Hacker Sentenced To Longest US Sentence Yet

Iphtashu Fitz writes "The Associated Press is reporting that a Michigan man has been sentenced to 9 years in prison for his involvement in hacking into the corporate systems of Lowe's Home Improvement and attempting to steal customer credit card information. The sentence far exceeds the 5 1/2 years that hacker Kevin Mitnick spent behind bars. Two others are awaiting sentencing, including one of the first people to ever be convicted of wardriving. Prosecutors said the three men tapped into the wireless network of a Lowe's store in Southfield, Mich., used that connection to enter the chain's central computer system in North Wilkesboro, N.C., and installed a program to capture credit card information. No data was actually collected however."

Great News

[DotNM]

This is great news and will hopefully discourage other hackers.

Re:Great News

[LinuxHeadMN]

It's about time. I highly doubt though this will really act as a detriment to the most hardned script kiddies.

I would like to see more stringent laws regarding this, but however the wheels of justice turn slow.

Re:Great News

[the_mad_poster]

Yea... okay. Good idea. Let's throw all those big badass hackers into prison and clog it up even more so that the killers and the rapists can turn parole faster.

Get a grip on reality. Breaking into a computer system is a non-violent crime. It involves monetary damages. Slap the bastard with heavy fines, hit him up with community service and make him pay it back.

You can't just throw everyone who inconveniences you, the poor system admin, into jail.

Re:Great News

[LnxAddct]

There have been murderers sentenced to one-fourth that length of time. This is ridiculius when people start valuing money over life.
Regards,
Steve

Re:Great News

[DoraLives]

Breaking into a computer system is a non-violent crime. It involves monetary damages.

You break into a computer and steal my money, and it's going to become a violent crime when I break into your face and cause some non-monetary damages. Go to jail, go directly to jail, do not pass go, do not collect two-hundred dollars.

Re:Great News

Generally, once someone's information is stolen, their credit is screwed up. Even if they don't do anything wrong, at all, and it's proven. They will have to prove they're them, basically.

Re:Great News

RTFA, they didn't steal any money. Also, I don't think you know what the term monetary damages mean.

Re:Great News

[citog]

You mean; when the justice system starts valuing money over life. I see nothing wrong with someone like this doing time. Dealing with the problems in the justice system is a separate issue though.

Re:Great News

[MadMacSkillz]

Stealing credit card numbers isn't an inconvenience. It's a crime. As in "against the law." Oh boo hoo, the punishment is too excessive, boo hoo. It's a non-violent crime. Fine. I'll empty out your bank account and then I'll pay a fine and we'll be cool, right? That'll scare the hell out of people who are tempted to hack into people's financial business. Oh no, we might get FINED. I'm somehow thinking that doesn't have the same threat as jail time.

Re:Great news

[PopCulture]

As the global economy relies more and more on computers to conduct comerce, I for one am glad that computer crimes are being treated quite seriously.

Well, if only "people" decided to take network admin security anywhere near as seriously we'd be in good shape, no? Running a major e-commerce chain over unsecured wireless. wtf.

(By the way, there have been something like 4 cybersecurity czars over the past 5 years in the US... they keep stepping down 'cause no one takes them seriously.)

Just because it is a computer, and just because there was no physical harm to someone, doesn't mean that the crime is not a damaging crime. And with the concerns running about for identity theft, the sentence seems appropriate.

This guy got about (if not more than) the average rapist or murder gets. If you think the headache of taking your credit seriously, checking it for inconsistencies often (as you should be doing anyways, identity theft or not- mistakes are made)and dealing with rude phone calls from mistaken debt collectors is anywhere near as bad as losing your life or getting physically raped, then you need a SERIOUS reality check.

I mean jesus, look at the total and complete financial consequences of the Enron gang, Martha Stuart et all (including the lessening public trust of investing your money) and try to tell me this loser and his packet sniffing dumbass should be in a federal pm in the a prison for NINE YEARS.

Re:Great News

[Zaphod_Beebleburp]

You're right, breaking into a computer system is a non-violent crime. Are you saying that since it only concerns monetary damages it doesn't warrant a jail term? I suppose ENRON execs would certainly share your viewpoint. Grip on reality?, I imagine your views on the subject would change if your credit card was charged for purchases you never made. It would stand to reason that someone doing this doesn't have the money to back up the offenses he/she has done so there would be no recouping of lost money. Hit him up with community service? Sure, in each community of the owners of those cards, 100 hrs each. Again you're right, we can't throw everyone who inconveniences us in jail, but we can make sure that those that break the law end up there.

Re:Great News

Actually, yes, yes you can

Re:Great News

[NoMercy]

Question is, would someone caught walking out the building with a backup tape from the credit card database server be locked up for 9 years, or is this just another waste of tax payers money on making another example of computer hakers when really the computers were just a tool in a rather mundane crime.

Re:Great News

[computerme]

how in the world did "Yea... okay. Good idea. Let's throw all those big badass hackers into p"

get modded as insightful?

what he is saying is total frelling bullcrap...

Re:Great News

I think the point of the harsh sentence to send a strong message to future would be criminal hackers.

Its better to nip this crap in the bud then to let the idea of hacking mushroom into something where eventualy as you put it will displace violent criminals for computer 'hackers'.

Re:Great News

Oh fuck right off. Serious.

Re:Great News

[TheKarateMaster]

Would YOU like to pay the taxes required to lock up every hacker and build 7 new prisons in the process? I didn't think so... Jail costs the gov't money... Fines GIVE the gov't money... Now if every hacker was fined, as opposed to jailed, what do you suppose that would do? Not to mention that jail IS pointless... Are they going to hurt anyone if they aren't in jail? Well, chances are they're not going to be mugging anybody, this is a hacker/geek we're talking about. And are they going to hack/phish/whatever for the next few months/years? Not if they're very intelligent. This is just my theory, but I would imagine these people's online activity would be monitored... So if they do try something stupid, we get to collect another fine! But then again, I'm Canadian... (see if you can pick up on the cynicism)

Re:Great News

[Junior+J.+Junior+III]

How is hacking into Lowes for credit card numbers a life-affirming value?

How is sentencing a criminal to 9 years in prison for being a greedy fuck bent on stealing people's credit cards anti-life?

Just because you use a computer to commit a crime doesn't mean that you're some kind of hero.

Re:Great News

Where's the insight in this post?

Re:Great News

[alienw]

It's not like they are getting life in prison or something. 9 years is pretty reasonable for breaking in and trying to steal credit card information. What if someone broke into your house and stole all your stuff? Would you want him to return the items and do some community service or actually serve a sentence?

Re:Great News

[wheelgun]

I find your pro-crime stance to be a breath of fresh air.

Re:Great News

[tzanger]

I think you're missing the point.

Nine years in prison for a non-violent crime? For a non-violent crime that didn't benefit the criminal? It's excessive, especially when murderers and other violent criminals get substantially shorter sentences

I agree with you that he comitted a crime and should do some time and perhaps a fine to Lowes... but nine years is not justice.

Re:Great News

[tzanger]

Ok, fine. I'll steal your money and then murder you to make sure I don't get made an example of by some pinhead prosecutor who wants his name in the paper. I'll get a couple years and be back on the street. Sound good to you?

Re:Great News

[arkanes]

The 9 years he got is a lot more than the typical sentence for most white collar crime, like stock fraud. Or even what the Enron guys got, for that matter. It's also more than the average sentence for most violent crime.

Judgement calls about what's "worse" are always hard to make and generally suspect, but giving him a ton more jail time just because he used a computer is stupid. Whether that means we should up sentences for everything more, or whether we should drop his is really a judgement call. But it's got to be one or the other, cause as it is something is seriously twisted.

Re:Great News

[Junior+J.+Junior+III]

I'm more worried about non-violent "white collar" crime than I am about petty thuggery and street crime. Computer crime is potentially vastly more dangerous than a single person with a gun could ever be.

Re:Great News

[iamatlas]

You must not realize the impact non-violent crime has on society. It accounts for hundreds of billions of dollars in losses, not just to companies, but to individuals, tax dollars, and consequently government services, education, everything.

Violent crimes effect an individual in a very drastic way, and such criminals should be punished harshly. However, non-violent crimes effect enourmous numbers of people, sometimes in minor ways, but often in profound ways. Violent crimes can destroy a life. Non-violent crimes tear at the fabric of society in a subtle but systemic fashion.

Is the person who dies because their healthcare fund was raided less dead, less of a victim, than someone killed with a gun? If you think so, I'd like to know where you've had your education-- that school system or university may need more funding.

Re:Great News

prehaps lowes should just patch the whole that allowed it. i mean all the court procedings ect usually cost more than the fine, and the jail time only costs us the tax payers money. so really this hacker is stealing more from us by getting caught than he did by hacking into that system

Re:Great News

Humm, why am I not surprised such a comment came from a slashdotter.

BTW, care to give us your financial information (bank account, cc, etc)? If the "heavy" fine is for example $1,000.00, I bet you have more then enough to cover me for it.

Re:Great News

[curious.corn]

Even according to an "eye for eye" meter, frauding CC accounts isn't the same as pulling the trigger against someone staring in your eyes begging for mercy or pummeling a desperate chick amidst piercing screams... these are more akin to crimes against the humanity embodied in the victim. CC frauds are a burden to the system, involves added costs and generally make good business for damn insurance companies so, don't you think you're getting too touchy? Jail good for these guys? Shure. 9 years? It sounds like a bloody lot of time... perhaps too much unless they can get parole in at most 2~3 and assigned to some social assistance to recoup the cost they woul've been to society. (and in some low risk detention center; no need to add torture to punishment slamming them together with deranged people)

Re:Great News

[Darkangael]

Attempted stealing of credit card info is not one of these potential dangers, however. Sure, if they were caught "hacking" into a nuclear power plant I would be worried, but stealing credit card info isn't dangerous at all. Anyone who was affected would just have to cancel the transactions when they spot them on their credit statements (which they should ALWAYS read).

I don't condone what they did, but 9 years is WAY too much when murderers are getting less (perhaps it's the murderers who should be getting more time though, rather than the crackers less). Credit card numbers have a limited value, life is something onto which a price tag cannot be placed.

Re:Great News

Let's throw all those big badass hackers into prison and clog it up even more so that the killers and the rapists can turn parole faster.

Or how about: let's make a headline example of this guy to stop hundreds or thousands from thinking it's a low risk scam worth trying, and so *not* further clog the prisons.

Breaking into a computer system is a non-violent crime.

Absolutely. But that doesn't mean it doesn't cause damage. Damage which can and will filter down to push people on the financial edge into default: homelessness and inability to get medical services. It's not just that some suit will a Lexus with less options next year.

Also because it's a non-violent crime means it carries less physical risk to the criminal, which makes it more attractive to try. See issue above with clogging prisons. You need to make sure people don't do this stuff.

I am in no way saying you're totally wrong, just pointing out the judgement *may* not be entirely on crack.

ie,
Slap the bastard with heavy fines, hit him up with community service and make him pay it back.

yeah, i'm entirely in favor of looking at that option. Does it work well in your country?

Re:Great News

[Darkangael]

What if someone broke into your house and killed you? And got 4 years prison time? From the sounds of this discussion that is what the problem is, not that he got 9 years, but that others who do more damaging crimes get far less.

Re:Great News

[DarkOx]

I want my stuff back more then anything else, and community service might get something usefull accomplished. Think of all the elderly persons who cannot afford to pay, but could get their laws cut and their driveways shoveld by persons doing community service. Think of all the trash that could get picked up. Consturction work for local schools and libraries(obviously just the most menial stuff like digging foundations and such). Point is community service is a good idea. Even with violent criminals. I would rather pay a gaurd to stand over a chain gange doing work, with a shoot gun then make sure prisoners come back from the cafeteria on time.

Re:Great News

[OverlordQ]

Think of how many transactions flow through their main headquarters EVERY DAY, pretty big number eh? surely qualifies as grand theft.

Re:Great News

Not quite. It would be like giving a burglar who didn't manage to steal anything, a nine year sentence.

Re:Great News

[Lord+Kano]

So you say now, but when it take you 5 years to repair the damage that these assholes do to YOUR credit, let's see if you're singing the same tune.

LK

Re:Great News

[Fjornir]

OK. It is now Wednesday, and I am making my once-weekly post on meta-discussion. I would like to take a moment to encourage everyone to also make a once-weekly post on meta-discussion until such time as moderators start doing the Right Thing with regard to metadiscussion.

Please, please, please. Mod all of the "MOD PARENT UP!" posts OFFTOPIC. Please, please, please mod all of the "MOD PARENT DOWN" posts OFFTOPIC.

Please, please, please -- if you feel like the poster had a good argument say something along the lines of "Well said, sir!" -- and then back it up with any additional information you feel the poster may have missed.

Please, please, please -- if you feel the poster was mistaken or had a bad argument, then correct them, or logically attack the argument.

Please, please, please -- if you have modpoints today mod the parent post down. If you have modpoints remaining, mod me down as well.

Last off, in an attempt to set a good example: computerme -- please tell me, sir, ma'am, or other, why is it a bad idea to lock up a criminals stealing credit card information? At 9 years total it seems like the "time:cards stolen" ratio is quite reasonable. Why do you feel differently? Would you feel differently if your card was involved?

Re:Great News

[focitrixilous+P]

I'm more worried about non-violent "white collar" crime than I am about petty thuggery and street crime. Computer crime is potentially vastly more dangerous than a single person with a gun could ever be.

I dunno, I'd rather lose my retirement fund then my retirement life. There's no question that computer crime is crime, but it doesn't hold a candle to violence.

Re:Great News

[computerme]

no. i do believe this guy should be locked up. its the loser up a couple of notches that sees now problem with CC theft.

Re:Great News

[DarkOx]

The fact that the computer was involved is *not* the issue. This was strait up attempted larceny or shoud have been, there is no need for other charges. The fact the computers were part of the means has nothing to do with the elements of theft. There realy does not need to be an specific laws for *computer crimes*. If someone broke into a neuclear power plant it would be covered by Anti Terrorism laws, possibly treason or sabotage and public order laws. The computer is just an instrument in all of these crimes. Does it make any difference if I burgle your home by smashing the padlock on you garage door or picking it? No I broke and entered a home regardless of wether the instrament was a paperclip or a big rock. People think because a computer is involved some specail rules should apply and thats just stupid.

These guys are theifs and should be prosecuted as such, plain and simple. Just like the guy who hacks into the neculear plant is comminting a crime aginst the state and should be charged with treason and fried. I don't care wether he used his Thinkpad or a UHALL filled with TNT its THE SAME CRIME or should be.

Re:Great News

[commodoresloat]

9 years is not "reasonable" for anything. Especially when many violent criminals get far less. In response to your question, like someone else above me wrote, I would want my stuff back and community service would not be a bad idea at all. What goal is served by taking the perp out of society for a decade? A few months I could see, perhaps even a year, but nine years? For stealing? Once? Without a weapon?

Re:Great News

Actually the avg sentence for 2nd degree murder is 5-10yrs. So is attempt to steal credit card on the same moral level.

Even possesion of credit card # isn't a crime, using them is.

The crime committed is simply breaking and entering. Assuming they broke WEP or WPA, they would also be liable for DMCA violations, but IANAL.

These "kids" screwed around with a few hacks and tried to steal money no doubt, but at the end of this sentence they will be worse than they started.

Re:Great News

[Junior+J.+Junior+III]

A single hacker messing around with the right financial data can ruin the lives of thousands or millions of people, causing more harm in aggregate than a even a few murders.

Murder's bad, don't get me wrong, but the impact of one human being killed vs. the impact of massive computer fraud can be worse. If an economy tanks badly enough, it can destabilize an entire country, resulting in mayhem and more deaths than a lone gunman on a killing spree could "aspire" to.

Re:Great News

That's pure BS. Stop arguing by analogy.

If I break into your home and you catch me in the act, what is the likelihood the confrontation will turn violent and I'm going to kill or maim you? When someone breaks into a home they have an expectation of a possibility of violent conflict.

When someone roots your box for financial info, it's impossible they will cause you physical harm. Hence, not violent.

Re:Great News

[zakezuke]

Would you want him to return the items and do some community service or actually serve a sentence?

I would not *want* the person to get off with only community service but I feel this would be a likely sentance for a first offence. But if they returned the items it would imply that they had a conscience and should reflect well in the eyes of a judge. However this would not even be an issue if there was only attempted breaking and entering. Again if this is a first offence I would think a slap on the wrist would be a likely sentance. Intent should reflect punishment of the crime commited. For example if they had a large moving van that should be taken into account. But they shouldn't be punished for a crime they didn't actually commit.

What I find hard to believe is the reality of something shown on Max Headroom. "Credit fraud, that is worse than murder!"

Re:Great News

[Hawke666]

Ah, yes. It's all clear to me now. Man, they sure did VIEW A LOT OF TRANSACTIONS! They *STOLE* those transactions! It's GRAND THEFT!!
Oh wait, they didn't actually steal anything. Never mind.

This is like installing a camera at a bank and watching people withdraw and deposit money. Sure, you see a lot of transactions, but do you get any of it? Hell no!

Or if you consider what they could possibly have done if they had actually got some CC numbers...man, they could have STOLEN SO MUCH MONEY FROM LOWE'S. O wait, no...it would be stealing from the Lowe's customers? Oh wait, they'll dispute the charges. So they're stealing from the credit card companies? Oh wait no...they didn't actually get anything. Nevermind.

Re:Great News

[The+Analog+Kid]

This wasn't an ordinary script kiddie, the person was trying to steal credit card information. While I'm against throwing most non-violent offenders in jail, this guy deserves to go to jail. Think of what could happen with this information, nothing good.

Re:Great News

[Darkangael]

I agree completely, it's the magnitude of the punishment compared to other, more severe, crimes that I find objection to. Jail time is definitely appropriate. 9 Years is probably a bit excessive. For the average "geek-collar" criminal, 3 years would probably sufficiently scare them away from any such action. Perhaps ban them from owning a computer or internet connection for a further year or two if it makes you feel better (hell, moving them into some jails provides them with better "hacking" facilities doesn't it? I've heard of jails with better internet facilities than some schools!).

You would also have to question whether the guy with the U-Haul of TNT would get the same punishment (for the theft component, ignoring the destruction of property charges which would be inevitable in such a case). Many people have some kind of perverse fear of computer technology. They don't understand it, and when they see it can be used as a criminal tool they go and kick up a fuss and perceive it as worse than it actually is. People can understand how a U-Haul full of TNT works. People react to computer hackers the same way they would if someone walked into the middle of town and started shooting flames from their fingertips. It's a witch hunt.

Re:Great News

[Hawke666]

Right, but they didn't get any CC numbers.

So I guess "not stealing credit card numbers" is a crime too then, eh?

Guess I'm going to jail.

Re:Great News

[BattleTroll]

Ok, say Lowes processing 100k credit cards in a day. So for each day these guys were in the system you charge them with one count of attempted larceny, in which case 9 years is a cake walk.

Why do people continue to appologize for criminal behavior?

Re:Great News

[superpulpsicle]

Hacker: What are you in for?

Prisoner1: I raped a village and decapitated a cop. I am doing 2 years.

Hacker: What are you in for?

Prisoner2: I killed 5 people for fun and blew up a store with dynamite. I am doing 3 years.

Hacker: What are you in for?

Prisoner3: I robbed a bank of a million dollars. I am doing community service. What are you in for?

Hacker: [ in a teenage geek voice ] I was hmmm hacking a PC. Doing a decade.

Prisoner1: Ha ha ha the judge must be a Mac fan. Don't drop the soap.

Re:Great News

[TeraCo]

That's the funniest thing I've read today, if I wasn't blacklisted for modding you would be getting some modding even as we speak!

Re:Great News

[Jane_the_Great]

No, but attempting to steal credit card numbers is a crime.

If you walk into a bank and attempt to rob the place but someone bigger than you [I'd guess anyone over 5'3" would qualify] takes you down, you're still committed a crime. Just because you aren't a success does not mean you aren't going to get punished.

Honestly, the logic behind your comment is so dumb that it's sad. Don't try to nitpick your way into looking intelligent - you're failing miserably.

Re:Great News

[Fjornir]

I apologize, sir. I read you quoting "Good idea. Let's throw all those big badass hackers into p[rison]". To which you responded: "what he is saying is total frelling bullcrap".

Re:Great News

Even if someone broke into your house and stole everything, and was caught red handed, they would not even get 9 years for it.
Kinda blows your argument out of the water.

Re:Great News

[Hawke666]

of course stealing cc numbers is a crime.

I was arguing that the crime in question is not theft, not that theft is not a crime nor that attempted theft is not a crime.

Oh, and thanks for the personal attack. That was awesome.

Re:Great News

[Artifakt]

If you lose your retirement fund, you will probably lose at least a few months life expectancy living on just social security. You will have to put off some medical treatments, not get as many expensive tests, and so on. You may even have a poorer diet. AARP estimates suggest the average life expectancy in the US is about 2 years shorter if you only have Medicare for medical support.
What's the real difference between killing one healthy newborn infant that is specifically guarenteed to otherwise become a productive member of socitey, and takeing 2 years apiece from about 35-40 formerly productive retirees? To reverse the old saying, Money is Time (and Time is Life).

Re:Great News

[Jane_the_Great]

How does that "argument" you were making add anything insightful or interesting to the point that the person you responded made?

The poster you replied to said that they had committed the crime of stealing credit card numbers. While that is not true - what does saying "not stealing credit card numbers" is a crime as well have to do with anything? Honestly, I really think your comment was just nonsense nitpicking that added nothing to the discussion. Is this the typical level of conversation you have?

Re:Great News

You make a great analogy except for the fact that they didn't "steal all your stuff." In fact, "no data was collected."

Re:Great News

[Master+of+Transhuman]

"perhaps too much unless they can get parole in at most 2~3"

This guy is going to Federal prison. There IS NO parole from Federal prison. You get what is called "supervised release" at the end of your sentence - which is effectively similar to parole, but is not the same thing.

Oh, yeah, you can get time off for "good behavior". But the Feds changed that a few years ago. Before, you used to get 53 days a year knocked off your sentence if you didn't get any incident reports. Once you got 53 days for a given year, you had it - they couldn't take it back if you got incident reports in the future.

Now you don't actually get your time off "vested" until the day you're actually due to be released based on whatever time you COULD get vested. This allows the Feds to hit you with more incident reports, take your good time, and keep you longer.

And since it is virtually IMPOSSIBLE to do Federal time without incident reports of some kind, this means the Feds get to keep most people longer.

This allows them to increase the prison population, demand more prisons and more money for the Bureau Of Prisons, and increase both their job security and their career paths.

And THAT'S why it was done.

As for where this guy will be going, it depends on his "points", which in turn depends on the crime, the number of criminal charges they were indicted on, any violence, presence of firearms, the amount of any money involved, etc. If they had access to hundreds of thousands of dollars worth of credit cards, they could get enough points to end up in a Federal Penitentiary (the second highest level in the Federal system - the first being a "Super-Max", the third being a Federal Correctional Institution, and the lowest being a Federal Camp.) He could easily end up in Leavenworth. After X years of his sentence with no incident reports, his points could be reduced enough to get down to an FCI, and eventually a Camp if he's lucky.

How he fares at a place like Leavenworth will depend on his smarts in dealing with people who are (presumably) much dumber (but more violent) than he is, as well as factors such as his physical presence, his attitude, his age, etc. I did four years at Leavenworth (after four years in other facilities), including two in "The Hole", and was never physically assaulted (by inmates, anyway - I was pushed around once by a correctional officer.)

Re:Great News

[Hawke666]

I was not attempting to be insightful. Didn't realize all comments had to be.

'"not stealing credit card numbers" is a crime' was a small, presumably unsuccessful attempt to apply poor logic to achieve humor.

You can see my posting history and content/scores thereof as well as I can.

Re:Great News

[slam+smith]

I suppose if some guy takes a shot at you and misses you are just going to blow it off? Or are you going to want to see him thrown in jail? Personally I vote for jail. Nine years doesn't seem all that out of line for what they tried.

Re:Great News

[Foolhardy]

I got it. I think it made sense, even if it wasn't the most insightful thing ever posted. MadMacSkillz was attempting to polarize the issue: if it's illegal then it's a mortal crime that must be punished, all the while stating untrue facts. You exposed the lies ;)

Re:Great News

[Hawke666]

No, I won't blow it off. But I wouldn't want to see him charged with murder either. Attempted murder sure. Murder, no.

I'm of the opinion that even if someone successfully "stole" every credit card number in existence, but never used them for anything, they'd not have commited credit fraud, theft, or anything else.

Re:Great News

[slam+smith]

Then again it might just be cheaper to build the prison and to put these anti-social people somewhere they can't prey on society.

Re:Great News

[Jim_Callahan]

Yeah, ok, how about four hours for attempted theft. Fair 'nuff? Ok, then... let's see, four hours x the number of credit cards the store processed in the time period the software was present... yeah, i think this guy got off light.

Re:Great News

[Excen]

Computer crime is potentially vastly more dangerous than a single person with a gun

. . . says the man who has never had a 12 gauge pointed at his face.

Re:Great News

[TheAntiCrust]

If you dont mind me asking... what were you in for?

Re:Great News

So is being in "the hole" really worse than being amongst the other prisoners?

I'd think I'd prefer it to having to deal with murderers and arsonists.

Re:Great News

to add a fresh set of eyes: your post was one of the stupidest things I have read in a while here. and I don't think you were trying to be funny, I think you were trying to be another lame-assed indignant "geek". moron.

Re:Great News

[mdfst13]

"9 Years is probably a bit excessive. For the average "geek-collar" criminal, 3 years would probably sufficiently scare them away from any such action."

For the average *criminal* ("geek-collar" or not), no punishment is sufficient. Criminals do not expect to get caught. They think that they will beat the system. Punishment of criminals is not primarily to deter crime. It is to prevent *that* criminal from committing crimes against the general populace during the term of their sentence.

The truth is that property criminals are more likely to commit future crimes than are "murderers." Further, if someone is getting less than nine years for murder, then they aren't convicted of murder. They are convicted of manslaughter, negligent homicide, etc. In other words, they are convicted of recklessly causing the death of another human being. I.e. they weren't convicted of intentionally killing someone.

Finally, it is worth noting that nine years is long enough that 1337 sk1|_|_z are no longer current. Three years (which is likely to be 1.5 years in actual practice--time off for good behavior) just means that one needs a refresher course. Bans against various activities after release don't work. How do you enforce them? How do you tell if that person is using a computer?

Re:Great News

[bonch]

9 years is pretty reasonable for breaking in and trying to steal credit card information.

Especially since the guy is a repeat offender.

Re:Great News

[ATMAvatar]

At 9 years total it seems like the "time:cards stolen" ratio is quite reasonable. Why do you feel differently? Would you feel differently if your card was involved?

In short: the reason I believe it is an unreasonable sentence stems from the fact that you can get as little as 4 years for manslaughter. Why should someone who commits CC theft get a sentence more than twice that of someone else who killed a person?

That's not to say I don't believe the guy should go to jail. I simply question our society's values when hacking into a system and grabbing a bunch of insured CC numbers is considered in the ballpark of a rape or murder, let alone when it can net you even longer jail time.

Re:Great News

[mdfst13]

"Now if every hacker was fined, as opposed to jailed, what do you suppose that would do?"

Lead to a lot of unpaid fines? What do you do then? Very few criminals have large (legitimate) incomes or savings, especially after you confiscate the ill gotten ones (which already happens, even without the fines).

"And are they going to hack/phish/whatever for the next few months/years? Not if they're very intelligent."

If they were very intelligent, they wouldn't have gotten caught doing the crime in the first place!

"I would imagine these people's online activity would be monitored."

HOW?!? To do that, you would have to put them in some location where they were under constant surveillance and contact with others is restricted. What's that? A jail!

Re:Great News

[Darkangael]

"For the average *criminal* ("geek-collar" or not), no punishment is sufficient. Criminals do not expect to get caught. They think that they will beat the system. Punishment of criminals is not primarily to deter crime. It is to prevent *that* criminal from committing crimes against the general populace during the term of their sentence" The kind of skript kiddie you normally find running around "carding" is usually young and stupid. 3 years in prison can do wonders for their world perspective. People with a criminal mind won't be deterred, but then they won't be deterred by anything as you say. "The truth is that property criminals are more likely to commit future crimes than are "murderers." Further, if someone is getting less than nine years for murder, then they aren't convicted of murder. They are convicted of manslaughter, negligent homicide, etc. In other words, they are convicted of recklessly causing the death of another human being. I.e. they weren't convicted of intentionally killing someone." Fair enough, I am not an American or a lawyer so I was just going by what the general consensus is. PRobably not the smartest thing to do on /., but I don't have the time to do hours of research just to respond to a posting. "Finally, it is worth noting that nine years is long enough that 1337 sk1|_|_z are no longer current. Three years (which is likely to be 1.5 years in actual practice--time off for good behavior) just means that one needs a refresher course. Bans against various activities after release don't work. How do you enforce them? How do you tell if that person is using a computer?" I dont know but they seem to want to try and stop everything else.

Re:Great News

[Lemmy+Caution]

There's something interesting in the geekish horror about physical violence and their Darwinian attitude towards non-physical acts of aggression. When it comes to any kind of victimization that uses mental or social methods, it's the fault of the victim for being unprepared, undefended, uninformed - maybe it's a sort of vicarious revenge fantasy, a larcenous "Revenge of the Nerds" or something. But on the physical level, oh no - nothing could be more horrible than being punched or hurt than someone bigger than you.

And frankly, the fear of physical violence is exaggaerated. Yes, injury and death are understandably horrifying, but to here some geeks speak, losing $10,000 is preferable to getting a broken nose. Is it body-horror? The fantasy of being pure mind? People, bones mend and cuts heal, but some of the damage done to spirit (and the loss of time that theft from someone who has worked for it implies) don't always heal so well.

Slashdot needs a Fight Club.

Re:Great News

[mr.+methane]

When you write a check for $8 worth of groceries, you're inconveniencing me. That's not a crime, and it's only marginally rude.

Information does have value. If you disagree with that statement, go ahead and post your name, address, DOB, SS#, and mother's maiden name here. Your credit card numbers, along with the validation code on the back would be a plus.

(no, I won't hold my breath)

Fines have no effect on thieves, and it's dubious that they'd provide any value to any community in the proposed service. Do *you* want this guy handling your mom's medical records as a hospital *cough* "volunteer"?

Re:Great News

For the record, to get a similar sentence in finland, you'd probably have to suffocate someone with a duct tape during a satanic ritual and then chop him to pieces. And you'd still be free after spending only half of it in prison.

Re:Great News

[go$$amer]

How many people going to are going to hack for credit cards when it costs 9 years of your life?

If you're dumb enough to pause at that question, good f$&%ing riddance.

I think letting these guys bend over for bubba extensively is a solid disincentive for people to steal with computers. 9 years-that ought to keep them, and a whole bunch of the other morons that would otherwise follow from plaguing society...

Or, they be bubbas bitch - try to phreak yo way out of that.

Re:Great News

[Spyde]

So you don't think 9 years is an adequate sentence for attempted theft?

Re:Great News

[Seraphim_72]

The kids that broke into my house and stole all of my stuff did some community service, and I never got back about half of my stuff including my Mac. Nine years is more than *rapists* get, which would you rather see get the 5 years and which the 9 ?

Sera

Re:Great News

[evilmousse]

ohhh your post hurts to read.

surely you acknowledge that much that is good in this world is subtle, while much that is bad is sensational. material gain, i think for many, in the long run anyway, is not commonly found to be as valuable as friends and most especially family. From that angle, I don't think a price tag could or should be applied to the value of a person's presence in others' lives. To avoid getting too pussy, even keeping within the hard and accountable view of things, there is SO much a person can accomplish during their lives, from acts deserving fame to the humble role of supporting another person's life. Why do insurance policies pay out such lotto-worthy amounts? because that's (a poor, imho) accounting of your worth from the view of how much responsibility live and produce you have.

Re:Great News

[the_brat_king]

Killing a person is not illegal; it's the circumstance that creates the crime. ie:

1st Degree Murder: You catch you SO with someone else, shoot them both, go to the gun cabinet unlock it, select the correct caliber ammunition, and reload, shoot them again. You've shown a cold and callous disregard for human life, a recklas disregard for human life, a propensity to violence and a cold callous and premeditated nature in committing acts of violence (remember, you reloaded, that kills "heat of the moment" and "passion" crime defenses).

Manslaughter: You were doing 35 in a 30 and a drunk stumbled out from between two cars. You have committed the crime of speeding and negligence (reckless driving -- although I don't know why they call it that, since you normally do wreck driving like that). (if you want, and to play "the system is unfair and lets murderers out" you can replace "drunk stumbled" with "child playing ball runs")

2nd Degree Murder: You are robbing a store, and as you exit someone grabs your gun, it goes off. This could almost be a murder 1 but generally a jury won't convict on of 1st degree on incidentals. You committed a murder while in the commission of a felony, and you showed a reckless and willful disregard for human life. You brought the gun, this shows you had the will and intent to harm others to further your goals, and another got harmed.

Law is all about intentions... The road to hell may be paved with good intentions, but the road to prison is paved with rot and evil intentions. These felons had the intent to defraud and steal, they used methods which are also illegal. (Remember most homes and cars, or your wallet for that matter, are less secure than computer networks.) They deserve to do some time... serious time if you ask me, and a 9 year sentence is NOTHING. Even in Federal (as the guy that did time in Levenworth said -- paraphrased -- shit's rough, if you let it be)

Prison might be just what these guys need to straighten out. It's worked for quite a few people I've known.

Re:Great News

[Qrlx]

Whatever, I'd rather be the victim of a non-violent crime than a violent crime.

Scenario A: My bike gets stolen
Scenario B: My bike gets stolen and I get my teeth kicked in.

Which would you prefer?

Re:Great News

Murder's bad, don't get me wrong, but the impact of one human being killed vs. the impact of massive computer fraud can be worse.

Two names:
Jesus
Archduke Franz Ferdinand

Re:Great News

[Grandmasta]

I'd be happy with getting my stuff back and watching the guy clean up the trash-filled creek in my back yard, yeah. Hell, I'd invite friends over.

Re:Great News

Yeah? Then bring it then, big man. I doubt a pussy like you can hit any harder than a 3-year-old.

Re:Great News

[malsbert]

not all see criminal behavior as the equivalent
of unethical behavior. laws are man made ... and can does be argued.

Re:Great News

[tha_mink]

Does it matter that they didn't steal any money. I think they got a light sentence. Hacking into corporate systems with the intent of collecting credit card information, I assume for the purpose of identity theft, is a serious crime. They should have given them more time in jail as to send a message. "Don't steal credit card information or face 15 years of anal rape"

Re:Great News

Specific examples like that will always be easy to come up with, for both/any side of the issue: Would you rather have your bike stolen and your teeth kicked in and be healed in a month, or have your life savings embezled by an accountant when you are 65 years old, have to live on cat food, and watch your wife die because you had no money to pay for the visit to the doctor that would have caught an early stage of pnemonia?

I do not mean to say that one type of crime is worse than another. I wanted simply to point out that anyone thinking that non-violent crimes like this are insignificant enough to punish only with a fine and some community service are perhaps not realizing the full effect of these crimes.

Re:Great News

[iamatlas]

Specific examples like that will always be easy to come up with, for both/any side of the issue: Would you rather have your bike stolen and your teeth kicked in and be healed in a month, or have your life savings embezled by an accountant when you are 65 years old, have to live on cat food, and watch your wife die because you had no money to pay for the visit to the doctor that would have caught an early stage of pnemonia?

I do not mean to say that one type of crime is worse than another. I wanted simply to point out that anyone thinking that non-violent crimes like this are insignificant enough to punish only with a fine and some community service are perhaps not realizing the full effect of these crimes.

Re:Great News

[ratamacue]

Are you saying that since it only concerns monetary damages it doesn't warrant a jail term?

That's a good question. If our system of law focused on restitution for the victims -- rather than simply punishment for the aggressor -- I believe we could eliminate a lot of unnecessary jail sentences. What sounds better to the average thief: having to do a year in jail and be done with it, or having to spend the next 20 years working to pay off restitution to the victim?

I suppose ENRON execs would certainly share your viewpoint.

What level of restitution are the Enron execs required to pay to their victims?

Re:Great News

[vasqzr]

I don't condone what they did, but 9 years is WAY too much when murderers are getting less

Not all murderers get less. All computer criminals have gotten less.

In most states, for most murders, you get 20 years to life.

Re:Great News

[TheKarateMaster]

You have a point too. I don't think any method currently used is quite suitable... But wasn't there something about banning people from the internet on /. last week?

Maybe a 10-year internet ban, fine, AND community service? I'm too tired to quote, but somebody said that jail just punishes people instead of rehabilitating them... They're more likely to reoffend after. I agree. I guess there really isn't a perfect solution.

Re:Great News

[plague3106]

What's the real difference between killing one healthy newborn infant that is specifically guarenteed to otherwise become a productive member of socitey

Ugh. You're an idiot. Yes, a serial murder is a productive member of society.

Re:Great News

[rjune]

It was very interesting that you suggested about 100 hours of community service for each credit card stolen. That is about what I spent over several months cleaning up an identity theft problem. Also, inconvenience doesn't describe what you go through. The company that is claiming that you owe them money and the collection agency both treat you like you are a criminal. These thieves are not simply stealing from a large faceless corporation, they are affecting the lives of a lot of people and they deserve a long sentence.

Re:Great News

[PhilipMckrack]

"Anyone who was affected would just have to cancel the transactions when they spot them on their credit statements (which they should ALWAYS read)."

Just because the customer can cancel transactions doesn't mean that nobody pays for the crime, whether it's the credit card company or the store where the transactions were made someone has to cover the loss. The potential here was for hundreds of thousands of card numbers to be stolen. Even if no unauthorized purchases were made, there is an incredible cost to revoke and replace those cards.

While I agree that violent crimes should be punished more than non-violent crimes, it is still a crime to break into someones home when nobody is there and steal stuff isn't it? This was on par with trying to rob a bank of millions of dollars. If 3 17 year olds break into a bank and rob it, should they be punished less than a 40 year old professional criminal because they are kids and will "likely" be deterred from doing another crime?

Re:Great News

[PhilipMckrack]

Yes, but these guys tried to break into hundreds of thousands of homes and steal stuff. A little time for each offense adds up. Trying to compare someone stealing hundreds of thousands of credit cards to someone breaking in to one house is not a good analogy.

Re:Great News

[toonworld]

I think everyone is missing the big point here. Some of you are saying that these men would serve more time in jail than someone who commited murder, rape or any type of violent crime against a person or persons.

It seems to me that jail sentences have been getting harsher by the year for crimes involving fraud, theft or any kind of crime related to monetary theft.

Why are you so surprised? A capatalist society puts more importance on money rather than humanity. A rapist will server 2 years minus time off for good behavior. Someone who robs a bank will serve how many years regardless of good behavior? If it's a Federal bank, good luck seeing the light of day right?

Truth is, it's been like this before the internet got popular.

Re:Great News

[tzanger]

I'm more worried about non-violent "white collar" crime than I am about petty thuggery and street crime.

I disagree -- violent crimes are a threat to life. Nonviolent crimes are usually only a threat to livelihood. That, to me, is a world of difference. Note that I'm not saying that nonviolent crime isn't bad or dangerous or that it should not be discouraged but nine years for a first offence? Come on! Beat him down with a heavy fine and let him live with the embarassment of not being able to find a carreer in an area he's obviously pretty smart in. If that doesn't smarten him up and he gets convicted again, well now we have some history here and he looks to have a psychopathic personality and their distorted view of reality is obviously endangering people -- put them away for a longer time and see if a doctor can help. This isn't a serial rapist we're talking about.

Re:Great News

[Junior+J.+Junior+III]

Non-violent crimes can also be threatening to life.

Consider environmental laws. Break these laws, say dumping huge amounts of waste improperly. This is a danger to many lives. Yet it is not violent.

Consider CEOs raiding the company treasury and running off with millions, the company ruined, the pensions gutted, thousands of people unemployed, the company unable to function, customers and creditors alike screwed. And probably the CEO is able to avoid prosecution on some technicality, and is free to keep his money and commit the same act again and get away with it. This cripples society, inhibits progress, and may lead to suffering and even death.

A criminal hacker using a computer could do similar things to bring down a company and leave many ruined lives in the wake.

I am not advocating death penalty for credit card info theft and electronic breaking and entering. But 9 years doesn't seem all that unreasonable to me, either.

This is not a hacker trying to be some kind of activist and save society from Lowe's or from the evil credit card companies.

The original parent of this thread made a statement to the effect that the 9-year sentence showed that the legal system is biased toward greed over life. How is this so? I gather that the parent is insinuating that Lowe's is a greedy corporation, and is so greedy that they're even willing to take 9 years of someone's life away "just" because they tried to steal the company's credit card transaction data. That's bullshit.

The criminal who received the sentence was clearly greedy. How is hacking Lowe's to steal credit card info life affirming? If a 9 year sentence for hacking Lowe's shows that the courts favor greed over life, then hacking Lowe's must be the Life side of the Greed vs. Life court case. I can accept that corporate business represents Greed. So how does hacking for credit card info represent Life?

Answer: it doesn't. The criminal gets what he deserves. 9 years for stealing potentially thousands of dollars and causing millions of dollars worth of hassles for the victims of the credit card fraud seems just fine. That it was a first-time offense, or that the attempt failed is hardly relevant. It's the severity of the crime and the intent that matter.

Re:Great News

[rjelks]

In Soviet Russia, Korea jokes you.

Re:Great News

[Overzeetop]

If ENRON execs could reasonably pay back the losses to the stockholders, plus penalties, I'd say no jail time was necessary. Unfortunately, that's not possible. They destroyed lives by making a lifes worth of savings valueless, and they can't fix it. They go to jail to "make amends".

This, however, is case is of a breaking and entering, or tresspassing, sort with intent to commit a(nother) felony. No actual montary loss was incurred. I say three to six months, significant five or six figure fine.

Re:Great News

[Syntax+Heir]

Hacking into corporate systems with the intent of collecting credit card information, I assume for the purpose of identity theft, is a serious crime.

I object your honor, calls for conclusion.

Re:Great News

Welcome to The United States of America!

Re:Great News

So! Savage beatings it is, then? I'm all for it.

Re:Great News

Why are you surprised that Republicans value money over lives?

Re:Great News

[tha_mink]

Hacking into corporate systems with the intent of collecting credit card information, I assume for the purpose of identity theft, is a serious crime.

I object your honor, calls for conclusion.

Overruled. Why else would one steal credit card information? Education?

Re:Great News

[Syntax+Heir]

Why else would one steal credit card information? Education?

Objection! Calls for speculation.

Re:Great News

[Master+of+Transhuman]

Armed bank robbery.

As a coincedence, I did the same nine years this hacker got. (Actually eight years, three months - I got some good time before the Feds changed the policy on that.)

Re:Great News

[alienw]

I don't know of any murder cases that got 4 years. Usually it's at least life in prison. The only time someone would get off that easy is if it's an accident with a negligence component.

Re:Great News

[alienw]

I don't see why incompetent criminals should get a significantly lesser sentence. I mean, seriously. If you attempt to rob a bank but don't succeed at it, how is that a lesser crime?

Re:Great News

[evilmousse]

that may be the funniest one i've read yet. ..which backs up my point the rest weren't all that funny ^_-

Re:Great News

[ExMember]

Does it make any difference if I burgle your home by smashing the padlock on you garage door or picking it?

Legally it does. Many states have laws against using a lockpick to commit a crime, as well as having a lockpick with intent to commit a crime. Similar laws exist for guns and bulletproof vests.

Write your representatives. Vote libertarian

Re:Great News

[alienw]

Burglary is not considered a violent crime as far as I know. Burglars try to do their deed when the owner is not home. Otherwise, it's called robbery. In any case, burglars get sent to jail for stealing stuff, not because they cause violent confrontations.

Re:Great News

[Artifakt]

I didn't say anything about serial murderers, period. I think you misread my post badly. In fact, if I hadn't checked out your posting history and seen a reasonably normal history with a few insightfuls sprinkled in, I would have decided you were deliberately trolling. What gives here?

Re:Great News

[L1TH10N]

And you have been watching too many movies. There can be no comparison of violent crime compared to non-violent crime. Being punched in head is not a triviality as the movies would let you believe, it can cause a serious injury. I personally know of someone who DIED after being hit at the back of the head and let me tell you it affects much more people than a person being defrauded of a few thousand dollars. Just ask anyone how much it costs to stay in an emergency ward for a single DAY. Consider the cost of looking after a person who is disabled by a violent attack for a lifetime, that is loss of two incomes for life, what about the cost of that and it happens alot more than you expect. I know that slashdotters would give away a million dollars in a heartbeat in order to keep their intellect, so don't give me your infantile crap comparing physical violence to non-physical violence, society has evolved beyond this.

Re:Great News

oh snap! details, girlfriend!

Re:Great News

[MikeFM]

I think the people who implement the bad security of these easily hacked systems should be held negilant and be sentenced to some jail time too. To often security is just ignored because some asshole decides that as long as nobody finds out about the problem they'll just bury it and if it does come out they'll try to fry the ass of the people who exploit the hole. When you deal with important information that belongs to others (like your customers) you should be legally required to make a reasonable effort to safeguard that data.

If I remember this case correctly Lowe's pretty much had no security at all enabled so anyone driving by could just tap into the network with very little effort. It's not much of a crime if you take something that someone leaves sitting on the curb unguarded.

Re:Great News

I actually knew someone who was banned from business (because of a fraud conviction). He used his brother's name and tax ID (social security number) to start a business and managed that (probably still is). Such a ban is nice in concept but very difficult to enforce. Particularly when you are dealing with someone who already practices identity hiding.

It's difficult enough keeping people from accessing things that are illegal, like drugs. How do you prevent them from accessing something that is legally to almost everyone but them?

Re:Great News

No, but a 40 year old criminal probably wouldn't do something as "simple" as wardriving some company and using some skript kiddy toolz they downloaded off the net because they would be smart enough to know that it's stupid and that they would definitely get caught. People who get caught for this kind of thing are generally dumb people who think "ooh, easy cash" and then go and try it not realising the potential consequences of either their success OR their failure. The article didn't say a lot about who the crackers were, but there is a good chance that they were not criminal masterminds, but just some dumbasses who found some software on the net and thought they could make some easy cash. They weren't even successful at it.

Re:Great News

[plague3106]

Sorry...got a bit too fired up in that thread.

Anyway..I was attacking your post that a child ALWAYS becomes a productive member of society, which I don't think serial killers are. If thats not what you were getting at in your post, I appologize.

And certainly for the name calling, I appologize regardless.

Re:Great News

He volunteered for the time by doing the crime, exactly as if he broke into the store and stole the data.
He will serve as an example to others.

Re:Great News

[Artifakt]

Appology appreciated. Hey, it's Slashdot, plus text always has problems with clarity from bandwidth limits, no problem.
What I was argueing, is that the situation exists where someone takes a couple of months or even years of life each from a bunch of people who are nearing retirement, by damaging their investements, screwing up their pension plans, or ripping off their bank accounts (like this thread was about), so they die earlier from not getting as good medical care.
What is it fair to compare that to? I think those victims of identity theft count (generally) as productive members of society. Some of them may have done a few things. Statisticly, if you sample say a hundred thousand people with credit cads, some of them will have fallen far short of being decent, productive citizens. But, on the average, for people who have identities worth ripping off, they count as productive people, good members of society, etc.
So I think you could more fairly compare taking months or years from a sufficiently large bunch of mostly good, decent people's lives as being like murdering one newborn who we somehow know will grow up to be an honest and productive person, than even just comparing it to murdering one newborn in general. You're right in that we can't know the future for the baby (except in the broadest statistical sense), but we do know it (in the aggregate) for the past of the crime victims, and ought to include that factor in any estimate of damages.
In a case like the one in the thread, I'm asserting that stealing enough identities or abusing enough credit information can add up to enough damage to health and life and not just pocketbook to deserve that 9 years penalty or more, which some people think was fundamentally unfair for that tupe of crime. Please don't think I'm argueing that it was automatically the right penalty for this particular example of the crime - I'm trusting the jury on that as much as any of us.

Re:Great News

[iminplaya]

You can start by taking what property they have, including their house(let the bastards stay in a SRO hotel), and then insure that they can keep 10%(and tax that) of what they make, giving the rest to the victims. Even though it won't amount to much. I don't want to give them free room and board at club fed, or feed the prison industry any more than it's already getting. Watching them grovel to their boss at McDonalds for the rest of their lives would be very satisfying. Tattoo their foreheads, whatever. Public humiliation is a truly effective deterrent. Prison is for dangerous people. There are many alternatives for the rest. This kind of sentencing isn't about justice. It's about money and revenge. It's that simple.

Longest sententence?

[lunarscape]

That's the longest sententence indeed.

Re:Longest sententence?

[falzer]

Sententence? I'm starting to think the editors make these 'mistakes' on purpose.

Re:Longest sententence?

[supz]

I thought I was the only one who noticed that... glad I'm not alone.

Re:Longest sententence?

[No.+24601]

Sententence? I'm starting to think the editors make these 'mistakes' on purpose.

You must be new here.

Good

They were criminals. These were crackers, not hackers. You don't install credit card number capturing software on someone's retail network unless you're up to no good.

Re:Good

[msmercenary]

Three down, thousands of skript kiddies to go.

Re:Good

ahem, it could have been a sniffer to get more passwords, not credit cards. you can never tell, the government/prosecutors always exaggerates the details.

Re:Good

You don't post anonymously unless you're up to no good.

Re:Good

[sekicho]

As a cracker, I take great offense at your misuse of the term.

Re:Good

[rainman_bc]

Yeah, America already has the highest per-capita incarceration rates in the world.

Really, is the policy working?

Re:Good

[TopShelf]

And how many of these are crackers like this guy? What's your point, exactly?

Re:Good

[iminplaya]

Really, is the policy working?

YES! It's working great...if you have investments in the prison industry or those companies that support the law enforcement infrastructure. This is a very profitable business. Just like prohibition. This gives them a chance to lock up people that have money. This could bring in more money than casinos. The crime is no longer important. It's more about money than than it ever was. And building prisons makes LOTS of money...for some. For the rest of us? Well, that's another thing all together. When it comes to law, the subject of justice rarely comes up, and the only place that happens is in the universities, and there it's really just mental masturbation. Who said this? - "Justice? In life there is no justice. There is only law. In the afterlife there is justice."

Re:Good

[Slack3r78]

My understanding is that the high prison population in the US is one of the things that keeps the unemployment rate so low. I think it's a poor reason to continue with things as-is, but it's one of the reasons I've read as to why nothing's likely to change any time soon.

Re:Good

Yep, that's right, that guy was/is a crook, not a hacker

Re:Good

As a cracker, I take great offense at your misuse of the term.

You're white are you?

Re:Good

[Monkelectric]

Interesting point. Of course anytime you talk about the prison population, you have to talk about our failed "war on drugs" which was begun by the ever-evil nixon to distract people from the fact he was loosing vietnam and we had no reason whatsoever to be there.

Today its a "war on terrorism" but its the same bullshit.

Re:Good

[kaustik]

But this is a jail sentence. In my opinion, jail should be for violent offenders. The jails are overcrowded, underfunded, and a burden on all of us tax payers. There are other punishments available - fines, house arrest, probation, community service, etc. These "criminals" could do society a service by cleaning our highways and working in thrift stores, but having him sit behind bars is a waste of everyone's time.
Besides, what does this mean for "curious" wireless hackers, who also don't actually collect data?

Re:Good

[j-turkey]

Besides, what does this mean for "curious" wireless hackers, who also don't actually collect data?

I hope it means that they should keep not collecting data.

Re:Good

I know these kids, there good kids that did something very stupid. This is going to change their whole lives and who knows if they will ever snap back. Bill Gates and Steve Jobs both did this kind of stuff when they were that age. These kids will never get that chance.

Re:Good

[shawn(at)fsu]

"The law is what is, justice is what should be"
Thats what we were taught during one of our mental masturbation exercises at FSU.

Re:Good

I think you have your dates mixed up a bit. Perhaps you've had too much marihuana?
;-)

Re:Good

[iminplaya]

Look at the bright side. We won't have to oursource anymore. We can create even more cheap prison labor. This guy might end up working the help desk from jail. Wallmart won't have to use Chinese prisoners anymore. It will be much cheaper to ship from domestic prisons. Just run some train tracks up to the door.

Re:Good

[egarland]

The punishment needs to fit the crime. We let rapists go with less than that.

These people need to be punished for attempting to steal. This is like catching someone with a CD in their pocket walking out of the store. Nobody got hurt. Nobody's dead. Nobody is wounded. Nobody is emotionally or physically scared for life. In the grand scheme of things, their crime is minor an unimportant. Sure, they used their professional skills to perpetrate a crime but so does a CEO lending himself interest free money. That, in my opinion, is a much worse violation of the public's trust than these little wannabe scammers.

I'd give them 30 days in jail and a cartload of public service and stuff like that.

Prison is not to punish the guilty (at least it's not supposed to be), it is to rehabilitate someone who has gone astray and make them productive members of society, or, if that is impossible, keep the public safe from them. I don't see any goals like that being accomplished by putting this guy behind bars for 9 years. That's just dumb.

Re:Good

[Jim_Callahan]

Meh, prison isn't supposed to rehabilitate anyone. It's supposed to serve as a deterrent to crime, and in the case of those who just don't get it, remove them from society permanently so that they cause no more damage.

The only reason we don't simply kill off the unredeemable ones, by the way, is a matter of making political principles align with each other: our particular government is designed to protect individual citizens at least to the extent of keeping them alive. In terms of the prison system itself, there's no ethical problem with frying up anyone who proves to be overly resistant to the lesson.

Oh, right, I almost forgot: Prisons are around so that personal level revenge-type justice doesn't come into prominence, i.e. we don't go find the home of the bastard who ruined our credit rating and blow him away with a shotgun. Not that there's anything wrong with that in principle, but vigilante justice tends to hit the wrong target, so the feds really can't let it reach that level.

Re:Good

[egarland]

prison isn't supposed to rehabilitate anyone. It's supposed to serve as a deterrent to crime

It serves both rolls although the effectiveness of it as a deterrent is questionable.

Prisons are around so that personal level revenge-type justice doesn't come into prominence

The "Justice" system is designed to try to make things fair for the people. Getting your credit rating ruined isn't fair but getting shot for ruining someone's credit isn't either. It was designed with great care to instill a sense of justice in society and it does a very good job it.

And like I said before, this isn't justice. This is paranoid reactionist law making which is counterproductive to the overall goal of keeping data secure. People need to see these crimes for what they are... modern forms of a very old crime. Stealing. There's a reason we don't put people in prison for 9 years for stealing. There's a reason we shouldn't put this guy in prison for 9 years.

Re:Good

Ok, sure. So your average pedophile gets something from 3-5 years behind bars. FOR RAPING LITTLE CHILDREN. Not to discount it or anything, but this fucktard gets NINE fucking years. *boggle* Our system is so fucked up beyond all recognition, it's not even funny.

Re:Good

[mizhi]

When you talk about high incarceration rates in the US, most people agree that the main culprit is the US' assinine drug laws. Please tell me how this relates to credit card theft?

On a somewhat related note, why is it that so few /.ers are getting their knickers in a twist over the blatant invasion of privacy and potential theft of billions these assholes tried to pull off? If this had been some ad-company surreptitiously grabbing personal information (not even CC information), /.ers would be going bananas.

Re:Good

[rainman_bc]

My thinking is that maybe such high rates of incarceration as a general policy are the problem, and are not contributing to the improvement of American society.

Putting this guy away for nine years hardly serves the good of society. Yeah, what he did was bad, but really, worse than rape?

Re:Good

[Monkelectric]

Ever had your identiy stolen? Its not a victimless crime and it is serious. Ever had your credit ruined by a repo in a city you've never been to, of a car you never owned? Ever tried to open a bank account for your business only to have 6 mexican surnames pull up under your SSN (and you're sicilian)? Ever had the IRS audit you because a bunch of illegal immigrants are working under your SSN?

It takes years to correct these things, so fuck you, your high horse, and your penal relativism :)

Re:Good

[rainman_bc]

My point is that 9 years jail for this is a bad idea. It's a waste of money.

Jail time is relative; you look to other crimes to determine the amount of time someone should do for a crime.

You look at a rapist or a armed robber and weigh it against this guy's crime.

Really, was it as bad as rape or robbery?

Re:Good

[Evil+Adrian]

How is this not robbery? Identity THEFT, my friend. If the guy got away with it, there's the potential for thousands to millions of dollars' worth of fraud, not to mention all the time/money it takes to correct all of the damage that was done, losses for stolen merchandise and services... this affects people's livelihood. The psychological damage is (arguably) not as great as a rape or strongarm robbery, but the economic damage more than equals the psychological damage. Guess what -- our economy is important.

Waste of money to keep the guy in jail? Not nearly as big a waste of money as all the credit fraud that would have gone on had the guy gotten away with it. Have you even thought about this, or was yours a kneejerk reaction?

Re:Good

[Evil+Adrian]

So 9/11 didn't really happen? Those bombings in Madrid didn't really happen? Aum Shinrikyo didn't release poison gas in a subway in Japan?

Terrorism kills people. I don't see how fighting mass murder is bullshit. Please, enlighten us.

Re:Good

[Evil+Adrian]

Yeah, what he did was bad, but really, worse than rape?

Economically, much, much worse.

Re:Good

[hostyle]

If the guy got away with it, there's the potential for thousands to millions of dollars' worth of fraud

Why isn't Kenneth L. Lay of Enron doing jailtime then? Or whoever was behind the WorldCom debacle? These guys didn't just have the potential for thousands to millions of dollars' worth of fraud. They perpetrated actual robbery to the tune of billions of dollars, and pocketed the money. And where are they now? It seems theres more than one form of justice in the USA

Re:Good

[mizhi]

Well, you can't do nothing so what are your alternative proposals?

Re:GOOD

I hope they DON'T get root in jail.

Re:Good

[uglyduckling]

Because, in the big scheme of things, it's relatively low risk. The population in general is far more likely to get killed from road traffic accidents, smoking, suicide, and in the US accidentally setting off their own weapons.

Yes: the terrorist threats are real, but if half the time and money spent on anti-terrorism went into improving road safety or healthcare the Western world would be a much happier place. Terrorism is used as a political tool because it's big scarey, and very conveniently ill-defined.

Re:Good

So what you're basically saying is, screw the rest of the world, let's concentrate on ourselves?

Okay, sounds great, but then everybody wouldn't be able to complain about the US being the police of the world. I mean, nobody REALLY wants the US sticking their nose in other people's business anyway.

No matter what you do, you can't make anyone happy.

Concentrate on yourself, you're being unconcerned world citizens. Concentrate on everyone else, you're sticking your nose where it doesn't belong.

Oh, but nobody complains about FREE HANDOUTS from the US, do they? What's up with THAT?

I say fuck 'em all. Let 'em starve. Let 'em kill each other off. And when they fuck with us, we nuke 'em and go on pretending they don't exist.

Re:Good

[Grab]

When you've got hundreds of people imprisoned without trial and tortured over a period of years, when you invade another country and kill tens of thousands of civilians and torture a whole bunch of them, and when you justify all that as "stopping terrorism", you might want to rethink your definition of "terrorism"...

Grab.

Re:Good

[ratamacue]

I'm not going to argue they shouldn't be punished, or better yet, forced to pay restitution to the victims. However, I don't believe the punishment fits the crime in this particular case. This is roughly the equivalant of breaking and entering, and then coming up empty handed. Let's imagine a burgler who breaks into a company office, pokes around a bit, and leaves without actually taking anything. Yes, breaking and entering is a crime. No, it does not deserve 9 years in jail (1/8 of the average person's lifespan). Most violent criminals spend less time in jail than that (but that's another topic of debate).

Re:Good

you are seriously disturbed if you think the economy matters in the slightest compared to the permanent psycological damage that is caused by rape.

The only people who should be imprisoned are people who are a direct danger to people

Re:Good

let me guess, you voted for.... Bush.

Re:Good

because the response to 9/11 has been totally disproportionate. How does invading a country which had absolutely nothing to help fight terrorism?

Re:Good

Not really. People who invested in Enron still did so of their own volition. They knew that one of the risks of investment is that the business you are dealing with might not be on the up N up.

Also its more difficult to prosecute someone in ethics cases, because you have to prove INTENT, which was all to easy for the hackers in this story.

Please drop the conspiracy theories...

Re:Good

The population in general is far more likely to get killed from . . . accidentally setting off their own weapons.

I'm pro-gun control. But the one thing I and the NRA agree on, is that there is no such thing as "accidentally firing a gun". Either you fired it deliberately, or you fired it carelessly. If the former, you either have a good reason for firing (sport, practice, self-defence), or you are a criminal. If the latter, you are a public menace, and even Charlton Heston would agree you should not be handling firearms.

Re:Good

No different than spyware apps otoh.

Re:Good

[conteXXt]

It's working out great for Wackenhut and the police.

It's killing the taxpayer.

America has plenty of VIOLENT offenders. Lock em up.

Other criminals should be fined (heavily) to pay for the Violent offenders stay in Club Fed. If he don't pay up, they join them.

Re:Good

[boodaman]

Make him work at a Lowe's for $6.50 an hour and no benefits for 9 years instead.

Make him the Lowe's mascot, put him in one of those big furry suits and make him stand outside waving cars into the parking lot.

I live in the Detroit area...what this guy did is the LEAST of our problems, by far. There're so many other problems we should be focusing on, and I, as a taxpayer, am not pleased that it will cost $60,000 or so every year to incarcerate this guy.

Re:Good

[Evil+Adrian]

So we should let someone go that got caught doing something that was obviously very, very illegal?? I don't think so.

If you have a problem with the Enron or WorldCom cases, I understand that -- however, non-punishment of identity theft and credit fraud is absolutely stupid. That's like some five-year-old saying "Well how come HE'S not in trouble, mommy??" Do something about it instead of complaining (posting on Slashdot isn't doing anything about it.)

Re:Good

What utter bullshit. By your logic, people who used their credit cards at Lowes also did so by their own volition - they knew there was a risk that their network wasn't secure.

Re:Good

[Evil+Adrian]

Excuse me? The economy matters to everyone, whether you like it or not. If you think it doesn't, try living out in the woods for a year, then come back and tell me how it went.

If you are affecting someone's ability to earn a living and keep their money, you are a direct danger and should be imprisoned. If you think credit fraud and identity theft aren't "real" crimes, and that people shouldn't go to jail for it, then not only are you a naive asshole, but you should also give me your credit card numbers and not call the cops when I drain your accounts (because then you'd be a hypocrite.)

Re:Good

[rappo]

Nope, can't say any of that happened to me. but yeah, fuck that guy and his high horse for thinking that 9 years in jail is too long for a cracker who ATTEMPTED to steal. :rolleyes:

Identity Theft is serious, but this is retarded. This will NOT act as a deterrent, because all of the crackers "know" they are too good to ever get caught. To say that someone with enough ability to break into a major corporation's computer system is best serving the community and himself (in terms of mental, educational, and financial) by being in jail for nearly a decade is insane.

Put the guy on house arrest. Make him clean highways and work at soup kitchens for 5 years. But for godsakes don't let his knowledge die. Force him to consult Lowe's on their security for free, have him be a *gasp* useful member of society.

Talk about rehabilitation.

Re:Good

[Evil+Adrian]

"hundreds of people imprisoned without trial and tortured over a period of years"

"when you invade another country and kill tens of thousands of civilians and torture a whole bunch of them"

OK, why don't you back that statement up with some facts.

Ahh, liberal brainwashing at its finest.

Re:Good

[Evil+Adrian]

Um, we invaded Afghanistan because that's where Osama Bin Laden was hiding there and because the government there was aiding him. What the hell are you talking about?

Oh, Iraq? Wait, wasn't Saddam's regime torturing people there? Didn't he let loose poison gas on his own people? Oh wait, the response to mass murder has to be "proportionate"...

Re:Good

[TopShelf]

Kenneth Lay is on his way there. Those kinds of cases are extremely complicated and the prosecutors are working their way up the chain of command. The CFO and his wife are doing time already, I believe, and Lay's conviction is only a matter of time.

Re:Good

You do have a point; it is not really a jail time offense. I think there should be little finger sized guillotines and just start cutting a finger off per convicted offense............. Quick, really painful and no long tern costs for the tax payers and even the criminal comes away with something positive, a deterrent in the form of missing fingers(s) (free of charge even) for being a fragging IDIOT! It is a win win situation ;)

Re:Good

"compassionate conservatives" are some of the most hateful people youll ever encounter

Re:Good

[Grab]

With pleasure. I'll use the BBC News site as my source. I'm deliberately not using a source such as Amnesty, because they're an easy target as a "liberal" organisation. Instead, I'll stick to the BBC as a well-known independent news source.

For the former, I cite Guantanamo Bay.

http://news.bbc.co.uk/1/hi/world/americas/3754238. stm
Number of prisoners as of mid-October: 549

http://news.bbc.co.uk/1/hi/world/americas/3592186. stm
First trials of any captives at Guantanamo (before a military court, and note that suitability of a military court for trying these people is itself controversial): 2004, and note that trials have yet to complete.
Date of capture: 2001 or 2002
Time imprisoned without trial: 2-3 years

http://news.bbc.co.uk/1/hi/world/asia-pacific/4084 587.stm
http://news.bbc.co.uk/1/hi/world/americas/3533804. stm
http://news.bbc.co.uk/1/hi/england/manchester/3504 034.stm
They all claim use of some physical violence and extensive non-physical torture such as sleep deprivation. You think non-physical torture is "easy", check this link.
http://news.bbc.co.uk/1/hi/uk/3708902.stm

For the latter, how's about Iraq?

http://news.bbc.co.uk/1/hi/uk_politics/4079059.stm
Absolute MINIMUM civilian deaths in Iraq: 14,000 (requiring 2 independent sources for every death)
British government estimate: 40,000
"The Lancet" estimate: 100,000

And for torture in Iraq, let's say Abu Ghraib, shall we?

http://news.bbc.co.uk/1/hi/world/middle_east/35960 90.stm
Quote: "The events of October through December 2003 on the night shift of Tier 1 at Abu Ghraib prison were acts of brutality and purposeless sadism. We know these abuses occurred at the hands of both military police and military intelligence personnel."
I don't see the need to link anywhere else for specific cases of torture in Abu Ghraib - they're so numerous and so widely available from any news source.

If you really haven't heard anything about all these facts over the last three years, you need to inform yourself from some proper news sources. If you don't take the trouble to inform yourself, you're not in a situation to just shrug it off as "liberal brainwashing", because you don't know shit about what's going on.

Grab.

Re:Good

[Dread_ed]

As a member and representative of the VVWC (Very Very White Coalition) I take offense to the use of the word "Cracker" to refer to criminals.

This is an injustice to those of us who were born with, or acquired through living in our parent's basements, skin with no pigment whatsoever.

Re:Good

[nickco3]

Oh, but nobody complains about FREE HANDOUTS from the US, do they? What's up with THAT?

Don't go patting yourself on the back too hard, here's some facts for you:
1) The US is the stingiest foreign aid donor of all the rich-world countries, managing only 0.1% GDP. The EU contributes 3 times as much.

2) The biggest recipient of US foreign aid is Israel to the tune of about $9 billion per year. Net result: 350 million pissed-off muslims all around the world. I'm not going to take a position on the Israel/Palestine thing here, but if you want win hearts and minds this probably isn't the way to do it.

As for letting them starve, the poor world is mostly kept poor by the tariffs and subsidies on agricultural products by the US and EU. This denies the poor countries an opportunity to earn their living at something they are good at, namely growing stuff, and if the political will existed to deal with it, it would be worth many times more than the entire rich world's aid budget combined.

You can't expect people to be grateful for tiny handouts when you are simultaneously denying them the chance to earn their own living.

Re:Good

[Hoi+Polloi]

Agreed, these guys would have ripped off a EFF card carrying Slashdotter as quickly as the head of the RIAA. They tried to screw over innocent people. As to whether they deserved 9 years though, I'd say 9 years for this crime alone is too harsh but I have a feeling that they had a long history of felonies that finally broke the camel's back.

Re:Good

[Tassach]

How is this not robbery ROBBERY is theft by violence or the threat of violence. FRAUD is theft through trickery. They are not the same thing.

Sticking a gun in someone's face and demanding their money is a FAR more serious crime than using their credit card number without their knowledge or permission, and the law should recognize this fact. The whole premise of the legal system is to make the punishment fit the crime. A person with a record of violent crime is a much bigger threat to society and needs to be locked in a cage to keep them from hurting people. You don't need to lock the credit card theif up to protect society -- all you have to do is keep an eye on him (EG, not being allowed to use computers as a condition of his parole, like Mitnik.)

Re:Good

Terrorism kills people. I don't see how fighting mass murder is bullshit. Please, enlighten us.

The drug trade kills people, too -- probably more than terrorism. That doesn't mean that the *war* on drugs is effective.

No one is saying that terrorism doesn't exist or that it isn't bad. The question is whether or not the *war* on terror is effective. And since global terrorism has *risen* since the initiation of force in Afghanistan and Iraq, this is certainly worth asking.

Another important question is whether or not the "war on terror" is anything more than a pretext. The Bush administration had made noises about invading Afghanistan and Iraq long before 9/11/01. Terrorism, oddly enough, was not high on the list of reasons for these planned invasions until *after* the towers fell. This is another reason why "war on terror" might be at least partly bullshit.

Re:Good

[mizhi]

Interesting suggestions. Some observations and questions.

Why should Lowe's be forced to employ him? What if he's a shitty worker? Do they now have to accept a poor worker for 9 years? Are you willing to pay enforce this? How should enforcement be done? Honor system, similar to parole, Rusty The Sheriff with a shoftgun standing by him? Many prisons already have "employment" opportunities inside. Prisoners are put to use instead of simply wallowing in the cell.

Re:Good

There is no such thing as "accidentally dropping a glass." Either you dropped it deliberately, or you dropped it carelessly. If the former, you either have a good reason for dropping it (disposal, wedding, theatre), or you are a criminal. If the latter, you are a public menace, and even Louis Comfort Tiffany would agree you should not be handling glassware.

I'm not trying to defend people who fire guns carelessly. But it's absurd to assume that only criminals are careless with guns, or to define anyone who causes an accident as a "criminal." It's just a way for the NRA to try to make it appear that gun deaths are entirely a crime problem, and never a gun problem.

Re:Good

[Evil+Adrian]

First of all, there are plenty of people that don't regard BBC as "objective" (I'm one of them.)

Regarding Guantanamo Bay, if you are in a war and capture enemy combatants, they are outside of criminal law, you don't have to conduct trials with lawyers, etc. If you want to argue that everyone should have trials be my guest, but international law doesn't afford prisoners of war those rights.

Regarding torture... torture for the sake of torture is wrong. Torture for the sake of information, to save lives, achieve military objectives, etc... it's not a black and white issue, you have to weigh positives and negatives. Torture does not always sum up to a negative value -- sometimes it's necessary. A lot of people feel that way, I know I'm not the only one. If you knew someone planted a bomb that was going to kill people, and he refused to give the information to it's whereabouts, wouldn't torture be acceptable to retrive the information after all other reasonable avenues have been exhausted? Well, if you're an intelligent person that thinks rationally, then you'd answer yes.

Regarding civilian casualties in Iraq, the 14,000 number comes from Iraq Body Count... the freaking banner says "From Ali Babas-filled Bushdad With Endless War of Words", gee, do you think that's impartial? Denied.

The British Gov't estimate that you claim is in that article, isn't. "Yet neither the US nor the UK governments have collected information."

"The Lancet" did a guesstimate study -- "The Lancet study is based on interviews with 988 Iraqi households in 33 randomly selected areas. Each area is meant to represent 3% of Iraq."

Did you even read the article? None of this is scientific in the least.

Regarding Abu Ghraib, I think you fail to realize that the incident at Abu Ghraib was not sponsored by our government. That was a few grunts that went overboard and are now being brought to justice.

Of course, being the liberal that you are, you will disregard the fact that these people are being punished and question how the US government could even allow that to happen in the first place, right?

But when the US government trys to prevent Saddam's dictatorship from killing more people, when the US government tries to prevent terrorists from killing more people, all of a sudden, we shouldn't be doing that. That's not cool. We're horrible because a few grunts crossed the line and tortured some prisoners and are going to prison for it, but it's OK for Muslim extremists to kill everybody, right?

Hey, did the insurgents give fair trials to the people they captured and decapitated?

Re:Good

[Evil+Adrian]

"The US is the stingiest foreign aid donor of all the rich-world countries, managing only 0.1% GDP. The EU contributes 3 times as much."

How about you link to an article substantiating your claims, bucko.

"The biggest recipient of US foreign aid is Israel to the tune of about $9 billion per year. Net result: 350 million pissed-off muslims all around the world. I'm not going to take a position on the Israel/Palestine thing here, but if you want win hearts and minds this probably isn't the way to do it."

Last time I checked, pissed-off muslims do not get to dictate where or how the US gov't spends money, the US gov't does.

Re:Good

you should also give me your credit card numbers and not call the cops when I drain your accounts (because then you'd be a hypocrite.)

This deal only make sense if you simultaneously agree to be raped.

Re:Good

[Evil+Adrian]

The problem is, someone would have to have sex with me against my will, and everyone who knows me knows this: I'll fuck anything.

(No, no one hacked my account, I'm being honest!)

Re:Good

Wow, your username is really appropriate.

Re:Good

[boodaman]

Most of my previous comment was "tongue in cheek".

My point was that, living in the area, I am very aware of the extent of its problems. Believe me, going after these guys is the last thing we should be worried about.

I'm not saying they aren't guilty, or that they shouldn't be punished. I'm talking about prioritization and classification. There are drunk drivers, murderers, rapists, theives, and all manner of other types of criminals that get much lesser punishments than 9 years, or even get off entirely.

To answer your questions, I already pay for work programs such as having inmates clean roads, do construction, etc. Those are supervised: a couple of corrections officers drive around in a van and watch. So that's already paid for.

My guess is that paying for people to supervise work programs for non-violent offenders would be a LOT cheaper in the long run, and get a LOT more accomplished, than continuing to pay for the current penal system where "prisoners working" means "prisoners taking calls in call centers for catalog companies" (a security risk for sure...imagine someone convicted of going after credit card numbers being sent to prison where their prison job is working in a call center taking catalog orders over the phone...yeah, that makes sense). For example, maybe work programs where they collect trash or do environmental clean up (like cleaning up piles of dumped tires, etc, not something that requires training like cleaning up toxic waste).

IIRC, in Michigan at least, the largest single state government expense is corrections. That's just simply out of control.

Besides, he'd have to be catatonic to do a poor job if his job was to dress up in a big fuzzy suit and stand out on the curb waving cars into the parking lot.

Re:Good

[Yakko]

I'll bet $1 that all these buisiness people 1) aren't in the prisons you and I would go to if we did the same thing; 2) get to keep their money after they're done so they don't have to worry about never being employable again.

Crime pays if you're working the right racket.

Re:Good

[Grab]

Regarding Guantanamo Bay

If you're in a war and you're captured, there's this thing called the Geneva Convention that says in real detail what you can and can't do with captured enemy fighters. This is international law. The US is claiming that somehow these people were "combatants" but not "soldiers", and using this form of words to avoid the treatment that is mandated by international law for captured enemies.

Torture does not always sum up to a negative value -- sometimes it's necessary.

And here you disagree with US law, international law and the Geneva Convention, which all say that torture is not permitted under any circumstances. Also you disagree with many intelligence-gathering experts (including the FBI) who say that information obtained from torture is almost universally incorrect, simply because the victim will tell the torturer anything to make them stop.

Your "what-if" scenario (which bears no resemblance to the cases of the people imprisoned at Guantanamo) also makes the explicit assumption that you know the person is guilty before you start, which is an invalid assumption.

they are outside of criminal law, you don't have to conduct trials with lawyers, etc.

If you're accusing them of war crimes then in fact you do. International law again, I'm afraid.

Regarding civilian casualties in Iraq

Denied? Fine. That's the LOWEST estimate of Iraqi civilian casualties. You want to take the Lancet's version, fine. The Lancet's approach is somewhat inaccurate, granted, but it's a valid statistical method so you can't dismiss it out of hand as "unscientific".

Regarding Abu Ghraib

I think you fail to realise that it was more than a "few grunts" in that jail. Also see the following.

http://edition.cnn.com/2004/US/12/07/prisoner.abus e.ap/index.html

OK, gov documents leaked by the ACLU (the hated "liberals") but gov documents nonetheless.

And it's pretty damn clear that nothing would have happened if the pictures hadn't hit the papers. The FBI knew about this *way* before, but nothing happened until the press found out about it. In addition, the official report makes it clear that Abu Ghraib was tacitly permitted by the Army - they didn't set out explicitly for it to happen, but once the torture was known to be happening, the Army did absolutely nothing about it. In regular law, the word is "accessory" to the crime.

Of course the insurgents gave no fair trials to the people they murdered. The reason we're different to them is that we believe it's wrong to do that. Or *I* believe it's wrong. You can keep defending it on the "it's OK if we do it" reasoning if you like.

being the liberal that you are

I am proud to call myself a liberal. That means I believe in things that are worth defending. Little things like human rights, the rule of law and the US Constitution. The founders of the USA were liberals too - they believed in the value of these concepts. Piss on them if you like.

But when the US government trys to prevent Saddam's dictatorship from killing more people

As it happens, I believe invading Iraq was the right thing to do, and it should have happened long before. (I won't mention who brought Saddam to power in the first place ... *cough* US *cough*) But I don't believe it should have been done through false pretences (the farces of the claims about WMDs and al-Qaeda links which were proven false) - the US and UK governments should have had the guts to say "we're doing this because it's right". And I also don't believe the US and UK governments had any plans to do more than conquer Iraq - they were fundamentally unprepared for peacekeeping and setting up any civil or paramilitary structure to the country. The reason things are so bad now is that the invasion sma

Re:Good

"These were crackers, not hackers."

Sorry, but to most people a cracker is something you spread peanut butter on.

Re:Good

[hesiod]

> > prison isn't supposed to rehabilitate anyone. It's supposed to serve as a deterrent to crime
> It serves both rolls although the effectiveness of it as a deterrent is questionable.

And it's "effectiveness" as a rehabilitator has been proven to do just the opposite.

"I had to come to prison to become a criminal."

Re:Good

[Evil+Adrian]

The US is claiming that somehow these people were "combatants" but not "soldiers", and using this form of words to avoid the treatment that is mandated by international law for captured enemies.

This is absolutely true, and I agree with the US interpretation, because the Geneva Convention (and international law) applies only to recognized sovereign nations, not to an "organization" that goes around decapitating people and flying planes into buildings.

The Lancet's approach is somewhat inaccurate, granted, but it's a valid statistical method so you can't dismiss it out of hand as "unscientific".

It's *very* inaccurate, and it's not a valid statistical method at all. The sample size is ridiculously small, the divisions are ridiculously arbitrary, etc. etc. I dismiss it out of hand as unscientific because it is unscientific.

And it's pretty damn clear that nothing would have happened if the pictures hadn't hit the papers. The FBI knew about this *way* before, but nothing happened until the press found out about it.

The FBI tried to keep it quiet because it would (and did) make the army look bad. Had you been paying attention to the news, and I will dig up articles later (I'm at work, I apologize) the government did know about it, as you said, and was figuring out what to do about it. Preparing a case does not equate with being an accessory. You are busy talking about law, the military has their own laws they need to follow, why don't you drop the double-standards.

Of course the insurgents gave no fair trials to the people they murdered. The reason we're different to them is that we believe it's wrong to do that. Or *I* believe it's wrong. You can keep defending it on the "it's OK if we do it" reasoning if you like.

That isn't what I said, at all. I am pointing out that what the terrorists do is a million times worse, and we are trying pretty damn hard to be fair and humane for the most part (which, honestly, is amazing considering these people are trying to kill us) yet you harp on what we do wrong and barely point out the evil we are facing.

I won't mention who brought Saddam to power in the first place ... *cough* US *cough

There is nothing wrong with trying to correct our mistake.

But I don't believe it should have been done through false pretences

I ABSOLUTELY AGREE WITH YOU ON THAT. THEY WERE ASSHOLES FOR LYING ABOUT THAT. Was taking out Saddam good? Yes. Was the lying about it and the shenanigans good? Absolutely not.

The reason things are so bad now is that the invasion smashed every organisation in Iraq and the US and UK armies weren't able or willing to put anything in place to help people while it was all put back together.

Honestly, I think that is because liberalism is counter to actually making progress, and there are so many liberals putting pressure on the US Gov't to be "humane" and "just" (and I am using those terms loosely because what liberals want is ridiculously crippling to any sort of strategy that would inject stability.)

I am proud to call myself a liberal. That means I believe in things that are worth defending. Little things like human rights, the rule of law and the US Constitution. The founders of the USA were liberals too - they believed in the value of these concepts. Piss on them if you like.

Liberals like the Constitution? Really? Tell me, why did liberalism invent the FCC? Why are liberals constantly trying to outlaw firearms? Liberals piss on the constitution every day!!

I believe in human rights, the rule of law, etc. But it's not black and white. Some people (terrorists, for example) forfeit their rights when they strip other people of theirs (most notably, the right to exist!) The rule of law only applies when laws are just (otherwise, the Founding Fathers would have filed lawsuits for independence, not started a revolution...)

Re:Good

[Kiryat+Malachi]

To my knowledge (and I have a passing acquaintance with all 3 people involved in the case), your feeling would be incorrect, unless you consider a single previous incident by one of them to be "a long history of felonies". They're pretty good guys, honestly. Not always the best at thinking through their actions, but *very* bright with the computers. Unfortunately, the one doesn't always make up for the other.

Re:Good

[Hoi+Polloi]

If that is the case then I agree that 9 years is overkill. Maybe they are being singled out to "make an example of them". Hopefully they can appeal for a fairer sentence.

Re:Good

[Kiryat+Malachi]

Considering that the single prior was Salcedo's conviction for computer crime, where he got screwed precisely to "make an example" (he was the first person prosecuted under Michigan's new computer crime law at the time, and the AG was planning to run for governer and needed a tough on crime rep, so Brian got hammered), I can't help but feel like it's the same thing this time.

Re:Good

[nickco3]

Here you go:
http://www.economist.com/displaystory.cfm?story_id =1034243

Re:Good

[nickco3]

Second try

Re:Good

"When you talk about high incarceration rates in the US, most people agree that the main culprit is the US' assinine drug laws."

Some of us also point to "3 strikes and you're out", putting people in prison for speeding 3 times or whatever. It's one of the things mentioned in Goldburg/Evans's essay that you've probably read.

Re:Good

[drinkypoo]

We're talking about sentences for fraud that are comparable to those given for rape. Maybe that's why. What percentage of Americans actually have faith in the system? Subtract all those who have never been arrested and the number will be small. I was once arrested for supposedly breaking a wooden sign three inches thick by punching it. Oddly the acrylic over the sign was undamaged, yet my father still just offered to fix it rather than deal with the local law enforcement which is well-known to be corrupt (Lakeport, CA) That cop, a SWAT member and a ranked officer, was later busted for knowingly comitting statutory rape, but he is still on the force. Yay justice!

Re:Good

[mizhi]

I would initially say "wow, that sucks. the system isn't perfect."

When then I noticed this comitting statutory rape.

What were the details of this incident?

Re:Good

[drinkypoo]

Sorry, I don't know the details. I was only there for vacation at the time, and later lived there for over a year by which time the aforementioned incident had already taken place.

Re:Good

[mizhi]

My reasoning is that "statuatory rape" can mean a broad range of offenses. The girl could've been sexually mature 16+ but still a minor in the eyes of the law. Even having consensual sex at that point could have been considered statuatory rape. That could be the reason for the slap on the wrist.

Re:Good

[drinkypoo]

This is a police officer. If he can't obey the law, he shouldn't be a cop. Also, sexually mature != emotionally mature, which is why it is illegal to fuck anyone under 18 in california regardless of the potential for procreation. In fact sex between minors is illegal for this reason, but it is only a felony if the ages of the parties involved differ by 3+ years and one of them is over 18.

Don't worry.

Thanks to our parole system which considers rape, murder, and anything else that isn't drug sales to be harmless to society, he'll be out in just four or six.

Re:Don't worry.

[kin242]

Or copying cds/dvds... or even skippings ads (the horror!!!)

Re:Don't worry.

As an attorney who works for the federal courts, I can tell you that you're incorrect. Although prisoners sentenced in state court for state crimes often do not serve their entire sentence, prisoners who are sentenced in federal court will typically serve the entirety of their sentence. There is a huge overcrowding problem in many state prison systems. The same is not true about the federal prison system. So when you hear that someone was sentenced in a U.S. District Court to a 9-year term of imprisonment, you can expect that that person won't be out in society for 9 years.

Don't Do the crime if you can't do the time

Don't Do it

Three Ring Circus!

[the_mad_poster]

For reference, a typical sentence for breaking and entering with intent to steal is about two to four years...

But, hey. It looks better when they catch a guy "breaking" into a computer across the internet then when they catch someone actually breaking into a house. Best to throw the biggest book in the area at them to play the circus up some.

Re:Three Ring Circus!

[LostCluster]

To qoute the article...

"I think the massive amount of potential loss that these defendants could have imposed was astounding, so that's what caused us to seek a substantial sentence against Mr. Salcedo," federal prosecutor Matthew Martens said.

Thousands of compromised accounts would have lead to quite the theft rings... this is a little bit more serious than simply breaking in.

Re:Three Ring Circus!

[Mazem]

Although it isn't very clear from TA, I imagine that the majority of the 9 year sentence was simply for attempted credit card fraud. Cracking was just the method, not the main crime.

Re:Three Ring Circus!

[ScrewMaster]

True, but the point is valid: had they physically broken into a store and walked off with a bunch of credit-card receipts, would they have received a similar sentence? Or is this just being blown out of proportion because it involves "the Internet"? On top of that, they actually managed to steal nothing ... as the prosecutor said, it was the amount of damage they could have imposed that resulted in the "substantial sentence", not what they actually did. So, in other words, these guys are having a larger book thrown at them than they probably deserve simply because the government would like to make an example of them. Is that a good thing? Perhaps ... but it does indicate that the punishment may not be fitting the crime any too well. That is wrong in and of itself, but has always been the pattern of law enforcement regarding white-collar computer crimes. I suppose that there is a genuine desire to create a deterrent effect (ineffectual as it has been), but there is often an equally genuine ignorance of technological issues by law enforcement.

Re:Three Ring Circus!

[the_mad_poster]

You took a quote from the prosecuter - a guy with a vested interest in slamming people and playing it up so he looks better - as evidence defending the sentence? While there's no technical problem with that, the level of bias is so extreme that I find it hard to believe anyone in their right mind would take it as a reasonable amount of evidence.

I also find it hard to believe they'd have been slapped with that sentence had they stolen the tape backups instead of used a network.

Re:Three Ring Circus!

[FireAtWill]

For reference, a typical sentence for breaking and entering with intent to steal is about two to four years...

Gee. Do you suppose there's a difference between breaking into someone's house and stealing their toaster vs. stealing ALL the credit card numbers at Lowes?

Re:Three Ring Circus!

[the_mad_poster]

you.analogy = new Analogy( type => 'stupid' );

Yea, there's a big difference. But, a smarter person might have used the analogy of "breaking into the Lowes.com hosting facility and stealing the tape backups containing all of the stored credit numbers"

Re:Three Ring Circus!

[The+Only+Druid]

Your analogy fails because this just isn't the same as just stealing the receipts. Stealing the receipts doesn't make people afraid of using the atm; stealing the receipts has a higher burden of risk (in terms of physical capture, etc.); stealing the receipts requires an additional burden of work to process the data.

There is a trade off there; its so much harder to steal the receipts, and so much riskier, that the danger of punishment doesn't need to be as severe to serve as an equivalent deterrant.

Re:Three Ring Circus!

[tzanger]

Thousands of compromised accounts would have lead to quite the theft rings... this is a little bit more serious than simply breaking in.

So where's the millions of dollars' worth of fines for Lowes for having that kind of information available on a wireless in-store network? Come on now, both parties here are pretty damned guilty.

Re:Three Ring Circus!

[OverlordQ]

Should be a federal crime since they could argue they 'crossed state lines' in order to commit the felony.

Re:Three Ring Circus!

[William+Baric]

The main idea behind jail time is dissuasion. If your chances of getting away with your crime are higher, than sentences should be longer. It's easier to catch a guy who breaks into a house, than a guy who access a wireless network from somewhere.

Re:Three Ring Circus!

[geoffspear]

Oddly enough, the Founding Fathers in our country devised a clever system of legislation and trial by jury so random people don't have to produce evidence to defend a sentence to you. The prosecutor "defends" the sentence he's asking for to a judge and jury, and the other side even gets to present its case with no intervention from anyone on slashdot. It's worked pretty good for over 200 years.

Re:Three Ring Circus!

[eraserewind]

Yes, one has the potential to become violent.

Re:Three Ring Circus!

[Brian_Ellenberger]

On top of that, they actually managed to steal nothing ... as the prosecutor said, it was the amount of damage they could have imposed that resulted in the "substantial sentence", not what they actually did.

I don't believe criminals should be rewarded for incompetence. We are punishing them for stealing credit card numbers. Why should the fact they weren't good at it change anything? Should we rather let people off easy until they get good at it and succeed? What will that teach them (or other wannabe criminals)?

Brian Ellenberger

Re:Three Ring Circus!

[darkPHi3er]

"the prosecuter - a guy with a vested interest in slamming people and playing it up so he looks better

A "prosecuter(sic)", is actually a guy who represents;

1. The Victims -- the MILLIONS of hardworking, honest people who have been victimized by the more successful attempts of morons like these guys, and as the skyrocketing dollar costs of identity theft/fraudulent CC transactions are just simply passed along to the other CC holders, he also represents

2. The Indirect Victims -- ALL that mass of people who need consumer credit to buy toys at seasonal holidays, pay for medicine for their sick dependents, and the great bulk of the other uses of consumer credit, that make peoples lives more pleasant and comfortable and their CC charges just keep going up and up, largely because of successful versions of Brian Salcedo.

3. The Constitution of the United States, the Guiding Documents of the individual states and municipalities -- ALSO KNOWN QUAINTLY AS "THE RULE OF LAW", I wonder how long ANYONE but the wealthiest would have credit cards, if CC fraud wasn't prosecuted vigorously????

Prosecutors are, similarly to most productive civil servants (and there are PLENTY of NON-productive civil servants, esp here in SoCal) generally overworked, underpaid and completely dedicated to "slamming" people such as; killers, rapists, burglars, robbers (essentially what people who specialize identity theft are), child molesters, and their ilk...

While we can all argue the logic and sensibility of keeping some person who sold/used some small quantities of banned substances in prison at 40K+/year, seemingly to provide "sex toys" for lifers.

The simple fact is, OTHER THAN DRUG CRIMES, which are after all still "crimes", and could rather easily be decriminialized (in MOST states) by ballot propposition (as we did here in Cali)...THE MAJORITY OF NON-DRUG RELATED CRIMINALS IN AMERICAN PRISONS ARE GENUINE BAD GUYS....

In Cali you have crack dealers, caught with serious "trafficking weight" on 3 or 4 SEPARATE arrests out on bail for 6 months to 2 years before they finally go inside.

Kevin (who i've met, i worked with his mother years ago) was a POLITICAL PRISONER, esp at the end of his "formal sentence", when the system just kinda "kept" him for a "while" longer...Kevin was a "cracker" who "missed the message", when they stopped the "hand slap" policy that had been in place 10 years ago...wrong crime, wrong time.

China, Myanmar, Cuba and numerous other countries have thousands and thousands of political prisoners...tortured, raped, beaten ...they deserve our support and indignation.

Castro murdered some "dissidents" some months back, not even "capitialist provocateurs", but Socialist fellow-travelers who had the nerve to question his social policies....

Brian Salcedo is just a crook, using a computer instead of a gun...be interesting to see how that goes over with the Triple Lifers in the GenPop...hope he's good with his hands.

BTW, Since Mr. Salcedo "Pled Out", you can bet, the 9 years he plea bargained for, was prob about 1/3 to 1/2 of what he would have received at trial. If he didn't like the arrangement, he could have taken his chances at trial.

Re:Three Ring Circus!

[Lumpy]

On top of that, they actually managed to steal nothing ... as the prosecutor said, it was the amount of damage they could have imposed that resulted in the "substantial sentence", not what they actually did.

sweet this set's a pattern up for lawyers to use.

"your honor, when we pulled him over he had a rifle in his trunk, he had the potential of not only shooting several hundred people, but the car he was driving could have been used for mass murder also... instead of a $50.00 running a stop sign fine, I suggest the death penalty based on amount of damage he could have imposed."

Makes you really want to live here in the US eh?

Re:Three Ring Circus!

[qwp]

I agree with your point of view. To often is our legal system thrown out of the reality of life by things they just view as being too large. You say "The Internet", when really this incident did not have a single aspect of the internet it was all corperate networks, That sound horribily unsecure and asking to get messed with. You could blame the store for having a broadcasting wireless network (it's like a neon sign above their open loading dock full of product). While stealing is wrong, and their goal was illegal, we should not forget the failures of the company and how they are being overlooked just because these people got jail time. Will this stop war driving? no because it's not illegal. it's public airwaves, the currupt Fcc told me so.

Re:Three Ring Circus!

[ScrewMaster]

I didn't say let them off easy ... I said "punish them for what they did." If they were truly incompetent then they weren't much of a threat to begin with, and if they were criminal geniuses who just happened to get caught (through blind luck or brilliant police work or whatever) before doing any damage ... again punish them for what they did, not some fantasy created by the prosecution. The idea that we can simply manufacture some potential future crime and convict people with that synthetic breach of the law ought to scare people. You wouldn't like it if a cop pulled you over, and while he was walking towards your car pulled out his nightstack, bashed out your taillight and then gives you a ticket for having a broken taillight. Would you?

The Justice System's job isn't to teach criminals anything ... its job is to catch them, and if they are found guilty of a crime to punish them! Fabricating a criminal act (no matter how likely it may appear that the individual(s) would commit said act in the future) is wrong, and really goes against the grain (if you're American, at least.) It's really too bad that our system has sunk to this point.

Re:Three Ring Circus!

[the_mad_poster]

I don't really know what most of that has to do with my original post, but I felt the need to respond to this particular piece:

THE MAJORITY OF NON-DRUG RELATED CRIMINALS IN AMERICAN PRISONS ARE GENUINE BAD GUYS

It's a crying shame, however, that, according to the USDOJ itself, in 2001 55% of the federal prison population was incarcerated for a drug offense.

So.... a majority... of the minority..... is made up of genuine bad guys.

Nice.

Incidentally, he didn't commit CC fraud, he committed what is the equivalent meatspace felony of "Breaking and Entering with Intent to Steal".

Re:Three Ring Circus!

[Fallen+Seraph]

For this, I'd like to use the analogy made in "Minority Report." You roll a ball across a desk. You know that ball will roll off the desk unless it's stopped by a force. IT's not making the ball roll off by thinking it will, it's just an inference which os rather obvious. If they caught these guys with proof that they installed a program that captures cedit card info on Lowes computers, then isn't it obvious that they weren't just gonna look at it and go "Oh wow, that was cool!" and then burn it? It's one thing to hack a computer system for the hell of it, or to point out to the owner that they have an exploitable flaw in their network, but maliciously hacking a system for the sake of monetary gain is wrong.

Re:Three Ring Circus!

[StormReaver]

"your [sic] honor, when we pulled him over he had a rifle in his trunk..."

Using your (very poor) analogy, let's make it resemble the case at least somewhat:

Prosecutor: "Your honor, when we found him, he was perched on the top of a hill using his sniper rifle to zoom in on innocent bystanders. He didn't actually shoot anyone, but only because we stopped him before he could pull the trigger."

You: Well, those people shouldn't have been walking around where the sniper could see them.

Re:Three Ring Circus!

Thats a poor analogy... it ignores intent. A better analogy would be:

"your honor, they planted a large bomb in the basement of a building. this bomb had the capability to blow up the entire building and kill everyone in it, but their bomb only partly blew up because they did not how to work the XXXX so it only blew up two or three people"

Re:Three Ring Circus!

[Kehvarl]

I think the point is:
They may have intended to steal credit information and use it illegally, but they hadn't done it yet. what they had done was break into the system and install a program they had no authorization to install and which was put into place with the intent to commit a crime.
They should not have their guilt or innocence, or their sentencing, affected by the possible (probable, definite, etc) future misuse of illegally gathered information. The fact that what they had already done was a crime and had criminal intent should be the only consideration in the case. If that wasn't the only consideration, if a possible (probable... ) future event was considered (while bearing in mind that considering that future event does not prevent or deter it in any way) then the individuals are not being fairly tried.

then again, I'm not a lawyer, I could be wrong, or I might be an idiot.

Re:Three Ring Circus!

[Kehvarl]

Wouldn't a more apt analogy be

they broke into the building with the parts of a bomb, and assembled it (possibly incorrectly) with the intent of using the future explosive blast to breach the vault and make off with the contents thereof.

Re:Three Ring Circus!

no, because current legal trends are working to equate mere possesion of the tool as intent.

therefore lumpy is dead on.

Re:Three Ring Circus!

I find that a pretty good measure of someone's level of fanaticism is the amount of ALL CAPS they use in their communications.

Re:Three Ring Circus!

Fair enough, but I'd also add clarification on how intent was established (i.e. - assembled it adjacent to the building safe in the basement in apparent preparation to breach the vault)

Re:Three Ring Circus!

[hesiod]

> I think the massive amount of potential loss that these defendants could have imposed was astounding, so that's what caused us to seek a substantial sentence against Mr. Salcedo

The massive amount of potential damage you can do with that gun is astounding, so obviously you belong in jail.

I don't agree that "potential" should be considered ANYTHING like "actual."

Re:Three Ring Circus!

[hesiod]

It's too bad your post is at 0, because I agree completely.

Re:Three Ring Circus!

[hesiod]

> your [sic] honor

How do YOU spell "your?"

Re:Three Ring Circus!

[Kehvarl]

My post is at zero because so many of my posts are far less helpful that the mods need to protect the world from my babbling.

Actually, I think I should thank them for it some day.

Re:Three Ring Circus!

[hesiod]

> If your chances of getting away with your crime are higher, than sentences should be longer.

Sweet, so if I shoot someone in public and hang around a few hours, my chances of being caught are higher, and ergo, a shorter sentence! I'll have to keep that in mind.

Chances of getting caught should not enter into it, only the damage that you caused.

Re:Three Ring Circus!

[William+Baric]

If you surrender to the police after killing someone and if you say you are guilty, then your jail time will be shorter. That's a fact.

As I said, the main idea behind jail is dissuasion (not punishment). So chances of getting caught SHOULD enter into it. If your chances of being caught are slim, then dissuasion will work only if the punishment is important. You may not agree with this, but I do and that's how things work.

Re:Three Ring Circus!

[hesiod]

> You may not agree with this, but I do and that's how things work.

That is NOT how things work. Sentencing is an arbitrary practice that does not accurately reflect the damage done OR the chances of getting caught. Some are, but in general I do not agree.

they got the wrong guy

They should lock up the fool that set their network up!

Re:they got the wrong guy

[idiotfromia]

I guess you missed the "No data was actually collected however" part. They did install some software, but nothing stolen.

I don't understand why anybody would think to use a wireless network for a system that transmits credit card information.

Re:they got the wrong guy

[Fjornir]

I guess you missed the "No data was actually collected however" part

Huh. That's the same line Washington Mutual (my bank at the time) tried to give me after the kozmo.com breakin of 2000 -- the one where my credit card got canceled without notice (lucky thing my fiance had her plastic on her the night we found out: we were entertaining for business purposes...)

For the record: I don't _know_ it was kozmo who got hacked on that one. All I _know_ is the phone drones said they didn't know who'd been compromised but one of them let slip it was an online vendor. A review of the statement showed it'd been used online with only one online entity. Draw your own conclusions.

Re:they got the wrong guy

[Hawke666]

It's unfair to on one hand charge someone with something, and simultaneously claim that it didn't happen. So either they did gather the cc numbers and should (perhaps) be charged with their theft (whatever that means, which is imo nothing) or they did not and should be charged only with the *attempted* theft of credit card numbers.

Re:they got the wrong guy

[NetNifty]

Maybe they would be if the US had a data protection act similer to that of the UK (iirc the business who stores the data is responsible for keeping data to only people who are allowed to access it).

Re:they got the wrong guy

[zarkzervo]

I'm pretty sure we could pin this on those notorious P2P-guys. You know the ones I'm talking about. ;)

If a person can be convicted for war driving

The an admin who sets up an unsecure wireless network should be convicted for stupidity.

Re:If a person can be convicted for war driving

Nice idea, but convicting for stupidity would see too many world leaders put in jail

Re:If a person can be convicted for war driving

And that would be a bad thing?

Re:If a person can be convicted for war driving

[tiny69]

The an admin who sets up an unsecure wireless network should be convicted for stupidity.

I take it you've never gone wardriving before.

Re:If a person can be convicted for war driving

Yes, because I am one of them!

Re:If a person can be convicted for war driving

[krbvroc1]

[] an admin who sets up an unsecure wireless network should be convicted for stupidity.

Interesting concept... So lets say someone leaves there front door unlocked, should they go to jail if someone breaks in? Perhaps the front door is locked, but the dog door is unlocked? What if the the windows don't have bars on them?

What bugs me is that the guy illegally accessed the computer but was not successfull in retreiving credit card information. Is such a long term warranted? What about the Corporate crime bosses who bilk millions or billions from people via fraud - they never get this level of sentence.

Re:If a person can be convicted for war driving

The an admin who sets up an unsecure wireless network should be convicted for stupidity.

Want to really annoy a wardriver? Set up an access point with no WEP and no password, but don't connect the uplink port. They go nuts trying to figure out why it isn't working :)

Re:If a person can be convicted for war driving

Mr. Bush, you're under arrest. You have the right to remain silent...

Re:If a person can be convicted for war driving

ok grammar police lock me away as well.

Re:If a person can be convicted for war driving

[mjh49746]

In my opinion, it doesn't matter whether or not he was successful in stealing the credit card information. He was still trying to do it with the full intent of breaking the law. That's a crime in itself. Same as with everybody else that participated in the cracking attempt or knew about the crime and did nothing to stop it. It's also a crime. That's why when you attempt to kill somebody without actually killing the person, you go to prison for attempted murder. IMO, attempted murderers ought to serve the same as real murderers, but that's just my opinion.

Now, why do corporate crime bosses get off so easy for bilking people out of millions? It's the same reason why Hollywood actresses don't serve time for shoplifting. Money, power, and politics. Trust me, the rest of us peons WILL pay full price via canned judgements for our crimes (real or imagined) because nobody really gives a shit about the weak and unknown.

Re:If a person can be convicted for war driving

[mjh49746]

Too bad stupidity isn't a crime. If it was, then ALL of us would be lifers.

Re:If a person can be convicted for war driving

[radish]

What about the Corporate crime bosses who bilk millions or billions from people via fraud - they never get this level of sentence.
Andy Fasto (CFO of Enron) got 10 years.

Re:If a person can be convicted for war driving

[miu]

What bugs me is that the guy illegally accessed the computer but was not successfull in retreiving credit card information. Is such a long term warranted? What about the Corporate crime bosses who bilk millions or billions from people via fraud - they never get this level of sentence.

Both types of criminal are scum and should do some jail time (in an actual jail), but the kind of scum who commit crimes with knowledge rather than position and family connections are obviously more dangerious (and didn't go to the same private schools as the people who run things) than aristos stealing from the great unwashed.

Re:If a person can be convicted for war driving

[krbvroc1]

Andy Fasto (CFO of Enron) got 10 years.

True, but a rare 'make an example of him' sentence. When I said they do not get 'this level of sentence', I meant proportional to the crime, not absolute length. Andy Fastow was part of a Fraud where he personally gained $80 millions dollars. His scheme ultimately bilked investors (as well as others) out of $70 Billion dollars, ruined thousands, if not tens of thousands peoples lives, contributed to the recession, damaged communities, etc.

In 2002, the US Sentencing Commission increased maximums for white collar crime--only time will tell if the tougher guidelines actually get applied. Somehow I doubt it.

Re:If a person can be convicted for war driving

He was convicted of stupidity and sentenced to a lifetime of working at Lowes.

Re:If a person can be convicted for war driving

[Lord+Kano]

So lets say someone leaves there front door unlocked, should they go to jail if someone breaks in? Perhaps the front door is locked, but the dog door is unlocked? What if the the windows don't have bars on them?

If that person's windows and doors were broadcasting the contents of the home on public frequencies, maybe.

LK

Re:If a person can be convicted for war driving

So lets say someone leaves there front door unlocked, should they go to jail if someone breaks in?

Bad analogy. An insecure wireless network is basically saying "here I am!" and blindly following out the orders it is given from anybody who replies.

To make your analogy work, the person would not only have to leave their front door unlocked, but stand out on the street saying "you can enter my house" to every single person that passes by.

Re:If a person can be convicted for war driving

[Fulcrum+of+Evil]

So lets say someone leaves there front door unlocked, should they go to jail if someone breaks in?

Contributory neligence - if they left a shop's door unlocked and someone walked off with some receipts, then bought a crapload of stuff off the internet, would that someone be liable?

Re:If a person can be convicted for war driving

[krbvroc1]

Bad analogy. An insecure wireless network is basically saying "here I am!" and blindly following out the orders it is given from anybody who replies.

Is it really that bad of an analogy? If the door was unlocked but had a sign on it that said 'homeowner only' or 'keep out' what about that? If the 'insecure' wireless network was not truly open, but had a 64-bit WEP enabled, isn't that a close analogy?

Re:If a person can be convicted for war driving

If the 'insecure' wireless network was not truly open, but had a 64-bit WEP enabled, isn't that a close analogy?

Yes, it would be a close analogy in those circumstances. But I think the OP was referring to "truly" open wireless networks, and the analogy doesn't work for those circumstances. I certainly wouldn't call somebody stupid for buying a product and turning on the encryption only to find out that it wasn't good enough at a later date, that's why I don't think the OP was either.

Re:If a person can be convicted for war driving

[theflavor]

You don't punish people for leaving their doors unlocked, it is known that you don't go in unless it is your property. IANAL, but I believe its first degree B&E if you enter through an open door ( or open wireless network in this case) and just look around If I don't want to lock my doors; I don't have to, but I do know that people will be punished if they enter on to my property without permission.

Re:If a person can be convicted for war driving

[westlake]

"Contributory neligence" may limit your recovery in a ordinary civil suit for damages. It has nothing whatever to do with criminal responsibility. The thief and only the thief goes to jail.

Re:If a person can be convicted for war driving

[bobstaff]

I've never understood the concept that because you tried to something and failed you should get less time than if you succeeded. The intent to commit the crime was there and the criminal should be punished to discorage them from trying again (and maybe succeeding).

I've never understood for example why attempted murder is a differnet crime from murder. Just because a guy is not a good shot, or did not know how much poison to use, does not mean it's any safer to have him in society.

Re:If a person can be convicted for war driving

that network should not have been wireless in the first place.............

bunch of retards...........

Re:If a person can be convicted for war driving

[ingsocsoc]

The sysadmin was responsible to the company and all the people relying on the network, not to mention the customers! Everyone uses your analogy, but in this case it's quite wrong.

Re:If a person can be convicted for war driving

[Cryptacool]

Uh.. The difference here is that the admin is accountable to someone, namely stockholders (blindly assuming lowes is a public company) as well as to the government under Sarbanes-Oxley (it wasn't in place when this happened though). His failure to excercise due dilligence is in facts grounds for him to be fired, as well as a whole lot government fines. So if you replace the word "house" with "bank" and "go to jail" with "levied with massive fines". Then yes. Yes they should.

Re:If a person can be convicted for war driving

[gewalker]

But if you are a cop, you're glad stupidity is not a crime because you would be busy 24x7 arresting people.

Re:If a person can be convicted for war driving

[Politburo]

If that person's windows and doors were broadcasting the contents of the home on public frequencies, maybe

What does that even mean? If someone has a sign that says "I have $1,000,000 cash" on their home, it doesn't make a theft justified. Stop blaming the victim!

Also, windows do broadcast the contents of the home: you can look through them! Are we going to say burglary is okay because the blinds weren't closed? I hope IHBT.

Re:If a person can be convicted for war driving

[l0b0]

So lets say someone leaves there front door unlocked, should they go to jail if someone breaks in?

If someone knowingly leave their house unlocked, I guess they'll be eligible for PMITA jail-time for attempting insurance fraud?

Re:If a person can be convicted for war driving

[WoBIX]

Should incompetence be rewarded?

It's like people who get lesser sentences for attempted murder. They *tried* to kill someone, yet they're rewarded for ineptitude by receiving a lesser sentence.

Re:If a person can be convicted for war driving

[Lord+Kano]

• If that person's windows and doors were broadcasting the contents of the home on public frequencies, maybe

What does that even mean?

It means that the comparison is idiotic. Wireless networks broadcast access on public frequencies into public spaces. It's nonsensical to compare a wireless AP to a house because your windows don't provide access to the possissions in your home from hundreds of feet away. If someone could drive past your house and magically acquire any item inside of it simply by seeing it, then the comparison would be valid.

LK

Re:If a person can be convicted for war driving

[medep]

"attemped murder, what is that anyway? do they give a nobel prize for attemped chemistry?" --Sideshow Bob

Re:If a person can be convicted for war driving

[theLOUDroom]

Interesting concept... So lets say someone leaves there front door unlocked, should they go to jail if someone breaks in? Perhaps the front door is locked, but the dog door is unlocked? What if the the windows don't have bars on them?

Actually, it's more like leaving all you furniture out by the curb for someone to walk off with at will. You're broadcasting its presence to the rest of the world and you have no reasonable expectation of privacy.

Wireless signals are accessible by EVERYBODY. They are not constrained by the notion of "private property" like your house is.

The most fitting analogy I can come up with is leaving a breifcase full of credit card information sitting on a park bench DELIBERATELY.

Yes, using that information for nefarious purposes is illegal, but leaving it laying around somewhere with no reasonable expectation of privacy is negligent. One might even consider it criminally negligent. If you were in the UK, it sounds like their privacy laws would agree with you.

What about the Corporate crime bosses who bilk millions or billions from people via fraud - they never get this level of sentence.

In our society, some people are more "equal" than others. It's fucked up but it's a given when you let someone have 1E9 dollars to themself. The only way it's ever going to get fixed is if we realize that capitalism != democracy, and adjust or society accordingly.

Re:If a person can be convicted for war driving

[Java+Ape]

I think a more appropriate analogy for an unsecured wireless network would be somebody who chooses to store all their belongings in an unfenced yard.

If all of your stuff is scattered all over the lawn and easily available to every passer-by, you should expect some of it to dissappear. Yes, it's still theft, but you contributed to that theft through gross negligence, and your homeowner's insurance shouldn't have to to pony up for replacements!

This case is like the above, except that the guy got caught trying to steal the stereo left laying on the lawn, and now he's being charged with burglary and breaking and entering. Attempted theft I'd agree with, but the rest of this is bogus.

Re:If a person can be convicted for war driving

So by your logic, as well as a few others, if your son were to leave his Bicycle in your front yard and someone stole it. You should go to jail.

Re:If a person can be convicted for war driving

Actually, it's more like leaving all you furniture out by the curb for someone to walk off with at will.

Actually, its like leaving all your neighbors' furniture out by the curb.

Re:If a person can be convicted for war driving

[Java+Ape]

No, by the logic I outlined. If my son left his bike in the yard, and it were stolen, I should be able to charge the crook with simple theft, not breaking and entering, burglary, and depraved indifference. Furthermore, I'd probably talk with my son about the wisdom of leaving the bike out. The problem with the "anti-hacker" laws is that they heap penalties on top of actions that were already illegal. The guy in the story was a jerk, but punish him for (attempted) theft, and intent to defraud (or whatever statute covers such things), but don't add a random bunch of years to the sentence because a computer was involved. That was the point I was trying to make.

Wardriving...

[sH4RD]

Wardrivers like that give the wardriving community a bad name. Some wardrivers just want to find free and legal hotspots, and others (although they could have good intentions) just want a free net connection. Wardriving as a cheap way to access corporate networks is just bad taste...

Re:Wardriving...

[Spy+der+Mann]

My question is: Why couldn't wireless communications use public key encryption in the first pla - THIS POST BANNED BY THE US SECURITY EXPORT REGULATIONS - oh... nevermind.

Re:Wardriving...

No... Wardrivers like this give the wardriving community a worse name.

Even the best wardrivers are constantly pleading ignorance... "If they didn't want me using their wireless network, why didn't they protect it? How am I supposed to know if it was intentional or not?" They know full well that there is a high probability that an unprotected hotspot is unintentional, so it is *unethical* to assume otherwise. It would be fine if they would simply get permission first, but how often do they even try? Rarely, if ever, because they know they would be turned away 99% of the time. That's assuming they can even figure out who to ask... And if they can't, tough luck.

Re:Wardriving...

Wardriving is for people that want to look at kiddie pr0n without using their own Internet connection.

GOOD

I hope you rot in jail

This begs the question...

[BlueCodeWarrior]

including one of the first people to ever be convicted of wardriving.

Can you be really convicted of wardriving, or just something you do illegally while you're wardriving?

According to the wikipedia article in the blurb:
Although acessing the files on an open network is illegal, it is not illegal to simply use the internet connection of an open wireless network, this is a common misunderstood concept. Most wardrivers do not in fact use services without authorization.

Seems kind of like saying, "He was convicted for using the Internet" when someone gets convicted of cracking.

Another thing...so you can use the connection, but you can't use any files? What's the justification for that? If you leave the network open and allow it to be used and you leave files open on it, how can it be illegal to use them?

Re:This begs the question...

[anagama]

I wish there was a stronger citation to "wardriving is not illegal" than wikipedia, e.g., a statute or published appellate case. Something that would stand up in court as mandatory authority (encyclopedias etc. would be "persusive" - following the logic of an encyclopedia is optional - mandatory authority is, well, mandatory (not optional)).

By analagy though, if someone leaves a porch light on, and it lights the sidewalk, I would never face legal problems merely by using the light cast on the sidewalk to watch my step. By the same token, if someone leaves an open wireless access point on, and I walk by, I should also be able to use the radio waves as freely as I did the visisble light waves from the porch light.

Of course, there is a weakness here - with the porch light, the transmission is one way (although I do "use" it). With a wireless ethernet connection, the transmission is two ways. A better analogy is in order perhaps.

Re:This begs the question...

[OverlordQ]

because even if I leave my gas pumps on all night when I"m not there, you driving by and using my service is still illegal.

Re:This begs the question...

[LMariachi]

No analogy is needed. Unlike the light from a porch lamp, use of a(n open) wireless connection involves an explicit grant of permission from the access point:

AP: "...hello hello here I am hello hello here I am hello..."
Wardriver's Laptop: "Hail and well-met, kind sir. May my DHCP client beseech you for the favor of an IP address?"
AP: "sure here you go it's 192.168.1.13 hello hello here I am hello..."
WL: "God bless you, my good fellow!"

Re:This begs the question...

Another thing...so you can use the connection, but you can't use any files? What's the justification for that? If you leave the network open and allow it to be used and you leave files open on it, how can it be illegal to use them?

Just because you are able to do something does not mean you are permitted to do it. That is why the law is there.

If you leave your door unlocked I am able to take your stuff, but I'm not permitted to by law.

You are able to shoot me with a gun, but you are not permitted to. And it doesn't become my own fault because I wasn't wearing a bullet-proof vest.

Some hackers have the philosophy that you should be allowed to do anything that you are able to do. But if that was the case there would not be a need for any laws.

You don't need to legislate to stop people doing things that they can't do. You need to legislate to stop people doing things that they can do, but which they shouldn't do.

Re:This begs the question...

then the wikipedia is probably wrong, you are using their resources without permission, therefore commiting theft as you are depriving them of bandwidth at that given time.

Re:This begs the question...

[jjhall]

You could stretch this analogy (best one I've seen yet, by the way) to the next level with open shares.

Open Desktop (OD): ...Files, files to share... Files, files to share...

Wardrivers's Laptop (WL): Oh, hello there Mr. Open Desktop. Do you have any files I can have?

OD: Well, I was told "everybody" should have access to it, so here is a list of what I have.

WL: That is a pretty nice list there. How about that MS Money file you have, may I please have a copy of it, kind sir?

OD: Just like the list, I was told "everybody" can read it, so let me send it on over.

WL: Thank you very much, be safe.

By that same analogy, the Windoze XP desktop is giving literally "Everybody" full rights to the shares that are turned on. Scarry thing is, that is the default way for the files to be shared. If I recall correctly, Windows 2000 gave read-only rights to everybody, but that is still just as bad.

While I don't sympathize with the crackers that are using the data available to them for less-than-good purposes, I don't feel very sorry for the people who set up open access to their systems. Wireless, and really computers in general to some degree, are advanced technological devices, and should not be used unless the user possesses enough understanding about what they are doing.

Now don't get me wrong, I have no problem with Grandma using her computer to type letters and surf the Internet. More power to her. But she should have someone who knows what they are doing set up her Internet access for her so that they ensure she is as safe as possible from the threats that are present. Would Grandma go buy a natural gas or propane fireplace and try to install it herself? Of course not. She hires someone qualified (and in this case, certified) to do it.

The same thing should go with Wireless access. People that have no concept of security, or even configuration are taking these things home and plugging them in. They have no regard for any other access points running in the area, and have a very good chance of interfering with other people. They run with not even basic security enabled at all, yet they are part of the group that is the first to cry foul when somebody has some "valuable" data taken.

I've had to change the channel I had been running mine on for several months in order to get away from people who had just set theirs up on the same channel as mine. I even went to them to see if they minded changing their channel (there ended up being 3 of us on the same channel within a 5 house radius) and they basically said "I don't know anything about that," and refused my offer to help them or do it for them. I just changed my channel and let the two of them keep interfering with each other.

Now DSL is becomming available in our area, and the modems QWest is shipping are defaulting with Wireless on, even if the people using them don't have any wireless devices. I think all wireless devices should ship with the radio off, and the user must specifically enable it. That would be a good start. If the device could scan for channels in use near by and avoid them by default, even better. If a user tries to specifically go on a channel already in use, fine, but it should not default to a configuration that will harm an existing installation.

I know that would be a lot to ask, but enough is enough. Like I said, I have no problem with "everyone" having access to these devices, but they need to learn to use them properly. I view it like cars. Everybody that drives one has a responsibility to learn and prove they understand the operation of the vehicle. I don't expect them to understand pushing on a brake pedal causes the master to pressurize the hydraulic system and compress the brake pads against the rotor. But I do expect them to know that pushing on the brake pedal stops the vehicle.

On the same token, I don't expect everybody who uses 802.11 gear to know that channel X operates on a Y centered frequ

Re:This begs the question...

[maximilln]

I've had to change the channel I had been running mine on for several months in order to get away from people who had just set theirs up on the same channel as mine

I'm convinced that all my neighbors reconfigure theirs to be on my channel once every few months. I started out on 4, then 8, then 3, now 2...

Re:This begs the question...

[jjhall]

Most access points I have seen default to 6. I wanted to be as far away from that as I could, so I picked 11. When I got my new PDA, I noticed the signal strength was unacceptable over most of my house, and determined it was due to the addition of 2 other APs, same channel.

Knowing the only discrete channels are basically only 1,6, and 11, I then changed mine to 1, hoping to avoid both 11 and the default of 6. I got a new access point a few weeks ago (went from 802.11b to g) and when configuring it noticed there was another AP on 1 now.

So now I'm running on 6, which I don't like, because for the time being it is the only discrete channel available. I am working now to try to coordinate between my neighbors and I to go to the 1,4,8,11 scheme due to lack of available options. From what I have read, even there is some overlap between channels, it is so little in actual use that is is fine.

It just gets back to my point. An AP should not allow itself to be set to a channel that is already in use, unless it warns the user and they accept it.

Jeremy

Re:This begs the question...

"Begs the question" is a technical term for a logical fallacy of assuming the truth of something you're attempting to prove in order to prove it.

So, no, it doesn't beg the question. It does, however, RAISE the question rather nicely.

Wardriving is illegal?

[oldosadmin]

Since when is wardriving illegal?

Re:Wardriving is illegal?

[BlueCodeWarrior]

As I said in my post above:
From wikipedia:

Although acessing the files on an open network is illegal, it is not illegal to simply use the internet connection of an open wireless network, this is a common misunderstood concept. Most wardrivers do not in fact use services without authorization.

Re:Wardriving is illegal?

[oldosadmin]

Yeah, stupid rate limiter made your post come up before mine. I'm just waiting for the -1 Redundant now ....

Re:Wardriving is illegal?

[tetranitrate]

It seems to me if you are going to broadcast information, via public airwaves through a wireless router, then that data is public information. Maybe even sending data to that same base station is legal (as those devices must accept "interference", even that which may be deemed harmful. The problem is when you actually start breaking into corporate networks, or accessing resources on private property. So I don't see wardriving as being inherently illegal, it depends on how you go about it and how far you go that determines what other laws you break (in this case probably related to cracking and credit card fraud).

Re:Wardriving is illegal?

[tiny69]

Yeah, stupid rate limiter made your post come up before mine. I'm just waiting for the -1 Redundant now ....

That's not always the case. If a moderator has his setting to read "Newest First", then the moderator will see your post first. I've had a few posts moderated as redundant because I was the first one to make an obvious comment.

Re:Wardriving is illegal?

[khromatikos]

However In the USA, it is illegal to listen to cellphones and cordless phones which are also using the "public" radio spectrum. This is also extened to: -intercepting encrypted communication -use information heard for profitable gain -use information to commit a crime and this case of wardriving does fall under this category.

Re:Wardriving is illegal?

[kureido]

My guess would be that wardriving is illegal in the same sense that "burglar's tools" are illegal: although hammers, gloves, or even lockpicks (in some states) aren't illegal to possess by themselves, if you intend to use them to commit burglary, they become burglar's tools, and the state can try and convict you on another felony statute violation.

Re:Wardriving is illegal?

[mindstrm]

This is a dangerously bad item in wikipedia.

Just because it's open does not imply permission to use the service.

I'm the first to agree running an open network is stupid, however:

Using my internet connection, which I pay for, without my permission, is theft of service.

Now, if you managed to get on my wireless network because I carelessly left it open, I share some of the blame, for sure. In some places, you might even say my leaving it open was tantamount to permission for you to use it (but then, why doesn't the same logic apply to files on open shares? Same concept).

Just because you CAN access it doens't mean you are allowed to.

Re:Wardriving is illegal?

[asdfghjklqwertyuiop]

However In the USA, it is illegal to listen to cellphones and cordless phones which are also using the "public" radio spectrum.

That part of the spectrum isn't "public" in the same sense the 2.4ghz stuff is. The FCC gave it to the cell phone companies for their use only. On the other hand, everyone has a right to the spectrum used by 802.11. Anyone can transmit or receive as long as their transmissions comply with the standard.

Re:Wardriving is illegal?

[Geoffreyerffoeg]

Since when is wardriving illegal?

Since wardriving was accessing other people's privately-owned networks, with a reasonable expectation of privacy (most people won't try to wardrive for a connection when they don't have their own), possibly for the purpose of accessing other computers on the network behind the firewall.

About the public/private thing: driveways, a large lawn/garden, private parks in housing communities, private roads and parking lots, etc. are still private property on which you can be convicted for trespassing. Even the local mall can have you arrested for trespassing if you violate their rules (no loud music, no spamming cars with fliers, etc.). So it's pretty hard to claim a WiFi network is "public" -- which you're probably basing on the fact they didn't secure it. Is it considered "public" if you use a combination lock on something with a keyhole on the back and other people may have the master key?

Re:Wardriving is illegal?

[BobSutan]

No, its public in the sense that its broadcasted free and clear just like public television. Don't want people using it without your consent? Then lock it down. This is exactly what happened with Satellite television. When using public spectrum, everyone is allowed to access it by its very nature. You do not own the signal even though you're the person who owns the device that it originated from. Don't like? Then take the signal out of the public spectrum, or secure the damn thing (i.e. encrypt it).

Re:Wardriving is illegal?

[mindstrm]

Yes, the use of the spectrum isn't the issue.

It's the use of private services attached to that network that are at issue.

There is plenty of room to argue either way, but blanket statements that "using internet over an open wifi access point is legal" are dangerous, and unfounded.

Re:Wardriving is illegal?

[ktulu1115]

My question is... How do they catch you? If you're on a laptop in a car, wardriving (and illegial hacking) - what evidence would they have? At best they'll get a MAC address which doesn't amount too a whole lot.

Now if you're stupid and keep coming back with the same wireless NIC, then you're asking to get caught. Any takers?

Re:Wardriving is illegal?

If you leave your network open (broadcasting SSID, no WEP/WPA, no access controls) and I leave my notebook/PDA in the default "connect if possible" state, then there will be a connection when I walk by your access point - and it will be solicited by your access point. There's no sane way to see this as (the digital equivalent to) trespassing. Broadcasting beacons is the only standardized way of making a computer readable announcement that a public network is available, so if you make your network available this way, it's entirely your fault when people use it as advertised. Guessing passwords, even default ones, is off limits obviously, but why should my right to use automatic WLAN connections as designed be limited by your unwillingness to abide by the established protocol?

Re:Wardriving is illegal?

[MoralHazard]

About the public/private thing: driveways, a large lawn/garden, private parks in housing communities, private roads and parking lots, etc. are still private property on which you can be convicted for trespassing. Even the local mall can have you arrested for trespassing if you violate their rules (no loud music, no spamming cars with fliers, etc.).

You're wrong, but this is a commonly held misconception about trespass, related in part to people not knowing the difference between civil and criminal law.

Being on private property is NOT a crime. It's a tort, an offense for which you can be sued in civil court. If you've caused (legal) damages by trespassing, you can be sued for an award to compensate for the damage. If you haven't caused any damages, you can probably only be given a restraining order not to do it again. (If you violate a restraining order, in most places, that's a crime on its own.)

Trespass is only a criminal act under certain circumstances. Trespassing in order to commit another illegal act can make the trespass itself into another crime they'll charge you with. Trespass on federal property may be a crime in itself, too.

Breaking and entering is a crime, but by itself, not having anything to do with trespassing. It's not the fact that you entered private property that's the problem--it's that you broke through security measures to do it.

These standards mostly emerge from the understanding in courts that a person's actions are usually the best judge of their intentions. If you happen to trod on your neighbor's lawn, or if you wander across an unmarked boundary from national forest onto private property, you probably don't mean to cause the owner any harm. However, if you walk across your neighbor's lawn, crowbar open his back door, and creep inside, you probably DO mean him harm. Therefore, even if you get caught before you do anything else, the latter action is considered much more severe than the former.

So no, it's not at all self-evident that access to open APs without explicit permission is, in itself, a criminal act. In fact, most of the law that I've seen and cases I've dealt with say the opposite.

Re:Wardriving is illegal?

[Lehk228]

it has nothing to do with using wifi and everything to do with installing credit card capturing software, if the store had an ethernet port on the wall and you plugged a laptop into it and installed a capture program it would be the same.

Re:Wardriving is illegal?

[lemox]

If I remember correctly, they were first incredibly confused as to what was going on. Only after checking the parking lot security cams did they notice that a certain vehicle was there during all of the accesses. Not to mention the fact that the genious wardrivers had a frigging *antenna* poking out of their car.

Re:Wardriving is illegal?

I hope for your hypothetical clients' sake that YANAL. The definition of criminal trespass varies from place to place, and in some states it IS illegal merely to be on someone else's private property when proper notice has been given (e.g., a "no trespassing" sign).

Re:Wardriving is illegal?

[fireboy1919]

One of the big problems there is that WEP is incredibly insecure, even though it uses an encryption standard.

They need something else.

Re:Wardriving is illegal?

[MoralHazard]

I hope for your hypothetical clients' sake that YANAL. The definition of criminal trespass varies from place to place, and in some states it IS illegal merely to be on someone else's private property when proper notice has been given (e.g., a "no trespassing" sign).

You obviously read the post--maybe I should have been clearer. TRESPASS BY ITSELF, WITH NO EXTENUATING CIRCUMSTANCES, IS NOT A CRIME! Trespass in an area with posted warning signs, depending on jurisdiction, may be a crime, like you pointed out.

Now, do you see that what I said, and what you say, are the same thing? I knew you could.

Misleading

[SlayerofGods]

This had very little to do with wardriving other then the fact that is how they found the network.
Instead this has to do with them trying to defraud a company.

Personal financial information wants to be free

[The+Illegal+Pirates]

Dear Sir or Madam:

We, the Illegal Pirates of the Internet Who Must Steal Everything No Matter What, rue the travesty that has lead to the sentencing of our compatriots. We remain dedicated to the theft and infringement of all intellectual property at all costs, including but not limited to financial records and credit card numbers. Rest assured, we will continue our relentless campaign to thieve.

Signed,

The Illegal Pirates of the Internet Who Must Steal Everything No Matter What

p.s. clock!

Re:Personal financial information wants to be free

[gblues]

We are the Pirates Who Must Steal Everything
We just go online and leech it all
And if you ask us why we steal everything
We'll just tell you--we must steal everything!

[apologies to Big Idea/VeggieTales]

Nathan

Re:Personal financial information wants to be free

[n1ywb]

The internet is about the free sale and exchange of other people's ideas! We've done nothing wrong!

--CEO of Kidnapster

Re:Personal financial information wants to be free

[XMyth]

Work at Chuckie Cheese?

Re:Personal financial information wants to be free

[gblues]

Nah, it's a riff off of one of the "Silly Songs with Larry" section of the VeggieTales videos made by Big Idea.

The original song goes:

We are the pirates who don't do anything We just stay at home, and lie around! And if you ask us to do anything, We'll just tell you--we don't do anything!

Nathan

Re:Personal financial information wants to be free

Wow, you have GUTS!

Re:Personal financial information wants to be free

[XMyth]

Chuckie Cheese employees tend to memorize the Veggie Tales songs because they're played there nearly non-stop. Don't ask how/why I know this. =)

This isn't like Mitnick, and prison doesn't work.

[An+Ominous+Cow+Erred]

While I think sentences (including this one) in the United States are excessive, and I think prison in fact fails to solve anything because it is used as a punishment rather than a rehabilitation and in fact makes people worse rather than better, I sort of rankle at this person being compared to Kevin Mitnick.

Kevin had no interest in any sort of financial gain from his activities. He was only interested in exploring and seeing what he could find. He was an annoying guy, but not one with ill intention.

I don't know the details about these individuals, but it seems to be implied that it was a moneymaking operation. That makes it far worse than anything Kevin did.

That said, prison isn't the answer. Only violent people should go to prison (and those prisons should be run such that they don't create the atmosphere for violence inside that they do today -- i.e. don't use the prisoners as an unwritten "punishment" against eachother -- punishment is counterproductive.)

What goes around comes around

[upsidedown_duck]

I bet he isn't looking forward to having his security hole exploited while in prison!

Re:What goes around comes around

[ScrewMaster]

Yes, that will be accomplished using the well-known "Bubba overflow" exploit.

Re:What goes around comes around

[freakmn]

You think they have one of these in his size? Might clear up a few things... Either that, or he might have trouble with another exploit...

Re:What goes around comes around

[Saeger]

Preemptive post about how joking about getting assraped by BubbaAIDS in prison isn't funny. Bla bla bla.

Re:What goes around comes around

[drb000]

His backdoor will be exploited. I have a sense that a Trojan might come into play.

Re:What goes around comes around

[Traber]

ROFL... I nearly choked on my turkey sandwich.

Re:What goes around comes around

Rape isn't funny, you moron.

Re:What goes around comes around

[lanced]

I thought they had a patch for that?

Re:What goes around comes around

Rape isn't funny, you moron.

You're right, but what about the GP post has anything to do with rape? Maybe the cracker has a smart card reader in his ass. It's merely the best way to perform "hot desking" while in the slammer.

Re:What goes around comes around

[LarsWestergren]

Preemptive post about how joking about getting assraped by BubbaAIDS in prison isn't funny. Bla bla bla.

Well, if you stop making the jokes about rape you won't have to read the comments about how this isn't funny, will you.

Re:What goes around comes around

Rape may not be funny, but the post that started this discussion sure as hell was!

A plea to the Slashdot population

[koreaman]

Let me make a few preemptive arguments before the inevitable "Free Kevin"-esque posts start coming by the hundreds.

This guy is a criminal. He robbed people, or attempted to rob them. This is like robbing a bank, only worse. Nobody should show any sympathy for this guy. In fact, for the identity theft and fraud he commited, nine years is much too short of a sentence.

I know that a lot of the people who read this may tend to sympathize with him. This is the nature of /.ers. For proof, look no further than the topic which this is posted under.

That's right, "Your Rights Online." Some editors or submitters apparently think that we have the online right to attempt to steal the property of other people, which if you think about for a minute is absurd.
The reason a lot of /.ers want to sympathize with this guy is the fact that a lot of them are (good) hackers. No matter how dirty his actions were, they don't want to see a fellow hacker put in prison.

But please, think before you post inane things about how our legal system is evil and corrupt. This is good. Thank God for the law.

Re:A plea to the Slashdot population

[finkployd]

He robbed people, or attempted to rob them. This is like robbing a bank, only worse.

Attempting to steal credit cards electronically (and failing) is worse than robbing a bank? By what value system are you making this judgement?

I don't sympathize with him, but I would like to see him get the same sentence as someone who attempted to steal credit cards in meatspace. The fact that electrons were involved does not change the crime and should not change the punishment. I bet it wouldn't be higher than someone who in fact DID commit rape (as this sentence is)

Finkployd

Re:A plea to the Slashdot population

[Drishmung]

Well, robbery involves violence, or the threat of violence. </pendant>

I'd say that it's not just like robbing a bank, only worse.

That doesn't mean I think the sentence is unfair.

Re:A plea to the Slashdot population

You really have to look at what these different people were trying to do. This guy should be punished; I don't know many people that would argue that he shouldn't. But this is a fraud case where they were trying to steal credit card information. Now, the issue of non-violent criminals getting heavy jail sentences is a debate for another post.

Kevin's intentions were more aligned with that of an explorer. Still, though, he broke the law, and I'm sure he will be the first to tell you that he did wrong and deserved to face those consequences. The issue with Kevin's case was not that he, or others, didn't feel he should face the charges; it was that he wasn't being allowed to face them. He was being held without even a bail hearing. Now, EVERYONE gets a right to a bail hearing, even if it gets denied in court, but Kevin wasn't. He was being held for a long time without a trial.

The outcry for Adrian Lamo, after his arrest, wasn't due to unfair treatment, but it was looked at as a similar situation as Kevin's. He didn't have intentions of causing any financial harm, and was just curious and liked to look around, perhaps in places where he shouldn't. Once again, Lamo was willing, to face the charges against him, and did. The people that were keeping an eye on his case were people that just wanted to make sure that his case wasn't going to be handled like Kevin's. Adrian's sentence was fair, and his case was handled well. An appropriate punishment was given, and he's dealing with that as he moves on with his life.

Now this shouldn't turn in to a debate about Kevin or Adrian, but it is important to see the differences in these cases. These guys in the Lowe's case were out there trying to steal credit card information, and really should be looked at in a far different light than those just looking to learn and explore. While even innocent 'exploring' can cause real damage, it is a far cry from the fraud we see here.

Re:A plea to the Slashdot population

[koreaman]

It is worse than robbing a bank because when you rob a bank, you hurt a corporation. When you do this, you hurt people.

People may include old, helpless grannies.

Think of the grannies!

Re:A plea to the Slashdot population

[iminplaya]

Thank God for the law.

Believe me, God had nothing to do with it. Since non-violent crime is so worthy of prison time to you, we should be nailing people for failure to come to a complete stop at a stop sign. They are far more dangerous. Ah, sweet revenge...

Re:A plea to the Slashdot population

[mindstrm]

How many credit cards could have been stolen? Someone who fails to rob a liquor store gets less of a sentence than someone who fails to rob an armored car with a few million dollars inside. Same thing here.

He wasn't just lifting a few credit card numbers from a branch, he was trying to get tons and tons of numbers from all the stores in the country.

Re:A plea to the Slashdot population

That's right, "Your Rights Online." Some editors or submitters apparently think that we have the online right to attempt to steal the property of other people, which if you think about for a minute is absurd.

No they've probably posted because they think the sentence is excessive for the crime. That you can be put in jail for this alongside murderers and rapists and come out a harden criminal is what's absurd. He should be punished, certainly, but not like this.

This is good. Thank God for the law.

That explains it all. You're a religious nut! I bet you're pro- captial punishment too? God has NOTHING to do with the law. Different people believing in different things including different Gods need to be bound by the same laws.

Take your "my God" crap somewhere else. What's next. My God is better than your god. Nyer nyer. Lets go civilize some heathens?

Re:A plea to the Slashdot population

And how long of a prison sentance does an *attempted* bank robbery garner? Keep in mind that this would be a bank robbery with no guns, hostages, or physical threats.

ID Theft and fraud? The article mentions none of that. In fact it says no data was compromised.

If he had actually stolen the credit cards and fraudulently used them, you might have a point.

People think that a prison sentance is a deterrant. It's not. No one thinks they are going to get caught. They should have slapped him with a fine, community service, and a ban on his internet. They keep watch on him for a few years, end of story.

Do you fucking understand how long nine years are? Rapists and murders get away with less than that. I hope you don't actually think that any amount of money is worth more than a human life.

This also begs the question, what the fuck is credit card data being stored by Lowes for, or , why is it being sent to a central office?

These fucks didn't even steal anything, but assholes steal money all the time on eBay, does anyone throw them in prison?

Seriously, what the fuck. They try to steal money, 9 years. Then people steal twenty dollars from me, and nothing happens to them.

Your law is fucked koreaman.

Re:A plea to the Slashdot population

Ok, for one, a punishment comparison to rape is a bad one at the least. I think flesh crimes are far worse than digital ones. and no, rape is punished with from 15 to 25 per incident. I do think they should be punished, they were commiting a crime, a serious one at that. Do I think there crime compares to rape, no, not by a shade, but my theories on rapists and punishment dont belong on this bored.

Re:A plea to the Slashdot population

[MooseGuy529]

Attempting to steal credit cards electronically (and failing) is worse than robbing a bank? By what value system are you making this judgement?

If you rob a bank, you get only the (comparatively) small amount of cash presently held in the register of the teller you rob, and perhaps others. If you steal credit card numbers, however, you can steal much more money. Also, while robbing a bank simply lowers the bank's bottom line, and affects a large group of people only slightly, stealing someone's credit card info affects them personally, since all the money you take comes out of their account. Lastly, stealing their credit card info and other identity-related information makes it possible to assume their identity and cause much more damage.

Re:A plea to the Slashdot population

[Bingo+Foo]

Well, Well, <pendant> ... </pendant></pedant>

Get thee to a pedanty!

Re:A plea to the Slashdot population

[koreaman]

What, I can't believe in God without being a religious nut?

Re:A plea to the Slashdot population

[Truth_Quark]

The issue is: Is this in line with other stealing/fraud offences or is this an example of a legal system tending to protect corporations to a greater extent than people?

What are people getting from standard breaking-and-entering/Larceny compared to in conjunction with hacking?
for example, elsewhere in the country, (from http://news.surfwax.com/law/files/Breaking_And_Ent ering.html):

Thief is sentenced to 3 years in prison Nov 19, 2004
McCue pleaded guilty to three counts of breaking and entering in the daytime, three counts of larceny of more than $250, five counts of credit card fraud of more than $250 and 14 counts of attempting to commit a crime of larceny of more than $250. Each of the 14 was an attempt to withdraw money using a stolen ATM card. (Cape Cod Times, MA)

Is 9 years a fair and reasonable punishment or does it mean that the legal systems protections are being moved away from the protection of the citizen like yourself?
Perhaps. A greater number of credit card frauds were attempted by Salcedo, but OTOH, attempted crimes usually get a lesser sentence than successful ones.

Disclaimer: This doesn't affect me so much, since I live in the rest of the world.

Re:A plea to the Slashdot population

[Drishmung]

Aaargh! /me blushes.

Re:A plea to the Slashdot population

[Kanasta]

I agree. This guy is a criminal.
But how many years would he have gotten walking into a bank with a gun but getting clobbered by the guards before he could hurt anyone?
I would guess a bit less than 9yrs.

Re:A plea to the Slashdot population

But But... the internet is about the freedom of sharing other peoples stuff?

Re:A plea to the Slashdot population

[bonch]

Attempting to steal credit cards electronically (and failing) is worse than robbing a bank?

Failure doesn't lessen the crime. Attempted rape and attempted murder can be as severe as their successful counterparts.

By what value system are you making this judgement?

The value system in which stealing money in a bank and stealing money via people's own credit cards are both bad.

The reason sentences are so high on computer crimes is because of the potential severity of the crime and the widespread damages that can be caused when you're not limited to the "meatspace" of a single bank.

Re:A plea to the Slashdot population

[lachlan76]

If you rob a bank, usually, you go in there with guns, and there is the risk that people get killed.

That is somewhat worse than getting CC#s though an open WiFi network.

Re:A plea to the Slashdot population

[realityfighter]

Some editors or submitters apparently think that we have the online right to attempt to steal the property of other people

Um...I think this was posted under YRO because it deals with banking fraud/identity theft.

Re:A plea to the Slashdot population

[winwar]

"The reason sentences are so high on computer crimes is because of the potential severity of the crime and the widespread damages that can be caused...."

That (potential) still isn't a good reason. How about it be based on what actually happened? It is absurd to give a sentence for an attempted financial crime that is greater than many violent crimes. If it is a similar sentence to that of a non-violent robbery attempt, then okay.

Failure is "rewarded" for other crimes. For instance, attempted murder has a lesser sentence than murder.

This sentence is being used as a deterrent. It won't work. I doubt criminals are going to think about how long they will go to prison if they get caught-they don't expect to. It is merely a PR event for the prosecution and police-hey look, we are doing something about these dangerous hackers, now go away, we need to get back to our coffee and donuts....

Re:A plea to the Slashdot population

[deimtee]

If you believe in God then you are by definition a religious nut.

Re:A plea to the Slashdot population

bzzzt. Robbery requires a weapon to be involved.

The guy is no threat to people in society, therefore locking him up is wasting the peoples money in keeping him there for 9 years. This has nothing to do with sympathy. The only people who should be incarcerated are those who are a danger to people. Other punishments should be dealt to non dangerous criminals.

Re:A plea to the Slashdot population

[Fringex]

When you are stealing from a bank you are basically stealing insured money that is easily restored through the FDIC. You walk in, you steal it and the bank who lost money has it restored through the insurance they pay. Basically you are stealing from an insurance company not the people or the bank.

When stealing fcredit cards from any corporation that has a large customer base you are directly stealing from that company on a much larger scale than you like to think.

See, the credit card transactions can be rivaled and made obsolete due to the Theft Protection programs credit cards companies use as a built in customer service option.

The company risks losing thousands if not millions of dollars due to lack of trust in their system by consumers. People don't lose the money but they don't trust the company with their credit card and will take their business elsewhere to a rival competitor. So now the company is hurt on a much broader scale from this one hacker.

So really, the punishment does fit the crime due to the scale of what would and could have happened to the company if he had been successful. I am sure Lowe's lost percentage of their customers due to the attempt. Granted nothing was aquired people now don't feel safe. So even though this hacker didn't aquire and numbers, Lowe's now took a loss on money coming in due to the lack of trust because of this one hacker.

So in reality, this hacker stole money already, even though he never received said money he cost Lowe's X amount of dollars from a loss in customers.

Re:A plea to the Slashdot population

[StormReaver]

When you rob a bank, the damage you can do is severely limited to what you can physically remove from the premises in a short period of time (usually no more than a few minutes).

When you steal credit card information from a large national chain store, the damage you can do is magnified by about a billion times. You're no longer limited by time and locale. You can steal a lot more money over a much longer period of time, causing many orders of magnitude greater losses.

So yes, stealing credit card information electronically is many times more devastating than robbing a bank. So yes, attempts to do so should warrant harsh treatment.

[tongue_in_cheek]Since prisons are so overpopulated, I suggest peeling the skin from the offender's bones[/tongue_in_cheek].

Re:A plea to the Slashdot population

[PhilipMckrack]

If you rob a bank, usually, you go in there with a piece of paper.

Re:A plea to the Slashdot population

[bonch]

That (potential) still isn't a good reason. How about it be based on what actually happened?

And what happened was gaining access to people's credit cards, a very serious crime with potential consequences had they succeeded in their goals.

It is absurd to give a sentence for an attempted financial crime that is greater than many violent crimes.

Why? I haven't heard a real explanation of this. Sentences vary based on the crime, the state, the judge, and so on. I notice you don't acknowledge that this guy was a repeat offender, which also contributed. There are cases where massive car theft or drug selling have landed sentences higher than those that same judge has given rapists and murderers in some instances. That is because each case is different and deserves evaluation of its given circumstances, not some absolutist code that is rigid and inflexible and does not allow for varying degrees of severity to better reflect the deserved punishment for the crime based on those circumstances. In this case, circumstances warranted a nine year sentence (which probably won't be served fully anyway).

Failure is "rewarded" for other crimes. For instance, attempted murder has a lesser sentence than murder.

It depends on the case. And again, this was a repeat offender who didn't seem to get the idea that trying to ruin people's lives is wrong. Like it or not, money is important to people in a capitalist system, and you could ruin many lives.

This sentence is being used as a deterrent. It won't work.

Can you prove this?

I doubt criminals are going to think about how long they will go to prison if they get caught-they don't expect to.

Enforcing a strict code of punishment for severe crimes serves to create a moral consciousness in society that helps determine what is right and wrong, and also how right and how wrong certain actions are. For instance, you know murder is worse than shoplifting a can of tuna, because murder can get you sentence to death but a can of tuna will get you a fine and maybe a night in jail if the store manager demands it.

It is merely a PR event for the prosecution and police-hey look, we are doing something about these dangerous hackers, now go away, we need to get back to our coffee and donuts....

When someone resorts to stereotyping and sticking words in people's mouths, projecting their own biases onto the situation rather than discussing the facts, you know that their position is faulty.

Re:A plea to the Slashdot population

[Java+Ape]

Hooray, a well-reasoned post. Sir, I applaud you!

The article isn't clear...

[Starbreeze]

So Lowe's is guilty of not securing their network. That's like leaving your front door wide open and wondering why a burglar wandered in. Yes, the hacker deserves punished for intent to steal, but that long of a sentence?

Re:The article isn't clear...

[SuperIceBoy]

That's like leaving your front door wide open and wondering why a burglar wandered in.

If I leave my front door open and some theif comes and steals my property, that person has still committed a crime whether my door was locked or unlocked.

Re:The article isn't clear...

[ScrewMaster]

Yes, but in this case they didn't actually steal anything, although that was probably their intent. This is really more akin to some thief entering your foolishly unlocked home, disabling the lock so he can get back in whenever he wants, and then leaving without taking anything. Yes, he probably wanted to be able to steal things from you whenever he wished, but at that point he hadn't yet.

Re:The article isn't clear...

[Mike+Hawk]

Or, it may be more like he grabbed all your jewels but had a hole in his pocket and they fell on your kitchen floor on the way out and he didn't notice. Thats why we have the beautiful laws of failed attempts. However, since noone will care about this case after tomorrow, I'm sure we'll never know precisely what happened.

Re:The article isn't clear...

[BattleTroll]

Which is... still breaking and entering, a crime. I break into a museum with the intent to steal the statue of David. It's too heavy for me to lift and I get pinched on the way out the door. So in your world I should go free because I wasn't able steal anything?

All you criminal appologists need wake up and smell the anarchy. Stealing credit card information is inherently more harmful than B&E. Had he succeeded he would have cost the credit card companies millions at best, and ruined the credit of thousands of people at worst. For this he should be sent away for a long, long time.

Re:The article isn't clear...

[ScrewMaster]

{sigh} all you Slashdot kneejerkers need to read what other people actually say. I didn't say he should walk ... he is, after all, a convicted felon.

And I agree ... he should be sent away. The question is for how long. A long time, if he had succeeded. But he didn't, and should be sent away for the crimes he actually committed, not what he might have done. Punishments should fit the crimes: when they don't ... well, that, in and of itself, breeds disrepect of the law. I understand the premise of a deterrent: throw the book at one criminal in the hope that others will mend their own evil ways. But that, my friend isn't justice and it isn't what the courts are supposed to be doing, and furthermore doesn't work anyway. Sure, commit the crime, do the time ... just make sure you're doing the right time.

Trespassing

If they forcibly broke into the network, I can understand the charges. But if the network, like many wireless access points, had no password, shouldn't they be charged with trespassing? I'm sure installing the logging software they used also violates many privacy laws, even if they didn't utilize the data it collected.

Plea agreement

[sekicho]

Security Focus:

Even reduced, Salcedo's prison term is unusually harsh for a computer crime. The sentence is based largely on a stipulation in Salcedo's plea agreement with prosecutors that the losses in the abortive caper would have exceeded $2.5 million. "The damage that Mr. Salcedo could have caused the consumers if he was successful could have been astounding," says prosecutor Martens.

Salcedo's defense attorney, Samuel Winthrop, did not return phone calls.

If I were that attorney, I wouldn't be returning phone calls, either.

Re:Plea agreement

WRONG! This guy should talk to every news outlet he can and try to get 15 seconds on a news channel. Experience is still experience even if you lose the case. He has opportunities not just crim def, but corp consulting on their wireless security/agreements.

Re:Plea agreement

[maximilln]

If I were that attorney, I wouldn't be returning phone calls, either.

It sounds like he rolled over to let other, more well positioned lawyers, begin racking up convictions to establish a precedent (to be cited later) to win longer convictions for anything having to do with an electronic device.

"Your rights online"?

I don't think so.

Re:This isn't like Mitnick, and prison doesn't wor

Prison isn't the answer, and I doubt the authorities would insist on putting everyone convicted of wannabe-haxxing in prison. It's costly and admittedly harsh, but this is just another example of them trying to use scare tactics to scare others into realizing that yes, if you do this shit you _can_ get your ass put in a (federal?) pound-me-in-the-ass prison.

Great news

[utlemming]

As the global economy relies more and more on computers to conduct comerce, I for one am glad that computer crimes are being treated quite seriously. Just because it is a computer, and just because there was no physical harm to someone, doesn't mean that the crime is not a damaging crime. And with the concerns running about for identity theft, the sentence seems appropriate. It should go out for a warning: if you want to hack others computers, then you should set up your own LAN and only hack computers that you have permission to hack. And to the arguments that they just trying to collect passwords: what good is a password if you don't plan on doing anything with it. Snooping around someone elses computer is the electronic equivalent to voyeurism. It constitutes an invasion of privacy. Those with the know-how to hack have an ethical responsability to refrain from hacking, and those that hack should be held to the same standard of other white-collar crimes. Severe economic consquences can follow unauthorized hacking. Now if there is permission for the hacking to take place, that is one story. But to hack some computer system for kicks and giggles is wrong.

It doesn't beg the question

Don't you read Slashdot? Don't you know what happens when you use this phrase incorrectly?

Re:It doesn't beg the question

[BlueCodeWarrior]

I have actually...I'm more of the position that language is living and that if everyone says something, that's what it means. Language is intended to communicate, and even if something doesn't fall in the rigid confines of Standard American English or whatever, then it's achieving its goal.

Even though 'lol' isn't in the dictionary, I still use it from time to time.

Re:It doesn't beg the question

[Peter+Cooper]

Actually, he used the term correctly. An argument which "assume[s] the truth of an argument or proposition to be proved, without arguing it" will "beg a/the question".

It was stated that someone is going to court for wardriving, which is tacitly stating that wardriving is an offense. However, this is not necessarily so, so it begs the question as to whether wardriving is actually an offense.

The poster himself may have responded to you admitting a misuse, but I don't think he misused the term at all.

Re:It doesn't beg the question

[BlueCodeWarrior]

It may seem like admitting a misuse, but frankly, I didn't really know if it was 100% correct or not. That 'sounded right' for me to say, so I said it. I'm a CS major, not an English major...thanks for clearing it up.

Re:It doesn't beg the question

I'm more of the position that language is living and that if everyone says something, that's what it means.

As much as I hate to, I have to agree with your position. I've noticed the grating habit of spelling advisor as adviser steadily increasing in frequency in the last few years. Two months ago, according to Merriam-Webster, the spelling adviser was "not found", now it is listed as an alternative to advisor.

Re:It doesn't beg the question

Of course, if you misuse phrases like that, people who understand the correct usage may be inclined to assume that you're unintelligent and have thus probably not thought your arugment through completely. I'm not wasting my time reading posts by people that can't communicate their ideas effectively.

Does the sentence really fit the crime?

[spagetti_code]

A bit of common sense here - 9 *years* for hacking. That is higher than the average federal sentence for murder http://www.law.upenn.edu/fac/phrobins/OxfordDeterr enceAppendix.pdf although lower than the average state one.

Re:Does the sentence really fit the crime?

My thoughts exactly.

The 8th amendment:

Excessive bail shall not be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted.

9 years is rediculous.

Re:Does the sentence really fit the crime?

[KarmaMB84]

That is an unfortunate consequence of the justice department giving out plea bargains to everyone for the sole purpose of getting the trials over quicker.

Re:Does the sentence really fit the crime?

A second bit of common sense:

If we were talking about an attempt to steal *one* person's credit card number, then yes, 9 years is excessive. This guy planted a program to capture credit card information of *every* Lowe's customer.

Would you charge a person with one count of attempted murder for ramming a family car with four people in it, or would you charge that person with four counts? If you say "one count", then aren't you implying that each individual's life is 1/4 as valuable compared to a situation where he rammed a car with a single occupant? If you say "four counts", then I would argue that the sentence handed down is quite lenient considering that person could be charged with hundreds (possibly thousands) of counts of attempted credit fraud.

Re:Does the sentence really fit the crime?

having the credit information isn't the same as using it. If that is attempted credit fraud, then I should get one count of attempted credit fraud for every random ATM receipt I pick up off the ground. There are numbers on it; I must be trying to crack into that account, right? Why else would I pick up random ATM receipts?

Stealing information and stealing money by using said information are not the same thing, which is why nine years is excessive. The article says that he did not even acquire any data. He only tried to install a program that would do so.

You don't sentence someone for the potential crime committed, only the actual crime committed.

Re:Does the sentence really fit the crime?

There is a difference though. This individual has shown *clear intent* to commit fraud. Circumventing security measures to access a corporate network and placing a program to intercept credit card numbers is a whole different ball of wax than simply picking up an ATM receipt. You could be civic-minded and throwing it in the trash. You could also be protecting your fellow banker by disposing of potentially sensitive information.

If, however, an individual were camped out by an ATM machine, grabbing every receipt they could get their hands on because it listed sensitive information, and took it home to exploit. Then we're talking about roughly the same thing. However, there's the issue of scale to contend with.

The point is, intent plays as critical a role in a crime as the act itself.

As for not sentencing someone for the potential crime, then I'd like to go back to the automobile analogy. If I rammed someone's car with intent to kill them but failed, what do you charge me with? Clearly, I can be charged with destruction of personal property, but I cannot be charged with attempted murder. With the argument of "only actual crime committed", there *are no* attempted crimes of anything. No attempted murder, no attempted theft, no attempted rape, etc. To me, that makes no sense. If a person acts in a criminal manner and fails at the crime, then they should be punished. I have no sympathy for an inept criminal. I have no sympathy for a criminal whose master plan failed to materialize. I also do not wish to give them unlimited opportunities to "practice" their crimes, telling them "you shouldn't do that" before sending them on their way.

If an individual shows intent and performs the act(s) in order to commit a crime, then they should be punished whether they were successful or not.

As was stated before, this individual showed intent to commit credit fraud, by placing the card-capturing software on the Lowe's corporate network (a deliberate, illegal act in itself; digital "trespassing" at the least). I don't think it's unreasonable to charge that person with one count per credit card number the software was exposed to. Again, 9 years seems pretty small considering the jail time if each credit card captured were pursued individually.

Re:Does the sentence really fit the crime?

You are right about intent and about attempted crimes still being crimes.

Still, I just can't fathom that he intended to defraud what was potentially millions of credit cards. Maybe some, but not all of them. Certainly not nine years worth of them. Maybe if he had plans to later sell the info to the mafia or something...

Murder has a lesser punishment, on average.

Re:Does the sentence really fit the crime?

[UnpopularOpinion]

You're comparing the highest sentence ever handed down for this type of crime with an average. Hardly a fair comparison. Especially since the average federal sentence is not as meaningful as the average state one, due to the comparitvely low number of incidences measured. Come back when you can compare apples with apples. Oh, and it wasn't 9 years for *hacking*. It was nine years for *attempted theft* on a massive scale.

Re:Does the sentence really fit the crime?

You're probably right. He probably didn't intend to defraud all of them himself. Like you suggested, perhaps the ultimate plan was to sell them to others. Or maybe he planned to buy a virtual island :)

Whatever the ultimate motive, it's not reasonable for us to give him the benefit of the doubt. He's proven himself untrustworthy. There's no reason for us to believe he would delete the information after he retrieved it. However, I do not know if society could reasonably assume he wouldn't squeeze every penny from each card. Where you choose to draw that line is fuzzy and has an impact on the level of punishment.

And yes, I agree with you that murder, on average, has less punishment, but again, my perspective is that this guy is a "repeat offender". Just for example purposes, let's say the average penalty for murder is 10 years. Let's also assume that assault and battery average 1 year. Logically, it makes sense that a person with 11 convictions of assualt and battery should serve longer time in prison that a person that commits one murder. It might even be argued that the assault-guy is incorrigible, and that the penalties should increase with each subsequent offense. What this guy did was capture many people's information. My personal take is, just because it's one act, with one program, that it should be one penalty is incorrect. I have a feeling the courts will eventually work their way to hold people liable for each act performed by their software. So stealing 100 credit card numbers should be considered to receive a penalty equivalent to 100 individual thefts whether they were all captured by a single program or not.

The computer age makes this kind of information exploitation easy. However, I'm not of the opinion that it should lessen the punishment just because it's easier to do.

Re:Does the sentence really fit the crime?

[mdfst13]

"That is higher than the average federal sentence for murder"

No, it is higher than the average federal sentence for "non-negligent" manslaughter and murder cases combined (btw, murder is a capital crime in federal court...as how many years does the death penalty count?). Manslaughter is not murder, that's why it carries a lower sentence. Further, murder and manslaughter carry lower recidivism (repeat) rates than do property crimes.

People have this odd idea that incarceration is to deter people from committing crimes. It is not. The primary purpose of incarceration is to *prevent* people from committing crimes. Deterrence value of any punishment is weak, because it is not sure. Most criminals expect to get away with their crimes.

Re:Does the sentence really fit the crime?

[ratamacue]

Just goes to show how unjust the law really is. Under a just system of law, how could any deliberate murder recieve anything less than a life sentence?

Re:Does the sentence really fit the crime?

[PhilipMckrack]

a. ATM receipts do not have your complete number on them. No reciepts I have gotten in the last 5 years from any business hass.

b. Give me your cc #, ssn, birthdate, mothers maiden name and your address. I won't use them, I promise.

So they didn't steal credit card information?

[Manip]

I'm sorry, but does anyone else find this silly? You can get a longer sentence for hacking than you can for a rape!
And they didn't even get any credit card information..

I mean if they broke in and took down the entire corp. network or put the company into administration then yeah sure, harsh it up...
But where is the justification for a 9year sentence?

Also, if you trespassed (into the office) and tried to steal a book of credit card information and let's add criminal damage (broken window) you would not get near five years let alone 9!

Re:So they didn't steal credit card information?

[UnpopularOpinion]

From the article:

"I think the massive amount of potential loss that these defendants could have imposed was astounding, so that's what caused us to seek a substantial sentence against Mr. Salcedo," federal prosecutor Matthew Martens said.

If you trespassed into an office and tried to steal a book of credit card information, then it would have to be a pretty huge book to compare in scale to this case. The amount of damage really could have been massive. Hence the tougher sentence.

I don't think the sentence was given for 'hacking' per se.

Also, the fact that they didn't succeed is not at all relevant.

Re:So they didn't steal credit card information?

[ScrewMaster]

What if they broke in and stole a hard drive full of credit card numbers? Massive enough for you? I think the time has come for some of these irresponsible corporations (and IT managers) to be up on charges themselves. They get away with this crap because the credit-card companies are liable for the majority of losses due to theft, but that doesn't mean that I like having my personal information treated so cavalierly. This issue cuts both ways.

And the fact that these two inept would-be master criminals didn't succeed is most certainly relevant. 2.5 million in estimated(???) damages is not the same thing as 2.5 million in actual damages. That's the same horse hockey that corporations use when some of their internal documentation leaks out and gets published on the Web somewhere ... they assign arbitrarily high values to it in order to interest law enforcement. In this case, the prosecutors had to come up with an "estimate" in order to interest the judge and jury. Doesn't mean that it was accurate (either way) and these guys certainly shouldn't have been convicted on an "estimate". Hell, by that logic if I'm speeding on the highway (committing a relatively minor infraction) you might as well pull me over, arrest me and convict me on the spot of manslaughter because I might run over someone somewhere, sometime.

These guys committed a crime, certainly. Probably more than one and they should be punished ... but it really is a fundamental part of any civilized legal system that a punishment should fit a crime. To do otherwise simply breeds disrespect for the law. The practice of simply making examples of criminals (by giving them sentences harsher than their offenses warrant) for the express purpose of deterring future crime really isn't "justice", and is in fact abusive. It also isn't particularly effective. The fact that we are seeing crimes of this nature being given sentences in excess of those meted out for what is, after all, the most heinous of crimes, murder, is just outrageous.

The old Max Headroom series had an episode where Edison Carter was accused of credit fraud. Another character, when he was informed of this, said, "My God ... that's worse than murder." Rather prophetic.

Re:So they didn't steal credit card information?

[mindstrm]

Yes, the punishment should fit the crime.

However, someone who walks into a bank, attempts to rob it, then is attacked by the bystanders and doens't get away with anything, and never actually handles any money.. do you say he can't be charged because he didn't succesfully rob a bank?

Attempting to commit a crime IS a crime.

Breaking into the computers, planting software to gather or intercept credit card numbers, and so on, is very, very clear intent to steal private information. The fact that he didn't complete the task / wasn't successful / made a typo in no way exhonerates him.

It's not like he just got through one proxy and the lawyers said "oh well technically he COULD have stolen all our credit card numbers".. he actively tried to do it.

Re:So they didn't steal credit card information?

[UnpopularOpinion]

What if they broke in and stole a hard drive full of credit card numbers? Massive enough for you?

Sure. And someone who does that should presumably get a comparable sentence.

Frankly, I get a little irked when a bunch of people read a few paragraphs summarising (probably not terribly accurately) a legal decision and decide that they know better than the judge(s) who were actually in the court, heard all the details and made an informed decision.

I don't think your speeding analogy is very good. There's a big difference between speeding (which might cause someone to be run over) and actually driving with the intent to run someone over. In the latter case, which is a slightly better analogy, yes someone would have to "estimate" that n people would have died had the attempt been successful.

Re:So they didn't steal credit card information?

I agree with you. I think maintaining justice is more important and beneficial for the society than suppressing fear.

Question: in America, is the sentence the same if, say you break into a house and intent to murder the entire family but fail, than if you have actually succeeded murdering the entire family?

The first crime has the POTENTIAL to do the same damage as the second crime does, but are the sentences the same for both crimes in America?

Re:So they didn't steal credit card information?

[e40]

Welcome to the new America. Property crimes are more important that violent crimes against people.

Drug crimes, too.

This place is pretty damn fucked up. Nearly 1/2 of the people here seem to think things are just A-OK. I mean, they elected GWB, and that is definitely an endorsement of the status quo.

Re:So they didn't steal credit card information?

[Jim_Callahan]

and they didn't even get any credit card information

But, officer, the squad defused the bomb I planted under the orphanidge! I shouldn't be punished for something I didn't do!

Re:So they didn't steal credit card information?

[mwvdlee]

I'm sorry, but does anyone else find this silly? You can get a longer sentence for hacking than you can for a rape!
And they didn't even get any credit card information..

So just because they were lucky (or stupid) enough not to succeed, they are less guilty?

If somebody shoots 100 bullets through your head and you're just lucky enough to survive, does that mean the criminal is less guilty?

Re:So they didn't steal credit card information?

[Lehk228]

well rape does not make any of our corporate overlords look foolish and irresponsible, of course it has less jail time.

Re:So they didn't steal credit card information?

[olewis]

So, you're saying that a person that attempts to rape, but fails, should get a lesser sentence than someone who succeeds? I hope not. The crime is the same. (you know, all crimes are really the same, it's our morals that put values on them) In the case of this person, the crime is theft (whether or not they succeeded), not hacking or cracking. They intended to steal money, plain and simple, and that's what should be the focus (not how they went about it). If they had succeeded, it could have turned into multiple cases of identity theft, which can mess up innocent peoples lives for a long time. If we (americans) were tougher on criminals (i.e. cutting off the hands of thieves, death penalty for rapists and murderers, etc., whether or not they succeeded), potential criminals would think twice before committing crimes (I'm not going to steal that, if I'm caught, I'll lose a hand). It shouldn't matter if you succeed in the crime; If you thought it, you've committed it in your heart. Make the punishment fit the crime. Stop funding the rich lifestyle in many of our prisons, and take away all rights when someone is in prison.

Re:So they didn't steal credit card information?

[rick446]

If somebody shoots 100 bullets through your head and you're just lucky enough to survive, does that mean the criminal is less guilty?

Of murder? In our system? Yes. That's why they could only be charged with attempted murder. (Maybe 100 counts, but attempted murder nonetheless.)

Re:So they didn't steal credit card information?

[ScrewMaster]

Oh please. This is Slashdot, and I was expressing an opinion based upon what little I know, just as you are. So what ... neither opinion is particularly important in the overall scheme of things. This is supposed to be an entertaining discussion and if that irks you ... you don't need to be a part of it. Just tune out, change the channel. Deal with it.

This all gets very complicated and very slippery, and honestly I don't care about the details of this particular case, but I do get concerned when I see the "justice system" meting out inappropriate punishment. That cuts both ways, so far as I'm concerned: a punishment that is too light is just as bad as one that is too harsh. But I stick to my guns: either breeds disrepect for the law, and that ultimately results in more crime. Simply piling on more and more punishment for less and less serious criminal behavior (ostensibly for the deterrent effect) not only DOESN'T WORK, but isn't justice, and causes more damage than it prevents. Unfortunately, many people find it very satisfying: "good! Those bad guys got what they deserved! Throw the book at 'em!" That's all fine and dandy until it's your turn in front of the judge.

Here, I'll give you a real-world example. Some years ago, I was driving around town and was making a left turn at a four-way stop. There was a school bus on my left, and it was there first, so I waited for it. However, the driver smiled and waved me on, and I made my turn.

Now, about four blocks away, there was a local cop (an older one with thick glasses, admittedly a known jerk) who immediately pulled me over and gave me a ticket for passing a school bus with its sign out. Incredible, but it was the end of the month. Musta been short on his quota. Well ... okay, nothing I could about it there, so I accepted the ticket and showed up on the the assigned court date.

Now, here I am in front of this judge, and I couldn't believe it when she told me that due to a new statute that was just signed into law that year (2000), this offense now carried a mandatory six month license suspension. For a first offense! Now, keep in mind that I haven't even had a parking ticket since 1985. In recognition of that, the judge did allow me to reschedule the case and come back with an attorney (she was genuinely apologetic about it, but said that she no longer had any choice in the matter.)

So in a month's time, I'm back in court, this time with an attorney. Now, the interesting thing here is that both the judge and the prosecutor didn't want to charge me! My record was too clean and they believed me when I told them what had happened (and I think they also knew that cop.) So, here's the prosecutor going through this gigantic legal tome, trying to find a way to reduce the charge! Eventually they came up with "illegal left turn", and the judge said that was the best they could do, because the new law wouldn't let her throw the case out.

So, here I am, convicted of an admittedly lesser charge but still convicted, and $500 poorer (lawyers cost money.) The judge pointed out that had I not had such a sterling record, she would have had no choice but to suspend my license for six months. Six MONTHS! I commute eighty miles a day ... that would have cost me my job right there.

The story doesn't end here. The Court Clerk sent through my records to the Secretary of State as if I'd been convicted of the original charge!. So my license did get suspended and I damn near got arrested for it. Needless to say, my attorney made some more money.

That's only one law, and there are a lot more just like it only worse. I will say this: the judge did realize that the law was misguided and did her best to achieve an approximation of justice in my case, and I respect her for that. I don't respect the legislative idiots who put that stupid law

Re:So they didn't steal credit card information?

I have been in a situation similar to yours, so I have a piece of advice for you (although you may now have already come to the same conclusion). Next time (and unfortunately there will likely be a next time), spare the lawyer and go it alone, i.e. "pro se." In your case with your clean record and given the charge and clear evidence against you, there was no way your lawyer could have gotten you acquitted. So, any money you throw at him is wasted. You should have negotiated your own plea deal with the prosecuting attorney or simply explained your situation to the judge and asked for a light sentence.

In other news....

[barks]

...other white collar crimes will not be prosecuted as they won't recieve much media attention to propagate to young eager script kiddies the scary consequences of making network adminstrators look bad.

9 years for hacking, 20 years for smoking pot

While I'll agree that the 9 years for hacking might be excessive given the extent of the crime, it is sad that something like this creates an outrage when compared to the kinds of sentences handed out for possession of marijuana.

Re:This isn't like Mitnick, and prison doesn't wor

[Yaa+101]

If you live in a country where revenge prevails then prison is the answer.

Not surprising.

Crimes against people (rape) are not considered here as significant or worrisome as crimes against property (hacking) or crimes against society. Welcome to America.

Re:This isn't like Mitnick, and prison doesn't wor

Punishment isn't necessarily counter-productive. After the crime is committed, this may be the case. But there's also a small thing called deterrent.

quick

[pyrrho]

let's protect them!

Re:This isn't like Mitnick, and prison doesn't wor

[ender81b]

Well they did get 9 years and kevin got 5 (and kevin got out in like 3 didn't he?) so intenet was considered in the case obviously.

Yes punishments are harsh in the US and there's a good reason for this For one, people like vengence. Oh boy do they like vengence. For another, throwing tougher and tougher laws on the books doesn't piss anybody off. Won't you think of the CHILDREN? 3 strikes your out laws, etc, etc all appeal to about 70% of the population - namely the middle class and the rich (those who vote).

Wait, what about criminals? Chances are people in jail, or those who are affected by these laws, are politically disenfranchised, have never voted and will never vote. In other words, the poor. Mmmm democracy in action! Of course, there is a large section of the US that seems to be getting fed up with certain laws (like drug laws) because they were drug users, and are now middle class, etc and believe the drug penalties to be ridiculous.I do believe New York just overturned some of the toughest drug laws in the country that were originally passed in the 1970s. That and people seem to be getting more and more upset that something ridiculous like 3% of our population has been in Jail during their lives.

Re:cracker, not hacker

[Dead+Kitty]

What exactly did he crack? I would rather go with "none of the above." He found an open wireless network and connected to it. No displayal of computing skills whatsoever. But I'm not implying being a scriptKiddie/cracker requires skill either.

Re:This isn't like Mitnick, and prison doesn't wor

Oh come on mods.

While I think sentences (including this one) in the United States are excessive, and I think prison in fact fails to solve anything because it is used as a punishment rather than a rehabilitation and in fact makes people worse rather than better...

Wow. What a controversial view!

I sort of rankle at this person being compared to Kevin Mitnick.

I don't know the details about these individuals, but it seems to be implied that it was a moneymaking operation. That makes it far worse than anything Kevin did.

Ok, you say the poster is wrong to compare this person to Mitnick, but you know NOTHING about the person except what the poster said?

That said, prison isn't the answer. Only violent people should go to prison (and those prisons should be run such that they don't create the atmosphere for violence inside that they do today -- i.e. don't use the prisoners as an unwritten "punishment" against eachother -- punishment is counterproductive.)

Please, enlighten us on how you would implement, pay for, and manage such a system. It sounds great!

No data was actually collected however

Only because they were discovered/arrested before the data could be collected. Good riddance. Commence to toss salad.

Enron?

[oliverthered]

How many years did the guys at Enron etc.... get?
Seems like you get of if you you cough up government payola.

The penalty for hacking is equivilant to murder?

[mcguyver]

The max penalty for invouluntary manslaughter is 9 years in prison - todays front page of my local newspaper actually describes such a case. And this guy who was caught trying stealing credit card information gets an equivilant sentence? Isn't that a little severe? I'm all for punishing criminals and using long sentences as a way to pursued other would be criminals against commiting crimes however this is a little silly.

Cracker != Hacker

[ObsessiveMathsFreak]

This guys was not a hacker. He was a cracker. A criminal hacker. I'm sick of this public misconception. Whenever I talk about software to non tech people and I mention hackers, and the good work they do, people automatically assume I'm talking about some uber geek, crypto cyber punk, virus writing, terrorist whos out to gain control of as many nukes as he can before he downloads copious amounts of porn into their bank accounts.

Seriously, where the hell did this misconception arise from? It's tempting to blame hollywood, but it's more likely to have been some self proclaimed "landmark" NY Times article written by some clueless reporter who knew next to nothing about computer or the net in general outside of what some equally misinformed 133t script kiddies spluttered out to him when he asked them on IRC( The devils internet dungeon!!).

This misnomer of hackers used in the media at large has got to be tackled somehow. Otherwise other FUD might creep in, and pretty soon FOSS apps might be classed as warez by another bumbling journalist looking to rise ranks by jumping for the businees pages to the spanking new IT suppliment section by writing the next domesday tech article, complete with teenage (cr/h)acker masterminds.

Re:Cracker != Hacker

This guys was not a hacker. He was a cracker.

Oh shut up and get over yourself already. This stupid argument has been raging for twenty years. Forget about it - you lost. Now go get a life.

Re:Cracker != Hacker

It came from the original 414 Crackers in the 1980s. I can't remember what they did that got them into the news, but the journalist who interviewed one of the 414s, say he described himself as a hacker, when he should have described as a cracker. It stuck in the media ever since, being the latest buzzword.

Re:Cracker != Hacker

[The+Only+Druid]

Here's the thing: its not the public's misuse of a word, its yours! The distinction between cracker/hacker simply isn't party of the normal American lexicon, but rather is a peice of jargon specific to rather sophisticated computer users/programmers/etc. You need to get over yourself, and realize that for well over 99% of the English speaking population of the country, not to mention the PLANET, there simply isn't a distinction there. Grow up, and stop whining about other people, and realize that you're the odd-man-out, not everyone else.

Re:Cracker != Hacker

[ObsessiveMathsFreak]

*chomp*
Your Right!! I should support President Bush!
*pttuuii*

Re:Cracker != Hacker

[DogDude]

It's completely arbitrary which word means which. It's not like we're talking about ancient Latin terms. The words are very new to the English language, but they've stuck, and no amount of useless, inane, ridiculous bitching is going to change that. Personally, I think the word "eggplant" should refer to those things that cut grass with an engine and fast spinning blades, but I'm not bitching about it. Why? IT'S NOT GOING TO CHANGE. Oh yeah, and... IT DOESN'T MATTER. The words work, because the average public understands the meaning behind them. Now go away, and don't come back until you have something useful to add to the conversation.

Re:Cracker != Hacker

Hey ObsessiveMathsFreak, if you're so fsking obsessively correct, then fix your 'nym. Math is both plural and singular. math, not maths. Same with information, and software you English-as-a-second-language moron.

Re:Cracker != Hacker

[Kombat]

Seriously, where the hell did this misconception arise from?

It was always "hacker." Then in the 90's, a bunch of Open Source hippies got it in their head that it would be "trendy" to portray hacking as a good thing, but they still needed a word for the bad stuff, so they invented "cracker." Predictably, the rest of the world didn't take kindly to a few antisocial misfits ordering them to change the way they talk, and ignored them. They still do. And the obscure niche misfits still bitch and complain that world won't change the the way they talk.

Let me ask you this: Feminists object to the word "women," and instead ask that we all spell it "womyn." I think it's a bunch of Liberal fluffy garbage, and refuse to change the way I talk just to bend to the PC whim of a bunch of uptight busybodies. What do YOU think?

Hint: That's how everybody else feels when people like you tell them to stop using the word "hacker" and instead use "cracker."

I shudder to think of the orgasmic mess that will be made in parents' basements everywhere the first time a respectable media outlet actually uses the word "cracker" in the context they've always wanted.

Re:Cracker != Hacker

It was always "hacker." Then in the 90's...

You just gave your very young age away. The term "hacker" has been used in a positive sense as far back as the 70's, maybe earlier, though it was mostly used in reference to hardware, not software.

Re:Cracker != Hacker

You don't know him. I do. He's the most talented mofo I've ever met. I've spoken at security conferences, and had beers with gods upon men. Brian Salcedo under other aliases is responsible for damn near all of the inventive exploits released from 97-01. If you do the math, that makes him 16 when he started flowing. The first time I met him, he owned a locked down dns server I admin'd in about 20 seconds. At 16, he wrote one of the broadest reaching isc bind exploits ever. Made everyone upgrade.

It's a shame that he did this. Knowing him as I do, I can say that there was no theft intended. I know it looks bad, but he did it for the thrill of doing it, not to defraud lots of people.

It's amazing that he was caught. Seriously, how many enterprises do you know that 1) have insecure wireless and 2) have noc people that would catch an intrusion on their credit card system.

I can only hope that he will turn away from the illegal side of security and it's immature laws, and sell out and join the 'good guys'.

Re:Cracker != Hacker

I know XDR too.

I can't say I was surprised this happened... the kid is bright when it comes to hacking, but not so much so when it comes to consequences.

Re:Cracker != Hacker

and I'll add to that a recommended reading: Hackers, by Steven Levy

Re:Cracker != Hacker

[fjin]

Here is full explanation of Hacker culture.

The Jargon File
http://catb.org/esr/jargon/html/

The New Hacker's Dictionary
http://catb.org/esr/jargon/jargbook.html

The Meaning of 'Hack'
http://catb.org/esr/jargon/html/meaning-of-hack.ht ml

Appendix B. A Portrait of J. Random Hacker
http://catb.org/esr/jargon/html/appendixb.html

Re:Cracker != Hacker

math is both singular and plural only in yankeedoodleland... the rest of the world doesn't agree with you... ObsessiveMathsFreak isn't a yank...

Re:Cracker != Hacker

[Dr.Opveter]

Lost cause, whatever the majority (media) decides it means, that's what it means. Like skinhead is not equal to Neo-Nazi, but everybody and their mother thinks so now.

Re:Cracker != Hacker

[PoochieReds]

Ok, so what do we call people who break copy protection on computer software. Traditionally, (in the 80's) those were called crackers.

Re:Cracker != Hacker

Figures someone who says Maths (wtf is this crap) would care about the most pointless argument ever. You are a minority get over it you have lost.

Great News-C2C

"Get a grip on reality. Breaking into a computer system is a non-violent crime. It involves monetary damages. Slap the bastard with heavy fines, hit him up with community service and make him pay it back."

Plus the "victims" get to keep their credit cards.

Re:prison doesn't work

Indeed, you are more correct than you know. I have been to prison, and I too was involved in a case which was played up for maximum publicity ( which served to benefit the US Attorney, who was planning on running for a judgeship).

The methods which they used to "win" the case were over-the-top in a most amazing sense, and involved creation of false evidence and outright lying by ( paid ) government witnesses.
I intend to write a book about it once I am safely out of Amerika.

I've done my time, and it's behind me, but I have zero faith in the criminal justice system in the US, and I intend to leave the US
for a country which has a system which doesn't allow the perversion of justice to such a large degree.

You may think my opinions are rooted in bitterness, but actually I have no qualms about having been punished. Where I have (large) objections is the dishonest and ruthless methods which were used to ensure that the prosecution "won" in the biggesst way possible. That is a travesty of justice, friends, and the people responsible will hopefully burn in hell.

The adversarial system, combined with the federal sentencing guidelines, makes this country a pretty scary place to live, when you are aware of what can happen. Of course, usually awareness comes simultaneously with trouble, and then it's too late.

Anyone who thinks it can't possibly be more fair and reasonable in other countries simply doesn't know much about the rest of the world, and also has a view of the US court system which is not grounded in reality.

I'd like to post my email address, so I can share my experiences with others who might be curious, but frankly I am afraid to.

Happy Holidays to all, and be damned careful out there, because things in the US are weird and getting weirder.

Crime equals time?

[pherris]

I'll bet that Ken Lay of Enron, who stole billions of dollars from millions of CA residents won't do half that time.

Stealing CC numbers is a bad thing and needs to be punished but let's face it, in the US we have a criminal injustice system that favors rich, white people who steal large amounts of money and have access to lots of lawyers. Everyone else gets caught up in the great meat grinder of "justice".

Check out: frontline: the plea

Re:Crime equals time?

[Jim_Callahan]

stealing from a company = one victim = one crime

stealing thousands of credit card numbers = thousands of victims = thousands of crimes

I guess number of crimes wins over magnitude of crimes.

Re:Crime equals time?

[maximilln]

stealing from a company = one victim = one crime

Money laundering is a funny thing. The victims are very difficult to identify--they are the employees and the investors, each in a small part. What's easier to identify in money laundering? The benefactors.

The 90s saw many many benefactors... and then the stock market fell apart. Each of us, in our own small way, was victimized while the CEOs and top investors walked away with billions (which they used to buy up all the real estate at rock-bottom rates while the rest of us were unemployed). They still do.

Re:Crime equals time?

[Jim_Callahan]

Yeah, but from a legal standpoint, the stuff stolen all belonged to one entity in the case of embezzlement, etc, whereas each credit card acocunt belongs to a distinct legal entity.

Re:Crime equals time?

[maximilln]

I've never agreed with the legal precedent which recognizes an organization as a separate entity. It's a clear recipe for money laundering when the janitor doesn't get to vote on the salary of the CEO. As it stands, however, the politicians and lawyers know where the easiest butter is.

In addition to the prison time....

[Omniscientist]

Do you think the crackers will also be prohibited from using the Internet for a certain period of time after their release, sort of like what happened to Mitnick?

Re:In addition to the prison time....

I think so.

Re:In addition to the prison time....

[mindstrm]

You are thinking of parole, which is part of prison time.

If you get 9 years, after those 9 years are up the court cannot put more sanctions on you.

They can, however, let you out of prison after 5 years under whatever conditions the parole board decides on, including "No internet use for the remainder of your term"

This is no different than embezzlement

[Lawrence_Bird]

and frankly I think the title should be 'Thief sentenced'. This was about getting rich(er) by theft and had nothing at all to do with 'hacking'. If anything your use of it further disparages the term.

Re:This is no different than embezzlement

[losman]

here here...

You don't here them called "locksmiths" when a thief picks a lock and loots a home!

Re:This is no different than embezzlement

[DarkOx]

Well, it is infact larceny. Embezzelment requires you legaly possesed the property then converted it to an illegal use. Such as you had access to the company bank account so you could do payroll but instead you bought a boat. Larceny is just the permenate takeing of anothers property, some definitions include "by force or sneaking". I would say breaking into someones computer system falls under sneaking.

Re:This is no different than embezzlement

[Hawke666]

It's only larceny if you take something.

I'll buy "attempted larceny". But it is not, in fact, larceny.

Also, since it's merely information, you can't really take it in the first place (since you're not depriving someone of their stuff.)

Am I commiting larceny when I photocopy a page from a book at the library? Don't think so!

Re:This is no different than embezzlement

[plover]

No, it was hacking.

They used the store's 802.11b network to access a computer on the inside. They studied that computer, found a program called "tcpauth", and wrote a program to sniff data from it, some of which was credit card information. That's real hacking.

Problem for these guys is that they were attempting to sniff data that could easily be used in the commission of theft. Had they tried to sniff the price database instead (perhaps to post to Froogle or whatever,) they probably would have ended up with a lesser sentence, because it would have been much more debatable if their intent was theft, fraud, or simple hacking. But going after credit card data is "special", so these guys get to spend some "special" time with some new "special" friends.

Re:This is no different than embezzlement

[SphericalCrusher]

Technically, it had a lot to do with hacking. Sure, he may not be a hacker in the eyes of the community (and I don't really consider him anything else than a theft as you said), but he did crack into Lowe's computer system and he knew exactly what he was doing. If only his software would have grabbed him some info, maybe he'd have more bragging rights... but how do we know that it didn't? They could be lying just to stop people from worrying.

Re:This is no different than embezzlement

[Lawrence_Bird]

I used the term embezzlement to point out this was about theft. As for these guys 'hacking' - would you call a thief who breaks into your home while you are on vacations by disconnecting your alarm system a hacker?

He 'sniffs' the public network and notes the newspapers your delivery guy still left eventhough you cut the service; he 'hacks' the alarm system with some fancy bypass. He goes into the house and 'accidentally' ends up opening the drawer where your wife stores her jewels - really it was a mistake he just meant to check out what was in your refridgerator.

Re:This is no different than embezzlement

[SphericalCrusher]

But he didn't physically bust into anything, he got into it through the computer systems. So yes, he hacked. What he did was a form of it, even if it was a cheaper way.

Re:This is no different than embezzlement

Please don't post using a monospaced font. It's annoying, and makes you look like a moron who doesn't know what he's doing.

Re:This is no different than embezzlement

Please don't post using a monospaced font. It's very annoying, and makes you look like a moron who doesn't know what he's doing.

(not) Good

[Penguinoflight]

They were not being "nice" but they weren't hurting anyone (at least not yet). The real problem I have is Lowes was putting credit card data on a wireless network! It wasn't secure enough, as someone knew about it, and successfully exploited it.

So what's worse:
Not nice (Hackers),
or _grossly_ irresponsible (Lowes)?

Re:(not) Good

You are right it wasn't secure enough. So? It's not like they are the only one doing stupid things.

Look at security holes in software. Most of them are a result of a buffer overflow. Which means most security holes are a direct consequence of people still using languages like C for writing their softwares. So why people are still using C?

If you think that C is a good choice for writing softwares (and yes, I include kernel with this), then you are as stupid as the ones who put credit card data on a wireless network.

Re:(not) Good

[plover]

Lowes wasn't exactly "putting" the CC data on the wireless network. However, they had their wireless network on the "inside" of their firewall where it had access to their wired network. What's worse is they did it without even so much as a WEP key -- it was wide open.

Is it still "breaking and entering" if the door was flapping open in the breeze? I suppose 9 years means the answer is "yes", but I'm not totally sure.

Re:(not) Good

[Jim_Callahan]

Uh, they're not hurting anyone yet because they've been incarcerated. I don't want the policeman to stop holding back the guy trying to kill me with a knife because he 'hasn't hurt anyone yet', and I tend to apply the same philosophy to people attempting to take my money.

Re:(not) Good

[iwan-nl]

Indeed. If I found a company that has such weak "security", I'd go in and take a look. If I found they had sensitive data (like cc transactions) on there, I'd copy it, just to prove a point.

Does this mean I'm a criminal SOB that deserves to be ass-raped in federal prison? I don't think so. I for one would *never* sell/use the obtained data. I have high moral standards and something like stealing from random people would definitly not be OK in my book. Using it to bring the security hole to attention (either by contacting the company itself or through the media/internet) is a whole other thing though.

Granted, the guy featuring in this article probably had less good intentions. But since he didn't use the cc data yet, I (technicly) would have commited the same "crime".

Now imagine the company you report your findings to is less than pleased with your services and calls the police. Next you're being judged by a court that, most likely, don't even understand what the case is about. Time to kiss your mother goodbye. Game over.

Re:(not) Good

[Grab]

"Go take a look". Maybe you can justify it. But "copy it, just to prove a point", you are so screwed. I leave my front door unlocked, you do not have the right to come in, remove all my stuff, and leave a post-it note on the door saying where you've put it. And if I left my front door unlocked and happened to come back and find you inside, I'd be beating the crap out of you immediately without waiting to find whether you intended to take anything.

In this case, the guys were not just "proving a point", they were out to steal credit card details for massive personal profit. Justify that one, laddie.

Grab.

Re:(not) Good

[iwan-nl]

I leave my front door unlocked, you do not have the right to come in, remove all my stuff, and leave a post-it note on the door saying where you've put it.

There is a *huge* difference here. If I come into your house I'm invading your private domain. I agree I have no right to do so.

That being said, I think a company storing creditcard transactions (or other privacy-sensitive data) is something else. It's not their data. If they don't secure it properly, it's their fault if it ends up "on the street". They have the duty to protect the data their clients trust them with.

I'm doing the general public a favor by downloading the data. If I just point the security hole out to them, they will probably just shrug and ignore it. They were relying on "security by obscurity" and will continue to do so. However, if I can prove (to a newspaper or -site) that the data can easily be stolen, it won't be ignored. There will be presure from their clients to solve the problem.

And if I left my front door unlocked and happened to come back and find you inside, I'd be beating the crap out of you immediately without waiting to find whether you intended to take anything.

Relax, no need to get personal here. I'm not going to rob your house (or any house for that matter). However, I highly doubt that if I was, you'd be able to "beat the crap out of me". I'm a Wing Chung master you know... :-P

Justify that one, laddie.

As I said before, and I quote: "the guy featuring in this article probably had less good intentions". I do not feel the need to justify his actions as I think it can't be justified. Maybe you should re-read my previous comment. I'm not defending this guy, merely pointing out there are also non-malicious reasons to "steal" data.

Re:(not) Good

[Zigg]

There is a *huge* difference here. If I come into your house I'm invading your private domain. I agree I have no right to do so.

That being said, I think a company storing creditcard transactions (or other privacy-sensitive data) is something else. It's not their data. If they don't secure it properly, it's their fault if it ends up "on the street". They have the duty to protect the data their clients trust them with.

Allright, let's stretch this analogy to its breaking point.

If I run a storage rental joint, accidentally leaving the main gate unlocked, someone breaks in, empties a couple lockers out, leaves helpful notes, etc., are they then immune from prosecution simply because they're helping expose lax security somehow?

I'm sorry. That just doesn't fly.

Re:(not) Good

[JPelorat]

At the very least it would be trespassing. But yeah, "He left his door wide open" is no excuse for a burglar caught trying to actively lift someone's jewelry.

These guys were caught trying to steal credit card data. They weren't 'just looking through the open door'.

Lowe's should catch a lot of grief from Sarbanes-Oxley, and from their customers, but to shift the blame entirely to them is wrong.

Re:(not) Good

[iwan-nl]

are they then immune from prosecution simply because they're helping expose lax security somehow?

I never said they would be "immune from prosecution". IMO no one should be. I just don't think it's *morally* wrong as long as you don't misuse the oppertunity for personal gain.

Also, your storage rental metaphore "doesn't fly"; One would need to physically take the stuff. Digital data can be copied. The company will not lose the data. No one gets hurt (except perhaps the guy in charge of data security, but that's the point ;).

Re:(not) Good

[swv3752]

If you leave a set of keys in an unlocked car, you will be prosecuted. It is called an attractive nuisance. The person who steals your car will also be prosecuted, but will get a reduced sentence from that of one who hotwires the car.

Lowes should have been prosecuted for criminal negligence in leaving an open wifi network. If Lowes left thier doors standing wide open after the close of business, they would be prosecuted for creating an attractive nuisance. Sliding glass doors are simple to open. (For most a good kick to the lock will open the door even if it busts the lock). Same with WEP. But it is a bare minimum of securing property or data.

The crackers deserve to be found guilty, but thier sentence should have been comparable to an attempted white collar crime. Embezzelment carries 5 year term I believe. Is what these guys did any worse than that?

Re:(not) Good

[Veamon]

Whats the big confusion? If you take something thats not yours, then it is STEALING. bottom line. doesnt matter if the door was locked, no WEP setup, nothing...

Re:(not) Good

[hesiod]

These people weren't holding knives, jackass.

Re:(not) Good

[Penguinoflight]

your analogy is clear, but not direct. The hackers hadn't accessed the card numbers personally at all. We have no idea what their intent was, to use the card data to steal, or just to show up Lowes. What they did was clearly illegal, but I say that Lowes was asking for a hack, and there really is no way we can tell what the hackers were going to do. If we ask them now, they will of course say they were just trying to get lowes to be more responsible. In this case they are being charged with theft, and it's not even clear that's what they were trying to do. The fact they weren't finished yet is of little importance. I find it distrubing the government doesn't even care what the final intent of these hackers was, but goes right ahead charging them with attempting the worst. They belong in jail, but the question is, 9 weeks or 9 years?

Re:(not) Good

[Jim_Callahan]

The guy holding a knife wasn't toting a nuke capable of levelling a small city, either. What's your point?

Re:(not) Good

[Jim_Callahan]

True. But, in all honesty, it seems their intent was to rob a few thousand people. There's always uncertainty about intent... after all, after they'd actually stolen a bunch of money, it would still be entirely possible that they intended to give it back. There has to be some point at which we conclude that actions are malefic, though, and I think these guys crossed it. Their actions are basically analogous to getting into the bank and having the safe open... "I wasn't going to take anything" should probably be interpreted as a lie.

Re:(not) Good

[hesiod]

These guys installed a program to collect CC#s. They weren't building a dirty bomb.

My point is that there was no physical damage, and no monetary damage at the point they were arrested. Money can be replaced, lives cannot. They didn't threaten lives. People who DO threaten lives get shorter sentences (unless they threaten someone famous). What is your point?

Re:(not) Good

[Jim_Callahan]

My point is that they were intending to inflict damage, and just because it didn't surpass a certain intended damage threshold doesn't mean that the offenders don't need to be corrected.

for anyone who isn't quite keeping up

This is an example of a hack:
Rewiring an elevator when no one is looking to make it say witty things.

This is an example of not a hack:
Using computers to steal credit card numbers.

Do we see the difference? One is "playfully clever" and one is not.

Re:for anyone who isn't quite keeping up

[agraupe]

I dunno... would have been more playfully clever if it had imitated the elevators in Hitchhiker's Guide to the Galaxy... but kudos to them nonetheless. Hack also applies to a person who "programs creatively", which I, and many other /. readers, hope to be/already are.

Re:for anyone who isn't quite keeping up

[syousef]

I dunno dude. Do you want to travel on an elevator that's been compromised like that? What if through a fault that may or may not be related to the rewiring a fire started or the elevator brakes failed?

Re:for anyone who isn't quite keeping up

[sahonen]

Dude, these people are students at MIT, probably majoring in engineering. I think they can figure out the safety implications of what they're doing. The people who did that hack are probably out designing things you use today, and you haven't died yet.

Re:for anyone who isn't quite keeping up

[syousef]

So you're saying a tanked MIT geek is infallible? Dude, there are saftey standards and testing going into any elevator design or maintenance program. I think you'll find its quite well regulated in most places.

Re:for anyone who isn't quite keeping up

Your argument is valid but stronger without the first sentance; it's a textbook strawman.

Re:for anyone who isn't quite keeping up

[sahonen]

I would certainly trust the engineering of someone who's smart enough to get into MIT. Note that they didn't tie into the elevator controls, only the lights that showed what floor the elevator was on.

Re:for anyone who isn't quite keeping up

[syousef]

It's not their intelligence I'm worried about.

Re:for anyone who isn't quite keeping up

You do realize how seriously states take elevators, right?

Amusement rides aren't allowed to bypass elevator laws even if the elevator is part of the ride.

What makes you think they consider unauthorized tampering acceptable?

Re:for anyone who isn't quite keeping up

[sahonen]

Don't get me wrong, Hacks are definitely illegal in every way. But that doesn't mean you can't appreciate their sheer ingenuity.

Three Ring Circus!-Attempted Lenience

"True, but the point is valid: had they physically broken into a store and walked off with a bunch of credit-card receipts, would they have received a similar sentence?"

1-How many receipts can you physically walk away with?

2-As everyone is so fond of pointing out. Digital changes the rules.

Buggy whip sentences for everyone.

"Or is this just being blown out of proportion because it involves "the Internet"? On top of that, they actually managed to steal nothing ... as the prosecutor said, it was the amount of damage they could have imposed that resulted in the "substantial sentence", not what they actually did"

Not any different a concept than "attempted murder".

Comment removed

[account_deleted]

Comment removed based on user account deletion

No, he was senninetenced.

Heh.

Why IT folks should support severe sentences

[G4from128k]

Some may argue that the punishment does not fit the crime, that it is much more severe then other forms of monetary crime. But what makes cracker crime so dangerous to the IT industry is that it attacks the trustworthiness of the infrastructure. If consumers turn away from online transactions, if businesses decide to reduce their reliance on computers, then IT employment will drop or not increase to its full potential.

Look at the analog of this in meat-space -- people would rather shop, go to work, enjoy entertainment, etc. in a safe environment. Businesses that try to operate in crime-ridden neighborhoods don't do as well, don't have as many customers, don't hire as many employees, and don't pay as well.

IT employment depends on the continued adoption and use of IT by businesses and consumers. If the internet and computing becomes a ghetto of spyware, crackers, and phishers, the economics of IT will suffer. To the extent that people avoid using computers for fear of crime is the extent that ITer will see their jobs disappear.

Re:Why IT folks should support severe sentences

The customers should NOT feel safe.

The data was open and just waiting for a cracker.

Re:Why IT folks should support severe sentences

[Suicyco]

LOL, ok, so if we don't do something about all this internet craziness, we'll end up doing, err... what is that?

The internet IS a ghetto of spyware, crackers and phishers. Nobody is going back to carbon copy credit card swipes, human tellers in banks and grocery checkouts where the clerk codes in prices into his mechanical cash register.

How does this particular crime, even if it had payed off, going to put a dent in computer use? It might piss some people off at Lowes, result in a lot of charge backs and be an inconvienence to credit card companies - but I guarantee that VISA or whoever would be most hurt by this, would NOT in any way change their use of computers.

If SPAM doesn't keep people off the computer thingy, than a few stolen credit card numbers isn't going to do much at all.

Re:Why IT folks should support severe sentences

[lachlan76]

The internet is already a ghetto of spyware, crackers, and phishers.

Already most computers are full of spyware and viruses, what makes you think people are going to suddenly start caring?

Re:Why IT folks should support severe sentences

[spagetti_code]

You need to keep relativity in sentencing. In my country, rape sentences began to overtake murder sentences. Which is worse? Given the choice as a victim I'd sure be bending over for it.

Also, if rape sentences are as high as murder, then it makes sense for the rapist to kill the victim - they are harder to catch and the penalty is no worse.

Back to this case, the guy probably would have got a lighter sentence if he had simply destroyed their computers (say, in a fire, or by hacking) as opposed to trying to steal. I dont think thats right.

Re:Why IT folks should support severe sentences

[jbridge21]

But what makes cracker crime so dangerous to the IT industry is that it attacks the trustworthiness of the infrastructure.

No more than the somewhat frequent bank robberies that occurred in the Wild West (tm) attacked the trustworthiness of the banking infrastructure. People talk a lot about cybercrime, because it's a new thing, but if you're buying from a reputable vendor online, the probability of getting ripped off is quite low.

If the internet and computing becomes a ghetto of spyware, crackers, and phishers, the economics of IT will suffer.

This makes a good argument for securing your network competently, not sending people who try to break in to the big house for a period of time after which they'll come out a lot worse than when they went in. Are you familiar with the kinds of mental (and physical) fuckery that go on inside prisons?

I just don't see crackers causing internet usage to drop significantly. "Continued adoption and use of IT" might have been an issue last decade, but now, if a business is not already using computers, it's because they have a better solution for the problem at hand -- if you haven't switched already, you're probably not going to.

Re:Why IT folks should support severe sentences

[G4from128k]

How does this particular crime, even if it had payed off, going to put a dent in computer use? It might piss some people off at Lowes, result in a lot of charge backs and be an inconvienence to credit card companies - but I guarantee that VISA or whoever would be most hurt by this, would NOT in any way change their use of computers

I agree, cybercrime is not likely to rollback history. Businesses will continue to use computers. What cybercrime will do is reduce the chance of a wider array of IT-based services. For example, e-mail is currently unusable as a secure method for communication between businesses and customers. Lowes is unlikely to offer much in the way of online accounts, email notification of orders, etc. in a world where every email is assumed to be spam or phishing.

If SPAM doesn't keep people off the computer thingy, than a few stolen credit card numbers isn't going to do much at all.

How do you know that SPAM has not already slowed the rate of internet penetration in the U.S.? I know of one large telecom company that is starting to worry about people who adopt a non-PC, non-internet digital lifestyle -- they buy digital cameras and printers, but avoid purchasing a PC and internet account. Maybe those Luddites will die out, maybe they won't.

The problem with computer security is that it is a never-ending battle. One can buy a lock for a house that lasts 10-20 years with nothing more than an occasional squirt of oil. But keeping a PC updated, firewalled, despywared, virus-free is an ongoing nightware. That fact cannot be good for the continued spread of IT in the world.

Some improvements may come from making computers more secure. But some of it needs to come from making cybercrime less attractive (i.e., having a higher chance of apprehension and unpleasant punishment.) It may be a Pollyanna outlook, but a world where one can trust PCs, email, online commerce, IMs, the web, and so on is a world that will have much more IT in it.

Re:Why IT folks should support severe sentences

[Suicyco]

Yeah I agree that things are getting pretty bad, but I dont think putting people in prison will help.

I know people who are blissfully ignorant of how screwed up their machines are. Spyware, millions of popups, spam, etc. they just think its normal.

However, its not all that hard to stay free from this stuff, if only sellers of PC's would just bundle some software with their systems.

I have a windows 2000 PC at home for the newbs to use, that has never been infected or infested, and it sits on the internet 24 hours a day. I just have automatically updated virus scanner, a software firewall, a linksys router/firewall and its good to go.

The problem is not infixable. Its a software issue, plain and simple. I know this is old hat around here, but my Linux boxes have never been compromised, infected or infested either. At some point, the insecurity of the systems needs to be addressed by those who MAKE the systems, or by those who are truly hurt by the faults in those systems (not end users, but large corporations and governments.) Prison sentences for non-violent exploitation of flaws and subsequent fraud attempts will not stop what is happening, IMHO. Harsh prison terms have never been a real deterrent. There are many very simple things that can be done to ensure things like this do not happen. The problem is, somebody needs to take responsibility and implement the changes. Corporations are loathe to do that, because it somehow means they were aware how bad their designs were initially. Can't have that.

Re:This isn't like Mitnick, and prison doesn't wor

"I think prison in fact fails to solve anything because it is used as a punishment rather than a rehabilitation..."

I would like to commit a crime against you. You can "rehab" me all you want after I'm caught, I won't mind.

Re:The penalty for hacking is equivilant to murder

[KarmaMB84]

Involuntary manslaughter indicates that the manslaughter was not intended or accidental.

they got the wrong [Victim]

"They should lock up the fool that set their network up!"

They should lock up the woman that dressed in that skimpy dress, and those high heels. She was just asking for it.

Great, another case of...

[No.+24601]

grey-collar hackers setting up a nasty trap but not using it (Read: "No data was actually collected").

Makes you wonder if the prisons are filling up with rapists, murderers and grey-collar hackers... where are all the professional criminal hackers?

Re:Great, another case of...

[anagama]

• Makes you wonder if the prisons are filling up with rapists, murderers and grey-collar hackers... where are all the professional criminal hackers?

Offshore in a country lacking an extradition treaty with the US.

Re:Great, another case of...

[maximilln]

where are all the professional criminal hackers?

Sitting at terminals using the 0-day exploits that Microsoft insists don't exist.

Wardriving is illegal?-Lookout.

"Since when is wardriving illegal?"

Since when is casing the joint, before commiting a crime illegal?"

Re:Wardriving is illegal?-Lookout.

[anethema]

It isnt.

Re:The penalty for hacking is equivilant to murder

[AstrumPreliator]

Murder is not the same thing is involuntary manslaughter. Murder is premeditated. It's actually a very large distinction.

I do agree that the extent of the sentence is asinine though. His crime is the equivillent of robbing a bank without a gun. Which begs the question, where were the security gaurds?

Spell Checking at Slashdot

[wbglinks]

"Hacker Sententenced To Longest US Sentence Yet"

Sentenced

Could we get the word 'sentence' in there just one more time?

Re:Spell Checking at Slashdot

[wbglinks]

"Hacker Sentenced To Longest US Sentence Yet" Thanks.

You Are An Imbecile

[the_mad_poster]

Good rebuttal.

You're truly an intellectual force to be reckoned with, what with those supreme debate tactics.

BULLSHIT ! ( Re:What goes around comes around )

" I bet he isn't looking forward to having his security hole exploited while in prison!"

You have no idea what you are talking about. Yes, there IS homosexuality in prison, but nearly none of it is not consensual.

You see, I have been there. I am not homosexual, and never once was there even a hint of me being the victim of sexual aggression. And I am not a badass, so that excuse won't fly.

People like you who make comments based on nothing more than some movie they saw make me sick. And if you WERE in prison, and mouthed off like that, you'd get the ass-kicking of
a lifetime.

Try sticking to commenting on something you actually have knowledge about ( ok, well, this IS Slashdot, so I guess that's asking too much ).

Anyway, I did time in some very bad places, and you people who talk about "Bubba, etc. " don't have ANY idea what it's really like.

The truth is, most people just want to survive to see the outside
again, and they mind their own business. Those who "get stupid" find out quickly that life can get very rough indeed, because there is ALWAYS someone bigger, meaner, crazier, and more willing to do what it takes to win. It ain't like the movies you have seen, I promise you.

Re:cracker, not hacker

[isometrick]

If not RTFA, RTFBlurb at least. This guy attempted to steal credit card numbers from a system he accessed on an open wireless network.

He didn't just connect to it.

Re:This isn't like Mitnick, and prison doesn't wor

[iminplaya]

But there's also a small thing called deterrent.

Evidently it's a very small thing, considering how well it works. See: death penalty.

Re:BULLSHIT ! ( Re:What goes around comes around

Well, unsubstantiated AC comments are all the proof I need.

Deserves what he got

[paanta]

Not mentioned yet, but he _is_ a repeat offender. He brought down a local bbs--insert obligatory plug for arbornet.org!--back in 2000 and was the first charged with hacking under michigan law. http://www.merit.edu/mail.archives/netsec/2000-09/ msg00009.html I dunno, but you'd think he'd have wised up by now.

Re:Deserves what he got

Fuck you. He owned them (like he owned EVERYTHING) back in 2000, and they had hardware failures and are complete fucking morons. He was caught while trying to help them.

That said, yes, it's a shame that he did this. It's a bigger shame that our immature computer laws suck.

Re:Deserves what he got

It sounds like the damage that ensued from his actions were indirect and out of proportion to what he did, but if he was involved in causing it, his culpability seems in keeping with more established, non-virtual laws. If you hold up a bank with a water gun, but someone jumps out a window to escape and dies, you're held accountable for their death. I think the general principle is that when you commit a crime, and it goes down unintentionally badly, the prepetrator can still be held liable for setting in motion the chain of events.

His current conviction kind of suggests that the earlier incident probably wasn't just a fluke or misunderstanding, but that he really is a malicious and unrepentant criminal. *Maybe* he just got really unlucky twice, but I haven't heard anything to suggest that.

Re:Deserves what he got

He didn't take down Arbornet. Their drive failed and they needed to come up with some new hardware or take the service down. He'd recently owned the system in accordance with their security-holes policy at the time, but they chose to ignore the MOTD and charge him instead. The rest is history.

Re:Deserves what he got

[sciop101]

our immature computer laws suck.

This is an excellent summation. Computer crimes are very much frontier justice. As laws mature, punishments become much lighter and easier on the criminal, i.e. horse thieves are not shot on the spot.

What's to become of Lowe's?

I think most here remember when Best Buy did the same shit and apparently suffered no consequences.

Where is Sarbanes-Oxley on this?

Why isn't Lowe's being held accountable for extreme carelessness with their customers' financial data?

Re:BULLSHIT ! ( Re:What goes around comes around

"Well, unsubstantiated AC comments are all the proof I need."

There's always someone like you just waiting to wise off.

Does it make you feel like somebody ?

You wouldn't last a week inside, sonny boy.

Kevin didn't get out in three

[Safety+Cap]

And you're confused. He was essentially held without trial or a bail hearing for 4 1/2 years.

Re:This isn't like Mitnick, and prison doesn't wor

[NoMercy]

Prisons were originally designed to stop people from committing crimes, commonly they would only lock people up at night so they couln't break into peoples houses or shops. Only in the last couple of centuries with the advent of the idea of reforming people come in, prison sentences got much much longer and the idea of reforming people in the early days was though harsh treatment and work.

The harsh treatment and work didn't have the desired results, but we carried on locking people up not because of there own rehabilitation but because it makes the victums feel better.

The whole system needs a damn hard re-think, and we need to stop puting people in prisons when mabie prisons arn't the best option.

I'll also make a point that the death penalty is only there to satisfy the sadistic perverted desires of revenge that the victums have. Death is no punishment, and if you belive in reincarnation, it might as well be a free ticket out of jail in the form of a new life.

Brilliant idea, Einstien

[TiggertheMad]

Yeah, huge fines are going to discourage people trying to steal credit card data. Suppose you hit them with a non-trivial fine of 500,000. What do you think the odds are that any hacker that has ever broken into a server is going to be able to pay even a tenth of that?

How about this, quit wasting time, money and prison space busting people for drugs by legalizing the stuff, and use all the space created in prisons for hackers, and other white collar criminals who commit 'nice crimes' where nobody gets 'hurt'.

Anyone who writes a worm that makes the national news because it cripples half the internet deserves some jail time.

Re:Brilliant idea, Einstien

Please... A hacker that was busted could probably turn around and write a book for 500 grand, and the TV show appearances and possible job opportunities (if so motivated and skilled) would simply be gravy on top of the mashed potatoes.

This scenario is lose/lose. The hacker is in federal-pound-me-in-the-ass-prison, and we (the taxpayers) have to shell out about $30,000 a year to keep him there--which ammounts to about half of that 500 grand.

Know what I say? Charge these assholes half of what it would have cost us to put him in prison (135,000 over ten years isn't THAT bad, but it's enough to put a man straight), and let the poor bastard out on probation, so that he can hopefully do something productive (community service, and a real job).

Re:Brilliant idea, Einstien

[mdfst13]

"he can hopefully do...a real job"

I think that you are being very optimistic here. Most crackers that are caught don't have the skills to hold a real job. That's why they got caught.

Damn!

[SQLz]

You have to be really dumb to get caught war driving, your already in the get away car!

Good, serves the cunt right.

EOM.

Nonsense

[Mike+Hawk]

Spoken like someone who has never had their identity stolen. What fine is large enough to make up for ruining someone's credit for several years and costing them their dream of buying a home? Will they have to perform community service on my rental unit? This was a crime both against the system and individuals. One count of attempted fraud for each CC number on the system seems about right.

Jail is precisely where we throw people who inconvenience us. It does a great job of preventing them from further inconveniencing us. This time it should work for oh, about 9 years I'd say. At least.

Hacker Sentenced To Longest US Sentence Yet

Sentenced Hacker Sentenced at Sentencing to Longest Sentencing ever Sentenced.

Re:This isn't like Mitnick, and prison doesn't wor

"I would like to commit a crime against you. You can "rehab" me all you want after I'm caught, I won't mind."

Truer words were never spoken.

The "deterrent" arguement, while it has emotional appeal, has been proven to be without factual basis. The simple truth is,
few if any criminals think they will get caught, so they commit the crime with no thoughts of what sort of punishment they might be facing.

Now, the L.A. Shootout, that was an exception ...

Comment removed

[account_deleted]

Comment removed based on user account deletion

Great News-Linux.

"This is great news and will hopefully discourage other hackers."

Correct me if I'm wrong. But isn't Lowe's the one's using Linux?

Re:You're an idiot.

Did they actually steal any credit card numbers? No.
Did they charge up a bunch of fines on said card numbers? No.

We have laws to deal with theft and fraud. Since they commited neither, there is no reason for them to go to jail. These sentences are far to large for people who pose no physical threat to society.

If their plan had actually worked and they had stolen thousands of dollars, then you'd have a point.

Rape, Murder, Kidnapping and Molestation are the only crimes where the attempt to do so should be punished severely as if they actually commit the crime.

Jails should really be for people who threaten the lives of the general public.

define a crime

You steal a Ford or you steal a Ferrari,
is it the same crime?

Should the value of the car change the sentence?

I dont have problems with punishing people who commit crimes but I do have problems with sentences being different depending on the value (as we saw in Mitnick;s case, those are always greatly exxagerated) of the stolen object.Just like I have problems with hate crimes. If you kill someone because of his skin, your crime is the same as if he was your race. A murder is a murder.

I also have problems when white collar criminals get more jail time than rapists and murderers.

Re:define a crime

[oliverthered]

Is stealing a loaf of bread, or bottle of milk the same as stealing $10million from a pension fund?

Re:define a crime

[pkinetics]

In some states, the value of the stolen property determines whether it is a felony or misdemeanor, which equates to the punishment. So yes, value may be a factor. This isn't theft against one individual, this is theft on several thousand people. Although it is one entry point there are several victims. Each victim could in turn sue for damages. It would probably result in a class action lawsuit against the indviduals. Seeing as how this is America, the victims would sue Lowes instead because Lowes actually has money, whereas the actual perpetrators are held to a lower standard. On the other hand, if no damages were inflicted on the customers, then the only entity who can file the lawsuit for damages would be Lowes. Then again, I'm not a lawyer... I just spend too much time with them.

Re:define a crime

[dirk]

You steal a Ford or you steal a Ferrari,
is it the same crime?

Should the value of the car change the sentence?

Yes, the value of the car should change the sentence. If I steal $5, should I get the same sentence as if I stole $10,000? Of course not, because the scale of the crime is different. These people didn't try to steal 1 credit card number, or even a thousand cc#s. They tried to steal an infinite amount of numbers. If this program hadn't been caught, they would have had access to every single card number to go through Lowes. That is a HUGE amount of numbers. So yes, they should be punished more than someone who tried to steal1 number, because it is an entirely different class of crime.

Re:define a crime

[hesiod]

Yes, a pension fund is the property, or at least future property, of more than one person.

Re:define a crime

[oliverthered]

'a pension fund is the property'
Only if you spend it.

Anyhow, you failed the lameness test. are you autistic or suffering from aspergers syndrome?

There's a test here. I got a score of 17...

Re:define a crime

[hesiod]

I got a 33, so what.

Re:define a crime

[oliverthered]

Anything above 32 and changes are you have aspergers. This may have a very limmited effect on you life e.g. 'thinking that taking a pint of milk is the same as taking $10 million from a pension fund' or it may be a little more pronounced, people may treat you as a little childish from time to time, or you may not get on with other people quite as well as you could do.

Unfortunatlly it's the social stigma that everyone else has that causes problems, and not really the effects of aspergers.

If you think that this seems to ring a bell you can contact a professional who can further advise you.

The bottle of milk and $10 million question.
'Most' people would say that taking a bottle of milk is a 'lesser' crime that taking $10 million because.

1: Taking a bottle of milk is less premeditated than taking $10 million, i.e. you have to put in a lot of thought over a long period of time to take $10 million, but taking a bottle of milk require next to no thought.

2: Someone who is in a position where they would take a bottle of milk probably has a poor quality of life and may be 'hungry', someone in a position to take $10 million probably has a good job with good pay and has no real reason for the $10 million apart from greed.

Re:define a crime

[hesiod]

Oops, one left out word made a big difference in my original post. Just went back to look at it and I had written:

> Yes, a pension fund is the property, or at least future property, of more than one person.

I meant "except a pension fund is the property [...] of more than one person."

This was to imply that stealing the milk is the same as stealing one person's portion of that fund. Because the pension fund actually "belongs to" a few hundred people, it would be the equivalent of stealing a bottle of milk from each of 200 people. This means that I don't automatically attach monetary value to everything. In some circumstances (eg, starving), a bottle of milk can be more valuable than any amount of money. Unfortunately, that's not what I actually said at the time.

Guess I'm not very good at expressing myself. :)

As to points 1 & 2, is something worse because you thought longer about it? I understand your point and agree that it may make it more malicious, but should the reason for the crime make any difference in the sentencing of that criminal (ignoring self-defense)?

The asperger's thing is interesting though, thanks for the info.

Re:define a crime

[oliverthered]

'should the reason for the crime make any difference in the sentencing of that criminal'

Yes I think it should, as an example.

If a bolder falls down the side of the hill and kills someone then it's not murder since the boldier had no knowledge of what it was doing.

If I get a stick and beat someone to death then it would be murder since I know what I'm doing.

I believe that we should 'punish' people for what they have done wrong, their wrong doing can only be dertermined by the mallice involved.

I don't think anyone would suggest that we should be putting bolders in prison.

Re:define a crime

[hesiod]

> I don't think anyone would suggest that we should be putting bolders in prison.

But please, think of the children! We must enact legislation making boulders implements of terrorism! :)

(If I don't have anything meaningful to say, I make a joke)

Stupid times

[t_allardyce]

On the way out of court they should assult the judge and rape his underage daughter - they would only get a couple more years on that what a bargin!! I think the western world is over-compensating for not having corporal/capital punishment, instead people are starting to get rediculous sentences, i guess its better than having caining but still..

I, For One

[VonGuard]

Fell Much Safer. (TM)

Nomenclature (WAS:Great News)

[Lead+Butthead]

Crackers, people. Not Hackers.

Re:Nomenclature (WAS:Great News)

Here's why your post was worthless: a) Everyone here already knows that. b) No one else cares. You added nothing to the discussion, just as I have added nothing by replying, but maybe have prevented you from thus forth spewing garbage into the discussion system. Cheerio!

Re:Nomenclature (WAS:Great News)

[onida]

Crackers, people. Not Hackers.

Give it up. We have lost the cracker/hacker language war. When will the /. community get over the fact that the rest of the world calls 'em hackers now. All the kicking and screaming's not going to change anything.

Re:Nomenclature (WAS:Great News)

Well, at least we know his login name suits him.

Re:Nomenclature (WAS:Great News)

Brian was (is?) a hacker in the truest sense.

He just also happens to be somewhat psychotic.

-j

Re:cracker, not hacker

[Dead+Kitty]

Sorry, i was referring to the act of gaining unauthorized access to a network and the lack of skill to do so, not the attempt to steal credit card info. On another note, this is the same as finding an unlocked car and making off with it. I wouldn't exactly call that a master-minded crime. The same as how i wouldn't label this guy a cracker/hacker. As a minimum, at least RTFParent.

right...

So you're saying, we should make the system look safe while leaving it hole-ridden by keeping the hordes of clueless suits with fancy IT titles at the wheels.

Comment removed

[account_deleted]

Comment removed based on user account deletion

But how do you rehabilitate?

[Sycraft-fu]

The thing that drives most of these crimes, like spam, is greed, pure and simple. The people are greedy, and want more money than they can obtain legally/morally, so turn to crime. Well, if you know of a way to change someone's personality such that they aren't greedy, hateful, etc reliably please, PLEASE publish an article in a psychology journal since it'd be the greatest discovery in human psychology in receant history.

The problem is you CAN'T really change that in people. As many drug support groups point out, you can't change those that don't want to be changed. You can't make someone not be greedy, you can't make someone not be racist, etc.

What you CAN do is make it so that there is a deterrant to acting on that greed. That's what prison and other punishments are. The greedy people know that is a potential result if they act on that greed. Hopefully, it deters some of them.

It's a nice rose-coloured view to think that a little counciling can change who a person is, but that's just not the case. A person can only change themselves.

Re:But how do you rehabilitate?

[kaustik]

No, jail does two things for most criminals:
1.) Makes them even more angry at "the system", invokes feelings of alienation. They feel like they are a criminal and that is that.
2.) Gives them time to plot other crimes. Also gives them resources like other criminals to discuss their failures and plan for better crimes, as they are surrounded only by other criminals.

I'm not throwing blind guesses like most slashdotters here - I've done time. For my own reasons, I stopped doing what I was doing. Jail, though, only made things worse.

Re:But how do you rehabilitate?

[anagama]

I haven't been in jail but I have clients who have. Jails are infuriating. For example, a few weeks ago I went to the local county jail to see one of my clients. I'm standing at the window waiting my turn. A middle aged guy is there and explains that his son went to court for some hearing and was placed in jail for whatever reason. He had lent his truck to his son to get to court. His son had the keys on him and so they were now in property. He asked if he could get them out. Was told "no - not unless his son made a written request within 24 hours of being booked". After that 24 hrs, the keys stay in property till the son gets out of jail. So he wants to contact his son in a timely fashion. Nope, he can't do that either - he can send a letter or try visiting hours the next day. But then 24 hrs would pass and his sons written request to release the keys would be worthless. They went round and round like this for a while and in the end, the jail won.

A small thing but I can't imagine how much those constant small things would add up. I don't have to go down there much, but I hate every minute of it. If I spent even a week on the inside, I'd come out with a real passion for getting at the gov't any way I could.

Re:But how do you rehabilitate?

When I was at college I was sitting in the back of an auditorium doing some homework when a course for correction officers started up in the front. During that ONE session the professor told them how to hit someone with leather gloves so as not to leave marks, and how to take care of trouble makers by insinuating they were gay so the other inmates would beat him up.

Re:But how do you rehabilitate?

[dfj225]

Just a thought: is jail supposed to be a pleasant experience? I mean, the people inside are being punished. Like you said at the end of your post, I would imagine most prisioners are bitter after being released. Calling a jail a "correctional facility" seems like one the bigest misconceptions ever.

Re:But how do you rehabilitate?

for full sig: grep -A3 'All wars are civil wars' /usr/share/*/fortune/* /usr/share/fortune/*

Wow, a geeky lawyer. I'm gonna go file some pointless patents and then hire you to do the rest!

Release Date

Hmmmm. I think not.

With credit for time served and good behavior, Salcedo will be eligible for release in the fall of 2011.

There is no federal parole.

New Business Model found Strangled in crib.

"IT employment depends on the continued adoption and use of IT by businesses and consumers. If the internet and computing becomes a ghetto of spyware, crackers, and phishers, the economics of IT will suffer. To the extent that people avoid using computers for fear of crime is the extent that ITer will see their jobs disappear."

Correct, and that "new business model" the RIAA/MPAA/Game Publishers is suppose to adopt, will never take off.

Comment removed

[account_deleted]

Comment removed based on user account deletion

What is sad here

[randall_burns]

Is how stiff this penalty is compared to that of serious corporate criminals that are already wealthy. I've seen some of this stuff up close(I worked on the audit of Riscorp, the CEO of which did prison time). There seems to be a lot of hysteria around hackers-and very little around the REALLY big criminals-who are the managers of major corporations and governmental organizations.

Re:What is sad here

[davew2040]

Either everyone is so thoroughly convinced that corporate executives are supposed to be crooked that it's not news anymore, or the wealthy proprietors of the various media conglomerates somehow indirectly dictate the type of news that gets reported.

Probably a little of both.

Re:What is sad here

[randall_burns]

Given that the major sources of news are corporate sponsored and owned-that later point is _certainly_ true. The question is how did folks come to think that prevarication on the part of business leaders is good, right and proper?

Prison does work.....

[oliverthered]

Ok, your wrong about prison.. there's a really good article somewhere but is goes something like this...

90% of crime is committed by 10% of criminals, so all you have to do is lock that 10% up and throw away the key.

This is what the UK government has done to reduce crime, just look at prison population, average sentence and crime.

The 'liberal' article explained it a lot better than I do, and went on to mention that instead of sorting out the crime in the first place the easy option of locking people up was chosen.

Prison reduces crime, not the number of criminals.

The REAL penalty here

This poor guy will probably get raped in prison. Sorry, I don't think he deserves that from stealing from a bunch of corporate types that probably stole their way to the top.

Re:The REAL penalty here

"This poor guy will probably get raped [hrw.org] in prison."

If you have enough privacy to commit rape in prison, it just means you can get away with anything at all.

I would argue this is the same as many counts

[Sycraft-fu]

I mean they were attempting to steal the credit card numbers of all the customers there, that's thousands of people. Each one would be a victim of a crime, thus they were attempting a crime against each one.

Given the amount of people that credit card crime like this affects, and given the magnitude in dollars we are talking, I think a stiff sentence is appropriate.

If B&E w/ intent is 2-4 then I'd say 9 for B&E /w intent to steal from thousands of individuals totalling millions of dollars is fair.

Re:I would argue this is the same as many counts

[BiggerIsBetter]

Hmmm. There's something wrong when the "badness" of a crime is measured in dollar terms. As others have pointed out, raping someone probably would have got a less time.

Re:I would argue this is the same as many counts

[Sycraft-fu]

I'm guessing they didn't bother to check the law. In most states, rape can carry a potental life sentence. In Arizona, life is manditory if there was a violent element (like the use of a deadly weapon) see ARS 13-1423.

The reason dollars count for the severity in a robbery or attempt thereof is because that's what the harm is. I mean think: If I steal $0.50 from you, it's trivial. You're not even likely to notice it's gone, or care if you do. If I steal $100 from you, that's inconvenient and a problem, but nothing major. If I steal $50,000 from you, that's major, probably your entire savings and could ruin you.

As I also noted there is the number of offences. Those count quite a bit too. We aren't talking about defrauding a chain, we are talking about defrauding the chain's thousands of customers. Shoplifting is a minor crime, but if you get hit with 100 counts of it, you'll be going away for awhile just because of the sheer number of offences.

Re:I would argue this is the same as many counts

[hesiod]

> If I steal $0.50 from you, it's trivial.

Not if that's the only 50 cents I have to my name. Bill Gates could fail to notice (theoretically, his accountants probably wouldn't) 50 grand missing from his various assets and it would not really affect im in the slightest. So do you propose that we consider the stolen amount against the value of total possessions of the victim? Otherwise, the poorer you are the less the law cares about you (which is the truth at the moment).

However, yes, there were hundreds of "victims" (although none of them had anything actually happen to them) in this case.

Re:This isn't like Mitnick, and prison doesn't wor

[oliverthered]

...sorry more on prison
I think prison should be like a holiday home, lets get those thugs all happy and feeling good about them selfs, train them up and educate so they can get a proper job. Give them the hope that they never had before.

Giving up on my Covalent T shirt and the H/C thing

[crovira]

I'm calling myself a white hat code wizard.

The 'popular perception' of the whole hacker (code geeks)/cracker (crypto geeks) myth is a kind of hopelessly unwinnable argument about angels on pins.

Considering the alternatives, I've just invented a new name for myself and left the waste of time up to those poor souls who care.

I've just given the hell up.

Is it REALLY better than caining?

The real penalty makes Singapore look downright mild.

Re:Is it REALLY better than caining?

[t_allardyce]

Well thats because the prison system is run by idiots and pricks, atleast western countries actually _have_ a human rights watch, im guessing Singapore jails are 10 times worse, but thats right some of our society is pretty damn sick and non-violent criminals definately shouldnt be mixed with violent ones.

Re:Is it REALLY better than caining?

eh
what the hell has this got to do with singapore prisons?
have u been to one?
on what basis do you base your guess on?

do you even KNOW where singapore is?

Re:BULLSHIT ! ( Re:What goes around comes around

You wouldn't last a week inside, sonny boy.

From the looks of it nothing has survived a week inside your ass. How'd you get the chickens up there?

No, I'm New Here

[New+Here]

No, I'm New Here

Re:No, I'm New Here

[boots@work]

You're my favourite Slashdot celebrity! I'm so glad to see you're still in business.

mod parent up!!!11

+5 Original and hilarious!

Follow the money

The real criminals wear suits. This guy is small potatoes.

Re:BULLSHIT ! ( Re:What goes around comes around

You see, I have been there.

So, what really happens when you drop the soap?
Does someone try to ring your bell?

Hmmm

[Mike+Hawk]

Well if they actually get the years federal sentencing guidelines call for, your post will look pretty foolish. The man is now facing two seperate and independent trials which will start in 2005. But in the meantime, YEAH KILL WHITEY. RICH PEOPLE ARE EVIL LETS LOCK THEM ALL UP! PUT THEM TO THE GUILLOTINE!

Re:This isn't like Mitnick, and prison doesn't wor

[fred911]

No Prison isn't the answer.
The answer is yes, the question is sex.

(someone had to say it)

Re:Again..

If the same guy walked into the corporate office and tried to remove a hard drive full of CC's, you really think he'd get 9 years in prison? I fucking doubt it.

These guys got slapped with a bigger sentence because a computer was used. The general public does not know about computers. Things that people don't know about scare them.

What I want to know is why Lowe's is storing my credit card information and/or why it needs to be sent back to their corporate office.

Re:The penalty for hacking is equivilant to murder

[anagama]

Involuntary manslaughter is worse than "accidental" (i.e. negligent behavior) and not as bad as "intentional" behavior. What it means is that the person who killed was acting in a manner so stupid that he should have known he could cause harm. Like getting hammered and then driving home.

At least people who murder have the balls to declare their intentions, if not to everyone, then at least to themselves. Murderers are more honest than manslaughter-ers in this respect. Those of the involuntary manslaughter ilk get to be stupid, cause death, and get out early enough to do it again. Really, if the point of our prison system is to be segregation of bad actors from society, not rehab (anyone who believes prison is about rehab is fooling himself), why do we want to let the stupid irresponsible ones out any earlier than the sociopathic ones? Both are harmful.

As for these "wardrivers", this is a harsh sentence indeed for what amounts to a property crime. Their real crimes were not being politically connected. The Enron etc. examples have been made previously so I won't repeat them.

Re:The penalty for hacking is equivilant to murder

[Ziviyr]

Point is nobody is dead.

Re:This isn't like Mitnick, and prison doesn't wor

[Kombat]

I'll also make a point that the death penalty is only there to satisfy the sadistic perverted desires of revenge that the victums have. Death is no punishment

Would we be correct then in assuming that you are equally opposed to "life without parole" sentences? After all, life without parole is just an extra-long death sentence. If a person is never going to be permitted out again, no matter what, what difference does it make if they die at 35 of a Potassium Chloride overdose, or at 65 from heart disease?

Also, are you suggesting that people like Ted Bundy, Jeffrey Dahmer, and Timothy McVeigh could have eventually been rehabilitated?

And finally, what's so wrong about "revenge" anyway? If someone commits the absolute most heinous crime imaginable, raping and murdering your daughter, is it really so unreasonable of the parent to feel vengeful? If the perpetrator wasn't prepared for an eye-for-an-eye punishment, then perhaps they shouldn't have done the crime.

Good, honest people die tragically all the time. Why should we go out of our way to ensure that multiple-murdering, unrepentant scumbags get to live out a long, moderately fulfilling life behind bars?

They are innocent

[speedc0re]

As long as they didn't actually use any of the credit card numbers they have not done anything wrong. I don't care if they have my credit card number as long as they don't use it.

Re:They are innocent

[Quill_28]

I don't care if someone tried to kill me, as long as they don't.

I wouldn't care if someone put a gun to my head as long as they don't pull the trigger.

They are not innocent.

Re:They are innocent

So, then it is ok if they passed the number along? It should be ok, they just collected it, passed it on to a friend and they never used it at all!

Re:They are innocent

I promise not to use you CC no, please post it...

Re:They are innocent

[fly3r]

Read the Federal Statutes (sepcifically Title 18, Section 1030), it is a crime to access a computer network for which you do not have authorized access. There is a bit more to it than that, but that is the basic idea. Salcedo and his buds are certainly not innocent. Add conspiracy as well and they got what they deserved.

Coming from Whitmore Lake, Michigan myself...

[metalligoth]

My business partner learned hacking and coding from this guy when the guy was legit.

What he did I think any of us on Slashdot could do. It doesn't require a great deal of skill or 31337N355.

This is in the "Your Rights Online" section because he should be treated the same as someone who thirty years ago stole file cabinets of data about people at a large chain's headquarters. If the data is the same then there is no need for changing the sentence.

That said, the young man did wrong and will get what he deserves. He was a little bit bright and could surely have come up with a better scheme than this. I know I could, but I and his former "student" are devoting our time to a legit business.

Please excuse the shameless plug. We may be legit, but we're certainly not wealthy. Starting a company is hard work. 60+ hour workweeks, paying yourself less than minimum wage for a year or more... No wonder Mr. Salcedo chose the "easy way out".

Where to find the Free Wireless Internet?

[drewzhrodague]

This is true, and most business Wi-Fi installations are made difficult to get into. For most users of Wi-Fi, home, work, a friend's house, or a public spot -- those are going to be the places to go, when they're made easy to find, and conducive to social computing.

Of course, I have quite a bit to say about wardriving in general!

Interesting Point

[MikeD227]

this brings up an interesting point in that prison, or punishment in general is a way to deter criminals as well as assure everybody else that should a crime be commited against them, whoever is responsible will be dealt with.

if punishment stopped fitting the crime people would then take it upon themselves to administer a justice they deem fair.

and the "fitting" is for every individual very subjective, so the government continuosly tries to keep the balance.

now while i agree that the details of how we punish our criminals may need some updating, the need for some sort of revenge (or call it justice) is simply human and not subject to much change.

there will always be the transendentalists preaching be merciful the prisoners, coddle them, rehabilitate them. be compassionate. but there are more and much louder (at least for now) proponents of our current revenge type system.

Re:This isn't like Mitnick, and prison doesn't wor

[howardjp]

Well, probation doesn't work either. He was arrested in month 35 of a 36-month probation term.

Death penality?

[cubicleman]

As with spamming, certain kinds of malicious hacking probably should warrant the death penality....

Re:Death penality?

[the31337z3r0]

I'd preffer to start sending 'em all over to Australia again. That seemed to work pretty well, and hey, they're not doin' so bad now!

Re:Death penality?

Perhaps taking a page from J. Swift....we should just eat the miscreants (cooking optional) as a mass expression of our will to punish non violent thieves...

Re:prison doesn't work

I've done my time, and it's behind me, but I have zero faith in the criminal justice system in the US, and I intend to leave the US for a country which has a system which doesn't allow the perversion of justice to such a large degree.

Don't let the door hit you. AMF.

What, you're not gone yet? Oh, I see, just staying to bitch some more? Hopefully your new country won't be too harsh on dissidents.

Comparison of rape

OK folks, I am seeing a lot of posts talking about rapists getting less prison time. Can you all back that up? Rape in Michigan can land you 15 to 25 per act depending on the severity. So, in review:

1. Computer crimes are different than crimes of a physical nature. Stop comparing the two.

2. Crimes where you fail to accomplish it (generally referred to as "conspiracy to commit...") are gauged by what damage you could have caused if you were successful. So, lets say they could have gotten somewhere in the hundreds of thousands of CC#, that's a huge amount of potential damages.

-BlkSprk

Re:Comparison of rape

[alc6379]

This makes me think about something similar. I don't know offhand, but I do believe that in my state rape can get you longer than 9 years.

Rather than focusing on how large this sentence is in comparison to a rape, wouldn't it be more appropriate to lament the fact that a rape sentence is shorter than one for computer fraud? There is a difference in doing either.

Whoa, my mistake

There is no federal parole.

Sorry. I keep forgetting a world exists outside of Texas.

Re:This isn't like Mitnick, and prison doesn't wor

[anagama]

• 
  And finally, what's so wrong about "revenge" anyway?

The problem with revenge is that it is an emotional response. In many cases, that emotional need to find "whodunit" and punish the living sh** out of him, has lead to the conviction of innocent people. In this example, a guy spent 15 years of his life in prison - post conviction DNA testing proved him to be the wrong guy. Funny thing about revenge in this example, at the time of conviction, the victim and family actually got the satisfaction of having had their revenge - but even with the satisfaction, they got no justice - wrong guy.

Revenge just generates additional victims. Criminals should be convicted on facts and data, and not on an emotional basis. Of course the world is full of "shoulds".

Some facts on this case

[howardjp]

Salcedo was arrested in the last month of a 36-month probation sentence after he broke into Arbornet and many other sites in 2000. The original Slashdot story is here.

Re:Some facts on this case

getting caught twice? he is not very good is he?

Let potheads out to make room ...

[AHumbleOpinion]

Let's throw all those big badass hackers into prison and clog it up even more so that the killers and the rapists can turn parole faster.

No, we can just let the potheads out to make room. You have the mental capacity of a politician, budget cuts, well police and fire first not my pork projects. Drop the hysterics and try thinking for a moment next time.

Federal Prison ?

[nabil_IQ]

9 years in a "pound-me-in-the-a$$-prison"

Re:The penalty for hacking is equivilant to murder

[servognome]

It depends, there are cases like punching a rowdy drunk, who slips and breaks his neck, or throwing a rock at somebody's windshield causing a fatal accident. Serious Injury/Death is a forseeable consquence of the action, though death was not intended.
Some people make bad mistakes, and would not repeat them again. Though there are definately the ones who are habitually break the law and should be removed from society.

Ha-ha!

Catch me if you can. ;)

A witch hunt....

[ObscureKaffine]

Although I do agree that he should have gotten in trouble. I think what he got is on the severe side. I think this is much akin to the witch hunts of older times. People are afraid of what they don't understand. Because people are still pretty well computer illiterate, (thanks mostly to windows... but that's another beef for another post)... so it's human nature to fear what they don't understand. Because a computer was used for a "crime" the justice system, so afraid of our voodoo magic, comes down very hard out of fear. Plain and simple.

Re:A witch hunt....

[mindstrm]

The computer isn't hte problem.

IF he'd just broken in, you'd have a point.

That he tried to steal an absolutely huge number of credit card numbers is the issue, and that's the central issue.

If he'd broken into a central office and stolen a truckload of printouts to get the same thing, it would be the same issue.

Re:A witch hunt....

[ObscureKaffine]

OK.... i get where you're coming from... but i have been on the other end. haven't broken any laws, but have been threatened and harassed... so perhaps i'm just blowing off steam....

murder term too short, not hacking term too long

[AHumbleOpinion]

There have been murderers sentenced to one-fourth that length of time.

Yes, a two year and three month murder sentence is way too short. Rediculously short, an aberration, and completely irrelevant to determining a proper sentence for computer crime.

Re:BULLSHIT ! ( Re:What goes around comes around

Fortunately, I am educated, white, and affluent. Therefore, _I_ am someone, whereas you, the ex-con, are not. Have fun never voting, never getting a good job, and generally frittering your money and life away on drugs and alcohol.

Intent is an element of a crime, not success

[AHumbleOpinion]

or a non-violent crime that didn't benefit the criminal?

Intent is an element of a crime, not success. What does it matter that he criminal did not benefit?

Re:Intent is an element of a crime, not success

[Hawke666]

Great logic there!

Someone attacks someone with intent to kill them, but does not succeed. It's clearly a murder since success is not an element of a crime.

You idiot.

Re:Intent is an element of a crime, not success

[BattleTroll]

B&E is still B&E regardless of whether or not you took anything. You'll be convicted of shop lifting even if you don't successfully make it out of the store. Go into a bank brandishing a gun will still get you locked up regardless of whether or not you actually receive any money.

Get a clue before spewing stupidity.

Re:Intent is an element of a crime, not success

[Hawke666]

Sure it's B&E...because you did, in fact, break and enter. But if you opened the door to an unlocked bank vault, walked in, looked at the money in there, and left without taking anything (even if you went in there intending to take it all) you couldn't really be (reasonably) considered to have stolen it.
Going into a bank brandishing a gun is endangering the lives of others, even if you don't get money.

I've got a clue, thanks.

Re:Intent is an element of a crime, not success

Umm... No. Unless you are GIVEN ACCESS to the bank vault by the staff, you can be arrested for it. You probably won't actually be CHARGED with anything, but it is illegal to enter a bank vault when you have no business there.

In addition, MRUDERES DO NOT GET LESS TIME THAN THE HACKER DID. Killers who get less time are convicted of INVOLUNTARY MANSLAUGHTER. There's a big difference between Involuntary Manslaughter(AKA, Manslaughter in the Second Degree), and Murder. The shortest murder sentence possible is TEN years. And the convict will only get that if he provides information that will save other lives(such as info that helps the police capture a serial killer).

My uncle is the Executive ADA here. I get my info from him.

Re:Intent is an element of a crime, not success

[Hawke666]

Yes. You can be arrested. But being arrested (and even charged) is not the same as stealing it. You will not be arrested for, or charged with, stealing the money.

I don't recall saying that "MRUDERES" get less time (though other posts have claimed that, and I suspect it has happend at least once in US history)

Is your uncle Noel Coward by any chance?

Re:Intent is an element of a crime, not success

[AHumbleOpinion]

Going into a bank brandishing a gun is endangering the lives of others, even if you don't get money.

Wrong again, the gun is irrelevant, if you have a piece of paper saying "give me the money" the FBI is still all over you irregardless of whether you got any money or not.

Re:Intent is an element of a crime, not success

[Hawke666]

Yes, agree, the gun is not relevant to whether you've commited a crime (in all the cases mentioned). But it is relevant to what crime has been committed. we're talking about a bunch of different crimes:

murder: killing someone is a stronger offence than trying to kill them.

Breaking and entering: actually doing it is a stronger offence than ... I dunno, travelling to a location, with the intent to break in? What constitutes an "attempt to break and enter"? The moment the thought enters one's head? You probably won't be (successfully) charged with shoplifting if you don't steal anything after you break/enter. (i.e. you leave and get caught on the way out)

Brandishing a gun is illegal no matter where you do it, if there are others present who are not okay with your actions.

If you could somehow prove that you had no intention to rob the bank in which you were brandishing a gun (a tough one, I should think), charges of "attempted bank robbery" would likely not stick.

as to the piece of paper, you're probably not going to get charged with armed robbery unless you have some kind of armament.

Also, a check is precisely that, a note saying "give me the money" (assuming "me" is the person named on the check) More completely it says:
[My bank], pay [person to whom the check is written] $[amount]. -[signature]

I don't think the FBI has ever contacted me in regards to check cashing.

So I think my point is pretty well proven, that success does matter. Intent is of little importance even for determining what crime has been commited. Success is much more important.

And that's good. A person who drives to a bank, armed, in a ski mask, and then decides not to even attempt to rob a bank (even though they intended to) does not deserve punishment, while someone who beats someone severely, directly causing their death (hit them in the temple accidently, or whatever) does deserve punishment. IMO.

Re:Intent is an element of a crime, not success

[plague3106]

And B&E != robbery. I don't think they can convict you of shoplifting unless you do make it out of the store (if you're in the store, you still have a chance to put the item back or pay for it..how do you KNOW they were going to steal it?)

There's also attempted robbery and robbery. What was your point stupid?

Re:Intent is an element of a crime, not success

So you think that's why there might be a charge called "attempted murder" instead of only being able to charge them with assault? Ya think?

Re:Intent is an element of a crime, not success

[PhilipMckrack]

Yes, but this case would be more in line to catching the bank robber outside the bank with a drill and blowtorch trying to get into the safe from the outside. This person would still be charged with bank robbery.

You don't get off because you were unsuccessful

[AHumbleOpinion]

Did they actually steal any credit card numbers? No. Did they charge up a bunch of fines on said card numbers? No. We have laws to deal with theft and fraud. Since they commited neither, there is no reason for them to go to jail.

You don't get off because you were unsuccessful. Intent is an element of a crime in the US, not success. its better to nail them before they get competent.

Re:BULLSHIT ! ( Re:What goes around comes around

Quit crawling around up in there before I fart you out! And this time I'll make is greasy!

Re:BULLSHIT ! ( Re:What goes around comes around

Don't be gettin no tickets in my town. Me an Bubba got a thing for white, edumicated, virgin ass.

The other question.....

[acvh]

what is Lowes doing wrong that they were compromised twice like this?

GOOD! :)

[Spy+der+Mann]

Evil hacking (from defacing websites and destroying information to stealing credit card info) should be treated as normal crimes (destruction of private property, fraud, stealing, etc).

I remember the times when "hacking" meant to get around limitations of the system. Ah, glorious times. But now script kiddies,lamers who write virii and blatant mobsters are discrediting the name.

I say, send 'em to jail. They deserve it. And we need it too.

ObSimpsons

[Tim+the+Gecko]

Sideshow Bob: "Attempted murder?" Honestly! Do they give a Nobel Prize for attempted chemistry?

9 yrs for *trying* to steal? shoulda waited tables

That guy got 9 years for just trying to steal credit card numbers? Not that he shouldn't have been convicted and sentenced according to the law, but he apparently didn't even successfully steal anything. Geez.

You know, the guy apparently was pretty damn stupid. Want to steal credit card numbers? Go get a job as a waiter. People let 17 year olds physically take possession of their credit cards out of sight for 10 minutes at a time. Why would you bother trying to break into encrypted data streams and data stores?

Re:This isn't like Mitnick, and prison doesn't wor

[Jardine]

In this example [innocenceproject.org], a guy spent 15 years of his life in prison - post conviction DNA testing proved him to be the wrong guy.

There are 3 cases famous cases like this in Canada. The three M's. Morin, Milgaard, and Marshall. Morin spent 3 years in prison, Marshall spent 11 years, and Milgaard spent 23 years. All were saved by DNA evidence and all were convicted of crimes that could have gotten them death in certain states.

Re:prison doesn't work

Fuck you, you smartmouthed little sack of fascist shit.

I'm sure I'm not the first person here to say this

[tekunokurato]

But where's the justification? I mean, these guys were criminals and bad people and I don't particularly want them in society with me. But come on--rapists don't go away that long for one count, and this was just attempted. There's just no logic to it.

Re:BULLSHIT ! ( Re:What goes around comes around

[mlk]

And I am not a badass, so that excuse won't fly.

No, but you are an ugly fat /.ing Geek, nothing on earth would want to fuck you.

Ok then, what do you do?

[Sycraft-fu]

Should we simply allow crimes to be committed, no punishment? I can show you places where that is the case, you won't like the result, I can gaurentee. If you think you can change who someone is, without their wishing it, just via counciling and the like, ask a psychologist. They'll tell you, as I have, that counciling is a way to help people who want to be helped, not to force changes on someone.

If the deterrance reason isn't good for you (it is a deterrant by the way) then how about the simple fact that while you are in jail, you can't be comitting crimes.

But really, what it boils down to, is that we need some way to punish crime. Civilized society needs a justice system and that requires punsihment. This isn't an American thing, this is across the world.

If you have a better solution, let's hear it.

Re:Ok then, what do you do?

[maximilln]

Should we simply allow crimes to be committed, no punishment?

Every crime should warrant a single sentence: death.

Now... can we get back to the more important pursuit of seriously considering what we define a crime as? We don't have too many criminals... WE HAVE TOO MANY LAWS!

Re:Ok then, what do you do?

[drinkypoo]

look, punishing people isn't a deterrent. You think it is but most people who commit non-victimless crime are habitual offenders, or they will be. what it REALLY boils down to is that we need a way to decrease the amount of crime committed - not by making it harder, but by removing incentive. The details I don't have for you, but our prison population continues to rise at a rate larger than our overall population except when all the prisons are full, at which point we build more prisons. As a nation we are not actually interested in pursuing a solution - we just want those filthy criminals out of sight and mind.

well,

we are.

Kill the cops

Kill all the cops.

Re:BULLSHIT ! ( Re:What goes around comes around

"No, but you are an ugly fat /.ing Geek, nothing on earth would want to fuck you."

Hate to burst your bubble, but I've had sex with quite a few women. I lost count after 200 or so.

It ain't bragging when you can do it, sonny.

As for prison : it so happens that many people were scared of me, and this despite my size ( 5'11" 170 lbs. ).

You see, what matters is how you "carry yourself".

I now return you to the usual juvenile speculations which make up the great majority of /.

Re:Again..

[mindstrm]

If he walked into the central clearinghouse and walked off with a hard drive with a million credit card numbers on it, and we know that it was the credit card numbers he was after, then yes, he should get 9 years.

I'm not sure how massive credit card theft is dealt with in the courts, but it's likely they can show that the intent was to use those numbers for fraudulent transactions.

Attempting to steal hundreds of thousands or millions of credit card numbers and also use them (or contribute to their use) in a fraudulent manner is a massive financial crime, and 9 years is not that long.

Oh yeah, we're supposed to listen to an AC *con*

I hope you're not holding your breath waiting for that to happen.

On second thought....

Unjust Punishment

[Maul]

This "hacker" never actually stole CC data, but still got nine years.

If Ken Lay is even given jail time, I doubt that he'll be doing 9 years. He'll probably get 1 year max at the place with the golf course and squash court.

I think much of the complaint is not how much time the hacker is getting, but how little time other people who take part in similar crimes but without the "hacking" element.

Re:Unjust Punishment

[davew2040]

I guess electronic crime just scares the shit out of people these days; it particularly scares the shit out of the wealthy, who typically are already convinced that everyone else is after their money. And I think we all know what the judicial trend over the past few years has been.

Re:though...

[zenneth]

Recently in Australia the head of an insurance company HiH defrauded millions of Australians, which lead to the closure of HIH. One of the people involved got a suspended sentence the other got two years, the CEO is yet to be charged but will probably get the same. (USA, replace HIH with Enron)

If i commit one case of first degree fraud, i can get up to 20 years in jail.

If I'm a CEO defrauding millions of people for my own personal gain i get a suspended sentence..

Thats our great judicial system for you.

I am guessing that's just how democracy is. It's simply a monetary-based feudal system.

Hail, King Bush

Another Example of American Bullshit

I'm getting so sick and tired of crap like
this. Putting someone in jail for 9 years for
attempting to hack systems is rediculous! I
don't say this as some "left-wing" bleeding
heart. I'm far right, and served with a sher-
iff's department for several years as a fully
sworn (reserve) officer. I'm just getting damed
sick and tired of Amerika in one fashion or
another. I've been coming to the conclusion that
America has just degenerated into a quagmire of
shit. Prison sentences is just one aspect. I'm
convinced a) that a lot of innocent people are
sitting in jails, b) a lot guilty people are in
jail that should be out of jail an in a reha-
bilitation house, and c) a lot of people who
are in jail are serving sentences that are way
out of proportion to the crime they committed.
We have people who are serving 5+ year sentences
whose only crime is cocaine possesion and use.
Hey, I don't care how many times the guy got
arrested... It's his body he's abusing. I'm
againt drug use but don't put the guy in a state
prison for crying out loud. Get him some help
and help him get his life straightened out.
And, there's another bunch of American bullshit,
yeah, our prisons. Where do the American people
get off getting "outraged" over the Iraqi
prisoner abuse "scandal" when right in their own
backyards you have prisons in which people are
abused every single day. Rape, assault, slavery,
sex-slavery, etc. go on as a way of life and the
prison officials know about it and don't give a
damn. America, you hypocrites! No wonder guys
come out of prison worse off than when they
went in. You're 20, steal a car (big deal in
the scheme of things!) get sentenced for some
rediculous amount of time and then while you're
in prison get abused. Yeah, I'd be mad as hell
at the world too. Reform my ass. It's just
another example of a screwed up America. And,
please, don't give that horseshit line about
how its "...the best system we got...", "don't
like it, leave it". Whatever man. This is one
screwed up place and it's just getting worse.
I could go on for days about all the crap that's
wrong with this country. Am I leaving, nope, not
at this time. This is my home and I'm staying
for now. Hopefully I'll see some real changes
in my lifetime but then again, I'm probably
just dreaming.

Re:BULLSHIT ! ( Re:What goes around comes around

Wow. Someone willing to go out on a limb and prove that adage that criminals are stupid....

Hate to burst your bubble, but I've had sex with quite a few women. I lost count after 200 or so.

Shit, my first grader can count at least that high. Guess you wasted those three or four years, eh?

As for prison : it so happens that many people were scared of me, and this despite my size ( 5'11" 170 lbs. ).

Yeah, I've got a chiuahua like that. He probably wouldn't be so scary if I shaved his ass and taught him to walk backwards.

Re:cracker, not hacker

[MavEtJu]

Just because it is easy doesn't mean it's allowed.

Re:BULLSHIT ! ( Re:What goes around comes around

Don't be gettin no tickets in my town. Me an Bubba got a thing for white, edumicated, virgin ass.

Hey, didn't you go out of your way to shout something about BULLSHIT!

Guess we really can't believe a dumbass con no matter what he's saying.

Oh, and if you think your dumb wuss con ass can take on me and my legal piece you can - to quote a phrase - "Go ahead, punk. Make my day!"

Re:BULLSHIT ! ( Re:What goes around comes around

"I am educated, white, and affluent. Therefore, _I_ am someone"

Hello there, little WASP pretender to manhood.

Surprise : I'm white, and I have degrees from several schools which your parents probably couldn't afford. And I paid my own way.

I don't do drugs, nor do I abuse alcohol. As for voting, it is indeed possible to vote in many states, In fact, the states which are worth living in DO allow convicted felons to vote.

I have a good job, working for a company which I own.

Isn't it just a bitch when you are so completely and utterly
wrong ?

Something tells me you are just another "wage slave" who jacks up his own self-esteem at the expense of others less fortunate than himself. You can't imagine the contempt I feel for those of your ilk.

Re:I'm sure I'm not the first person here to say t

> There's just no logic to it.

That's because you are dealing with a broken
down system. They probably violated some
federal laws along the way and federal sentencing
guidelines have always been unjust with sentences
that far exceed the severity of the crime.

Trust

Sorry, I don't get it. If retirement consultants, CEO's and accountants swindle people, people don't lose trust in the economic system? Sometimes I feel that if I lived in America, I'd best tuck my money away into my mattress.

OTOH if computer systems that handle economic information aren't secured properly, thieves that exploit that should be punished insanely harshly?

A question springs to mind: What about the thieves that get away?

In addition to a deterrent hard punishment (nothing like this, though) for the thief, there ought be some serious repercussions for the company, too. The company is not the victim here - the people whose personal economic control was compromised are.

To instill faith in the system, we need accountability for the companies and systems people, too.

Re:BULLSHIT ! ( Re:What goes around comes around

"if you think your dumb wuss con ass can take on me and my legal piece you can - to quote a phrase - "Go ahead, punk. Make my day!""

I didn't post the thing about "Don't be gettin no tickets in my town. Me an Bubba got a thing for white, edumicated, virgin ass." You see, it IS possible that more than one person can be
an AC ( don't think about this too hard, you might hurt your head ).

But this article really has brought out the redneck fools, hasn't it,
Mister Insecure Gun-Toter.

Mitnick wasn't sentanced to 5 1/2 years.

[nsanders]

Mitnick was held with out trial for 5 years and eventually was let go for "time served". That's why there was such an uprising behind him. Dispite his crimes, he was serverly miss treated.

Try researching the story before posting it!

Who gets their news from a mickey mouse outfit like ABC anyway? If you're going to post some clueless banter about attempted credit card fraud, at least link to an article (or thread) with some relevant information about the case instead of an uninformed soundbite. You could start with one of the following:

http://reviews-zdnet.com.com/AnchorDesk/4520-7297_ 16-5511088.html

http://www.theregister.co.uk/2003/11/22/michigan_w ifi_hackers_try/

http://www.securityfocus.com/news/7438

http://www.securityfocus.com/news/8835

http://www.netstumbler.org/showthread.php?t=11115

Some of the more interesting quotes for those too lazy to click on the links:

"In 2000, as a juvenile, Salcedo was one of the first to be charged under Michigan's state computer crime law, for allegedly hacking a local ISP."

"It was six months later - Botbyl allegedly admitted to agents - that Botbyl and his friend Salcedo hatched a plan to use the network to steal credit card numbers from the hardware chain"

"At some point in their wardriving experience, Timmins and Botbyl came upon a Lowe's hardware store with an open wireless network. Timmins later admitted to Kevin Poulsen of Security Focus that what he did next was technically illegal: he used the Lowe's network to check his e-mail. When he realized it was Lowe's private network, however, he says, he disconnected."

"That in itself might have been the end of the story. However, Lowe's became aware of the breach and contacted the FBI, who, after its investigation, charged Timmins with one count of unauthorized computer access. And that by itself would have been a significant story: Timmins's plea has been reported as the first instance of a wardriving conviction. I think the claim is an exaggeration, however. The charge would have been the same had he used a wired connection."

"But here's where the story gets interesting. Several months later, Botbyl returned to the Southfield, Michigan, Lowe's with a new friend, Brian Salcedo, now 21. Salcedo, it turned out, was in the final weeks of a three-year probation for an earlier computer crime."

"According to the indictment, the hackers used the wireless network to route through Lowe's corporate data center in North Carolina and connect to the local networks at stores around the country. At two of the stores - in Long Beach, California and Gainseville, Florida - they modified a proprietary piece of software called "tcpcredit" that Lowe's uses to process credit card transactions, building in a virtual wiretap that would store customer's credit card numbers where the hackers could retrieve them later."

"Brian Salcedo, 21, faces an a unusually harsh 12 to 15 year prison term under federal sentencing guidelines, based largely on a stipulation that the potential losses in the scheme exceeded $2.5 million."

"As for how it was computed here's one probable way: Maximum number of cards in the system at the time they could have captured, multiplied times the maximum credit limit on each. (So say Lowe's does an average of 2500 credit cards transactions nationally in a night, and each has a $1000 Credit Limit. That is $2,500,000 right there.)"

"They were not able to access nationwide credit card files or get into corporate systems," says Lowe's spokesperson Gina Balaya. "They did access six credit card transactions from one store."

"My initial reaction when I heard the charges was one of skepticism," says Karl Mozurkewich, founder of the Michigan software company Utropicmedia, and a member of the group. "Eighty percent of the people in the 2600 group in Michigan are more the c

I, For One

Am glad that there is now a safer way to fall.

How about "hacking" the GEMS tabulator?

[flibberdi]

How many years would that render??

Huh?

Answer: zero, providing you have the GOP and GOD on your side.

I take offence to that.

I beleive the term you are looking for is "cracker"

NOT HACKERS

I am not going to give the standard hacker/cracker story that everyone else has given.
We know the difference.
The point is, these guys are retards. A monkey could have broken into that network.
It would have been more difficult to smash a window to get the physically numbers.
This is pure FUD, calling them hackers.
This required no computer skills and should be treated as such.

Can we please put this to bed: Hackers vs. Cracker

[Arzach]

Somebody, PLEASE find a solution to this semantic quandary.

The Most Important Lesson Here

[naoursla]

Don't shop at Lowes. They keep their credit card information on a computer accessible from an insecure wireless access point.

Re:The Most Important Lesson Here

[KrugalSausage]

but i thought Y2K destroyed Lowes' access points.

I know his name...

[Scratch-O-Matic]

It's 'ADMIN'.

Re:I know his name...

and his password is "PASSWORD"

Re:This isn't like Mitnick, and prison doesn't wor

[T-Ranger]

Marshall was released in 1983, after a (new) witness came forward. This is about 10 years before DNA profiling was even thought about, 15 years before it became useful/accurate/cheap. In the inquiry into the actions of the police and crown prosecutors, it became clear that his case was not an accident, with the parties all acting in good faith. I don't think that they had any specific evidence to the contrary, but circumstantial evidence, combined with him being a Native American (to be fair, also well known to the police) was all the investigation they needed.

Re:This isn't like Mitnick, and prison doesn't wor

[Kiryat+Malachi]

Of course, the original case brought against him was slightly trumped up as well, and was mainly brought as a way to test the State of Michigan's new computer crime statute.

Brian's definitely in the wrong here, and I'm not going to defend him, but you should probably at least know a little bit about the case before you condemn him entirely.

This works out great for all of us!

Now he will have 9 years to learn how to be a truely violent criminal before being released back into society with no real means to support himself!

These costs add up!

[Highrollr]

With all due respect, I think you are the one missing the point. There's way more to getting hurt than bleeding. We see someone who has been shot or assaulted and we feel sympathy for that person, as we should. Our sense of justice demands that whoever hurt them be put away.

But you know what we don't see? We don't see the kid who can't go to college because some fuck wiped out his parents' portfolio. We don't see the mom who has to choose between buying a smoke detector or food because her budget just can't stretch that extra little bit to cover what the cracker skimmed off the top. There are all these little costs that are basically invisible, but they add up and when they affect enough people THEY MATTER. So while physical injuries are certainly easier to empathize with, saying that someone shouldn't go to jail for a long time because they "didn't hurt anybody" is sophistry.

Re:These costs add up!

[tzanger]

There are all these little costs that are basically invisible, but they add up and when they affect enough people THEY MATTER. So while physical injuries are certainly easier to empathize with, saying that someone shouldn't go to jail for a long time because they "didn't hurt anybody" is sophistry.

I didn't say they shouldn't go to jail. I'm saying nine years for nonviolent crime (and one that didn't succeed anyway) is not justice. Nine years for a repeat carjacker or serial rapist or attempted murderer seems more just.

Nonviolent crime (IMO) should be dealt with with heavy fines/reparations and not much jail time. Jail is for violent criminals and people who are dangerous to society. You could make the argument that white-collar criminals are dangerous to society but (IMO, I am not a psychologist) their biggest problem is their ego -- poor and not able to work in the industry they stole from I don't think they'd be much danger to anyone.

Cracked a wireless network?

I'm posting anon, because as a former employee, I should probably be keeping my mouth shut.

Sounds like they cracked into the network via the LRTs (Laser Radio Terminals). So, okay, you'll see a big rollout of security across the company soon to take care of that (all stores are pretty much exactly the same, so whatever they did, it will work in every store until it's fixed.). What's interesting is it's probably quite similar in other retail chains. Just a few IBM servers running AIX in the back, and until recently, all the registers were just terminals (they're now all linux thin clients). You could go to target, pier-one, or whatever other big retail chain you like, and try the same thing.

Offtopic: If any clued-in and still current employee sees this post, can you tell me why they removed the lookup lookup account from the system? I was annoyed when they got rid of it; I liked to use it for price audits while running end of day.

Re:Can we please put this to bed: Hackers vs. Crac

[alc6379]

I thought we did solve this by calling folks "criminals" ?

Excessive in comparison to Acxiom hacker...

[skweegee]

http://www.usdoj.gov/usao/ohs/Press/12-18-03.htm

The total cost to Acxiom of Baas's intrusion and theft of data is more than $5.8 million. Baas faces a maximum penalty of five years in prison, a fine of $250,000 or twice the amount of gain or loss, and three years of supervised release.

Considering Dan actually did steal the data and only can get a maximum of 5 years, this seems excessive for intent.

Update/Edit

[metalligoth]

Sorry for replying to my own post.

Turns out that the guy my business partner knew and this dude were totally different people. Oops. What they got busted for was basically the same thing, and they're from the same area. What an odd coincidence. Send me an e-mail if you have an questions.

Re:This isn't like Mitnick, and prison doesn't wor

[eraserewind]

They used to hang people for stealing. Harsh treatment for crime is nothing new.

Re:prison doesn't work

I too have been to tried for a crime in the US, however, I was not convicted because the jury saw through the idiocy. What the poster says above it completely and totally true.

I was not guilty of any crime, I just happened to get myself in the wrong set of circumstances at the wrong time. It's pretty insane what they will do to "prove" you're guilty and lying even without any evidence. It's come down to a mind game with the jury. Evidence doesn't matter anymore, it's whoever has a better psychologist for a lawyer and how much they pay for their credible "experts."

Living somewhere else where the government isn't hell-bent on tossing the entire population into prison sounds good to me. If the US gov had it their way, we'd all be in "prison" so they could keep tabs on us and make sure we all contribute our daily quota of widgets.

Crime and Intent

[nbharatvarma]

Just because he didn't get away with it doesn't mean he committed a lesser crime. If we assume he did succeed, he will just keep all of the money. So, I believe that the law should treat both as the same

That said, I do not endorse the 9 year sentence that was slapped against him. Rather I would agree with heavy fines, community service and putting him away from electronics for some 'n' years. Perhaps a sentence of 2 years too.

I wonder if the government can have both mild 'rehabilitation centers' and the conventional jails. The previous ones would have all these sort of criminals so that they don't have to suffer the indignity of anal rape from violent criminals for a crime far milder (and at which some people didnt even succeed)

see

[geekoid]

you need to be legit AFTER you have made wads of cash.
sheeesh, can;t you kids do anything right?

Beside how good could this guy be? he didn't get any credit card numbers.
A good criminal gets away with it, then gets caught monologing..

GODDAMMIT!!!

It's CRACKERS, not hackers.

Re:GODDAMMIT!!!

Look asshole, just because someone's got skills doesn't mean he's white!

Re:Can we please put this to bed: Hackers vs. Crac

[m4gg0tbr41n]

OK kids.
Let's all get together and sit in a circle and read aloud together.
I would like Arzach to click on the following link and read aloud the first bullet point to the class: http://www.catb.org/~esr/jargon/html/appendixc.htm l/

I would someone else to read the definition of the term "Hacker" click on the following link and read aloud:
http://www.catb.org/~esr/jargon/html/H/hacker.html /
(I can't hear you.)

Now let's discover the term called "Cracker". Can I get a volunteer to read this one aloud?
http://www.catb.org/~esr/jargon/html/C/cracker.htm l/

Now let's investigate as to why we Slashdotters believe that this sentence may be too harsh...lets see, this may provide some insight:
http://www.catb.org/~esr/jargon/html/H/hacker-ethi c.html/

For your homework assignment please read the following:
http://www.opensource.org/docs/definition.php/
http://www.catb.org/~esr/jargon/html/introduction. html/
http://www.catb.org/~esr/jargon/html/distinctions. html/
http://www.catb.org/~esr/jargon/html/writing-style .html/

Must read before posting on Slashdot
http://www.catb.org/~esr/jargon/html/email-style.h tml/

Background info
http://www.mithral.com/~beberg/manifesto.html/

Re:Giving up on my Covalent T shirt and the H/C th

[geekoid]

yeah, then some dipshit calling himself a white hat code wizard will get caught stealling CC niumber from an orphanage , and then the mesia will tear your name apart.
or worse, someone will do a movie where one of the 13 year old computer expert is a 'white hat code wizard'

How about software developer?

Well, perhaps they are trying to deter others

[Feanturi]

This is the digital age, and people are finding out more and more, how empowering it can be to know a few things. This is not the world of 20 years ago, and the fact as some have pointed out, that what he did was fairly easy to accomplish for many people here, should be a warning bell. So by giving a harsh sentence they may hope to stem the tide of people figuring they can finally get that big heist scheme to work.

I had a ridiculous conversation at a drinking party once, years ago. This guy I knew was blearily insisting that I needed to 'hack' a bank, because he was sure I could do it. I didn't know about that, I'm just a regular geek, scanning x.25 networks for outdials isn't the same as breaking into a bank. He was insisting it would definitely work. We could have it all planned out see, and, "Oh you could totally do it man, we should so do that!" I kept insisting that it was incredibly dangerous, and that I didn't know how ("Oh you can figure it out man, I know you can!"), and he just wasn't having any of my protests. Stealing, or for that matter almost anything that risks jail time, doesn't appeal to me anyway. Now imagine someone with his attitude and also the knowledge to follow buddy from the article. This sort of idea can become more widespread as technology reaches everyone, and is a scary thought for those with things to lose from it. People such as, well, any random person alive, could be you, could be me, could wreck a lot of lives.

actually

[geekoid]

they were on a Seqway.

DOUBLE BULLSHIT!!

Here's the dealio from another ex-con.

First my cred:
I spent 4mnths in Juevy hall at 15, 1yr at 16 (released just before my 18th b-day). I spent overnights too often to count between 18-22ish. I spent a weekend in city lockup when I was 21. And finally, I spent 2.25 yrs of a possibly 6yrs in a federal prison from 23-26.

That was all back in the late 80s to mid-90s. I have never been back since and live a honest life, except for the occassional joint or jay walking. My offenses were mostly stupid kids stuff made only stupider by the fact that I did stupid stuff every weekend and got caught a lot. The stretch in my 20s is from something unrelated that I will not get into but did not involve sex or kids (2 worst type of offenses in prison).

Your jails must have been easier than mine. Juevy was a living hell for anyone not mature enough physically. There were numerous sexual assaults in both institutions (I was in different ones at 15 and 16). They mostly consisted of a small guy being punched and slapped around all the time until they gave in. Mostly it meant theyd have to give head somewhere (there are plenty of private places in juvy halls for 5min at a time). Once you give head you are marked and carry the reputation throughout your stay and maybe back outside if you knew anyone there. But I understand why some gave in because unlike oz it didn't make you a bitch but usually meant the bully would go pick on someone else and leave you to being called Mary. No, I never gave head. Lucky for me I was a chubby white boy, not a skinny one. Skinny white guys have bad times in Juvy, especially since blacks and latinos hit maturity faster. I never saw anal rape in Juvy but it was talked about and maybe happened in cells but I never witnessed it.

City jails are like you describe and absolutely a joke... you have to go out of your way to get in trouble, its the only jails where you can just ignore someone demanding something from you (not stand up - ignore) and they'll go away cause no one wants to get locked in longer.

Federal prison was NO FUCKING JOKE. I saw rapes there. The guys in the middle of ranges would hang up sheets and rent out their cells and keep watch and you'd see big badasses pushing skinny young guys into them. I saw people forced to give head including once in the lunchroom by a guy who held the boys head down on his dick even when a guard ran over and started shouting and hitting his shoulder. Every skinny/young/handsome guy had to prove their mettle at some point unless they knew people already, and that meant standing and shouting "fuck you" and getting ready to punch. You couldnt fake it cause if they saw you shaking they'd jab you in the gut and it would be all over unless you fought back. I was scared shitless and decided to punch first if anyone touched me but I got left alone.

Advice to anyone going to jail, especially skinny guys:
-learn to smoke, even if you can't its expected and currency where allowed
-work out, so even if your not buff the flesh on your girly arms is muscle and not fat
-if you have a big mouth, shut up; if youre meek then speak up. a happy medium is to be the strong silent type
-jokes work great as long as they're really funny and either dirty or aimed at authority figures... don't joke about other inmates
-if someone takes something from you, punch them, even if they're 10x your size and will kick your ass, a week in the clinic beats being known as a wimp on the range
-if your white no matter what the temptation do not join a WP (nazi) gang, and avoid face and hand tattoos unless your never getting out (in which case get them and you'll rarely have a problem w a tear-drop tattoo)
-if your really fucked and really need friends then volunteer as an imate counsellor (drug, sexual, religious, whatever). I saw a guy who was going to get jumped walk away because someone he counselled stepped up for him

I think child porn is probably the biggest problem of the computer geek crowd, and t

But if

[geekoid]

consumer loose faith in the system, then they won't use elctronic transactions anymore.
I think it would be great.

Consumers do hold all the cards, if they would just lok at whats in their hand instead of listening to other people tell what they have, It would be a better society.

espcially that white guy

[geekoid]

O.J Simpson.

Look, it favors those with money.

I doubt it

[lommer]

"A single hacker messing around with the right financial data can ruin the lives of thousands or millions of people"

Can you point me to a single instance where single cracker's exploits has ruined the lives of even thousands of people? The only thing a cracker can do to cause more than a major inconvenience to people is identity theft, and that's exceedingly hard to scale up without getting caught. Also, while true that crackers can cost companies considerable sums of money, it would take a truely impressive feat to even approach the damage done by Enron et al, and that didn't destabalize the country now did it?

In short, while your fearmongering does have some basis in reality, it doesn't really scale up to the damage you predict.

Re:I doubt it

[Junior+J.+Junior+III]

Enron is exactly the sort of thing I'm talking about. Enron isn't a computer crime, exactly, but it's a good example of a non-violent crime. Ken Lay ought to be up for the death penalty (if we're going to have a death penalty in this country) but instead he's walking around free, still quite wealthy, and in his wake there are thousands of ripped off employees and angry customers. If you don't think Enron didn't destabilize the country, you don't understand the scope of the damage it caused.

Re:BULLSHIT ! ( Re:What goes around comes around

....but the important thing is you've come so far and still retain your humility ;)

Just kidding, don't shank me! :) Seriously though, you are taking the contempt of others and simply redirecting it back through your own justifications. A purely human response, of course, but not one to boast about (in public.... since this is just a pissing contest on /. it's okay ;)

So which is the problem?

[KalvinB]

Should we seek to lower the sentence for this crime or raise the sentence for murder?

One of the problems with murder sentences is that it depends on who you kill. I'd imagine that most murder happens in the inner city between waring gangs.

If a gang member kills another gang member society sees it as a plus for them so they throw a lighter sentence on the guy who pulled the trigger. If they even bother catching the guy and putting him through the court system. However if anyone kills a child or someone deemed pretty by society (see: Laci Peterson), you can bet that the killer is going to get the book thrown at them. Unless the killer is highly sympathetic themselves.

There are just very few "celebrity" murders in the scheme of things and so the average sentence isn't much.

The other problem is the insanity defense. It makes it very difficult to convict someone of murder and get the full sentence if anything at all.

You can't plead temporary insanity for a time period when you were fully capable of hacking into a computer system.

I think 9 years is sufficient and we should start taking murder more seriously and stop feeding loopholes (such as lame excuses about being "temporarily" insane) into the system. Then the average sentence for murder will go up. We try real hard not to throw the book at murderers. 9 year sentences for criminal hackers will also go down fast once it becomes common place and legal excuses are dreamed up by lawyers to get their clients off.

An involuntary manslaughterer declaring his intent

[Jim_Callahan]

Hey, guys, watch this!

RTFA

[Qui-Gon]

If you took the time to RTFA you would have seen that the only reason they didn't get away with any credit card information was because they got caught BEFORE they could actually download the information. Thier "bugged" version of the program had already gotten a hold of six credit card numbers.

Also, if you RTFA, you would have noticed that the one of guys had a prior conviction of computer fraud and was still on probabtion.

Bottom Line: These guys were looking to steal. You reap what you sow...

Malware writers? Spammers?

[Billly+Gates]

Lets get the real crooks who cost corporate America more money and are an irritation to society!

seriously malware programs are trojan horses and its cracking pure and simple. Many install themelves via buffer overflows in javascript just like a real worm. Many install keyboard loggers and backdoors just like a real worm. ALso many slow down computers just like real worms. So if it looks like a duck, quacks like a duck, then what is it?

They are the true crooks here.

Re:Malware writers? Spammers?

Unfortunately, very few of them live in the United States or other places where what they do is illegal.

Correction:I should have RTF-referenced-A...

[Qui-Gon]

I had read the SecurityFocus article (I never read the AP ones... cause they are always are sparse on details). I had thought it was the same linked article.

example

well obviously the sentence doesnt fit the crime, might they be trying to set an example? i mean, they know slashdot would eat it right up...

I thought i was screwed

[trendescape]

Damn, I thought my recent drug charges were bad.

Strage.

[Martigan80]

Strange that people would try to argue that a computer offense is not worth putting in regular prison. But these people deliberately broke the law . And don't give me the whole "When you J-walk you deliberately break the law" cuz if the system was so black and white most of us would be in jail.

Any how they were trying to steal for personal gain and used there computer knowledge as the tool to obtain this "stuff" without the victims wanting to give it up.

But if the system admins were good enough they might not have been caught, but I don't think they wanted a competent Sys Admin at the time.

Re:Giving up on my Covalent T shirt and the H/C th

[UrlorJkron]

Accordin to Dogbert seven angels can dance on the head of a pin. Though personally, I believe 42 can.

When breathing is illegal only will elite breath

[militiaMan]

Seems to me that trespassing is the only they committed. Our government is out of control. The FCC attacks people for exposing a breast on the TV, but they allow anything to occur on cable. It doesn't make sense. The government is not consistent, and the law has nothing to do with right or wrong. I say we take out our Nazi bastards and replace them with people that believe in civil rights. Just because the majority does not believe in civil rights does not mean we must follow in their terrorist ways.

Re:BULLSHIT ! ( Re:What goes around comes around

> And I am not a badass, so that excuse won't fly.
> ...
> As for prison : it so happens that many people were scared of me

Oh I see...

More information

[Kizzle]

This episode of the phreaking internet radio show Default Radio covers this when it first started several months ago. The co-host on this episode knew these people so it makes for a good insider's point of view.

Default Radio episode 23 part 1
Fast forward to 22:30

Re:This isn't like Mitnick, and prison doesn't wor

[Triskele]

And finally, what's so wrong about "revenge" anyway? If someone commits the absolute most heinous crime imaginable, raping and murdering your daughter, is it really so unreasonable of the parent to feel vengeful? If the perpetrator wasn't prepared for an eye-for-an-eye punishment, then perhaps they shouldn't have done the crime.

The parent may indeed feel vengeful. But it is for the state to act humanely and compassionately. Here in Britain, prison is for protection of the public, rehabiliation and only a small element of punishment (deprival of freedom). Our prisons are not the hell-holes tha you USAians devise for each other but shamefully neither are they the civilised environments of Scandinavia.

Why should this matter? The USA as well as incarcerating more of its population for longer also has one of the highest rates of recidivism, far higher than ours which is in turn higher than much of Scandinavia.

Tinker

[phriedom]

Maybe the realistic solution is just to use a different word instead of hacking, since most people have bad connotations of hacking.

I mean, it is just a word, why not take a new one, like for example tinker Its a pretty good word. Its both a noun and a verb. It could apply to software and hardware. It connotes cleverness and craftsmanship and experimentation.

"So, whatcha doin?"

"Oh, I'm just tinkering on my firewall to see if I can break it."

Re:When breathing is illegal only will elite breat

[andrewweb]

I say we take out our Nazi bastards and replace them with people that believe in civil rights. Just because the majority does not believe in civil rights does not mean we must follow in their terrorist ways.

Well, you had your chance recently and you blew it. Sadly, it appears that the majority *would* rather give up their civil rights for a little illusory protection.

And worse, if you try not following in their 'terrorist ways', it's you who is on the wrong side of the law.

Welcome to the Land of the Free - and you're very much welcome to it. ;)

Re:This isn't like Mitnick, and prison doesn't wor

Kevin had no interest in any sort of financial gain from his activities.

you are so full of shit you stink.

I suggest you actually learn about the petty criminal that is Kevin Mitnick. from his OWN mouth, he was intentionally defrauding the cellphone companies AND making money off it. how do you think he afforded his piece of shit car and the other things he had. most of trhat gear is not really cheap and kevin certianly DOES NOT have enough of any hardware hacking skills to make any of it himself.

kevis is a glorified script kiddie petty thief.

stop glorifying him. He got a bum rap from the feds, but he certianly is NOT the curious nice kid idiots like you try to use.

hell even the 2600 crew acknoleged that he did things that were bad in all but blackhats eyes.

get a clue dude and a new hero.

Re:This isn't like Mitnick, and prison doesn't wor

3 strikes your out laws, etc, etc all appeal to about 70% of the population - namely the middle class and the rich (those who vote).

wow you have wierd math.

the middle class and upper class amount to 40% of the population in the USA.

the other 60% are poor.

i suggest you learn how non-rosey america really is little buy with no clue.

go look at us census data and the difference between middle class and poor is increasing daily.

Re:This isn't like Mitnick, and prison doesn't wor

Nobody who was subjected to the death penalty ever did it again. It is a very effective deterrant.

Outsourcing

[AndreySeven]

Great, now I will be forced to hire hackers from Russia and India

*sigh* *Starts reading Russian for Dummies*

Re:Needs to be open

[octalgirl]

In public schools we are forced to keep things fairly open. We couldn't even install SP2 until recently, because most of our 3rd party software vendors said no. If we installed anyway, we could void our service agreement. There are also many security options available in group policy that we can't use, because we run some of the weirdest reading, typing, history, math applications ever. Also, we can't lock floppy or usb ports, because students need to be able to get their homework back and forth.

We have a wireless network setup, and it is fairly open. So is our DHCP server. Because as a school we are also a training center for parents and other school memeber. Our classrooms are rented at night to adult ed, and the gym or auditorium can be used by a number of renters. When people bring their laptops in we need to make sure they can plug in or turn on and get out the internet. Schools live in a constant balance between being secure and being easily accessed by all. After all - we are 'Public'.

bull

[Errtu76]

They were not being "nice" but they weren't hurting anyone (at least not yet).

'Yet' ... So we have to wait until they (ab)use credit cards before they should be stopped?

The real problem I have is Lowes was putting credit card data on a wireless network!

I agree this is pretty dumb, but it's still no reason for it to get cracked. Think about this: you have an expensive house and several heavy locks on your door. One day you forget to lock them. Does this justify every burglar that walks up to your house, opens the door, enters your house and sets up camera's? Okay, they didn't steal anything (yet), but it's really your fault. Yeah right. They knew exactly what they were doing, and the fact that the security wasn't good enough is *no* reason whatsoever to justify this crime.

Re:bull

[swv3752]

It is not forgetting to lock the door but leaving the door wide open or leaving your car keys in the ignition.

Re:bull

[Shiftlock]

'Yet' ... So we have to wait until they (ab)use credit cards before they should be stopped? Um... Yes. We have to wait. Who knows, you might murder the next guy you see. Sure you haven't done it 'yet'.... but these are your rules.

Re:This isn't like Mitnick, and prison doesn't wor

[ratamacue]

sentences (including this one) in the United States are excessive

That depends entirely on what crimes you're talking about. Some sentences are overly long, and some are overly short. For example, the US routinely sets violent criminals free (including rapists and murderers) to make room for non-violent drug dealers. If that isn't ass-backwards, I don't know what is.

Have a little perspective, please.

[Civil_Disobedient]

He robbed people, or attempted to rob them. This is like robbing a bank, only worse.

No, it's not. Theft and robbery are different animals. These guys never held a gun to someone's head, never threatened anyone. They are more akin to cat burglers than "robbers".

Nine years is longer than a manslaughter conviction. Longer than most murder convictions. Longer than rape convictions. What kind of fucking idiot are you to value some large corporation's potential bottom line (since they actually stole nothing) more than the life of another human being?

This conviction is bullshit, made solely to prove a point by sadistic bastards like yourself.

Re:I'm sure I'm not the first person here to say t

[cascadingstylesheet]

But where's the justification? I mean, these guys were criminals and bad people and I don't particularly want them in society with me. But come on--rapists don't go away that long for one count, and this was just attempted. There's just no logic to it.

Yeah, but you've come to the opposite conclusion as me. Lock up the rapists for much longer.

Re:This isn't like Mitnick, and prison doesn't wor

[mESSDan]

I'll also make a point that the death penalty is only there to satisfy the sadistic perverted desires of revenge that the victums have. Death is no punishment, and if you belive in reincarnation, it might as well be a free ticket out of jail in the form of a new life.

For a minute there, I thought you were serious. Then I saw your username.

Punishment vs Justice

[sciop101]

Justice is the criminal's sentence by the jury.

Retribution is the criminal's sentence by the victim.

it's the fault of the victim for being unprepared, undefended, uninformed

It's the fault of the criminal for being unprepared for punishment!

Re:Rehab is Fascism

[LabRat404]

int isRehabFascism(void)
{
bool fascist;
char rehab[401]; // unless rehab is sought out by the person who is // getting "rehabilitated", it's pure fascism.

strcpy(rehab, "your view of the world is wrong, this is the right one.");
fascist = true;

return fascist;
}

Re:I'm sure I'm not the first person here to say t

[tekunokurato]

Hey man, I agree. All I said was "there's no logic." I think every so often there should be an attempt by state and federal congresses to rebuild the punishment system in their jurisdictions in terms of actual severity so that it means something. It's too politically constructed.

damage is measured in dollars

[glyph42]

Hmmm. There's something wrong when the "badness" of a crime is measured in dollar terms. As others have pointed out, raping someone probably would have got a less time.

Didn't you know? The SI unit for measuring damage is dollars.

Punishment : crime incongruence

[BobRooney]

I'd be curous to learn what the dictated punishment is for attempted larceny. Regardless of the scale of what you try to steal, unless you actually steal something you're not a thief...even though you were trying to be a thief.

Just like smoking oregano while thinking its pot is stupid, its also not using drugs and you won't go to jail for attempted possesion of drugs.

If you want to argue that they illegally accessed a computer system they had no right accessing, ok, fair enough, but that should be separate from the act of trying to snatch credit card numbers.

Maybe there is a clause for trespassing with malicious intent, or something, but I find it REDICULOUS that this guy is going to federal pound me in the ass prison for 9 years.

This is a white collar, non-violent crime. They should fine the piss out of him (to the tune of everything he has) and sentence him to infinity probation with lots of public service.

White Collar criminals are more likely to be "Reformed" than violent ones because they know how to fit into society and have often proven good at doing so.

Re:prison doesn't work

It's impossible for any of us to know whether your statement is true or not. While it might be, the vast majority of criminals deny their guilt, even when caught red handed. I've seen the footage from a sting operation in L.A. where the cops left a car in a bad neighborhood and hid a video camera in it and waited for someone to steal it. The theives had no idea that the cops were watching the whole thing and could force the car remotely to turn off the engine and lock all the doors after a perp drove off with it. Several guys said "I didn't do anything!" when the cops surrounded the stolen car.

More important to you, your record as a convicted criminal, right or wrong, may prevent you from immigrating to other countries. Your options to leave the US are likely to be severely limited and probably won't include any of the places you'd consider desirable to live in unless you can do a damn good job of convincing another country that you were set up.

I remember when these guys were busted...

[Whatchamacallit]

They were wardriving in the parking lot. The crackers discovered a wireless cash register system used by the store when they needed additional cash registers during peak times. They would roll out a portable cash register, plug it into the floor AC outlet and start processing customers. A wireless network sent the data back to the stores main computer just like a cabled cash register. The problem was the wireless network was not encrypted. The crackers did in fact access the wireless network and sniffed the data. Then they used the sniffed packets to login to the stores main computer system which was connected to a home office network WAN. They hacked into several computers and networks and installed rootkits and programs to capture credit card information. The IT staff noticed them and called the FBI. The FBI sat in a van in the parking lot and noticed the crackers pull in the parking lot and just sit there. Observing them showed they had several laptops with them. I assume the store's IT staff was feeding the FBI information. Also the FBI used it's anti-cybercrime unit to collect evidence.

These guys were not harmless hackers. It may have started that way but once they started getting aggresive and had intentions of theft, they lost any morale credibility!

I say screw'em they got what they deserved!

Re:I remember when these guys were busted...

[Whatchamacallit]

Also, the IT Staff responsible for the wireless network should be sacked as well!

Re:This isn't like Mitnick, and prison doesn't wor

[ducomputergeek]

spankings as a kid seemed to get the message across

@#$% the companies that screw us everyday!

[Kadoo]

If any thing these things hurt the corporate world because instead of putting blame on their IT department they hide behind lawsuits.
It's a PR move it shifts focus from there bad practises and on to intruders. They don't want there stock holders to get wise that a large part of the blame should be held in house.

This kind of actions serve to cover up these kind of insecure practises that are rampant in the world. Instead of fixing the system they brush it under the table.

I was burned by an Ebay auction but it was Ebay's nonchalant attitude that has left a sour taste in my mouth. It is company's policies that hurt attitudes towards online transactions. If a company is viewed to be proactive in searching out claims of fraud that builds trust.

Meanwhile the seller that screwed me still has auctions running and Ebay has done nothing.

Anger Rising!!!

I knew the third guy

[JimTheta]

The 3rd guy, Adam Botbyl, used to live on the street behind mine. He's a couple years younger than me; my little brother knew him better than I did. (This article names him)

This was probably 10 years ago (him and my brother would have been in 5th or 6th grade), but one interesting bit of trivia is that he was the butt of jokes by the other kids. A bunch of the neighbor kids were into collecting basketball cards. Some of the crueler ones would put common cards back into the pack and glue the top together, and they'd sell or trade them to Adam.

As I heard about this through my brother, it was portrayed that Adam was hella gullible. One pack had a card from the wrong brand in it (e.g. a Topps card in an Upper Deck pack); the other kids told him that it must be some error and might be more valuable. Whether the kid actually believed it or just went along to avert more bullshit is a question for him.

Stories like this were pretty common, and I wonder what that does to a kid, having no good friends around.

Now, I'm not saying that's an excuse; he's a total stupidass for what he did.

Deter vs. prevent ???

[yndrd1984]

Deterrence value of any punishment is weak, because it is not sure. Most criminals expect to get away with their crimes.

If they were deterred from commiting a crime, then they wouldn't be a criminal. :)
It also doesn't shock me that criminals were not deterred from committing crime (for some reason or other).

incarceration is to deter people from
incarceration is to prevent people from

Given the definition of deter is "To prevent or discourage from acting, as by means of fear or doubt", I'm missing the distinction.
I think you do have a good point, I'm just not catching it. Could you elaborate?

Yndrd1984

Re:Deter vs. prevent ???

[mdfst13]

To me, deter means that you are applying indirect pressure, e.g. fear of incarceration. Yes, it can have the effect of preventing a crime. However, there are no guarantees with a deterrent. By contrast, incarceration prevents crime directly by not allowing those disposed to commit crimes access to victims (at least not from the general populace; crimes against other criminals are of course possible). That is why I see the two as being distinct. It's the difference between putting up a sign that says "Don't drive drunk; you'll be jailed if caught" and putting in a breathalyzer that disables the car when a drunk blows in it. One is a suggestion; the other is definite (absent an operational failure). Do you get my drift now?

Generally, there are two groups of people. Those who think they would get caught and those who don't. Those who expect to get caught are deterred. Those who don't aren't. The magnitude of the punishment doesn't affect this much. Very seldom will someone say, well, if I only get six months in prison, it would be worth it; however, if I get six years it won't be.

Re:Deter vs. prevent ???

[yndrd1984]

Deter = coercion/psychologically while prevent = block/physically. That makes sence.

And I was right, you did have a good point. :)

Yndrd1984

Re:This isn't like Mitnick, and prison doesn't wor

It is a very effective deterrant.

Yeah, right...that's why murder rates are so high in the states. It's only effective if the gov't kills everybody.

Re:This isn't like Mitnick, and prison doesn't wor

Kevin had no interest in any sort of financial gain from his activities. He was only interested in exploring and seeing what he could find. He was an annoying guy, but not one with ill intention.

I dunno, I think "theft of service" qualifies as ill intention. Possibly as financial gain as well.

Not saying it's 5 1/2 years' worth, but still... He was far worse than just an annoying guy.

There are other reasons he's getting 9 years...

Keep in mind that he was already convicted in Michigan of hacking an ISP (the first to be convicted under Michigan's new hacking law), and was still on probation (with only 2 weeks to go) when he was caught for this crime. When they caught him, he was about to flee the country. These reasons (probation violation and flight risk) is why he was in prison since he was captured, and why he is getting a harsher sentence, unlike the other accomplice (Botbyl) who has been out on probation until sentencing (which is to happen today).

They left out an important fact

[Darth_brooks]

The defendant was already on probation. He was busted in 2000 for cracking passwords on arbornet.org. He was 17 at the time, and one of the terms of his probation was to stay off the internet.

http://www.mlive.com/news/aanews/index.ssf?/base/n ews-11/1103213452260230.xml

(limited personal information cookie-filling-out required)

Boo hoo. He voilated the terms of his cake-walk probabtion. Have fun in prison.

Pedantry:

A cracker is a thing you eat with cheese.

Brilliant idea!!

"I'm calling myself a white hat code wizard."

A stroke of pure genius! Invent a Four-Letter-Acronym, that takes care of everything.

A hacker is found in the company of computers, a cracker is found in the company of cheese or dip. That hasn't changed in 30 years, it isn't about to.

Re:This isn't like Mitnick, and prison doesn't wor

[ender81b]

I should've said 70% of the voting population perhaps :)

Impomptu Concert

[Stormy+Dragon]

In honor of Brian Salcedo, I'll be offering a solo of "My Heart Bleeds for You" played on the world's tiniest violin.

Photo of the perp

[totallygeek]

Here is a photo of the perp, I think.

Since we Americans love to sue...

[wingsofchai]

I doubt they had the expertise to crack the network had it been properly secured, and almost certainly would not have bothered, so maybe they should sue Lowe's or at least the IT admin in charge of the wireless network for making it possible to commit the "crime".

Trespassing

[wingsofchai]

Since the "crime" of wardriving is effectively similar to trespassing, we should look at it from the same point of view. In order to be charged with trespassing in most states, one must be made explicity aware (ie: by signs, verbally, etc.) and then disregard those warnings. Thus, the third person involved in this case who was convicted of a misdemeanor charge for checking his email on the network, shouldn't be held accountable since there was no warning or security system in place to keep him out.

Old News...

[aixguru1]

This has been reported over a year ago. See the DOJ Press release...
DOJ Link for Salcedo here.

Also see the Security Focus article here.

There are plenty of articles about the case. The DOJ and FBI have most of it as public information for the search engine savy. The key is, there is a lot of potential damage to end consumers and the company with crimes like this. Considering it was his second offense and he hadn't even gotten off probation for the first, 9 years seems reasonable to me.

I have been following this case online for a while. They were involved with the 2600 scene, attented "Hacker" conventions, and were already known for things that some might view on a grey line (IE telephone companies - See Telcodata.us). The thing is that occasionally there are bad apples that learn from others and commit crimes. Showing a 9 year prison sentence might help keep some of the apples from rotting.

but what murder?

[Changa_MC]

Compare their crime to attempted murder, since they didn't actually succeed in stealing credit-card numbers.

What's a typical sentence for that?
I'd guess it's not 9 years.

Wardriving Illegal?

[optimusNauta]

What is the deal with the wardriving charge? Is that actually a crime now? I thought it was legal, just that accessing the networks was not (which would be a seperate thing, not wardriving.)

Nine years?!?

[trevorj]

This is wrong. Murderers these days get off easy. Sounds exactly like today's so called drug "crimes". They say all of this is to scare people away from doing the crime in the first place. I don't see how harsher punishments will really affect the crime from occuring. It will just keep the violent people out of jail and the non-violent people in.

Re:This isn't like Mitnick, and prison doesn't wor

[howardjp]

I probably should at least know a little. So should you. I was on the team that caught him in 2000. He should have gone down on a littany of Federal charges. Letting him take probation for only the Michigan violation was a gift he squandered. Nine years is not long enough.

Re:This isn't like Mitnick, and prison doesn't wor

[Kiryat+Malachi]

Brian didn't really have the kindest words regarding you guys either (yes, I know him, and Timmins too). I re-iterate; he was made an example of. Granholm wanted to look tough on crime so she could run for governer, and she had this brand new computer crime law to trumpet.

9 years for what is, essentially, a case of attempted credit card fraud. I don't care what you claim he may or may not have done (knowing Brian, he probably did it) - the sentence handed down was too harsh *for the crime he was convicted of*.

Mod Up, From Experience

2.) Gives them time to plot other crimes. Also gives them resources like other criminals to discuss their failures and plan for better crimes, as they are surrounded only by other criminals.

I want to touch on this, mainly to corroborate this opinion from personal experience.

When I was 13, I did a little something wrong. I won't elaborate, but it was along the lines of TP'ing a house. Cops rolled up mid-process. It was around midnight when I got popped. I spent that night, the following day and night, and a third morning in juvenile hall before finally facing a hearing and being released to my parents. On charges of petty vandalism and malicious mischief, I spent approximately 36 hours or so in juvenile detention. The charges were eventually dropped.

In that time, I mingled with kids who had committed carjackings, armed robberies, and rape. Apparently the ones who were accused of murder got cells, the rest of us just hung around in chairs in a big room with a tiny TV. Of all the people I talked to, it seemed as though I was the least offender of them all. If I'd known of Alice's Restaurant at that point, I would have added "and creating a nuisance" when they asked why I was there.

I talked to a pair who had robbed the same liquor store over and over, getting away with hundreds of dollars each time, until finally the cops set up a sting (duh... like someone else said, most of the people in jail will be stupider than you). I talked to a group who described to me, in detail, how they pulled off home-invasion style robberies armed with nothing but walkie talkies - no weapons - and got away with a bunch of them before getting caught. The worst ones were the guys in there for rape. While everyone else seemed to be "just a kid who got caught doing something wrong," the ones who had raped were different, like they were proud to be there and had no remorse.

There is no pound-me-in-the-ass in juvy, at least it didn't happen during my stay and I don't imagine it would have been possible due to the constant monitoring. What you do get is incessant sexual harassment from the guards. You line up to take a shower, you disrobe one at a time. The guy in front of you starts taking his garb off, if you try looking off to the side or close your eyes to avoid seeing it, the guard will yell at you "face forward!" When it's your turn to disrobe, you get shit like "my dog has a bigger dick than that!" or "look at those shriveled peanuts!" or "Hey [other guard], this one doesn't have much hair!" The guards had a wonderful time demeaning everyone in this manner. Personally I think they take the job just to see underage cocks and balls, cause they sure do spend a lot of time looking and talking about it.

Tip of the iceberg. From a day and a half, I could probably write a book about it. Being in there was like being in Criminal Education 101. And that was just juvenile detention, and I was only there for 36 hours. "Idle hands," and all. I just wanted to confirm that your point #2 is spot on. In my personal experience, incarceration is just a way for criminals to socialize and further their education in the ways of the wrong. Thank god I was only there a day and a half.

Re:This isn't like Mitnick, and prison doesn't wor

[howardjp]

I really don't care what he says about us. I told the AG's office to go easy on him four years ago hoping he'd learn a lesson. From this, I have learned this was misguided thought.

He committed a felony while on probation. He is a repeat offender. The system offered him an opportunity to rehabilitate himself and he failed. Therefore, the system must now take action necessary to protect us all from a twice-convicted criminal. Salcedo has nobody to blame for this but himself. And unless he learns this, he will continue to be useless to society in nine years.

Circumstances

[SeanDuggan]

IMO, attempted murderers ought to serve the same as real murderers, but that's just my opinion.
On first blush, I'd agree with you. But then, I stopped and thought about why they might have failed. In some cases, it's clearly just bad luck or incompetence. In other cases, you find their hands switched at the moment of shooting or, despite a good knowledge of knife techniques and human anatomy, they managed to strike the person in just the right place to miss all the vital organs. I'd say that's psychology working against them, which messes up the intent.

Then too, attempted murder is too often charged in cases where the defendent obviously never really attempted to kill the person. Everything from warning shots to pranks to kids LARPing is grounds for "attempted murder."