Slashdot Mirror

← Back to Stories (view on slashdot.org)

World's Biggest Hacker Held

Posted by CmdrTaco on from the is-that-girth-mass-or-height dept.

Hieronymus Howard writes "The London Evening Standard is reporting that the "worlds biggest computer hacker" has been arrested in London. Gary McKinnon, 39, was seized by the Met's extradition unit at his Wood Green home. The unemployed former computer engineer is accused of causing the U.S. government $1 billion of damage by breaking into its most secure computers at the Pentagon and NASA. He is likely to be extradited to America to face eight counts of computer crime in 14 states and could be jailed for 70 years. Apparently he broke into U.S. military computers to hunt for evidence of a UFO cover-up."

96 of 631 comments (clear)

  1. Smart? Yes. A Nut? Perhaps. How about both? by lecithin · · Score: 5, Interesting

    "Apparently he broke into US military computers to hunt for evidence of a UFO cover-up."

    It sounds like an excuse to me.

    So is the guy really nutty or is this just an attempt to justify his illegal activities?

    Then again, perhaps he was on to something?

    --
    It could be worse, it could be Monday.
  2. what? by professorhojo · · Score: 2, Insightful

    $1 billion damages? honestly - how do they come up with these figures?

    they'd do better hiring this guy to teach their sysadmins a thing or two.

    1. Re:what? by garcia · · Score: 2, Interesting

      $1 billion damages? honestly - how do they come up with these figures?

      they'd do better hiring this guy to teach their sysadmins a thing or two.

      They hire overpaid techs that do shoddy work. They have to come up with these figures in order to make sure the public doesn't mind them wasting taxpayer dollars to track him down all over the world.

    2. Re:what? by jandrese · · Score: 4, Insightful

      From what I've been able to tell over the years, the damages in these cases is almost completely made up. The FBI loves to post huge numbers on cases like these because it makes them look important. More realistic estimates based on administrator time and business lost due to the servers being unavailable tend to be far lower.

      --

      I read the internet for the articles.
    3. Re:what? by Smidge204 · · Score: 5, Insightful

      To be fair, the cost of finding and fixing trhe holes should not be included. After all, it was broken before he got there.

      Not to mention that they should be found and fixed regardless of any intrusions.
      =Smidge=

    4. Re:what? by the_bard17 · · Score: 5, Insightful

      Not to mention trying to figure out where all those holes in security came from and patching them.

      Yeah, that makes sense. Pawn the cost of fixing your security holes on the guy who found them.

      If my house ever gets burglarized, I'm going to try to get the burglar to pay the contractor to fix the "hole" the burglar got in through.

    5. Re:what? by rokzy · · Score: 2, Insightful

      >Not to mention trying to figure out where all those holes in security came from and patching them.

      that's BS. you didn't see Ford suing its customers that discovered the flaws in their cars and forced fixes did you?

      counter argument: Ford's customers paid for something and were then endanged.

      counter counter argument: citizens pay taxes to be protected and the government fails at this job when it uses crap systems.

    6. Re:what? by nodwick · · Score: 4, Informative
      The idiot article quoted in the summary got it wrong. See here or here. The original article also gets the correct number in british pounds.
      Using software downloaded off the internet, McKinnon allegedly hacked his way into almost 100 networks operated by NASA, the US Army, US Navy, Department of Defence and the US Air Force, with the US government estimating that his antics have cost around one million dollars (£570,000, 790,000) to track down and fix.
    7. Re:what? by 93,000 · · Score: 4, Funny

      Duh . . .

      He compromised over 3 Libraries of Congress worth of information, which costs the government such a large amount of money that, if stacked in $20 bills, it would be the size of four Volkswagen beetles. And if you don't know that it takes 1/4 billion in twenties to equeal a Volkswagen bug, then turn in your nerd card at the door.

      --
      Sweet informative mod.
    8. Re:what? by TripMaster+Monkey · · Score: 2, Funny


      Hey! I'm one of those overpaid, shoddy techs, you insensitive clod!

      --
      ____

      ~ |rip/\/\aster /\/\onkey

    9. Re:what? by BJZQ8 · · Score: 3, Interesting

      Exactly. In my time working with school district (a government entity, of course), consultants will come in and make a big deal about "security", and sell a district a PO a mile long with all sorts of unnecessary crap on it. I have even seen them produce port-scanning logs as evidence of "being hacked." The School Boards will happily hand over $100,000 (in a district with a $2 million yearly budget) to remedy this "security hole." It's the same in the huge government boondoggle of departments and agencies. I'm getting more and more convinced that the coming crisis of the world pulling out of US bond markets is the best thing that could happen; right now this country has unlimited money, and is busy making an unlimited bureaucracy to spend all of it...

    10. Re:what? by Zeebs · · Score: 4, Funny

      If you call any of your doors the "hole" you might want to get your contractor to come and fix it anyway.

      --

      Happy Noodle Boy says "F###ing doughnut! Mock me? You fried cyclops!!"
    11. Re:what? by shotfeel · · Score: 2, Interesting

      Remember, this was thought to be a terrorist group attacking the US. Just guessing, but I assume security teams had to be sent out to lock down the facilities, assess damages and begin trying to figure out where these attacks came. That's just the start.

      Part of the "lock down" may even include completely replaing large systems not only so you can start clean, but also so the compromised systems can be assessed, studied and used for evidence.

      Then you have to figure out what other areas may have been exposed by these breakins and do some heavy duty damage control there as well.

      Then there's the cost of teams of investigators and their expenses. We're talking an international, multi-year investigation.

      All those expenses can really start to add up. Doing an investigation "the right way" can really cost a lot.

    12. Re:what? by danheskett · · Score: 2, Insightful

      That's your complete speculation, with no basis in established fact.

      Let's say you have 100,000 users, and 1300 are lost. You can't just go back to the previous backup and overwrite any of the password changes, profile changes, etc that 100,000 users may have made in the last, say, 8 hrs. It would be very, very disruptive. So you have to first find just the deleted accounts, pull those from the backup, and then restore just those. Depending on your system/platform/application, that may not be possible. So okay, you write a script to insert the users back into the system. Great. But chances are some stuff is lost: passwords, password history, etc. Now you have to hand hold 1300 users resetting passwords, etc. And maybe that links to hundreds of different systems across the network. You really have no idea.

      It could be a 5 minute deal, or it could take some skilled programmers days or weeks to properly fix. It all depends on many thousands of variables.

      Just saying "go back to tape!" isn't always a viable option.

    13. Re:what? by elhaf · · Score: 5, Informative

      However, in this case TFA on cnn at least, gives a figure of 1300 user accounts deleted in one instance. That probably involved real cost. He wasn't just looking for info, he was also being malicious.

      --
      Six score characters.
      Brevity being wit's soul
      I have enough space.
    14. Re:what? by kyle_b_gorman · · Score: 2, Informative

      They have different meanings in Britain and the US.

      http://en.wikipedia.org/wiki/Billion

    15. Re:what? by greg_barton · · Score: 2, Insightful

      The FBI loves to post huge numbers on cases like these because it makes them look important.

      That, and it may help in budget appropriations. Your budget is likely to be cut if you don't spend all of the money in a year. If you're behind on spending, say by $100 mil, you could say "but this hacker cost us $1 billion in damages! We're only going to charge $100 mil for our trouble, though..."

    16. Re:what? by arkanes · · Score: 3, Interesting

      If this is what you do everytime theres a break-in at your company, I fear for your security. First off, you're presuming that he didn't delete the accounts beyond ADs ability to restore them, which is a pretty big assumption. And you're ignoring the work involved in auditing the restores of all the users data and privledges, to make sure that you don't accidently restore any tampering. Dealing with a large scale security breach is complicated and a major task, and while it's not fair to pin the total cost on the hacker (like fixing the hole he came in through), the secondary costs can be quite large - auditing and figuring out how he came in in the first place, deciding exactly how much of your infrastructure you can trust after the breakin, what a safe date to restore off tape is, etc, etc.

    17. Re:what? by peterprior · · Score: 2, Informative

      According to the BBC it caused $1 million in damages not billion.

    18. Re:what? by Steve+Newall · · Score: 2, Interesting

      Symantic difference between British English and American English.

      British burglars burgle.
      American burglars burglarize.

    19. Re:what? by blackicye · · Score: 2, Interesting

      whats wrong with his spellerizing?

      burglarize
      verb

      (US)
      burglarized, burglarizing
      1. To burgle.

      Etymology: 19c.

    20. Re:what? by Sabotage · · Score: 2, Informative

      Let's put some real math behind this...

      The Bureau of Engraving and Printing states that the current US currency is 2.61" x 6.14" x .0043". It takes 12.5M twenties to make $0.25B. 12.5M twenties then equals about 498 cubic feet.

      According to Volkswagen, the new Beetle is 161.1" x 67.9" x 59.0", which works out to about 373 cubic feet. Since the volume of the car is somewhat less than its bounding box, I'd say that $0.25B in $20 bills is significantly larger than a VW bug.

      A bug is probably closer to a quarter billion in fifties, which would be about 199 cubic feet.

      You turn in YOUR nerd card.

    21. Re:what? by jonfr · · Score: 2, Interesting
      I have even seen them produce port-scanning logs as evidence of "being hacked."

      Been there, done that. I scanned my formal school network, but i also found a securty hole in a form of syspref.inf with a working password, it was in the computer class room on the C:\ drive, in clear text. I did test the password to see if it was working. Took a peek at the schools servers, but i didn't damage anything.

      Then the case got to the cops, they did use port scanning logs to proofe that i was trying to damage the school network by portscanning the lan. But offcose that was plain BS.

      Also, the state lawyer didn't have any evidense to proof anything on me. And the School second-headmaster did confirm my word where i had refused to damage the schools servers.

      The case went to trial, i am now waiting the outcome. I hope that i win.

      (Now i will get flamed to hell and modded up)

  3. Obligitory Slashdot Discussion by DeadSea · · Score: 5, Funny

    I don't believe that this guy is the world's biggest hacker. Have you seen Cowboy Neal??? Now that's big!

    This guy was looking for UFOs. In Soviet Russia, UFOs look for you!

    We all know that if he was an uber-hacker he would have created a Beowulf cluster of all the computers he hacked.

    One billion in damages? That number has to be inflated. (Actually the article says 570000 pounds which is only about 1 Million US dollars according to my currency calculator)

    1. Get paranoid about UFOs
    2. Hack into the US government
    3. Get caught
    4. ????
    5. Profit!
    1. Re:Obligitory Slashdot Discussion by rokzy · · Score: 4, Funny

      you must be new here.

    2. Re:Obligitory Slashdot Discussion by Thuktun · · Score: 5, Funny

      Actually the article says 570000 pounds

      Wow, that guy IS big.

    3. Re:Obligitory Slashdot Discussion by The+Jon · · Score: 2, Funny

      I for one welcome our newly arrested soon to be extradited worlds biggest hacker overlord. ...and maybe he has a thyroid problem, you insensitive clod.

      --
      umop apisdn aw pow f,uop aseald :umop aw pow 'dn aw pow
    4. Re:Obligitory Slashdot Discussion by zenneth · · Score: 4, Funny

      heh, that's great irony... the six-digit guy telling the five-digit guy he's a noob.

      --
      The Chronic *WHAT* les of Narnia!
    5. Re:Obligitory Slashdot Discussion by Paul+Crowley · · Score: 2, Funny

      Well, there's at least one instance of someone buying a three-digit (IIRC) /. account on eBay.

      For how much?

      --
      Xenu loves you!
  4. Sweet Jesus. by newrisejohn · · Score: 4, Funny

    If you do $1 Billion worth of damage just to look for UFO conspiracy information, you deserve to be locked up.

    Although this could help his insanity plea.

  5. This just in by yotto · · Score: 5, Funny

    The police have apologized to his mother for kicking in her door, but it was the only way they could reach the basement.

    --
    Pulp Audio Weekly - Geek News and Reviews
  6. Re:Smart? Yes. A Nut? Perhaps. How about both? by markild · · Score: 2, Insightful

    LOL..

    If you're that good you're doomed to either be retarded or wacko.

    This obviously proves it ;)

    --
    Scully: Should we arrest David Copperfield?
    Mulder: Yes we should, but not for this.
  7. UFO cover-up by iocc · · Score: 2, Interesting

    Did he find any evidence of a UFO cover-up?

    1. Re:UFO cover-up by newgalactic · · Score: 2, Informative

      He didn't find anything because nothing exists. Carl Sagan once said that by his estimate, the knowledge of alien life would most likely be a secret for all of two hours upon discovery (...or was it Issac Azimov).

      I was in the Navy for six years. There are no secret alien files being held on servers. The Government and our nations military are made up of the same everyday shmoes as you and me. They've all worked in malls or mc'donalds at one time, played video games, and are TOTALLY INCAPEABLE of keeping a secret of this magnatude for 60+ YEARS... trust me!

    2. Re:UFO cover-up by said_captain_said_wo · · Score: 2, Insightful

      There are cases of a secrets being kept:
      Manhattan project
      H bomb
      B-2 Stealth bomber

      If we could follow the money, we'd see how much goes into projects for which there is no public exposure.

      Even if there is no UFO coverup, there are black projects being funded with many millions of dollars. Who decided where this money goes? Where is this money going? Is this a good use of our tax dollars?

  8. Whoah by LegendOfLink · · Score: 5, Funny

    OMG, they finally caught JeffK!?

    --
    IGB: More fun than eating oatmeal!
  9. World's Biggest Hacker? by Dagny+Taggert · · Score: 5, Interesting

    Really? Because he broke into a Pentagon network? That just makes him stupid; if he were really a big hacker, he'd be doing blackhat corporate work. UFOs! Yeah...whatever.

    --
    Don't be a looter...and yes, I know that it's spelled with an "A" instead of an "E".
  10. One beeelllliiioonn dollars? by bc90021 · · Score: 4, Interesting

    1 Beeelllion Dollars?

    Where do they get that from? If that's really the case, it would only take about 6,000 people to cause enough damage to double the national debt!

    The article doesn't mention anything anywhere about pure damages, for starters. It mentions the costs associated with tracking and capturing the guy, and costs correcting some of the problems - combined. Those costs are listed as 570,000 pounds. At the exchange rate I just looked up (1.83 dollars to a pound), that's still only 1,054,500 dollars, which is more like a meeelllion dollars. Even if they tack on the 950,000 pound in fines, that's still not even three million.

    That's a far cry from a billion... and about two million less than the damages Kevin Mitnick was supposed to have caused.

    Frankly, they should have just let this guy find some "evidence" of UFOs. Then he might have spent his time trying to convince people of it instead of looking for more!

    --
    libertarianswag.com
    1. Re:One beeelllliiioonn dollars? by bobbis.u · · Score: 3, Informative
      The BBC article says $1 million.

      I think some chump is getting confused about millions and billions. He probably thought the US million was a UK billion or something like that. It is now generally accepted everywhere that a billion is a 1,000 million, not a 1,000,000 million.

      The wikipedia article clarifies

    2. Re:One beeelllliiioonn dollars? by newfoundry · · Score: 4, Informative
      From the BBC report:

      "The Briton was indicted in 2002 by a federal grand jury on eight counts of computer-related crimes in 14 different states.
      It claimed that he hacked into an army computer at Fort Myer, Virginia, obtained administrator privileges and transmitted codes, information and commands.

      Unauthorised access
      He is accused of then deleting around 1,300 user accounts.
      The indictment alleged Mr McKinnon also deleted "critical system files" on the computer, copied a file containing usernames and encrypted passwords for the computer and installed tools to gain unauthorised access to other computers.

      A loss of over $5,000 (£2,725) to the Army stemmed from the alleged damage, according to the indictment."

      So in the space of three years, $5K becomes $100M? Nice rate of return, if you can get it...

  11. Re:Smart? Yes. A Nut? Perhaps. How about both? by Omnieiunium · · Score: 5, Funny

    He wasn't onto anything. He found nothing. Nothing at all. He did not hack into our databases or steal information. Never happened. Never.

  12. 1 billion $ damage? by vidarlo · · Score: 2, Insightful

    How does they measure the damage done by a single person. 1 billion sounds awful, and if it is this single person that has done so much damage, one must ask how he can do that. I have a feeling it falls back to relaxed security, lazy sysadins and such. And how does they compute how much damage he has done? I guess some corps use the chance to do changes when restoring, so they might in fact get a lot new, which might be incorporated into the costs. Also, destroying a solution that costed $1M to make does not mean it'll cost $1M to reimplement it... So my guess is that those costs is a bit bogus, at best.

    --
    Assembling etherkillers for fun an profit
  13. Re:So... by hamburger+lady · · Score: 4, Funny

    goes by the name of 'Brasky'. i'd say he's about 8'5", 750 pounds.

    --

    ---
    Is this the MPAA? Is this the RIAA? Is this the DMCA? I thought it was the USA!
  14. Will they plea?? by mbathgate · · Score: 2, Interesting

    The question now is whether the government will attempt a plea deal and put him to work like we've seen in other cases. With jails full, it seems rather silly to put such useful talent behind bars when he really isn't a threat to society. Plus, he could be our secret weapon against those vicious North Koreans. He's got to be worth at least 100 NK's if he's the "biggest in the world, right?"

    --
    If you post, they will mod it.
  15. Re:So... by eric_brissette · · Score: 2, Funny

    I also thought it was a strange use of the word "big"

    A really fat nerd was the mental picture that came to mind first.

  16. Re:World's biggest computer hacker by BenBenBen · · Score: 3, Funny

    Not bigger than Kim Schmitz, surely.

    --
    The Slashdot Paradox: "100% Overrated"
  17. Free On Bail (BBC) by Anonymous Coward · · Score: 4, Interesting

    According to this, he's free on bail:

    http://news.bbc.co.uk/2/hi/uk_news/4071708.stm

    1. Re:Free On Bail (BBC) by magarity · · Score: 4, Funny

      Free on bail + facing 70 year sentence = run awaaaaaay! run awaaaaaay!

  18. Most secure? by Mille+Mots · · Score: 5, Insightful
    ...The unemployed former computer engineer is accused of causing the US government $1billion of damage by breaking into its most secure computers at the Pentagon and Nasa...

    Maybe it's just me, but any device connected to any other device is no longer to be considered as secure.

    I would have guessed that the gubbermint's "most secure computers" would be airgapped, but apparently that is not the case. Or, perhaps, the author of TFA is being just a bit sensational and overdramatic. ;)

    1. Re:Most secure? by Rorschach1 · · Score: 4, Informative
      Even stuff classified at the 'Secret' level is kept on separate networks. If you find any SIPRNET traffic on unclassified networks, it's using NSA-approved encryption devices to tunnel traffic.

      Of course, something as Earth-shattering as UFO proof wouldn't get anywhere near a computer only approved for 'Secret'. Think secure facilities with guards, shielded rooms and computers, and vaults. Where classified networks do exist, you'll see mandatory physical separation distances between cables to avoid crosstalk, heavy use of fiber optics, pressurized conduits, and so forth.

      Fortunately I don't often have to deal with that stuff. As exciting and mysterious as classified data processing might sound, it's mostly boring and a freaking pain in the ass to deal with.

  19. A more reputable UK Paper by tezza · · Score: 2, Informative
    The Independent. They have the decency to say 'Hacker'

    The Evening Standard releases The Metro and Evening Standard Lite. All are rubbish.

    --
    [% slash_sig_val.text %]
  20. Photo of worlds biggest hacker finding UFOs by hoggoth · · Score: 2, Funny

    Here is the photo that Reuters released for this news story. It shows the worlds biggest hacker successfully getting into the Pentagon's secret UFO research labs.

    He looks kinda feminine to me...

    --
    - For the complete works of Shakespeare: cat /dev/random (may take some time)
  21. Odd facts in this case by FunWithHeadlines · · Score: 4, Insightful
    What an incredibly odd story. Look at these quotes from the article:

    "Most of the alleged hacking took place in 2001 and 2002. At one stage the US thought it was the work of the al Qaeda terror network. "

    OK, so this must have been some serious stuff going down for them to think that he was al Qaeda. Or was it?

    "Friends said that he broke into the networks from his home computer to try to prove his theory that the US was covering up the existence of UFOs. "

    Uh oh, we're talking mentally off here.

    "He is accused of a series of hacking offences including deleting "critical" files from military computers. The US authorities said the cost of tracking him down and correcting the alleged problems was more than £570,000. The offences could also see him fined up to £950,000 if found guilty on all charges. "

    Here it comes, the big bill for this mentally off "al Qaeda" operative. "Lesse, captain, I spent my lunch hour running a scan." "Aha! We'll bill that time as worth £50,000!"

    "Prosecutor Paul McNulty alleged that McKinnon, known online as "Solo," had perpetrated "the biggest hack of military computers ever". He was named as the chief suspect after a series of electronic break-ins occurred over 12 months at 92 separate US military and Nasa networks.

    Ah, it gets better. This guy must have been hot stuff! They think he's some kind of master criminal or something. Or al Qaeda maybe.

    "It is alleged that he used software available on the internet to scan tens of thousands of computers on US military networks from his home PC, looking for machines that might be exposed due to flaws in the Windows operating system.

    Many of the computers he broke into were protected by easy-to-guess passwords, investigators said. In some cases, McKinnon allegedly shut down the computer systems he invaded. "

    WHAT?! He's just a script kiddie??! All this fuss over some guy port scanning Windows boxes??

    "The charge sheet alleges that he hacked into an army computer at Fort Myer, Virginia, where he obtained codes, information and commands before deleting about 1,300 user accounts.

    Other systems he hacked into included the Pentagon's network and US army, navy and air force computers. "

    So let me get this straight. Some nutcase into UFOs uses script kiddie technology to port scan Windows boxes and somehow manages to get into the Pentagon and the military? Are you kidding me? Either they are running Windows boxes with easy to guess passwords and insecure networks, or else they should have charged him with a lot worse stuff than standard port scanning. Or maybe the reporter has no clue what he did, but this doesn't add up.

    The only thing that does make sense is the U.S. military thinking a script kiddie UFO chaser was a master criminal at work...

    1. Re:Odd facts in this case by jd · · Score: 5, Interesting
      I've done some work for NASA and the DoD in the past, and all I can say is I'm surprised by how few break-ins the guy is tied to. Typical system administration passwords are "password" according to the agency-wide briefing I was in on, the use of .rhosts on mission-critical systems is scary, and the preference of rsh/telnet over secure protocols is beyond belief.


      The evidence so far is that the guy IS a skript-kiddie, and probably not a very good one at that. If, after countless reviews and endless debate, many Federal agencies are still scoring D or worse on their own evaluations, I cannot find any reason to have any confidence in their ability to secure their systems.


      Perhaps, instead of wasting time chasing UFO spotters, they should be putting more time and effort into getting their own house in order. Windows machines are rated for standalone security, not network security, and Windows is only C-class even then. That may be fine for a desktop hosting seriously unimportant files, but I would not regard that as nearly good enough for servers or desktops likely to have files of significance.


      For the sorts of establishments we're talking here, I would say that a minimum of B3 on internal security and something comparable for network security should be the minimum for anything beyond the kiosks they've been pushing people onto.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  22. Re:Don't they mean cracker? by Morgon · · Score: 5, Funny

    Why's it always gotta be about race?!

    --
    [DISCLAIMER: This post is a work of satire and should not be misconstrued as a holy text upon which to base a religion.]
  23. Error by DigitalOSH · · Score: 2, Informative

    Theres an error in the summary. No one claimed he was the world's biggest hacker. The quote was in fact "Mr McKinnon is charged with the biggest military computer hack of all time"
    -Paul McNulty, US Attorney for the Eastern District of Virginia

    --
    "Its a grey area". "How grey?" "Somewhat of a charcoal shade"
  24. "Most secure computers" - I doubt it by Lemming+Mark · · Score: 4, Insightful

    Unless the Pentagon and NASA have VERY VERY silly systems, their *really* important computers are simply *not* accessible to hackers. I really can't believe that truly ensitive systems wouldn't just be air-gapped from the world.

    Sure, it's possible to hack intelligence agencies but it I'd put money on it failing to get you the really juicy stuff!

    1. Re:"Most secure computers" - I doubt it by Maximum+Prophet · · Score: 2, Funny

      They are. The most sensitive computers at the Pentagon are in Faraday cages with heavily filtered power and armed guards Absolutely no Internet connections.

      --
      All ideas^H^H^H^H^Hprocesses in this post are Patent Pending. (as well as the process of patenting all postings)
    2. Re:"Most secure computers" - I doubt it by javaxman · · Score: 2, Funny
      Unless the Pentagon and NASA have VERY VERY silly systems, their *really* important computers are simply *not* accessible to hackers. I really can't believe that truly ensitive systems wouldn't just be air-gapped from the world.

      You've never worked for the government, have you ? It shows.

      Believe, my lemming friend, and try to use those critical thinking skills every once in a while. The feds can hardly even define "really important", and certainly have a hard time keeping track of their own doings. Breaking into federal networks can't be too difficult, it's done all the time. This guy wasn't that good- he's been caught.

  25. He didn't commit a crime in the US by thogard · · Score: 4, Interesting

    He only committed a crime in the UK even though the effects that crime where in the US. There are already enough laws in the UK about breaking into military sensitive computers that can put him in jail for a very long time and there are enough treaties with the US so that breaking into a US military computer in the UK can get you thrown in jail forever.

    The judge should rule that he can't be extradited to the US until he has been tried in the UK and then only if the US has charges that don't fit into double jeopardy.

    1. Re:He didn't commit a crime in the US by Scooby71 · · Score: 2, Informative

      Under the UK Extradition Act of 2003 the US does not have to show any evidence at the extradition hearing.

      The fact that he has been charged in a US court is sufficient, so I wouldn't bet on the judge ruling as you say.

      The converse does not apply to UK extradition requests to the USA.

      This has been applied to 3 bankers involved in the Enron fraud.

  26. Re:Don't they mean cracker? by Datamonstar · · Score: 4, Funny

    Yes, a saltine of massive proportions.

    --
    The eternal struggle of good vs. evil begins within one's self.
  27. He Got The Wrong System by Hoi+Polloi · · Score: 4, Funny

    If he was really smart he would have broken into the alien computer system via the link in...ah, forgot I ever said that.

    --
    It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
    1. Re:He Got The Wrong System by Metzli · · Score: 4, Funny

      That would only work if was using an older model of Powerbook. It might also require that he looks more like Jeff Goldblum.

      --
      "It's too bad stupidity isn't painful." - A. S. LaVey
  28. Re:Smart? Yes. A Nut? Perhaps. How about both? by kfg · · Score: 2, Funny

    Then again, perhaps he was on to something?

    Yeah, and insanity plea. Doen't mean he shouldn't do serious time, just that he should do it where they have nice soft walls, milk and cookies.

    Ummmm, the round kind, with little bits of chocolate in them. The other kind are part of the alien plot to enslave us, but don't tell anyone or the MIBs will come for you.

    Arrrrrrrrgh!

    KFG

  29. A Darwin Award nomination, say I! by Dystopian+Rebel · · Score: 5, Insightful

    The guy is smart enough to cobble together scripts and guess passwords so he can get into computers run by US Military Intelligence ("The World's Biggest Oxymoron", by the way)...

    And what does he look for? UFO information! Now he's facing 70 years in prison.

    Come on, that must be the equivalent of tipping a Coca-Cola machine onto yourself.

    --
    Rich And Stupid is not so bad as Working For Rich And Stupid.
    1. Re:A Darwin Award nomination, say I! by Anonymous Coward · · Score: 2, Funny

      I thought the world's biggest oxymoron was "Microsoft Works"

    2. Re:A Darwin Award nomination, say I! by quanticle · · Score: 2, Informative

      He's not dead or castrated.

      To be eligible for a Darwin one must remove oneself from the gene pool.

      --
      We all know what to do, but we don't know how to get re-elected once we have done it
    3. Re:A Darwin Award nomination, say I! by lost_n_confused · · Score: 2, Interesting

      I truly doubt he got into any classified systems. From my 7 years of working in military intell and then 13 years of installing networks for the military I have never worked on a classified system that was connected to the internet. There are red and black networks to keep the traffic separated. You can't even run a CAT 5 red network wire down the same wall as the black network wires. There is never an intermingling of wires let alone traffic. The DOD has its own world wide network to run classified traffic over. This is like a person breaking into a bank lobby and saying it is the same thing as breaking into the vault. lobby != vault. Internet servers != NSA servers not even close not even on a bet.

      --
      -- To mess up an OS X box, you need to work at it; to mess up your Windows box, you just need to work on it.--
  30. No, I'm New Here by New+Here · · Score: 4, Funny

    No, I'm New Here

  31. It's a good thing he didn't download Eminem songs! by CyricZ · · Score: 5, Funny

    It's a good thing he didn't download Eminem songs as well. Then he would have been in deep shit.

    --
    Cyric Zndovzny at your service.
  32. Re:Smart? Yes. A Nut? Perhaps. How about both? by prisonercx · · Score: 5, Funny

    Don't be too sad for him, he got his wish. He's about to be far more involved with anal probing.

  33. Re:"Damage" by Perl-Pusher · · Score: 2, Interesting

    Obviously you have never had all work completely stop while the sysadmins wiped every machine clean and restored files from backup. A hacker at Langley Research Center easily wasted $1 million dollars a day for 4 days, just in the pay to unproductive employees.

  34. Re:script kiddie technology? by Johnny+Mozzarella · · Score: 2, Funny

    or alien technology?

  35. Re:Smart? Yes. A Nut? Perhaps. How about both? by kpansky · · Score: 3, Insightful

    Sorry. But snooping around a house, checking the door, finding it unlocked and entering without homeowner permission is still illegal.

    --

    --Kevin
  36. Re:Don't they mean cracker? by fdiskne1 · · Score: 3, Funny

    That must be it. Here's a picture of him.

    --
    But why is the rum gone?
  37. One Beeelion Dollars!!! by mojoNYC · · Score: 2, Insightful
    while i only stfa, the sum total of monetary damages seems to me to be RIAA-esque... meanwhile, why don't we hear about how much something like this costs?

    3.9 Million Citigroup Customers' Data Lost

    the corporate mentality never ceases to disillusion me--where's the class action lawsuit?

  38. Re:It MOST CERTAINLY is not! by jellomizer · · Score: 2, Insightful

    Well diffence between hacking and breaking and entering are somewhat simular. The only diffence is no physical damage to system, and potentially no logical damage as well. But that is where the difference stops.

    If I owned a shop and I closed the door and forgot to lock it and turn on the security system. But put the closed sign up at the end of the day and a guy walked in and robbed me blind. And the next day we found the theif he would still be arrested for stealing or if he read my books he would still be guilty of corprate esponage.

    Or say I have a convirtible and I locked the door but left the top open. And he just reached around and unlocked my doors and hotwired my car (Or even if I left the keys in). He stole my car. If cought he would be tried for grand theft auto. Even if he returned the car at the end of the day he will still be arested for steeling my car.

    Just because your victim is stupid it doesn't make comitting a crime right.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  39. Wellcome to cynicsville, population: Me. by Scrameustache · · Score: 2, Interesting

    I think its interesting how computer crimes (even ones that technically do no physical damage, like destroying of files/property, etc) can warrant these huge jail times, yet a confessed convicted rapist, child molester, or other misc. violent criminal can sometimes get as few as 5 years in prison.

    What does that tell us? We care more about our files than our children. While I don't think that breaking into a computer system just to prove you can is a smart idea (not saying that was the case in this situation, but rather in general), but I would consider a child molestation as a much more heinous crime, that should always warrant a longer sentence.

    Laws aren't there to protect you, they are there to protect the rich.

    Some poor looser raping other poor looser's kids is bad for their work productivity, so it is illegal, but acts that could cause the rich to loose riches are much more illegal, because these things really matter to those who make the laws.

    --

    You can't take the sky from me...

  40. Re:Don't they mean cracker? by guitaristx · · Score: 4, Informative

    Everyone, please send emails to this address of a similar nature:

    Dear editor,

    I am a computer hacker. By this, I mean that I enjoy learning and exploring computer technology. I have a degree in computer science, and am involved in many not-for-profit computer-technology endeavors. I am not a criminal. I do not violate computer security, I do not write malicious software, and I do not intentionally cause harm to the computer systems that I have access to. Any computer system access that I have has been given to me through legitimate means. It has come to my attention that you have used the term 'hacker' in the article linked below to indicate a person who intentionally violates computer security systems: http://www.thisislondon.co.uk/news/articles/191647 14?source=Evening%20Standard&ct=5

    The proper term for such a person is 'cracker' or 'security breaker', i.e. one that "cracks" computer security. By using the term 'hacker' in the way that your publication has done, you spread misinformation about me, and people like me. You are demeaning and destroying a culture that, above all, values learning, knowledge, and wisdom. Please stop insulting hackers by equating them with criminals. For more information, see here: http://www.catb.org/~esr/jargon/html/appendixc.htm l

    Please issue a correction, and please make sure that a clear distinction is made in the future.

    (your name here)
    A Proud Hacker

    --
    I pity the foo that isn't metasyntactic
  41. Re:Smart? Yes. A Nut? Perhaps. How about both? by Dasch · · Score: 4, Funny

    Sure, that's true! Last year I was standing next to a house, smoking some weed, when I lost my balance, tripped, and fell through a window! I thought I might as well crash there, so I took a nap in the owner's bed.

  42. Re:Smart? Yes. A Nut? Perhaps. How about both? by jacem · · Score: 2, Insightful

    The sad thing that I see all the time is the easier it is to break the security system the harser the penalty.

    This guy broke the military network for three days. Shouldn't it have been more secure.

    I'm not saying what he did was right. What I'm asking is how much was spent on security before he took his tour. Shouldn't the people (companies whatever) that where responcible for security have some culpability?


    JACEM

    --
    DOC Disinformation Obfuscation and Confusion
    The carrot to FUD's stick
  43. In other news . . . by ndansmith · · Score: 4, Funny

    . . . Halliburton has won a no-bid contract from the Bush administration to fix the "$1 billion" of damages.

  44. Re:MOD PARENT UP by Doc+Grimm · · Score: 3, Insightful

    Except that if it ISN'T a crime where I did the action is it still a crime? IE if I crack a US CD in the UK am I inviolation of the DMCA? What if that CD was in a drive on a PC in the USA? The question comes down to at which computer did the crime take place? The one he used, or the one he broke into? If the argument is the doing what he did at his computer is a crime, then UK should have jurisdiction with all the leagal-ese the comes with it. If, on the other hand, the crime takes place at the site of the infiltrated computer, how do you know what the laws are of a computer your using when you don't know physically where that computer is, and so can't really do anything with it, etc.

  45. Re:Smart? Yes. A Nut? Perhaps. How about both? by Lemmy+Caution · · Score: 4, Insightful

    Yep. It's still illegal. But while it's illegal for a burglar to enter your unlocked house, you're no less of an idiot for leaving it unlocked. And exaggerating the scope of the break-in ("he diabolically circumvented the integrity of the house by adjusting the rotational position of the entry affordance!") has as more to do with CYA (in the case of the homeowner, perhaps to collect insurance) than it has to do with the guilt of the burglar.

  46. Re:Smart? Yes. A Nut? Perhaps. How about both? by h4rm0ny · · Score: 2, Interesting


    And on a related note, what accounts for the $1billion damages? I'd wager a large part of that is plugging security holes that should not have been there in the first place. Although it's stated in the article that fixing the problem and tracking him down cost £570,000 pounds.

    In fact, reading the article, I can find no reference to $1 billion. It's estimated that he may be fined £900,000 (that figure makes so much sense), but if that equates to $1 billion at the current exchange rate then I think I better get over there and buy a town. Editors not reading the story?

    --

    Aide-toi, le Ciel t'aidera - Jeanne D'Arc.
  47. And remember: by idonthack · · Score: 2, Insightful

    We have always been at war with Eastasia.

    --
    Why is it that when you believe something it's an opinion, but when I believe something it's a manifesto?
  48. Re:Smart? Yes. A Nut? Perhaps. How about both? by menkhaura · · Score: 2, Informative

    And on a related note, what accounts for the $1billion damages?

    I've just read Bruce Sterling's "Hacker Crackdown", in which there is a similar claim by a large corporation (AT&T) of a document being worth almost $80k, while a very similar document was sold for 13 bucks by the same company to anyone who asked for it.

    The interesting part was how they arrived to the 80k figure for a 12 page doc. In it they computed, among other things, two weeks of a typist and an observer...

    --
    Stupidity is an equal opportunity striker.
    Fellow slashdotter Bill Dog
  49. Good! by Cervantes · · Score: 2, Insightful

    The little bastard deserves everything he gets. No defense coming from me here.

    It's bastards like this that screw things up for grey-hats everywhere. Ok, you were curious, you wanted information, and the information wanted to be free... good enough. But you don't go deleting files and user accounts! How fraggin dumb can you be? "Hmm, I just hacked NASA and no-one knows.... I think I'll fuck things up!".

    If he'd just gone looking for the information and gotten busted, I would have had sympathy for him. But he just went to wreck shit up. "Looking for UFOs" is just AOL-Speak for "Shit, I got caught being a dick and I need an excuse, quick!"

    --
    If I knew the wedgies I gave you back in 6th grade would have resulted in this . . . I might have taken a moments pause.
  50. And my reply, if I were an editor would be by Sycraft-fu · · Score: 3, Insightful

    Dear Person,

    As it turns out, that is not correct. According to the Merriam-Webster Unabridged Dictionary, the American Heritage Dictionary, and the Oxford English Dictionary the word hacker has two meaning in relating to computers. One of them is a person who is an expert with computer and/or someone who peruses computer knowledge for its own sake, the other is a person who uses their skill with computers to gain unauthorized access to systems.

    This is not an uncommon situation in English, for a word to have two related connotations, one positive and one negative: For example the word exploit. When used as a verb it can be used to mean a full positive use of something, such as to exploit one's talents means to make full use of your talents in a good way to achieve a goal. It can also be used in a negative way, such as to exploit illegal immigrant financial gain means to take unfair advantage of someone's position to your own selfish benefit. Both uses are not only accepted, but common. It is the context that dictates the meaning of the word.

    The same is true with the word hacker. Your special interest sites like Slashdot do not set the stage for the English language, nor are they the authority on its correct usage. Thus in our article using hacker to describe someone who uses computer skill to gain illegal entry to systems is in every way as correct and accurate and a skilled programmer calling themselves a hacker. Thus we will not be issuing a correction, as there is nothing to correct.

    In the future if you believe a word is being used incorrectly, I suggest you make a quick check with a dictionary to ensure that you are not confused. There are several online websites including www.dictionary.com, www.oed.com, and www.webster.com that will allow you to look up the definitions of words with ease.

    Sincerely,

    Editor-in-Chief person.

    1. Re:And my reply, if I were an editor would be by guitaristx · · Score: 4, Insightful

      Good thing you're not an editor. First, www.dictionary.com shows that the malicious definition of 'hacker' is deprecated. Next, www.webster.com shows both meanings, as you say, but (as with most lexicons) the more common or more proper definitions are listed first. Notice that the malicious definition is listed last. Furthermore, in the context of the offending article, the term 'hacker' is jargon, and is therefore subject to definition by the particular field to which the jargon term belongs: computer technology. Therefore, Webster, OED, and any other general-knowledge dictionaries' definitions of said term are superseded by the generally-understood meaning within the field of computer technology.

      A respectful computer expert (that is, a computer expert that respects the skills, opinions, and decisions of other computer experts) would understand the distinction between the usual news article's use of the term 'hacker' and the more correct term as I have described it. However, the average lay-person will not understand the distinction, and will be left with a negative connotation whenever encountering the word 'hacker'. Therefore, as a hacker (in the non-malicious sense), it is my duty to defend myself, and others like me, by communicating to insensitive publications the inherent offensiveness of careless use of the term 'hacker'. If a publication receives a request like mine (see GP), and chooses to respond to it as you have, it is an indication of the publication's insensitivity and intentional alienation of a significant non-malicious worldwide subculture. Therefore, if I do receive a response from either of the publications I've contacted today, and it's similar to yours, I will do whatever is in my power to spread the word about their discriminatory practices. Not that I want to do that - I hope that my letters will incite changes in the treatment of the term 'hacker'. In any case, I'm doing my part to ensure that 'hacker' loses its negative connotation, since the correct definition of it describes me, and others like me, much better than 'computer expert', 'computer enthusiast', 'geek', 'nerd', 'programmer' (et. al.). If ethnic groups can be defensive about what they wish to be called, then subcultures should have the same right.

      --
      I pity the foo that isn't metasyntactic
  51. The UK should *not* extradite anyone to the US... by johansalk · · Score: 2, Interesting

    The extradition agreement signed between the US's Ashcroft and the UK's Blunkett over terror is seriously flawed; it doesn't require the the Americans to provide *any* evidence, but demands so from the Brits, and American authorities have proved too willing to misuse it, far beyond "terror". Furthermore, the treaty removes key protections, and the UK parliament was *not* consulted at all http://tinyurl.com/4yph4. For all I've seen, it's all been one-sided so far, with Brits extradited for various reasons, even to a Brit CEO demanded by the Americans for "price-fixing"(!!) http://tinyurl.com/7tdkv. The UK should *not* extradite any Brits to the US, at all!!! This American Gitmo administration is not fit for any role of justice!

  52. Re:Never? by mattspammail · · Score: 2, Funny

    Swamp gas. It was all swamp gas, ladies and gentlemen.

    --
    Now accepting PayPal donations!
  53. Re:Don't they mean cracker? by RobotRunAmok · · Score: 2, Insightful

    The media will never start using "hacker" and "cracker" the way we'd like them to

    "We?" What's all this "we" stuff? The adoption of "cracker" by the script-kiddies to mean something else in addition to saltine and Southern racist and illicit-vault-opener remains among the dopey-est linguistic forays of the past twenty years. For many of "us," "cracker" can't cease having any IT-related meaning fast enough.

    Of course, if "war-driving" enters the popular lexicon of national newsrooms with any meaning beyond a description of what soldiers do in their Hummers, than "cracker" will finally be out-dopey-ified, but we've got our fingers crossed...

  54. Re:Most secure? On the public interent? Not ! by jimp79 · · Score: 2, Informative

    Technically not true. In most places the SIPRNET runs over the same infrastructure (wires, switches, etc) that the unclassified traffic runs over. The SIPRNET traffic is just encrypted using TACLANEs, so it is essentially a classified VPN as opposed to a physically separate network. It would be theoretically possible to hack into the SIPRNET from the Internet by compromising a TACLANE.

  55. Unbalanced legal system by Anonymous Coward · · Score: 2, Insightful

    It was recently reported that Mark Hacking, who shot his wife in the head while she slept and dumped her body into a garbage bin, will receive 6 years for his crime.

    McKinnon, on the other hand, who committed a nonviolent crime, could be jailed for 70 years. That's more than 10 times a murderer's sentence.

    Apparently it's not such a big deal if you kill one of the common peasants, but they'll come down on you like a ton of bricks if you vandalize something belonging to the most high and holy government.