Slashdot Mirror

← Back to Stories (view on slashdot.org)

6-Month Sentence for NASA Cracker

Posted by CmdrTaco on from the be-careful-who-you-crack dept.

lunartik noted an AP story running on a 6-month sentence given to Gregory Aaron Herns for cracking into the computer system at NASA's Goddard Space Flight Center. 'Herns told federal agents he was looking for computer space to store movies he'd downloaded. It took hours for technicians to find the problem, fix it and patch the system's security holes.'"

7 of 329 comments (clear)

  1. I'd love to see a breakdown of the damages by Nine+Tenths+of+The+W · · Score: 4, Interesting

    NASA are claiming it was $200k. It'd be nice to see how much of that was spent on fixing the security holes he uncovered.

    --
    Slashdot: News for Nerds, Stuff that matters only to them
  2. crackers by Anonymous Coward · · Score: 3, Interesting

    "It took hours for technicians to find the problem, fix it and patch the system's security holes'"

    That's so obviously the cracker's fault...

    1. Re:crackers by Firethorn · · Score: 2, Interesting

      You side with a criminal because the lock on some window wasn't good enough to stop a crowbar forced entry?

      What we're objecting to is the idea that part of the "damages" this thief is being charged with would be the installation of bars in the windows afterwords.

      Sure, charge him for actual damages, such as cleanup & verification. But charging him for patching the holes?

      --
      I don't read AC A human right
  3. Re:Mmm. No. by autocracy · · Score: 2, Interesting

    I work for a fire department. I'd kill for a day when spectators were in my way and refused to move. After all, if you park in front of a fire hydrant, policy's to run the hose THROUGH your car. In a fire lane? We'll use your car as support for the ladder truck's rigging. Don't think it hasn't happened before.

    --
    SIG: HUP
  4. Re:Policing our own by back_pages · · Score: 2, Interesting
    Tacit approval of this sort of thing (cracking) paints us all with the same unsavory brush. If we do not start policing our own, the "geek/nerd" stigma will deepen. We are professionals, let's act like it.

    Right, but I see you have a UID in the seven hundred thousands. You're new here! You see, you are absolutely correct - if we are professionals, then we should act like professionals. Unfortunately, the parent post is more correct - with the direction Slashdot has been going lately, I'm surprised that this wasn't posted under YRO.

  5. Re:Wow... by Detritus · · Score: 2, Interesting

    I had something similar happen to one of my systems at work. They filled it up with porn movies and used the site's large amount of bandwidth to distribute them to lusers all over the world. For months afterward, I could see unsuccessful attempts to download the files in the logs.

    --
    Mea navis aericumbens anguillis abundat
  6. Re:Kevin Mitnick by cdn-programmer · · Score: 2, Interesting

    Yes - I see a lot wrong with this picture.

    Kevin Mitnic hacked into Sun's systems and read some of the OS code. Before his sentance was up SUN OPEN SOURCED at least SOME of this code. Furthermore, Sun claimed millions in loses for this intrusion. Yet we can all see the sun is setting on SUN. The value is in millions of people having access to the source code so like a languge (english for instance) it can be used and improved apon and adapted to meet a wider range of needs. English for instance would have no value if it were locked up and used by a small group of preists... and this is what closed source is.

    So the whole premise of Sun's claims against Mitnic are flawed right from the get go!

    So yes, Kevin Mitnic is even a better example of punishing the messanger.

    The judges in these cases should be embarrased with their ignorance. At least in the case of the Salem witch trials there is good evidence that their food was laced with Ergot, which is hallucenogenic... so they have an excuse. I cannot see much in the way of an excuse here.

    If the judge ruled that NASA should simply fix its servers then perhaps people would wake up to the fact that when you connect a computer to the net, you need to accept responsibility to secure it. It is a fact that there are evil people in the world who will attack them and get in and perhaps create harm. Even if this kid or Mitnic was malicious, and there is ZERO evidence to support this, they should not face anything more than a small fine. They really did nothing more than what most teenage boys and some teenage girls dream of doing.

    In the case of a bank, throwing the thief in jail is a deterant because the thief needs physical access. In the case of cracking a computer the physical access is to all people in the world and it occurs the instant it is connected to the net. There is no deterant in punishing one person because all the would be crackers are mostly invisible and often live in other countries... some of which are our enemies.

    Any bank would consider it rather unacceptable to leave the door off the vault and place it in the parking lot with no supervision. As a customer I would not deal with a bank that does this. Yet on a daily basis many of the professionals I use regularly expose confidential data through their incompatence and unwillingness to hire competant IT professionals.

    I stand by my original opinion. If NASA got cracked it was their own fault. They should punish themselves for their incompetance. They should not be punishing the messenger.

    Furthermore the Judge in the case should recognise this and send the correct message.