Slashdot Mirror
Hacker Sentenced To Longest US Sentence Yet
Iphtashu Fitz writes "The Associated Press is reporting that a Michigan man has been sentenced to 9 years in prison for his involvement in hacking into the corporate systems of Lowe's Home Improvement and attempting to steal customer credit card information. The sentence far exceeds the 5 1/2 years that hacker Kevin Mitnick spent behind bars. Two others are awaiting sentencing, including one of the first people to ever be convicted of wardriving. Prosecutors said the three men tapped into the wireless network of a Lowe's store in Southfield, Mich., used that connection to enter the chain's central computer system in North Wilkesboro, N.C., and installed a program to capture credit card information. No data was actually collected however."
This is great news and will hopefully discourage other hackers.
There's no place like localhost
That's the longest sententence indeed.
They were criminals. These were crackers, not hackers. You don't install credit card number capturing software on someone's retail network unless you're up to no good.
Thanks to our parole system which considers rape, murder, and anything else that isn't drug sales to be harmless to society, he'll be out in just four or six.
For reference, a typical sentence for breaking and entering with intent to steal is about two to four years...
But, hey. It looks better when they catch a guy "breaking" into a computer across the internet then when they catch someone actually breaking into a house. Best to throw the biggest book in the area at them to play the circus up some.
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
They should lock up the fool that set their network up!
The an admin who sets up an unsecure wireless network should be convicted for stupidity.
Wardrivers like that give the wardriving community a bad name. Some wardrivers just want to find free and legal hotspots, and others (although they could have good intentions) just want a free net connection. Wardriving as a cheap way to access corporate networks is just bad taste...
WASTE - The Secure P2P
including one of the first people to ever be convicted of wardriving.
Can you be really convicted of wardriving, or just something you do illegally while you're wardriving?
According to the wikipedia article in the blurb:
Although acessing the files on an open network is illegal, it is not illegal to simply use the internet connection of an open wireless network, this is a common misunderstood concept. Most wardrivers do not in fact use services without authorization.
Seems kind of like saying, "He was convicted for using the Internet" when someone gets convicted of cracking.
Another thing...so you can use the connection, but you can't use any files? What's the justification for that? If you leave the network open and allow it to be used and you leave files open on it, how can it be illegal to use them?
Since when is wardriving illegal?
Jay | http://oldos.org
This had very little to do with wardriving other then the fact that is how they found the network.
Instead this has to do with them trying to defraud a company.
Technology, the cause of and solution to all of life's problems.
We, the Illegal Pirates of the Internet Who Must Steal Everything No Matter What, rue the travesty that has lead to the sentencing of our compatriots. We remain dedicated to the theft and infringement of all intellectual property at all costs, including but not limited to financial records and credit card numbers. Rest assured, we will continue our relentless campaign to thieve.
Signed,
The Illegal Pirates of the Internet Who Must Steal Everything No Matter What
p.s. clock!
While I think sentences (including this one) in the United States are excessive, and I think prison in fact fails to solve anything because it is used as a punishment rather than a rehabilitation and in fact makes people worse rather than better, I sort of rankle at this person being compared to Kevin Mitnick.
Kevin had no interest in any sort of financial gain from his activities. He was only interested in exploring and seeing what he could find. He was an annoying guy, but not one with ill intention.
I don't know the details about these individuals, but it seems to be implied that it was a moneymaking operation. That makes it far worse than anything Kevin did.
That said, prison isn't the answer. Only violent people should go to prison (and those prisons should be run such that they don't create the atmosphere for violence inside that they do today -- i.e. don't use the prisoners as an unwritten "punishment" against eachother -- punishment is counterproductive.)
I bet he isn't looking forward to having his security hole exploited while in prison!
-- "Makes Little Debbie look like a pile of puke!" - Moe Szyslak
Let me make a few preemptive arguments before the inevitable "Free Kevin"-esque posts start coming by the hundreds.
/.ers. For proof, look no further than the topic which this is posted under.
/.ers want to sympathize with this guy is the fact that a lot of them are (good) hackers. No matter how dirty his actions were, they don't want to see a fellow hacker put in prison.
This guy is a criminal. He robbed people, or attempted to rob them. This is like robbing a bank, only worse. Nobody should show any sympathy for this guy. In fact, for the identity theft and fraud he commited, nine years is much too short of a sentence.
I know that a lot of the people who read this may tend to sympathize with him. This is the nature of
That's right, "Your Rights Online." Some editors or submitters apparently think that we have the online right to attempt to steal the property of other people, which if you think about for a minute is absurd.
The reason a lot of
But please, think before you post inane things about how our legal system is evil and corrupt. This is good. Thank God for the law.
Le français vous intéresse?
As the global economy relies more and more on computers to conduct comerce, I for one am glad that computer crimes are being treated quite seriously. Just because it is a computer, and just because there was no physical harm to someone, doesn't mean that the crime is not a damaging crime. And with the concerns running about for identity theft, the sentence seems appropriate. It should go out for a warning: if you want to hack others computers, then you should set up your own LAN and only hack computers that you have permission to hack. And to the arguments that they just trying to collect passwords: what good is a password if you don't plan on doing anything with it. Snooping around someone elses computer is the electronic equivalent to voyeurism. It constitutes an invasion of privacy. Those with the know-how to hack have an ethical responsability to refrain from hacking, and those that hack should be held to the same standard of other white-collar crimes. Severe economic consquences can follow unauthorized hacking. Now if there is permission for the hacking to take place, that is one story. But to hack some computer system for kicks and giggles is wrong.
The views expressed are mine own and do not express the views of my employer.
A bit of common sense here - 9 *years* for hacking. That is higher than the average federal sentence for murder http://www.law.upenn.edu/fac/phrobins/OxfordDeterr enceAppendix.pdf
although lower than the average state one.
I'm sorry, but does anyone else find this silly? You can get a longer sentence for hacking than you can for a rape!
And they didn't even get any credit card information..
I mean if they broke in and took down the entire corp. network or put the company into administration then yeah sure, harsh it up...
But where is the justification for a 9year sentence?
Also, if you trespassed (into the office) and tried to steal a book of credit card information and let's add criminal damage (broken window) you would not get near five years let alone 9!
...other white collar crimes will not be prosecuted as they won't recieve much media attention to propagate to young eager script kiddies the scary consequences of making network adminstrators look bad.
Some aim to please, I aim to tease.
If you live in a country where revenge prevails then prison is the answer.
I have actually...I'm more of the position that language is living and that if everyone says something, that's what it means. Language is intended to communicate, and even if something doesn't fall in the rigid confines of Standard American English or whatever, then it's achieving its goal.
Even though 'lol' isn't in the dictionary, I still use it from time to time.
let's protect them!
-pyrrho
Well they did get 9 years and kevin got 5 (and kevin got out in like 3 didn't he?) so intenet was considered in the case obviously.
Yes punishments are harsh in the US and there's a good reason for this For one, people like vengence. Oh boy do they like vengence. For another, throwing tougher and tougher laws on the books doesn't piss anybody off. Won't you think of the CHILDREN? 3 strikes your out laws, etc, etc all appeal to about 70% of the population - namely the middle class and the rich (those who vote).
Wait, what about criminals? Chances are people in jail, or those who are affected by these laws, are politically disenfranchised, have never voted and will never vote. In other words, the poor. Mmmm democracy in action! Of course, there is a large section of the US that seems to be getting fed up with certain laws (like drug laws) because they were drug users, and are now middle class, etc and believe the drug penalties to be ridiculous.I do believe New York just overturned some of the toughest drug laws in the country that were originally passed in the 1970s. That and people seem to be getting more and more upset that something ridiculous like 3% of our population has been in Jail during their lives.
What exactly did he crack? I would rather go with "none of the above." He found an open wireless network and connected to it. No displayal of computing skills whatsoever. But I'm not implying being a scriptKiddie/cracker requires skill either.
How many years did the guys at Enron etc.... get?
Seems like you get of if you you cough up government payola.
thank God the internet isn't a human right.
The max penalty for invouluntary manslaughter is 9 years in prison - todays front page of my local newspaper actually describes such a case. And this guy who was caught trying stealing credit card information gets an equivilant sentence? Isn't that a little severe? I'm all for punishing criminals and using long sentences as a way to pursued other would be criminals against commiting crimes however this is a little silly.
This guys was not a hacker. He was a cracker. A criminal hacker. I'm sick of this public misconception. Whenever I talk about software to non tech people and I mention hackers, and the good work they do, people automatically assume I'm talking about some uber geek, crypto cyber punk, virus writing, terrorist whos out to gain control of as many nukes as he can before he downloads copious amounts of porn into their bank accounts.
Seriously, where the hell did this misconception arise from? It's tempting to blame hollywood, but it's more likely to have been some self proclaimed "landmark" NY Times article written by some clueless reporter who knew next to nothing about computer or the net in general outside of what some equally misinformed 133t script kiddies spluttered out to him when he asked them on IRC( The devils internet dungeon!!).
This misnomer of hackers used in the media at large has got to be tackled somehow. Otherwise other FUD might creep in, and pretty soon FOSS apps might be classed as warez by another bumbling journalist looking to rise ranks by jumping for the businees pages to the spanking new IT suppliment section by writing the next domesday tech article, complete with teenage (cr/h)acker masterminds.
May the Maths Be with you!
Indeed, you are more correct than you know. I have been to prison, and I too was involved in a case which was played up for maximum publicity ( which served to benefit the US Attorney, who was planning on running for a judgeship).
The methods which they used to "win" the case were over-the-top in a most amazing sense, and involved creation of false evidence and outright lying by ( paid ) government witnesses.
I intend to write a book about it once I am safely out of Amerika.
I've done my time, and it's behind me, but I have zero faith in the criminal justice system in the US, and I intend to leave the US
for a country which has a system which doesn't allow the perversion of justice to such a large degree.
You may think my opinions are rooted in bitterness, but actually I have no qualms about having been punished. Where I have (large) objections is the dishonest and ruthless methods which were used to ensure that the prosecution "won" in the biggesst way possible. That is a travesty of justice, friends, and the people responsible will hopefully burn in hell.
The adversarial system, combined with the federal sentencing guidelines, makes this country a pretty scary place to live, when you are aware of what can happen. Of course, usually awareness comes simultaneously with trouble, and then it's too late.
Anyone who thinks it can't possibly be more fair and reasonable in other countries simply doesn't know much about the rest of the world, and also has a view of the US court system which is not grounded in reality.
I'd like to post my email address, so I can share my experiences with others who might be curious, but frankly I am afraid to.
Happy Holidays to all, and be damned careful out there, because things in the US are weird and getting weirder.
Stealing CC numbers is a bad thing and needs to be punished but let's face it, in the US we have a criminal injustice system that favors rich, white people who steal large amounts of money and have access to lots of lawyers. Everyone else gets caught up in the great meat grinder of "justice".
Check out: frontline: the plea
"And a voice was screaming: 'Holy Jesus! What are these goddamn animals?'" - HST
Do you think the crackers will also be prohibited from using the Internet for a certain period of time after their release, sort of like what happened to Mitnick?
Yes, but in this case they didn't actually steal anything, although that was probably their intent. This is really more akin to some thief entering your foolishly unlocked home, disabling the lock so he can get back in whenever he wants, and then leaving without taking anything. Yes, he probably wanted to be able to steal things from you whenever he wished, but at that point he hadn't yet.
The higher the technology, the sharper that two-edged sword.
and frankly I think the title should be 'Thief sentenced'. This was about getting rich(er) by theft and had nothing at all to do with 'hacking'. If anything your use of it further disparages the term.
They were not being "nice" but they weren't hurting anyone (at least not yet). The real problem I have is Lowes was putting credit card data on a wireless network! It wasn't secure enough, as someone knew about it, and successfully exploited it.
So what's worse:
Not nice (Hackers),
or _grossly_ irresponsible (Lowes)?
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
Comment removed based on user account deletion
Some may argue that the punishment does not fit the crime, that it is much more severe then other forms of monetary crime. But what makes cracker crime so dangerous to the IT industry is that it attacks the trustworthiness of the infrastructure. If consumers turn away from online transactions, if businesses decide to reduce their reliance on computers, then IT employment will drop or not increase to its full potential.
Look at the analog of this in meat-space -- people would rather shop, go to work, enjoy entertainment, etc. in a safe environment. Businesses that try to operate in crime-ridden neighborhoods don't do as well, don't have as many customers, don't hire as many employees, and don't pay as well.
IT employment depends on the continued adoption and use of IT by businesses and consumers. If the internet and computing becomes a ghetto of spyware, crackers, and phishers, the economics of IT will suffer. To the extent that people avoid using computers for fear of crime is the extent that ITer will see their jobs disappear.
Two wrongs don't make a right, but three lefts do.
Involuntary manslaughter indicates that the manslaughter was not intended or accidental.
"They should lock up the fool that set their network up!"
They should lock up the woman that dressed in that skimpy dress, and those high heels. She was just asking for it.
Makes you wonder if the prisons are filling up with rapists, murderers and grey-collar hackers... where are all the professional criminal hackers?
Murder is not the same thing is involuntary manslaughter. Murder is premeditated. It's actually a very large distinction.
I do agree that the extent of the sentence is asinine though. His crime is the equivillent of robbing a bank without a gun. Which begs the question, where were the security gaurds?
Good rebuttal.
You're truly an intellectual force to be reckoned with, what with those supreme debate tactics.
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
" I bet he isn't looking forward to having his security hole exploited while in prison!"
You have no idea what you are talking about. Yes, there IS homosexuality in prison, but nearly none of it is not consensual.
You see, I have been there. I am not homosexual, and never once was there even a hint of me being the victim of sexual aggression. And I am not a badass, so that excuse won't fly.
People like you who make comments based on nothing more than some movie they saw make me sick. And if you WERE in prison, and mouthed off like that, you'd get the ass-kicking of
a lifetime.
Try sticking to commenting on something you actually have knowledge about ( ok, well, this IS Slashdot, so I guess that's asking too much ).
Anyway, I did time in some very bad places, and you people who talk about "Bubba, etc. " don't have ANY idea what it's really like.
The truth is, most people just want to survive to see the outside
again, and they mind their own business. Those who "get stupid" find out quickly that life can get very rough indeed, because there is ALWAYS someone bigger, meaner, crazier, and more willing to do what it takes to win. It ain't like the movies you have seen, I promise you.
If not RTFA, RTFBlurb at least. This guy attempted to steal credit card numbers from a system he accessed on an open wireless network.
He didn't just connect to it.
But there's also a small thing called deterrent.
Evidently it's a very small thing, considering how well it works. See: death penalty.
What?
Actually, he used the term correctly. An argument which "assume[s] the truth of an argument or proposition to be proved, without arguing it" will "beg a/the question".
It was stated that someone is going to court for wardriving, which is tacitly stating that wardriving is an offense. However, this is not necessarily so, so it begs the question as to whether wardriving is actually an offense.
The poster himself may have responded to you admitting a misuse, but I don't think he misused the term at all.
Not mentioned yet, but he _is_ a repeat offender. He brought down a local bbs--insert obligatory plug for arbornet.org!--back in 2000 and was the first charged with hacking under michigan law. http://www.merit.edu/mail.archives/netsec/2000-09/ msg00009.html
I dunno, but you'd think he'd have wised up by now.
I dunno... would have been more playfully clever if it had imitated the elevators in Hitchhiker's Guide to the Galaxy... but kudos to them nonetheless. Hack also applies to a person who "programs creatively", which I, and many other /. readers, hope to be/already are.
And you're confused. He was essentially held without trial or a bail hearing for 4 1/2 years.
Yeah, right.
Prisons were originally designed to stop people from committing crimes, commonly they would only lock people up at night so they couln't break into peoples houses or shops. Only in the last couple of centuries with the advent of the idea of reforming people come in, prison sentences got much much longer and the idea of reforming people in the early days was though harsh treatment and work.
The harsh treatment and work didn't have the desired results, but we carried on locking people up not because of there own rehabilitation but because it makes the victums feel better.
The whole system needs a damn hard re-think, and we need to stop puting people in prisons when mabie prisons arn't the best option.
I'll also make a point that the death penalty is only there to satisfy the sadistic perverted desires of revenge that the victums have. Death is no punishment, and if you belive in reincarnation, it might as well be a free ticket out of jail in the form of a new life.
Yeah, huge fines are going to discourage people trying to steal credit card data. Suppose you hit them with a non-trivial fine of 500,000. What do you think the odds are that any hacker that has ever broken into a server is going to be able to pay even a tenth of that?
How about this, quit wasting time, money and prison space busting people for drugs by legalizing the stuff, and use all the space created in prisons for hackers, and other white collar criminals who commit 'nice crimes' where nobody gets 'hurt'.
Anyone who writes a worm that makes the national news because it cripples half the internet deserves some jail time.
HA! I just wasted some of your bandwidth with a frivolous sig!
You have to be really dumb to get caught war driving, your already in the get away car!
Spoken like someone who has never had their identity stolen. What fine is large enough to make up for ruining someone's credit for several years and costing them their dream of buying a home? Will they have to perform community service on my rental unit? This was a crime both against the system and individuals. One count of attempted fraud for each CC number on the system seems about right.
Jail is precisely where we throw people who inconvenience us. It does a great job of preventing them from further inconveniencing us. This time it should work for oh, about 9 years I'd say. At least.
Comment removed based on user account deletion
I dunno dude. Do you want to travel on an elevator that's been compromised like that? What if through a fault that may or may not be related to the rewiring a fire started or the elevator brakes failed?
These posts express my own personal views, not those of my employer
On the way out of court they should assult the judge and rape his underage daughter - they would only get a couple more years on that what a bargin!! I think the western world is over-compensating for not having corporal/capital punishment, instead people are starting to get rediculous sentences, i guess its better than having caining but still..
This comment does not represent the views or opinions of the user.
It may seem like admitting a misuse, but frankly, I didn't really know if it was 100% correct or not. That 'sounded right' for me to say, so I said it. I'm a CS major, not an English major...thanks for clearing it up.
Fell Much Safer. (TM)
Don't Crease the Weasel!
Crackers, people. Not Hackers.
ELOI, ELOI, LAMA SABACHTHANI!?
Sorry, i was referring to the act of gaining unauthorized access to a network and the lack of skill to do so, not the attempt to steal credit card info. On another note, this is the same as finding an unlocked car and making off with it. I wouldn't exactly call that a master-minded crime. The same as how i wouldn't label this guy a cracker/hacker. As a minimum, at least RTFParent.
Comment removed based on user account deletion
The thing that drives most of these crimes, like spam, is greed, pure and simple. The people are greedy, and want more money than they can obtain legally/morally, so turn to crime. Well, if you know of a way to change someone's personality such that they aren't greedy, hateful, etc reliably please, PLEASE publish an article in a psychology journal since it'd be the greatest discovery in human psychology in receant history.
The problem is you CAN'T really change that in people. As many drug support groups point out, you can't change those that don't want to be changed. You can't make someone not be greedy, you can't make someone not be racist, etc.
What you CAN do is make it so that there is a deterrant to acting on that greed. That's what prison and other punishments are. The greedy people know that is a potential result if they act on that greed. Hopefully, it deters some of them.
It's a nice rose-coloured view to think that a little counciling can change who a person is, but that's just not the case. A person can only change themselves.
Dude, these people are students at MIT, probably majoring in engineering. I think they can figure out the safety implications of what they're doing. The people who did that hack are probably out designing things you use today, and you haven't died yet.
Make me a friend and I'll mod you up
Or, it may be more like he grabbed all your jewels but had a hole in his pocket and they fell on your kitchen floor on the way out and he didn't notice. Thats why we have the beautiful laws of failed attempts. However, since noone will care about this case after tomorrow, I'm sure we'll never know precisely what happened.
Hmmmm. I think not.
There is no federal parole.
Is how stiff this penalty is compared to that of serious corporate criminals that are already wealthy. I've seen some of this stuff up close(I worked on the audit of Riscorp, the CEO of which did prison time). There seems to be a lot of hysteria around hackers-and very little around the REALLY big criminals-who are the managers of major corporations and governmental organizations.
Ok, your wrong about prison.. there's a really good article somewhere but is goes something like this...
90% of crime is committed by 10% of criminals, so all you have to do is lock that 10% up and throw away the key.
This is what the UK government has done to reduce crime, just look at prison population, average sentence and crime.
The 'liberal' article explained it a lot better than I do, and went on to mention that instead of sorting out the crime in the first place the easy option of locking people up was chosen.
Prison reduces crime, not the number of criminals.
thank God the internet isn't a human right.
I mean they were attempting to steal the credit card numbers of all the customers there, that's thousands of people. Each one would be a victim of a crime, thus they were attempting a crime against each one.
/w intent to steal from thousands of individuals totalling millions of dollars is fair.
Given the amount of people that credit card crime like this affects, and given the magnitude in dollars we are talking, I think a stiff sentence is appropriate.
If B&E w/ intent is 2-4 then I'd say 9 for B&E
...sorry more on prison
I think prison should be like a holiday home, lets get those thugs all happy and feeling good about them selfs, train them up and educate so they can get a proper job. Give them the hope that they never had before.
thank God the internet isn't a human right.
It isnt.
It's easier to fight for one's principles than to live up to them.
I'm calling myself a white hat code wizard.
The 'popular perception' of the whole hacker (code geeks)/cracker (crypto geeks) myth is a kind of hopelessly unwinnable argument about angels on pins.
Considering the alternatives, I've just invented a new name for myself and left the waste of time up to those poor souls who care.
I've just given the hell up.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
No, I'm New Here
Is stealing a loaf of bread, or bottle of milk the same as stealing $10million from a pension fund?
thank God the internet isn't a human right.
So you're saying a tanked MIT geek is infallible? Dude, there are saftey standards and testing going into any elevator design or maintenance program. I think you'll find its quite well regulated in most places.
These posts express my own personal views, not those of my employer
Well if they actually get the years federal sentencing guidelines call for, your post will look pretty foolish. The man is now facing two seperate and independent trials which will start in 2005. But in the meantime, YEAH KILL WHITEY. RICH PEOPLE ARE EVIL LETS LOCK THEM ALL UP! PUT THEM TO THE GUILLOTINE!
In some states, the value of the stolen property determines whether it is a felony or misdemeanor, which equates to the punishment. So yes, value may be a factor. This isn't theft against one individual, this is theft on several thousand people. Although it is one entry point there are several victims. Each victim could in turn sue for damages. It would probably result in a class action lawsuit against the indviduals. Seeing as how this is America, the victims would sue Lowes instead because Lowes actually has money, whereas the actual perpetrators are held to a lower standard. On the other hand, if no damages were inflicted on the customers, then the only entity who can file the lawsuit for damages would be Lowes. Then again, I'm not a lawyer... I just spend too much time with them.
No Prison isn't the answer.
The answer is yes, the question is sex.
(someone had to say it)
09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
If the same guy walked into the corporate office and tried to remove a hard drive full of CC's, you really think he'd get 9 years in prison? I fucking doubt it.
These guys got slapped with a bigger sentence because a computer was used. The general public does not know about computers. Things that people don't know about scare them.
What I want to know is why Lowe's is storing my credit card information and/or why it needs to be sent back to their corporate office.
Involuntary manslaughter is worse than "accidental" (i.e. negligent behavior) and not as bad as "intentional" behavior. What it means is that the person who killed was acting in a manner so stupid that he should have known he could cause harm. Like getting hammered and then driving home.
At least people who murder have the balls to declare their intentions, if not to everyone, then at least to themselves. Murderers are more honest than manslaughter-ers in this respect. Those of the involuntary manslaughter ilk get to be stupid, cause death, and get out early enough to do it again. Really, if the point of our prison system is to be segregation of bad actors from society, not rehab (anyone who believes prison is about rehab is fooling himself), why do we want to let the stupid irresponsible ones out any earlier than the sociopathic ones? Both are harmful.
As for these "wardrivers", this is a harsh sentence indeed for what amounts to a property crime. Their real crimes were not being politically connected. The Enron etc. examples have been made previously so I won't repeat them.
What changed under Obama? Nothing Good
Point is nobody is dead.
Someone set us up the bomb, so shine we are!
I'll also make a point that the death penalty is only there to satisfy the sadistic perverted desires of revenge that the victums have. Death is no punishment
Would we be correct then in assuming that you are equally opposed to "life without parole" sentences? After all, life without parole is just an extra-long death sentence. If a person is never going to be permitted out again, no matter what, what difference does it make if they die at 35 of a Potassium Chloride overdose, or at 65 from heart disease?
Also, are you suggesting that people like Ted Bundy, Jeffrey Dahmer, and Timothy McVeigh could have eventually been rehabilitated?
And finally, what's so wrong about "revenge" anyway? If someone commits the absolute most heinous crime imaginable, raping and murdering your daughter, is it really so unreasonable of the parent to feel vengeful? If the perpetrator wasn't prepared for an eye-for-an-eye punishment, then perhaps they shouldn't have done the crime.
Good, honest people die tragically all the time. Why should we go out of our way to ensure that multiple-murdering, unrepentant scumbags get to live out a long, moderately fulfilling life behind bars?
Like woodworking? Build your own picture frames.
As long as they didn't actually use any of the credit card numbers they have not done anything wrong. I don't care if they have my credit card number as long as they don't use it.
My business partner learned hacking and coding from this guy when the guy was legit.
What he did I think any of us on Slashdot could do. It doesn't require a great deal of skill or 31337N355.
This is in the "Your Rights Online" section because he should be treated the same as someone who thirty years ago stole file cabinets of data about people at a large chain's headquarters. If the data is the same then there is no need for changing the sentence.
That said, the young man did wrong and will get what he deserves. He was a little bit bright and could surely have come up with a better scheme than this. I know I could, but I and his former "student" are devoting our time to a legit business.
Please excuse the shameless plug. We may be legit, but we're certainly not wealthy. Starting a company is hard work. 60+ hour workweeks, paying yourself less than minimum wage for a year or more... No wonder Mr. Salcedo chose the "easy way out".
This is true, and most business Wi-Fi installations are made difficult to get into. For most users of Wi-Fi, home, work, a friend's house, or a public spot -- those are going to be the places to go, when they're made easy to find, and conducive to social computing.
Of course, I have quite a bit to say about wardriving in general!
Zhrodague.net - I do projects and stuff too.
this brings up an interesting point in that prison, or punishment in general is a way to deter criminals as well as assure everybody else that should a crime be commited against them, whoever is responsible will be dealt with.
if punishment stopped fitting the crime people would then take it upon themselves to administer a justice they deem fair.
and the "fitting" is for every individual very subjective, so the government continuosly tries to keep the balance.
now while i agree that the details of how we punish our criminals may need some updating, the need for some sort of revenge (or call it justice) is simply human and not subject to much change.
there will always be the transendentalists preaching be merciful the prisoners, coddle them, rehabilitate them. be compassionate. but there are more and much louder (at least for now) proponents of our current revenge type system.
Well, probation doesn't work either. He was arrested in month 35 of a 36-month probation term.
As with spamming, certain kinds of malicious hacking probably should warrant the death penality....
You steal a Ford or you steal a Ferrari,
is it the same crime?
Should the value of the car change the sentence?
Yes, the value of the car should change the sentence. If I steal $5, should I get the same sentence as if I stole $10,000? Of course not, because the scale of the crime is different. These people didn't try to steal 1 credit card number, or even a thousand cc#s. They tried to steal an infinite amount of numbers. If this program hadn't been caught, they would have had access to every single card number to go through Lowes. That is a HUGE amount of numbers. So yes, they should be punished more than someone who tried to steal1 number, because it is an entirely different class of crime.
"Information wants to be expensive" - Stewart Brand, the same guy who said "Information wants to be free"
Well thats because the prison system is run by idiots and pricks, atleast western countries actually _have_ a human rights watch, im guessing Singapore jails are 10 times worse, but thats right some of our society is pretty damn sick and non-violent criminals definately shouldnt be mixed with violent ones.
This comment does not represent the views or opinions of the user.
And finally, what's so wrong about "revenge" anyway?
The problem with revenge is that it is an emotional response. In many cases, that emotional need to find "whodunit" and punish the living sh** out of him, has lead to the conviction of innocent people. In this example, a guy spent 15 years of his life in prison - post conviction DNA testing proved him to be the wrong guy. Funny thing about revenge in this example, at the time of conviction, the victim and family actually got the satisfaction of having had their revenge - but even with the satisfaction, they got no justice - wrong guy.
Revenge just generates additional victims. Criminals should be convicted on facts and data, and not on an emotional basis. Of course the world is full of "shoulds".
What changed under Obama? Nothing Good
Salcedo was arrested in the last month of a 36-month probation sentence after he broke into Arbornet and many other sites in 2000. The original Slashdot story is here.
9 years in a "pound-me-in-the-a$$-prison"
Won't somebody please think of the Karma!
It depends, there are cases like punching a rowdy drunk, who slips and breaks his neck, or throwing a rock at somebody's windshield causing a fatal accident. Serious Injury/Death is a forseeable consquence of the action, though death was not intended.
Some people make bad mistakes, and would not repeat them again. Though there are definately the ones who are habitually break the law and should be removed from society.
D6 63 0D 70 89 81 BB 8E 7B 7C 5F 5D 54 EA AB 73
Although I do agree that he should have gotten in trouble. I think what he got is on the severe side. I think this is much akin to the witch hunts of older times. People are afraid of what they don't understand. Because people are still pretty well computer illiterate, (thanks mostly to windows... but that's another beef for another post)... so it's human nature to fear what they don't understand. Because a computer was used for a "crime" the justice system, so afraid of our voodoo magic, comes down very hard out of fear. Plain and simple.
There have been murderers sentenced to one-fourth that length of time.
Yes, a two year and three month murder sentence is way too short. Rediculously short, an aberration, and completely irrelevant to determining a proper sentence for computer crime.
or a non-violent crime that didn't benefit the criminal?
Intent is an element of a crime, not success. What does it matter that he criminal did not benefit?
Did they actually steal any credit card numbers? No. Did they charge up a bunch of fines on said card numbers? No. We have laws to deal with theft and fraud. Since they commited neither, there is no reason for them to go to jail.
You don't get off because you were unsuccessful. Intent is an element of a crime in the US, not success. its better to nail them before they get competent.
Which is... still breaking and entering, a crime. I break into a museum with the intent to steal the statue of David. It's too heavy for me to lift and I get pinched on the way out the door. So in your world I should go free because I wasn't able steal anything?
All you criminal appologists need wake up and smell the anarchy. Stealing credit card information is inherently more harmful than B&E. Had he succeeded he would have cost the credit card companies millions at best, and ruined the credit of thousands of people at worst. For this he should be sent away for a long, long time.
what is Lowes doing wrong that they were compromised twice like this?
Evil hacking (from defacing websites and destroying information to stealing credit card info) should be treated as normal crimes (destruction of private property, fraud, stealing, etc).
I remember the times when "hacking" meant to get around limitations of the system. Ah, glorious times. But now script kiddies,lamers who write virii and blatant mobsters are discrediting the name.
I say, send 'em to jail. They deserve it. And we need it too.
Sideshow Bob: "Attempted murder?" Honestly! Do they give a Nobel Prize for attempted chemistry?
In this example [innocenceproject.org], a guy spent 15 years of his life in prison - post conviction DNA testing proved him to be the wrong guy.
There are 3 cases famous cases like this in Canada. The three M's. Morin, Milgaard, and Marshall. Morin spent 3 years in prison, Marshall spent 11 years, and Milgaard spent 23 years. All were saved by DNA evidence and all were convicted of crimes that could have gotten them death in certain states.
{sigh} all you Slashdot kneejerkers need to read what other people actually say. I didn't say he should walk ... he is, after all, a convicted felon.
... he should be sent away. The question is for how long. A long time, if he had succeeded. But he didn't, and should be sent away for the crimes he actually committed, not what he might have done. Punishments should fit the crimes: when they don't ... well, that, in and of itself, breeds disrepect of the law. I understand the premise of a deterrent: throw the book at one criminal in the hope that others will mend their own evil ways. But that, my friend isn't justice and it isn't what the courts are supposed to be doing, and furthermore doesn't work anyway. Sure, commit the crime, do the time ... just make sure you're doing the right time.
And I agree
The higher the technology, the sharper that two-edged sword.
But where's the justification? I mean, these guys were criminals and bad people and I don't particularly want them in society with me. But come on--rapists don't go away that long for one count, and this was just attempted. There's just no logic to it.
Read jack phelps dot net
I would certainly trust the engineering of someone who's smart enough to get into MIT. Note that they didn't tie into the elevator controls, only the lights that showed what floor the elevator was on.
Make me a friend and I'll mod you up
No, but you are an ugly fat
Wow, I should not post when knackered.
Should we simply allow crimes to be committed, no punishment? I can show you places where that is the case, you won't like the result, I can gaurentee. If you think you can change who someone is, without their wishing it, just via counciling and the like, ask a psychologist. They'll tell you, as I have, that counciling is a way to help people who want to be helped, not to force changes on someone.
If the deterrance reason isn't good for you (it is a deterrant by the way) then how about the simple fact that while you are in jail, you can't be comitting crimes.
But really, what it boils down to, is that we need some way to punish crime. Civilized society needs a justice system and that requires punsihment. This isn't an American thing, this is across the world.
If you have a better solution, let's hear it.
If he walked into the central clearinghouse and walked off with a hard drive with a million credit card numbers on it, and we know that it was the credit card numbers he was after, then yes, he should get 9 years.
I'm not sure how massive credit card theft is dealt with in the courts, but it's likely they can show that the intent was to use those numbers for fraudulent transactions.
Attempting to steal hundreds of thousands or millions of credit card numbers and also use them (or contribute to their use) in a fraudulent manner is a massive financial crime, and 9 years is not that long.
This "hacker" never actually stole CC data, but still got nine years.
If Ken Lay is even given jail time, I doubt that he'll be doing 9 years. He'll probably get 1 year max at the place with the golf course and squash court.
I think much of the complaint is not how much time the hacker is getting, but how little time other people who take part in similar crimes but without the "hacking" element.
"You spoony bard!" -Tellah
Just because it is easy doesn't mean it's allowed.
bash$
It's not their intelligence I'm worried about.
These posts express my own personal views, not those of my employer
Mitnick was held with out trial for 5 years and eventually was let go for "time served". That's why there was such an uprising behind him. Dispite his crimes, he was serverly miss treated.
Who gets their news from a mickey mouse outfit like ABC anyway? If you're going to post some clueless banter about attempted credit card fraud, at least link to an article (or thread) with some relevant information about the case instead of an uninformed soundbite. You could start with one of the following:
http://reviews-zdnet.com.com/AnchorDesk/4520-7297_ 16-5511088.html
http://www.theregister.co.uk/2003/11/22/michigan_w ifi_hackers_try/
http://www.securityfocus.com/news/7438
http://www.securityfocus.com/news/8835
http://www.netstumbler.org/showthread.php?t=11115
Some of the more interesting quotes for those too lazy to click on the links:
"In 2000, as a juvenile, Salcedo was one of the first to be charged under Michigan's state computer crime law, for allegedly hacking a local ISP."
"It was six months later - Botbyl allegedly admitted to agents - that Botbyl and his friend Salcedo hatched a plan to use the network to steal credit card numbers from the hardware chain"
"At some point in their wardriving experience, Timmins and Botbyl came upon a Lowe's hardware store with an open wireless network. Timmins later admitted to Kevin Poulsen of Security Focus that what he did next was technically illegal: he used the Lowe's network to check his e-mail. When he realized it was Lowe's private network, however, he says, he disconnected."
"That in itself might have been the end of the story. However, Lowe's became aware of the breach and contacted the FBI, who, after its investigation, charged Timmins with one count of unauthorized computer access. And that by itself would have been a significant story: Timmins's plea has been reported as the first instance of a wardriving conviction. I think the claim is an exaggeration, however. The charge would have been the same had he used a wired connection."
"But here's where the story gets interesting. Several months later, Botbyl returned to the Southfield, Michigan, Lowe's with a new friend, Brian Salcedo, now 21. Salcedo, it turned out, was in the final weeks of a three-year probation for an earlier computer crime."
"According to the indictment, the hackers used the wireless network to route through Lowe's corporate data center in North Carolina and connect to the local networks at stores around the country. At two of the stores - in Long Beach, California and Gainseville, Florida - they modified a proprietary piece of software called "tcpcredit" that Lowe's uses to process credit card transactions, building in a virtual wiretap that would store customer's credit card numbers where the hackers could retrieve them later."
"Brian Salcedo, 21, faces an a unusually harsh 12 to 15 year prison term under federal sentencing guidelines, based largely on a stipulation that the potential losses in the scheme exceeded $2.5 million."
"As for how it was computed here's one probable way: Maximum number of cards in the system at the time they could have captured, multiplied times the maximum credit limit on each. (So say Lowe's does an average of 2500 credit cards transactions nationally in a night, and each has a $1000 Credit Limit. That is $2,500,000 right there.)"
"They were not able to access nationwide credit card files or get into corporate systems," says Lowe's spokesperson Gina Balaya. "They did access six credit card transactions from one store."
"My initial reaction when I heard the charges was one of skepticism," says Karl Mozurkewich, founder of the Michigan software company Utropicmedia, and a member of the group. "Eighty percent of the people in the 2600 group in Michigan are more the c
How many years would that render??
Huh?
Answer: zero, providing you have the GOP and GOD on your side.
Somebody, PLEASE find a solution to this semantic quandary.
Don't shop at Lowes. They keep their credit card information on a computer accessible from an insecure wireless access point.
It's 'ADMIN'.
Evil is the money of root.
Marshall was released in 1983, after a (new) witness came forward. This is about 10 years before DNA profiling was even thought about, 15 years before it became useful/accurate/cheap. In the inquiry into the actions of the police and crown prosecutors, it became clear that his case was not an accident, with the parties all acting in good faith. I don't think that they had any specific evidence to the contrary, but circumstantial evidence, combined with him being a Native American (to be fair, also well known to the police) was all the investigation they needed.
With all due respect, I think you are the one missing the point. There's way more to getting hurt than bleeding. We see someone who has been shot or assaulted and we feel sympathy for that person, as we should. Our sense of justice demands that whoever hurt them be put away.
But you know what we don't see? We don't see the kid who can't go to college because some fuck wiped out his parents' portfolio. We don't see the mom who has to choose between buying a smoke detector or food because her budget just can't stretch that extra little bit to cover what the cracker skimmed off the top. There are all these little costs that are basically invisible, but they add up and when they affect enough people THEY MATTER. So while physical injuries are certainly easier to empathize with, saying that someone shouldn't go to jail for a long time because they "didn't hurt anybody" is sophistry.
I'm posting anon, because as a former employee, I should probably be keeping my mouth shut.
Sounds like they cracked into the network via the LRTs (Laser Radio Terminals). So, okay, you'll see a big rollout of security across the company soon to take care of that (all stores are pretty much exactly the same, so whatever they did, it will work in every store until it's fixed.). What's interesting is it's probably quite similar in other retail chains. Just a few IBM servers running AIX in the back, and until recently, all the registers were just terminals (they're now all linux thin clients). You could go to target, pier-one, or whatever other big retail chain you like, and try the same thing.
Offtopic: If any clued-in and still current employee sees this post, can you tell me why they removed the lookup lookup account from the system? I was annoyed when they got rid of it; I liked to use it for price audits while running end of day.
Don't get me wrong, Hacks are definitely illegal in every way. But that doesn't mean you can't appreciate their sheer ingenuity.
Make me a friend and I'll mod you up
This makes me think about something similar. I don't know offhand, but I do believe that in my state rape can get you longer than 9 years.
Rather than focusing on how large this sentence is in comparison to a rape, wouldn't it be more appropriate to lament the fact that a rape sentence is shorter than one for computer fraud? There is a difference in doing either.
I don't moderate anymore. Karma penalty for 90% fair mods? Can I mod that unfair?
I thought we did solve this by calling folks "criminals" ?
I don't moderate anymore. Karma penalty for 90% fair mods? Can I mod that unfair?
http://www.usdoj.gov/usao/ohs/Press/12-18-03.htm
The total cost to Acxiom of Baas's intrusion and theft of data is more than $5.8 million. Baas faces a maximum penalty of five years in prison, a fine of $250,000 or twice the amount of gain or loss, and three years of supervised release.
Considering Dan actually did steal the data and only can get a maximum of 5 years, this seems excessive for intent.
Sorry for replying to my own post.
Turns out that the guy my business partner knew and this dude were totally different people. Oops. What they got busted for was basically the same thing, and they're from the same area. What an odd coincidence. Send me an e-mail if you have an questions.
They used to hang people for stealing. Harsh treatment for crime is nothing new.
Just because he didn't get away with it doesn't mean he committed a lesser crime. If we assume he did succeed, he will just keep all of the money. So, I believe that the law should treat both as the same
That said, I do not endorse the 9 year sentence that was slapped against him. Rather I would agree with heavy fines, community service and putting him away from electronics for some 'n' years. Perhaps a sentence of 2 years too.
I wonder if the government can have both mild 'rehabilitation centers' and the conventional jails. The previous ones would have all these sort of criminals so that they don't have to suffer the indignity of anal rape from violent criminals for a crime far milder (and at which some people didnt even succeed)
... and I shall strike upon thee with great vegeance, furious anger and a slightly positive karma.
you need to be legit AFTER you have made wads of cash.
sheeesh, can;t you kids do anything right?
Beside how good could this guy be? he didn't get any credit card numbers.
A good criminal gets away with it, then gets caught monologing..
The Kruger Dunning explains most post on
OK kids.m l/
l /
m l/
i c.html/
. html/ . html/ e .html/
h tml/
Let's all get together and sit in a circle and read aloud together.
I would like Arzach to click on the following link and read aloud the first bullet point to the class: http://www.catb.org/~esr/jargon/html/appendixc.ht
I would someone else to read the definition of the term "Hacker" click on the following link and read aloud:
http://www.catb.org/~esr/jargon/html/H/hacker.htm
(I can't hear you.)
Now let's discover the term called "Cracker". Can I get a volunteer to read this one aloud?
http://www.catb.org/~esr/jargon/html/C/cracker.ht
Now let's investigate as to why we Slashdotters believe that this sentence may be too harsh...lets see, this may provide some insight:
http://www.catb.org/~esr/jargon/html/H/hacker-eth
For your homework assignment please read the following:
http://www.opensource.org/docs/definition.php/
http://www.catb.org/~esr/jargon/html/introduction
http://www.catb.org/~esr/jargon/html/distinctions
http://www.catb.org/~esr/jargon/html/writing-styl
Must read before posting on Slashdot
http://www.catb.org/~esr/jargon/html/email-style.
Background info
http://www.mithral.com/~beberg/manifesto.html/
yeah, then some dipshit calling himself a white hat code wizard will get caught stealling CC niumber from an orphanage , and then the mesia will tear your name apart.
or worse, someone will do a movie where one of the 13 year old computer expert is a 'white hat code wizard'
How about software developer?
The Kruger Dunning explains most post on
This is the digital age, and people are finding out more and more, how empowering it can be to know a few things. This is not the world of 20 years ago, and the fact as some have pointed out, that what he did was fairly easy to accomplish for many people here, should be a warning bell. So by giving a harsh sentence they may hope to stem the tide of people figuring they can finally get that big heist scheme to work.
I had a ridiculous conversation at a drinking party once, years ago. This guy I knew was blearily insisting that I needed to 'hack' a bank, because he was sure I could do it. I didn't know about that, I'm just a regular geek, scanning x.25 networks for outdials isn't the same as breaking into a bank. He was insisting it would definitely work. We could have it all planned out see, and, "Oh you could totally do it man, we should so do that!" I kept insisting that it was incredibly dangerous, and that I didn't know how ("Oh you can figure it out man, I know you can!"), and he just wasn't having any of my protests. Stealing, or for that matter almost anything that risks jail time, doesn't appeal to me anyway. Now imagine someone with his attitude and also the knowledge to follow buddy from the article. This sort of idea can become more widespread as technology reaches everyone, and is a scary thought for those with things to lose from it. People such as, well, any random person alive, could be you, could be me, could wreck a lot of lives.
they were on a Seqway.
The Kruger Dunning explains most post on
Here's the dealio from another ex-con.
First my cred:
I spent 4mnths in Juevy hall at 15, 1yr at 16 (released just before my 18th b-day). I spent overnights too often to count between 18-22ish. I spent a weekend in city lockup when I was 21. And finally, I spent 2.25 yrs of a possibly 6yrs in a federal prison from 23-26.
That was all back in the late 80s to mid-90s. I have never been back since and live a honest life, except for the occassional joint or jay walking. My offenses were mostly stupid kids stuff made only stupider by the fact that I did stupid stuff every weekend and got caught a lot. The stretch in my 20s is from something unrelated that I will not get into but did not involve sex or kids (2 worst type of offenses in prison).
Your jails must have been easier than mine. Juevy was a living hell for anyone not mature enough physically. There were numerous sexual assaults in both institutions (I was in different ones at 15 and 16). They mostly consisted of a small guy being punched and slapped around all the time until they gave in. Mostly it meant theyd have to give head somewhere (there are plenty of private places in juvy halls for 5min at a time). Once you give head you are marked and carry the reputation throughout your stay and maybe back outside if you knew anyone there. But I understand why some gave in because unlike oz it didn't make you a bitch but usually meant the bully would go pick on someone else and leave you to being called Mary. No, I never gave head. Lucky for me I was a chubby white boy, not a skinny one. Skinny white guys have bad times in Juvy, especially since blacks and latinos hit maturity faster. I never saw anal rape in Juvy but it was talked about and maybe happened in cells but I never witnessed it.
City jails are like you describe and absolutely a joke... you have to go out of your way to get in trouble, its the only jails where you can just ignore someone demanding something from you (not stand up - ignore) and they'll go away cause no one wants to get locked in longer.
Federal prison was NO FUCKING JOKE. I saw rapes there. The guys in the middle of ranges would hang up sheets and rent out their cells and keep watch and you'd see big badasses pushing skinny young guys into them. I saw people forced to give head including once in the lunchroom by a guy who held the boys head down on his dick even when a guard ran over and started shouting and hitting his shoulder. Every skinny/young/handsome guy had to prove their mettle at some point unless they knew people already, and that meant standing and shouting "fuck you" and getting ready to punch. You couldnt fake it cause if they saw you shaking they'd jab you in the gut and it would be all over unless you fought back. I was scared shitless and decided to punch first if anyone touched me but I got left alone.
Advice to anyone going to jail, especially skinny guys:
-learn to smoke, even if you can't its expected and currency where allowed
-work out, so even if your not buff the flesh on your girly arms is muscle and not fat
-if you have a big mouth, shut up; if youre meek then speak up. a happy medium is to be the strong silent type
-jokes work great as long as they're really funny and either dirty or aimed at authority figures... don't joke about other inmates
-if someone takes something from you, punch them, even if they're 10x your size and will kick your ass, a week in the clinic beats being known as a wimp on the range
-if your white no matter what the temptation do not join a WP (nazi) gang, and avoid face and hand tattoos unless your never getting out (in which case get them and you'll rarely have a problem w a tear-drop tattoo)
-if your really fucked and really need friends then volunteer as an imate counsellor (drug, sexual, religious, whatever). I saw a guy who was going to get jumped walk away because someone he counselled stepped up for him
I think child porn is probably the biggest problem of the computer geek crowd, and t
consumer loose faith in the system, then they won't use elctronic transactions anymore.
I think it would be great.
Consumers do hold all the cards, if they would just lok at whats in their hand instead of listening to other people tell what they have, It would be a better society.
The Kruger Dunning explains most post on
O.J Simpson.
Look, it favors those with money.
The Kruger Dunning explains most post on
"A single hacker messing around with the right financial data can ruin the lives of thousands or millions of people"
Can you point me to a single instance where single cracker's exploits has ruined the lives of even thousands of people? The only thing a cracker can do to cause more than a major inconvenience to people is identity theft, and that's exceedingly hard to scale up without getting caught. Also, while true that crackers can cost companies considerable sums of money, it would take a truely impressive feat to even approach the damage done by Enron et al, and that didn't destabalize the country now did it?
In short, while your fearmongering does have some basis in reality, it doesn't really scale up to the damage you predict.
Should we seek to lower the sentence for this crime or raise the sentence for murder?
One of the problems with murder sentences is that it depends on who you kill. I'd imagine that most murder happens in the inner city between waring gangs.
If a gang member kills another gang member society sees it as a plus for them so they throw a lighter sentence on the guy who pulled the trigger. If they even bother catching the guy and putting him through the court system. However if anyone kills a child or someone deemed pretty by society (see: Laci Peterson), you can bet that the killer is going to get the book thrown at them. Unless the killer is highly sympathetic themselves.
There are just very few "celebrity" murders in the scheme of things and so the average sentence isn't much.
The other problem is the insanity defense. It makes it very difficult to convict someone of murder and get the full sentence if anything at all.
You can't plead temporary insanity for a time period when you were fully capable of hacking into a computer system.
I think 9 years is sufficient and we should start taking murder more seriously and stop feeding loopholes (such as lame excuses about being "temporarily" insane) into the system. Then the average sentence for murder will go up. We try real hard not to throw the book at murderers. 9 year sentences for criminal hackers will also go down fast once it becomes common place and legal excuses are dreamed up by lawyers to get their clients off.
Work Safe Porn
Hey, guys, watch this!
...it's really a sad day for America when we require a goddamn ACT OF CONGRESS to make our DVD players work properly. ~
If you took the time to RTFA you would have seen that the only reason they didn't get away with any credit card information was because they got caught BEFORE they could actually download the information. Thier "bugged" version of the program had already gotten a hold of six credit card numbers.
Also, if you RTFA, you would have noticed that the one of guys had a prior conviction of computer fraud and was still on probabtion.
Bottom Line: These guys were looking to steal. You reap what you sow...
We are blind to the Worlds within us
waiting to be born...
Lets get the real crooks who cost corporate America more money and are an irritation to society!
seriously malware programs are trojan horses and its cracking pure and simple. Many install themelves via buffer overflows in javascript just like a real worm. Many install keyboard loggers and backdoors just like a real worm. ALso many slow down computers just like real worms. So if it looks like a duck, quacks like a duck, then what is it?
They are the true crooks here.
http://saveie6.com/
I had read the SecurityFocus article (I never read the AP ones... cause they are always are sparse on details). I had thought it was the same linked article.
We are blind to the Worlds within us
waiting to be born...
Strange that people would try to argue that a computer offense is not worth putting in regular prison. But these people deliberately broke the law . And don't give me the whole "When you J-walk you deliberately break the law" cuz if the system was so black and white most of us would be in jail.
Any how they were trying to steal for personal gain and used there computer knowledge as the tool to obtain this "stuff" without the victims wanting to give it up.
But if the system admins were good enough they might not have been caught, but I don't think they wanted a competent Sys Admin at the time.
This SIG pulled due to lack of funding. (This damn war is costing too much!)
Accordin to Dogbert seven angels can dance on the head of a pin. Though personally, I believe 42 can.
The public will believe anything, so long as it is not founded on truth. --Edith Sitwell
This episode of the phreaking internet radio show Default Radio covers this when it first started several months ago. The co-host on this episode knew these people so it makes for a good insider's point of view.
Default Radio episode 23 part 1
Fast forward to 22:30
Hacker Media
The parent may indeed feel vengeful. But it is for the state to act humanely and compassionately. Here in Britain, prison is for protection of the public, rehabiliation and only a small element of punishment (deprival of freedom). Our prisons are not the hell-holes tha you USAians devise for each other but shamefully neither are they the civilised environments of Scandinavia.
Why should this matter? The USA as well as incarcerating more of its population for longer also has one of the highest rates of recidivism, far higher than ours which is in turn higher than much of Scandinavia.
--
USA: home of the world's largest terrorist training camp.
Maybe the realistic solution is just to use a different word instead of hacking, since most people have bad connotations of hacking.
I mean, it is just a word, why not take a new one, like for example tinker Its a pretty good word. Its both a noun and a verb. It could apply to software and hardware. It connotes cleverness and craftsmanship and experimentation.
"So, whatcha doin?"
"Oh, I'm just tinkering on my firewall to see if I can break it."
Don't moderate flamebait as Troll. Know the difference or you will be Meta-moderated.
Well, you had your chance recently and you blew it. Sadly, it appears that the majority *would* rather give up their civil rights for a little illusory protection.
And worse, if you try not following in their 'terrorist ways', it's you who is on the wrong side of the law.
Welcome to the Land of the Free - and you're very much welcome to it.
*sigh* *Starts reading Russian for Dummies*
University of Washington
Student
In public schools we are forced to keep things fairly open. We couldn't even install SP2 until recently, because most of our 3rd party software vendors said no. If we installed anyway, we could void our service agreement. There are also many security options available in group policy that we can't use, because we run some of the weirdest reading, typing, history, math applications ever. Also, we can't lock floppy or usb ports, because students need to be able to get their homework back and forth.
We have a wireless network setup, and it is fairly open. So is our DHCP server. Because as a school we are also a training center for parents and other school memeber. Our classrooms are rented at night to adult ed, and the gym or auditorium can be used by a number of renters. When people bring their laptops in we need to make sure they can plug in or turn on and get out the internet. Schools live in a constant balance between being secure and being easily accessed by all. After all - we are 'Public'.
They were not being "nice" but they weren't hurting anyone (at least not yet).
... So we have to wait until they (ab)use credit cards before they should be stopped?
'Yet'
The real problem I have is Lowes was putting credit card data on a wireless network!
I agree this is pretty dumb, but it's still no reason for it to get cracked. Think about this: you have an expensive house and several heavy locks on your door. One day you forget to lock them. Does this justify every burglar that walks up to your house, opens the door, enters your house and sets up camera's? Okay, they didn't steal anything (yet), but it's really your fault. Yeah right. They knew exactly what they were doing, and the fact that the security wasn't good enough is *no* reason whatsoever to justify this crime.
That depends entirely on what crimes you're talking about. Some sentences are overly long, and some are overly short. For example, the US routinely sets violent criminals free (including rapists and murderers) to make room for non-violent drug dealers. If that isn't ass-backwards, I don't know what is.
He robbed people, or attempted to rob them. This is like robbing a bank, only worse.
No, it's not. Theft and robbery are different animals. These guys never held a gun to someone's head, never threatened anyone. They are more akin to cat burglers than "robbers".
Nine years is longer than a manslaughter conviction. Longer than most murder convictions. Longer than rape convictions. What kind of fucking idiot are you to value some large corporation's potential bottom line (since they actually stole nothing) more than the life of another human being?
This conviction is bullshit, made solely to prove a point by sadistic bastards like yourself.
But where's the justification? I mean, these guys were criminals and bad people and I don't particularly want them in society with me. But come on--rapists don't go away that long for one count, and this was just attempted. There's just no logic to it.
Yeah, but you've come to the opposite conclusion as me. Lock up the rapists for much longer.
-- Dan
Retribution is the criminal's sentence by the victim.
it's the fault of the victim for being unprepared, undefended, uninformed
It's the fault of the criminal for being unprepared for punishment!
The only thing new in this world is the history that you don't know.[Harry Truman]
Hey man, I agree. All I said was "there's no logic." I think every so often there should be an attempt by state and federal congresses to rebuild the punishment system in their jurisdictions in terms of actual severity so that it means something. It's too politically constructed.
Read jack phelps dot net
Hmmm. There's something wrong when the "badness" of a crime is measured in dollar terms. As others have pointed out, raping someone probably would have got a less time.
Didn't you know? The SI unit for measuring damage is dollars.
Music speeds up when you yawn, but does not change pitch.
I'd be curous to learn what the dictated punishment is for attempted larceny. Regardless of the scale of what you try to steal, unless you actually steal something you're not a thief...even though you were trying to be a thief.
Just like smoking oregano while thinking its pot is stupid, its also not using drugs and you won't go to jail for attempted possesion of drugs.
If you want to argue that they illegally accessed a computer system they had no right accessing, ok, fair enough, but that should be separate from the act of trying to snatch credit card numbers.
Maybe there is a clause for trespassing with malicious intent, or something, but I find it REDICULOUS that this guy is going to federal pound me in the ass prison for 9 years.
This is a white collar, non-violent crime. They should fine the piss out of him (to the tune of everything he has) and sentence him to infinity probation with lots of public service.
White Collar criminals are more likely to be "Reformed" than violent ones because they know how to fit into society and have often proven good at doing so.
They were wardriving in the parking lot. The crackers discovered a wireless cash register system used by the store when they needed additional cash registers during peak times. They would roll out a portable cash register, plug it into the floor AC outlet and start processing customers. A wireless network sent the data back to the stores main computer just like a cabled cash register. The problem was the wireless network was not encrypted. The crackers did in fact access the wireless network and sniffed the data. Then they used the sniffed packets to login to the stores main computer system which was connected to a home office network WAN. They hacked into several computers and networks and installed rootkits and programs to capture credit card information. The IT staff noticed them and called the FBI. The FBI sat in a van in the parking lot and noticed the crackers pull in the parking lot and just sit there. Observing them showed they had several laptops with them. I assume the store's IT staff was feeding the FBI information. Also the FBI used it's anti-cybercrime unit to collect evidence.
These guys were not harmless hackers. It may have started that way but once they started getting aggresive and had intentions of theft, they lost any morale credibility!
I say screw'em they got what they deserved!
spankings as a kid seemed to get the message across
"The problem with socialism is eventually you run out of other people's money" - Thatcher.
If any thing these things hurt the corporate world because instead of putting blame on their IT department they hide behind lawsuits.
It's a PR move it shifts focus from there bad practises and on to intruders. They don't want there stock holders to get wise that a large part of the blame should be held in house.
This kind of actions serve to cover up these kind of insecure practises that are rampant in the world. Instead of fixing the system they brush it under the table.
I was burned by an Ebay auction but it was Ebay's nonchalant attitude that has left a sour taste in my mouth. It is company's policies that hurt attitudes towards online transactions. If a company is viewed to be proactive in searching out claims of fraud that builds trust.
Meanwhile the seller that screwed me still has auctions running and Ebay has done nothing.
Anger Rising!!!
The 3rd guy, Adam Botbyl, used to live on the street behind mine. He's a couple years younger than me; my little brother knew him better than I did. (This article names him)
This was probably 10 years ago (him and my brother would have been in 5th or 6th grade), but one interesting bit of trivia is that he was the butt of jokes by the other kids. A bunch of the neighbor kids were into collecting basketball cards. Some of the crueler ones would put common cards back into the pack and glue the top together, and they'd sell or trade them to Adam.
As I heard about this through my brother, it was portrayed that Adam was hella gullible. One pack had a card from the wrong brand in it (e.g. a Topps card in an Upper Deck pack); the other kids told him that it must be some error and might be more valuable. Whether the kid actually believed it or just went along to avert more bullshit is a question for him.
Stories like this were pretty common, and I wonder what that does to a kid, having no good friends around.
Now, I'm not saying that's an excuse; he's a total stupidass for what he did.
My stupid web site
If they were deterred from commiting a crime, then they wouldn't be a criminal. :)
It also doesn't shock me that criminals were not deterred from committing crime (for some reason or other).
incarceration is to deter people from
incarceration is to prevent people from
Given the definition of deter is "To prevent or discourage from acting, as by means of fear or doubt", I'm missing the distinction.
I think you do have a good point, I'm just not catching it. Could you elaborate?
Yndrd1984
The defendant was already on probation. He was busted in 2000 for cracking passwords on arbornet.org. He was 17 at the time, and one of the terms of his probation was to stay off the internet.
n ews-11/1103213452260230.xml
http://www.mlive.com/news/aanews/index.ssf?/base/
(limited personal information cookie-filling-out required)
Boo hoo. He voilated the terms of his cake-walk probabtion. Have fun in prison.
There are some people that if they don't know, you can't tell 'em.
Yes, a pension fund is the property, or at least future property, of more than one person.
I should've said 70% of the voting population perhaps :)
In honor of Brian Salcedo, I'll be offering a solo of "My Heart Bleeds for You" played on the world's tiniest violin.
Here is a photo of the perp, I think.
Click here or here.
I doubt they had the expertise to crack the network had it been properly secured, and almost certainly would not have bothered, so maybe they should sue Lowe's or at least the IT admin in charge of the wireless network for making it possible to commit the "crime".
Reading at high threshold levels is group-think.
Since the "crime" of wardriving is effectively similar to trespassing, we should look at it from the same point of view. In order to be charged with trespassing in most states, one must be made explicity aware (ie: by signs, verbally, etc.) and then disregard those warnings. Thus, the third person involved in this case who was convicted of a misdemeanor charge for checking his email on the network, shouldn't be held accountable since there was no warning or security system in place to keep him out.
Reading at high threshold levels is group-think.
This has been reported over a year ago. See the DOJ Press release...
DOJ Link for Salcedo here.
Also see the Security Focus article here.
There are plenty of articles about the case. The DOJ and FBI have most of it as public information for the search engine savy. The key is, there is a lot of potential damage to end consumers and the company with crimes like this. Considering it was his second offense and he hadn't even gotten off probation for the first, 9 years seems reasonable to me.
I have been following this case online for a while. They were involved with the 2600 scene, attented "Hacker" conventions, and were already known for things that some might view on a grey line (IE telephone companies - See Telcodata.us). The thing is that occasionally there are bad apples that learn from others and commit crimes. Showing a 9 year prison sentence might help keep some of the apples from rotting.
root 10956 5164 0 Oct 22 - 0:23 sendmail: rejecting connections: load average: 70 (isn't sendmail just too kind)
'a pension fund is the property'
Only if you spend it.
Anyhow, you failed the lameness test. are you autistic or suffering from aspergers syndrome?
There's a test here. I got a score of 17...
thank God the internet isn't a human right.
What's a typical sentence for that?
I'd guess it's not 9 years.
Changa hates change.
What is the deal with the wardriving charge? Is that actually a crime now? I thought it was legal, just that accessing the networks was not (which would be a seperate thing, not wardriving.)
This is wrong. Murderers these days get off easy. Sounds exactly like today's so called drug "crimes". They say all of this is to scare people away from doing the crime in the first place. I don't see how harsher punishments will really affect the crime from occuring. It will just keep the violent people out of jail and the non-violent people in.
trevorj
I got a 33, so what.
Anything above 32 and changes are you have aspergers. This may have a very limmited effect on you life e.g. 'thinking that taking a pint of milk is the same as taking $10 million from a pension fund' or it may be a little more pronounced, people may treat you as a little childish from time to time, or you may not get on with other people quite as well as you could do.
Unfortunatlly it's the social stigma that everyone else has that causes problems, and not really the effects of aspergers.
If you think that this seems to ring a bell you can contact a professional who can further advise you.
The bottle of milk and $10 million question.
'Most' people would say that taking a bottle of milk is a 'lesser' crime that taking $10 million because.
1: Taking a bottle of milk is less premeditated than taking $10 million, i.e. you have to put in a lot of thought over a long period of time to take $10 million, but taking a bottle of milk require next to no thought.
2: Someone who is in a position where they would take a bottle of milk probably has a poor quality of life and may be 'hungry', someone in a position to take $10 million probably has a good job with good pay and has no real reason for the $10 million apart from greed.
thank God the internet isn't a human right.
I probably should at least know a little. So should you. I was on the team that caught him in 2000. He should have gone down on a littany of Federal charges. Letting him take probation for only the Michigan violation was a gift he squandered. Nine years is not long enough.
Oops, one left out word made a big difference in my original post. Just went back to look at it and I had written:
:)
> Yes, a pension fund is the property, or at least future property, of more than one person.
I meant "except a pension fund is the property [...] of more than one person."
This was to imply that stealing the milk is the same as stealing one person's portion of that fund. Because the pension fund actually "belongs to" a few hundred people, it would be the equivalent of stealing a bottle of milk from each of 200 people. This means that I don't automatically attach monetary value to everything. In some circumstances (eg, starving), a bottle of milk can be more valuable than any amount of money. Unfortunately, that's not what I actually said at the time.
Guess I'm not very good at expressing myself.
As to points 1 & 2, is something worse because you thought longer about it? I understand your point and agree that it may make it more malicious, but should the reason for the crime make any difference in the sentencing of that criminal (ignoring self-defense)?
The asperger's thing is interesting though, thanks for the info.
Brian didn't really have the kindest words regarding you guys either (yes, I know him, and Timmins too). I re-iterate; he was made an example of. Granholm wanted to look tough on crime so she could run for governer, and she had this brand new computer crime law to trumpet.
9 years for what is, essentially, a case of attempted credit card fraud. I don't care what you claim he may or may not have done (knowing Brian, he probably did it) - the sentence handed down was too harsh *for the crime he was convicted of*.
---
Mod me down, you fucking twits. Go ahead. I dare you.
(I read with sigs off.)
I really don't care what he says about us. I told the AG's office to go easy on him four years ago hoping he'd learn a lesson. From this, I have learned this was misguided thought.
He committed a felony while on probation. He is a repeat offender. The system offered him an opportunity to rehabilitate himself and he failed. Therefore, the system must now take action necessary to protect us all from a twice-convicted criminal. Salcedo has nobody to blame for this but himself. And unless he learns this, he will continue to be useless to society in nine years.
'should the reason for the crime make any difference in the sentencing of that criminal'
Yes I think it should, as an example.
If a bolder falls down the side of the hill and kills someone then it's not murder since the boldier had no knowledge of what it was doing.
If I get a stick and beat someone to death then it would be murder since I know what I'm doing.
I believe that we should 'punish' people for what they have done wrong, their wrong doing can only be dertermined by the mallice involved.
I don't think anyone would suggest that we should be putting bolders in prison.
thank God the internet isn't a human right.
On first blush, I'd agree with you. But then, I stopped and thought about why they might have failed. In some cases, it's clearly just bad luck or incompetence. In other cases, you find their hands switched at the moment of shooting or, despite a good knowledge of knife techniques and human anatomy, they managed to strike the person in just the right place to miss all the vital organs. I'd say that's psychology working against them, which messes up the intent.
Then too, attempted murder is too often charged in cases where the defendent obviously never really attempted to kill the person. Everything from warning shots to pranks to kids LARPing is grounds for "attempted murder."
This sig has absolutely no significance and serves only to take up screen space and waste the time of the reader.
> I don't think anyone would suggest that we should be putting bolders in prison.
:)
But please, think of the children! We must enact legislation making boulders implements of terrorism!
(If I don't have anything meaningful to say, I make a joke)