Slashdot Mirror
World's Biggest Hacker Held
Hieronymus Howard writes "The London Evening Standard is reporting that the "worlds biggest computer hacker" has been arrested in London.
Gary McKinnon, 39, was seized by the Met's extradition unit at his Wood Green home.
The unemployed former computer engineer is accused of causing the U.S. government $1 billion of damage by breaking into its most secure computers at the Pentagon and NASA. He is likely to be extradited to America to face eight counts of computer crime in 14 states and could be jailed for 70 years. Apparently he broke into U.S. military computers to hunt for evidence of a UFO cover-up."
"Apparently he broke into US military computers to hunt for evidence of a UFO cover-up."
It sounds like an excuse to me.
So is the guy really nutty or is this just an attempt to justify his illegal activities?
Then again, perhaps he was on to something?
It could be worse, it could be Monday.
I don't believe that this guy is the world's biggest hacker. Have you seen Cowboy Neal??? Now that's big!
This guy was looking for UFOs. In Soviet Russia, UFOs look for you!
We all know that if he was an uber-hacker he would have created a Beowulf cluster of all the computers he hacked.
One billion in damages? That number has to be inflated. (Actually the article says 570000 pounds which is only about 1 Million US dollars according to my currency calculator)
If you do $1 Billion worth of damage just to look for UFO conspiracy information, you deserve to be locked up.
Although this could help his insanity plea.
The police have apologized to his mother for kicking in her door, but it was the only way they could reach the basement.
Pulp Audio Weekly - Geek News and Reviews
OMG, they finally caught JeffK!?
IGB: More fun than eating oatmeal!
Really? Because he broke into a Pentagon network? That just makes him stupid; if he were really a big hacker, he'd be doing blackhat corporate work. UFOs! Yeah...whatever.
Don't be a looter...and yes, I know that it's spelled with an "A" instead of an "E".
1 Beeelllion Dollars?
Where do they get that from? If that's really the case, it would only take about 6,000 people to cause enough damage to double the national debt!
The article doesn't mention anything anywhere about pure damages, for starters. It mentions the costs associated with tracking and capturing the guy, and costs correcting some of the problems - combined. Those costs are listed as 570,000 pounds. At the exchange rate I just looked up (1.83 dollars to a pound), that's still only 1,054,500 dollars, which is more like a meeelllion dollars. Even if they tack on the 950,000 pound in fines, that's still not even three million.
That's a far cry from a billion... and about two million less than the damages Kevin Mitnick was supposed to have caused.
Frankly, they should have just let this guy find some "evidence" of UFOs. Then he might have spent his time trying to convince people of it instead of looking for more!
libertarianswag.com
From what I've been able to tell over the years, the damages in these cases is almost completely made up. The FBI loves to post huge numbers on cases like these because it makes them look important. More realistic estimates based on administrator time and business lost due to the servers being unavailable tend to be far lower.
I read the internet for the articles.
He wasn't onto anything. He found nothing. Nothing at all. He did not hack into our databases or steal information. Never happened. Never.
goes by the name of 'Brasky'. i'd say he's about 8'5", 750 pounds.
---
Is this the MPAA? Is this the RIAA? Is this the DMCA? I thought it was the USA!
To be fair, the cost of finding and fixing trhe holes should not be included. After all, it was broken before he got there.
Not to mention that they should be found and fixed regardless of any intrusions.
=Smidge=
Not bigger than Kim Schmitz, surely.
The Slashdot Paradox: "100% Overrated"
Not to mention trying to figure out where all those holes in security came from and patching them.
Yeah, that makes sense. Pawn the cost of fixing your security holes on the guy who found them.
If my house ever gets burglarized, I'm going to try to get the burglar to pay the contractor to fix the "hole" the burglar got in through.
According to this, he's free on bail:
http://news.bbc.co.uk/2/hi/uk_news/4071708.stm
Maybe it's just me, but any device connected to any other device is no longer to be considered as secure.
I would have guessed that the gubbermint's "most secure computers" would be airgapped, but apparently that is not the case. Or, perhaps, the author of TFA is being just a bit sensational and overdramatic. ;)
"Most of the alleged hacking took place in 2001 and 2002. At one stage the US thought it was the work of the al Qaeda terror network. "
OK, so this must have been some serious stuff going down for them to think that he was al Qaeda. Or was it?
"Friends said that he broke into the networks from his home computer to try to prove his theory that the US was covering up the existence of UFOs. "
Uh oh, we're talking mentally off here.
"He is accused of a series of hacking offences including deleting "critical" files from military computers. The US authorities said the cost of tracking him down and correcting the alleged problems was more than £570,000. The offences could also see him fined up to £950,000 if found guilty on all charges. "
Here it comes, the big bill for this mentally off "al Qaeda" operative. "Lesse, captain, I spent my lunch hour running a scan." "Aha! We'll bill that time as worth £50,000!"
"Prosecutor Paul McNulty alleged that McKinnon, known online as "Solo," had perpetrated "the biggest hack of military computers ever". He was named as the chief suspect after a series of electronic break-ins occurred over 12 months at 92 separate US military and Nasa networks.
Ah, it gets better. This guy must have been hot stuff! They think he's some kind of master criminal or something. Or al Qaeda maybe.
"It is alleged that he used software available on the internet to scan tens of thousands of computers on US military networks from his home PC, looking for machines that might be exposed due to flaws in the Windows operating system.
Many of the computers he broke into were protected by easy-to-guess passwords, investigators said. In some cases, McKinnon allegedly shut down the computer systems he invaded. "
WHAT?! He's just a script kiddie??! All this fuss over some guy port scanning Windows boxes??
"The charge sheet alleges that he hacked into an army computer at Fort Myer, Virginia, where he obtained codes, information and commands before deleting about 1,300 user accounts.
Other systems he hacked into included the Pentagon's network and US army, navy and air force computers. "
So let me get this straight. Some nutcase into UFOs uses script kiddie technology to port scan Windows boxes and somehow manages to get into the Pentagon and the military? Are you kidding me? Either they are running Windows boxes with easy to guess passwords and insecure networks, or else they should have charged him with a lot worse stuff than standard port scanning. Or maybe the reporter has no clue what he did, but this doesn't add up.
The only thing that does make sense is the U.S. military thinking a script kiddie UFO chaser was a master criminal at work...
Why's it always gotta be about race?!
[DISCLAIMER: This post is a work of satire and should not be misconstrued as a holy text upon which to base a religion.]
Unless the Pentagon and NASA have VERY VERY silly systems, their *really* important computers are simply *not* accessible to hackers. I really can't believe that truly ensitive systems wouldn't just be air-gapped from the world.
Sure, it's possible to hack intelligence agencies but it I'd put money on it failing to get you the really juicy stuff!
Duh . . .
He compromised over 3 Libraries of Congress worth of information, which costs the government such a large amount of money that, if stacked in $20 bills, it would be the size of four Volkswagen beetles. And if you don't know that it takes 1/4 billion in twenties to equeal a Volkswagen bug, then turn in your nerd card at the door.
Sweet informative mod.
He only committed a crime in the UK even though the effects that crime where in the US. There are already enough laws in the UK about breaking into military sensitive computers that can put him in jail for a very long time and there are enough treaties with the US so that breaking into a US military computer in the UK can get you thrown in jail forever.
The judge should rule that he can't be extradited to the US until he has been tried in the UK and then only if the US has charges that don't fit into double jeopardy.
Yes, a saltine of massive proportions.
The eternal struggle of good vs. evil begins within one's self.
If he was really smart he would have broken into the alien computer system via the link in...ah, forgot I ever said that.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
Exactly. In my time working with school district (a government entity, of course), consultants will come in and make a big deal about "security", and sell a district a PO a mile long with all sorts of unnecessary crap on it. I have even seen them produce port-scanning logs as evidence of "being hacked." The School Boards will happily hand over $100,000 (in a district with a $2 million yearly budget) to remedy this "security hole." It's the same in the huge government boondoggle of departments and agencies. I'm getting more and more convinced that the coming crisis of the world pulling out of US bond markets is the best thing that could happen; right now this country has unlimited money, and is busy making an unlimited bureaucracy to spend all of it...
If you call any of your doors the "hole" you might want to get your contractor to come and fix it anyway.
Happy Noodle Boy says "F###ing doughnut! Mock me? You fried cyclops!!"
The guy is smart enough to cobble together scripts and guess passwords so he can get into computers run by US Military Intelligence ("The World's Biggest Oxymoron", by the way)...
And what does he look for? UFO information! Now he's facing 70 years in prison.
Come on, that must be the equivalent of tipping a Coca-Cola machine onto yourself.
Rich And Stupid is not so bad as Working For Rich And Stupid.
No, I'm New Here
It's a good thing he didn't download Eminem songs as well. Then he would have been in deep shit.
Cyric Zndovzny at your service.
Don't be too sad for him, he got his wish. He's about to be far more involved with anal probing.
However, in this case TFA on cnn at least, gives a figure of 1300 user accounts deleted in one instance. That probably involved real cost. He wasn't just looking for info, he was also being malicious.
Six score characters.
Brevity being wit's soul
I have enough space.
Sorry. But snooping around a house, checking the door, finding it unlocked and entering without homeowner permission is still illegal.
--Kevin
That must be it. Here's a picture of him.
But why is the rum gone?
If this is what you do everytime theres a break-in at your company, I fear for your security. First off, you're presuming that he didn't delete the accounts beyond ADs ability to restore them, which is a pretty big assumption. And you're ignoring the work involved in auditing the restores of all the users data and privledges, to make sure that you don't accidently restore any tampering. Dealing with a large scale security breach is complicated and a major task, and while it's not fair to pin the total cost on the hacker (like fixing the hole he came in through), the secondary costs can be quite large - auditing and figuring out how he came in in the first place, deciding exactly how much of your infrastructure you can trust after the breakin, what a safe date to restore off tape is, etc, etc.
Everyone, please send emails to this address of a similar nature:
7 14?source=Evening%20Standard&ct=5
m l
Dear editor,
I am a computer hacker. By this, I mean that I enjoy learning and exploring computer technology. I have a degree in computer science, and am involved in many not-for-profit computer-technology endeavors. I am not a criminal. I do not violate computer security, I do not write malicious software, and I do not intentionally cause harm to the computer systems that I have access to. Any computer system access that I have has been given to me through legitimate means. It has come to my attention that you have used the term 'hacker' in the article linked below to indicate a person who intentionally violates computer security systems: http://www.thisislondon.co.uk/news/articles/19164
The proper term for such a person is 'cracker' or 'security breaker', i.e. one that "cracks" computer security. By using the term 'hacker' in the way that your publication has done, you spread misinformation about me, and people like me. You are demeaning and destroying a culture that, above all, values learning, knowledge, and wisdom. Please stop insulting hackers by equating them with criminals. For more information, see here: http://www.catb.org/~esr/jargon/html/appendixc.ht
Please issue a correction, and please make sure that a clear distinction is made in the future.
(your name here)
A Proud Hacker
I pity the foo that isn't metasyntactic
Sure, that's true! Last year I was standing next to a house, smoking some weed, when I lost my balance, tripped, and fell through a window! I thought I might as well crash there, so I took a nap in the owner's bed.
. . . Halliburton has won a no-bid contract from the Bush administration to fix the "$1 billion" of damages.
Except that if it ISN'T a crime where I did the action is it still a crime? IE if I crack a US CD in the UK am I inviolation of the DMCA? What if that CD was in a drive on a PC in the USA? The question comes down to at which computer did the crime take place? The one he used, or the one he broke into? If the argument is the doing what he did at his computer is a crime, then UK should have jurisdiction with all the leagal-ese the comes with it. If, on the other hand, the crime takes place at the site of the infiltrated computer, how do you know what the laws are of a computer your using when you don't know physically where that computer is, and so can't really do anything with it, etc.
Yep. It's still illegal. But while it's illegal for a burglar to enter your unlocked house, you're no less of an idiot for leaving it unlocked. And exaggerating the scope of the break-in ("he diabolically circumvented the integrity of the house by adjusting the rotational position of the entry affordance!") has as more to do with CYA (in the case of the homeowner, perhaps to collect insurance) than it has to do with the guilt of the burglar.
Dear Person,
As it turns out, that is not correct. According to the Merriam-Webster Unabridged Dictionary, the American Heritage Dictionary, and the Oxford English Dictionary the word hacker has two meaning in relating to computers. One of them is a person who is an expert with computer and/or someone who peruses computer knowledge for its own sake, the other is a person who uses their skill with computers to gain unauthorized access to systems.
This is not an uncommon situation in English, for a word to have two related connotations, one positive and one negative: For example the word exploit. When used as a verb it can be used to mean a full positive use of something, such as to exploit one's talents means to make full use of your talents in a good way to achieve a goal. It can also be used in a negative way, such as to exploit illegal immigrant financial gain means to take unfair advantage of someone's position to your own selfish benefit. Both uses are not only accepted, but common. It is the context that dictates the meaning of the word.
The same is true with the word hacker. Your special interest sites like Slashdot do not set the stage for the English language, nor are they the authority on its correct usage. Thus in our article using hacker to describe someone who uses computer skill to gain illegal entry to systems is in every way as correct and accurate and a skilled programmer calling themselves a hacker. Thus we will not be issuing a correction, as there is nothing to correct.
In the future if you believe a word is being used incorrectly, I suggest you make a quick check with a dictionary to ensure that you are not confused. There are several online websites including www.dictionary.com, www.oed.com, and www.webster.com that will allow you to look up the definitions of words with ease.
Sincerely,
Editor-in-Chief person.