in the population as possible. Another would be to change your strategy based on the previous performance of your opponent.
P.S. I've just been reading Dawkins's The Selfish Gene, and I think it's colored how I talk about the Prisoner's Dilemma--anyway, I don't think this talk of 'populations' is natural to game theory. But I hope my point is clear enough, anyway.
--Moss
--Moss
This is a
Now there are two of them.
There are two _____.
More precisely, you can only mailbox packages up to 16 ounces, or 454 grams for you non-Yankees; if you've got a heavier package than that, you have to either go to a US Postal Service window or use a competing package carrier like Fedex or DHL.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Thats a REALLY bad analogy.
More accurate would be, I left my gun in my house. You then went into my unlocked house grabbed my gun, and went and shot someone.
I am guilty of negilgence ONLY if you *should* have had access to my house.
However, you clearly werent meant to be in my house, I never gave you permission to be in my house, I simply forgot to look the door.
THAT is how the law works, no matter how unfair you may think that is.
GPL'd web-based tradewars themed space game
Maybe I am offtopic but...
No one likes spammers, and truly I think if convicted they should really lose their internet privileges, but PRISON?
This is evidence of a judicial system that is more about revenge than correction.
PRISON is for keeping violent people from hurting the rest of society. PRISON is for people who must be physically restrained. In the US, we send more non-violent offenders to prison than most other countries. Should you go to jail if you are caught speeding on the highway? How about jay-walking? Why do we send SOME non-violent criminals to prison and not others?
In theory the whole point of a jail is not just containment, but to "reform" a person so that they can be let out and once again become a productive member of society. However, the only real effect that jails have is mixing criminals together and leaving them worst off, and more likely to commit crimes when they get out than ever before.
Quite frankly, I want to know... how do you translate some monetary amount of damage, or loss of life into "X years"? How is this "crime" worth 5 years of a persons life, and this other crime 10? How do you make that translation?
I think throwing a person in a cage is an EXTREMELY HARSH punishment, any way you slice it. As such I think the use of such a punishment should be weighed very heavily.
> As for stopping it by removing any "profit"
> incentives, profit is not merely monetary.
No its not, but in many cases it is. In this case it is. People don't spam for the fun of it. They don't spam to annoy people. They spam because it is profitable. They spam because its free advertising for whatever their money making scheme is.
Do coke and heroin dealers cut their product with everything from baking soda to lidocain because they LIKE seeing people take impure drugs? Hell no...they do it because it increases their profit margin. It takes their product, which is worth
more by weight than gold, and raises its return
on investment even more.
Spammers are the same thing, people who know how they can make money, and are doing it. Its free advertising man. Or for the more "sophistocated" ones, its free advertising that they are selling to someone else. Not just stolen network and CpU resources, but stolen and sold.
Do you really think that criminals comit crimes "because they are bad people"? Ive known people who were "criminals" in their past, made their money stealing and cheating. They weren't "bad people", they were people doing what they knew how to do because they could make more money doing that than any legitimate job that they were qualified for.
If you take away the profit motive, then the few trouble makers who like hurting people aside, you force them to look towards legitimate work. The vast majority of the problem goes away.
Frankly there would be a hell of alot more trolls on slashdot if one could make money by trolling.
-Steve
"I opened my eyes, and everything went dark again"
I guess you're entitled to your opinion, but this kind of attitude strikes me as incredibly insensitive. It's tough to get good at computer security, and new exploits are discovered all the time. It's easy to forget to close a window. One should always take whatever steps possible to protect oneself, but that doesn't make the criminal any less evil for taking advantage of someone who did an imperfect job of it.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
I've read no less than 10 messages here stating
that "rapists and murderers" get less than 7 years.
I think you'll have a hard time finding a "murderer" whose original sentence was less,
or even a jurisdiction that allows such a sentence.
-fb Everything not expressly forbidden is now mandatory.
Here's a FAQ on the subject by a company that has the misfortune to make a product with the same name.
So an SEC investigation of the VA Systems IPO isn't News For Nerds? ;-)
Hell, it'd be nice to see people serve 7 years for murder
For spamming it'd be more appropriate to give them a large fine and temporarily ban them from any computer career (a la Mitnik).
--
A feeling of having made the same mistake before: Deja Foobar
My point was that these same people, if the profit motive is taken away, if they CAN'T profit by doing bad things - then they wont do them.
People don't spam, steal cars, or break into houses because they like doing it (ok, some punk ass kids steal cars for the purpose of joy riding and such... same goes for things like vandalism, but thats about the extent of it). They do it because they can profit by it.
Putting them in prison? what does it solve? When they come out they are just as unskilled as when they started. Still, ALL they know how to do is steal. They are put back on the street, worst off than they began.
Fuck prisons. They solve nothing. You want to get rid of the crime, make sure they don't profit by it. Make sure they don't make a dime off their spam or stealing, and then give them options for how to better themselves.
Your not going to reform a theif by slapping them on the wrist and saying "No, bad". You need to teach them how to get it in the socially acceptable and productive manner. How to earn it.
otherwise, when they get out, still all they know how to do is exactly what they were in for in the first place.
I think the real crime is the cost of living in our society. Its insane. I work a pretty good job as a sysadmin. I don't make top dollar, and am not interested in doing so. However, my budget gets tight! After rent and bills, I really don't end up with too terribly much...but I still live a comfortable life.
I have known people who work unskilled labor jobs. They don't make anywhere near what I do. Constantly struggling to keep their head above water. Working long hours, and ending up with nothing to show for it... just the bare minimums of a roof over their head and hopefully enough gas in the car that they can't really afford but can't get to work without.
At least where I am (Boston area) the cost of living is horrendous. It is, in and of itself, a crime. And people wonder why there are tehives and drug dealers. I wonder why there aren't more of them!
A good friend of mine did alot of bad things in his youth. I know he knows how to steal a car. He has come to me in the past for the consolation... cuz he works 80 hours a week, works his fingers to the bone. Can barely make rent half the time.
He knows he could steal a few cars and make some quick cash, pay that rent and make the car payment and still leave him with plenty of leisure time. He wont do it, cuz he knows its wrong - he doesn't want to go back down that path. Can you imagine the temptation? How many others are there like him?
Its alot easier to talk about morals and "bad people who steal" when you know where you rnext meal is comming from and that your going to have a roof over your head next month.
Do I think its ok to steal? Hell no. Its not. However, I don't think that stealing is the problem. I think its the symptom. Its a symptom of a larger problem. A social and economic one. I don't think putting people in jail or "Making examples of them" is going to solve anything at all. I don't think it reforms people. I think it does simple dis-service to our entire society.
Even if we had a system where by every persons needs were taken care of (and food, water, and shelter arn't the only needs, I count free time to persue a life outside of work is a fundamental need) we will still have stealing and crime... tehere will always be those few who do "bad things" just because they like it... fine, when we have such a system - put them in jail. For anyone else, jail does more harm than good.
For whatever else they may have done, they are still human beings. Hell, I don't even like the idea of holding animals in cages without a good reason. (not to open another can of worms but yes, I think medical testing is a good reason)
-Steve
"I opened my eyes, and everything went dark again"
I agree and disagree.
I agree that its sad that people are punished less for rape than for fraud. However, I will not agree that this is too harsh of a punishment for fraud.
> How would you like it if a hacker got 7 years
> for breaking into a computer system?
Its not about breaking in. Its about exploiting a flaw for personal gain. Its about breaking in thousands upon thousands of times over and over and using it to promote your own financial gain.
A person who "hijacks" a system once to demonstrate that it CAN be done, and makes a point to not hurt anyone in doing it - has done little wrong in my book. Simple tresspass maybe, perhaps foolish, but nothing truely and fundamentally evil.
A person who "hijacks" a system directly for the purpose of furthering their own personal goals and to assign the blame away from himself? a Person who "hijacks" a system specifically for the purpose of committing FRAUD. This is much worst than the simple act of "tresspass".
I am sorry but... if its new and original, or if its done to demonstrate the possibility or just to learn about the system and to teach oneself what can be done...that is hacking. Just taking a well known problam and pounding it to death because you can or using it for personal gain, that is not hacking, its exploitation.
-Steve
"I opened my eyes, and everything went dark again"
Comment removed based on user account deletion