Slashdot Mirror

← Back to Stories (view on slashdot.org)

Judge Refuses To Convict Hacker

Posted by ryuzaki0 on from the he-said-he-was-sorry dept.

Jake96 writes "A judge in Wellington, New Zealand, declined to convict a man who ran an unrequested security audit on a bank's phone systems and was charged with 'intentionally accessing a computer system knowing he was not authorized to,' according to an article in the New Zealand Herald."

29 of 272 comments (clear)

  1. Can this set a precedent here in the States? by defile · · Score: 5, Insightful

    I hope so.

    1. Re:Can this set a precedent here in the States? by Anonymous Coward · · Score: 5, Interesting

      Stupid court results?? I thought that was the norm in the US so why would it set a precedence?

      Maybe you should read what this guy actually did. he intruded into a banks phone system (without permission), performed a security audit (again without permission), and then tried to get the bank to pay for his work. If I was the bank I would be taking this bastard to court too. how would you feel if someone turned up at your house did some work then sent you a bill all without you requesting anythign be done. The fact that the bank has a security issue is a side note here, they should be hiring a "reputable" security firm to look at there systems.

    2. Re:Can this set a precedent here in the States? by joe90 · · Score: 5, Interesting

      Actually, it's a bit more serious than that. The bank http://www.rbnz.govt.nz/ who's phone system he compromised is an approximate functional equivilant of the US Federal Reserve http://www.federalreserve.gov/ (but quite a bit smaller).

      He's very lucky he did it in NZ where it appears that the courts consider him stupid rather than malicious. In other countries he might get charged with terrorism related offenses or worse.

      --

      Fast, cheap & reliable. Pick two.
    3. Re:Can this set a precedent here in the States? by Fordiman · · Score: 5, Funny

      He committed no intentional crime. He was identified a security flaw, and provided this info to the bank before asking for money. Sure, it's a little like the guy who washes your windshield at a sopt light asking for money, but it's far from dishonest.

      If the bank were a computer company with the present mindset, the bank would get to work on fixing the problem, and he'd have been ignored when he asked for cash, rather than prosecuted.

      --
      110100 1101000 1101000 1100110 0 1101111 1101000 1100011 1
    4. Re:Can this set a precedent here in the States? by Fordiman · · Score: 3, Insightful

      You don't 'unintentionally' wash someone's windshield, either. But guess what: indications of a vulnerable system are about as easy to see as a dirty windscreen, if you're looking. No invasion necessary.

      Now, quick question, when did I use the word 'unintentionally' in my post, as you seem to be implying?

      --
      110100 1101000 1101000 1100110 0 1101111 1101000 1100011 1
    5. Re:Can this set a precedent here in the States? by Schraegstrichpunkt · · Score: 3, Interesting

      Except that instead of giving you a rectal exam, he molested your daughter, exploded your favourite hockey team's home town with NUCLEAR WEAPONS, and stole your glasses.

      Care to provide any justification for why your analogy isn't just an arbitrary construction designed to suit your position?

      These are information systems. Not cars, not windshields, and not the doctor's office. Discuss the actual question, not stupid analogies.

      --
      http://outcampaign.org/
    6. Re:Can this set a precedent here in the States? by montyzooooma · · Score: 3, Funny
      "He's very lucky he did it in NZ where it appears that the courts consider him stupid rather than malicious. In other countries he might get charged with terrorism related offenses or worse."

      Can anyone point to an example where "other countries" doesn't just mean the US?

    7. Re:Can this set a precedent here in the States? by Fred_A · · Score: 4, Funny

      I just remove my windshield. The look on their faces when they try to wipe it is worth it.

      --

      May contain traces of nut.
      Made from the freshest electrons.
    8. Re:Can this set a precedent here in the States? by badfish99 · · Score: 5, Informative

      How about the UK: see for example here

      Also, in the UK someone was fined £1000 and lost his job just for typing in a URL with "../../.." on the end of it. Story here.

  2. Miracles! by soft_guy · · Score: 3, Funny

    A judge who uses common sense. Wow!

    --
    Avoid Missing Ball for High Score
    1. Re:Miracles! by Who235 · · Score: 5, Funny
      He did not pass the information on to others and did not use it for personal gain. "In my view his intentions were honourable."


      I know. Amazing isn't it.

      Although there was the slight matter of calling the bank and presenting a bill for services that were never asked for, but I'm willing to chalk that up to creative marketing. . .

      On a side note, my uncle (who is a lawyer) has a low opinion of judges and tells the following joke which you may tell your friends under the JPL (joke public license):

      Q:What do you call a lawyer with an IQ of 50?
      A:Your Honor. (Substitute M'Lud or other region appropriate judge appellation here if necessary.)
    2. Re:Miracles! by icepick72 · · Score: 5, Funny
      On a side note, my uncle (who is a lawyer) has a low opinion of judges and tells the following joke

      Enlightening indeed. After all those lawyer jokes the lawyers finally made a joke about somebody else ... and it wasn't even funny! Nice try by the lawyers, but there's gotta' be another lawyer joke in there somewhere.

    3. Re:Miracles! by Cyberax · · Score: 5, Funny

      It's the only joke about lawyers. The rest are true stories.

    4. Re:Miracles! by Chuck+Chunder · · Score: 5, Funny
      Q:What do you call a lawyer with an IQ of 50? A:Your Honor. (Substitute M'Lud or other region appropriate judge appellation here if necessary.)
      Or for even more entertainment, use both. F. E. Smith to witness: "So, you were as drunk as a judge?"
      Judge (interjecting): "You mean as drunk as a lord?"
      F. E. Smith: "Yes, My Lord."
      --
      Boffoonery - downloadable Comedy Benefit for Bletchley Park
  3. "Researcher" was stupid by Gemini_25_RB · · Score: 3, Insightful

    I see absolutely no problem with someone analyzing the security of a network and relaying the results to the owners of the network. According to the article, the "researcher", Macridis, checked the network and then tried to sell the results to the owners, _after_ already accessing the network. Seems a little bass ackward.

    1. Re:"Researcher" was stupid by ianejames · · Score: 4, Interesting

      Imagine this: A man walks up to your house while you're gone and tests each lock on every door and window. He finds a way to break in -- but claims that he hasn't. Then he sends you a letter saying he knows your security vulnerabilities and requests payment for that knowledge.

      Is it better or worse that he actually walked around inside your house?

  4. Not a good way to do business by BadAnalogyGuy · · Score: 4, Insightful

    More than anything, this guy is a business dumbass for doing the work and providing the results before even a contract was drawn up. Because of this strange sequence of events (providing vulnerability information before being requested), all of a sudden his generous offer looks more like extortion than altruism.

    His background with fraud (though 10 years prior) sullies his reputation even further.

    It's not a crime to be a dumbass. At least not in NZ, apparently.

  5. Borderline scam? by Louis+A.+J. · · Score: 5, Insightful

    While he didn't do anything illegal, I would be very surprised to receive a bill for a service I didn't request. His actions weren't illegal but his method of doing business definitely leaves something to be desired. Although his decision to not broadcast the bank's weaknesses to the public could be viewed as integrity, it could also be calculated business sense. It doesn't sound like someone I would choose to do business with.

    Would you honestly pay for a service you weren't told you were receiving and didn't ask for if you were billed for it?

    1. Re:Borderline scam? by xs650 · · Score: 5, Funny

      Right, who does he think he is , the government?

  6. First Xena, then LoTR, now this by bunions · · Score: 5, Funny

    what is it over there, like some kind of geek paradise?

    --
    there is no need to sign your posts. this isn't usenet. your username is right there above your post. stop it.
    1. Re:First Xena, then LoTR, now this by Introspective · · Score: 5, Funny

      what is it over there, like some kind of geek paradise?

      Yep, thats why they created the .geek.nz 2LD. Geeks are taken seriously in NZ, almost as important as the sheep.

  7. Re:Insert dick here by Who235 · · Score: 3, Funny

    Is that your anus? Are you propositioning me?

    And wouldn't that make us "Linux fuck-anuses" and not "Linux fuckheads?"

    Your troll is very confusing.

  8. Speedy Justice by ColaMan · · Score: 3, Interesting

    At least it shows efficient legal process.

    Macridis had telephoned the Reserve Bank on May 30, introducing himself as a security consultant.
    The Reserve Bank made a complaint to police, who searched Macridis' house on September 21 and seized his computer.

    Ok, a bit slow there - four months - but maybe the bank did some research on the flaws first. And the wheels of Big Business turn pretty slow....

    Gerasimos Macridis, 39, appeared in the Wellington District Court on Wednesday - the 27th - on one charge of intentionally accessing a computer system without authorisation.

    A little over a week from when the police took his computer, to when he appeared in court.
    They presumably searched it, did all the legal paperwork, had the weekend off, etc.
    Not much crime in Wellington lately? Or are they normally this speedy?

    --

    You are in a twisty maze of processor lines, all alike.
    There is a lot of hype here.
  9. MAYDAY MAYDAY by copponex · · Score: 4, Insightful

    Lawyer 131236716723: Shit. This is not good.

    Lawyer 216421934614: What?

    Lawyer 131236716723: They didn't throw this guy in jail who broke some technicality against a major corporation.

    Lawyer 216421934614: WHAT?

    Lawyer 131236716723: I'm serious! New Zealand! That fucking judge forgot how hard it is to pay off an SL500 and those student loans on a measly $70,000 starting salary!

    Lawyer 216421934614: Look, I know you're new here, but this is America. We've got the RIAA, MPAA, not to mention all the lobbying to be done in DC. I mean, those Native Americans don't rip themselves off, eh? Plus, we've got so many laws on the book that someone, somewhere isn't doing something right, and who gets to prosecute?

    Lawyer 131236716723: Lawyers?

    Lawyer 216421934614: And who gets to defend?

    Lawyer 131236716723: Lawyers!

    Lawyer 216421934614: And who gets to judge?

    Lawyer 131236716723: Former lawyers elected by other lawyers!

    Lawyer 216421934614: And who makes the law?

    Lawyer 131236716723: Former lawyers who have even less ethical concerns than other lawyers, lobbied by lawyers! Thanks, Bill... I was starting to worry!

  10. You must be American by Anonymous Coward · · Score: 5, Funny

    New Zealand was never a penal colony, so has never had criminals shipped to it, other than the state visits by royalty and presidents. You are obviously thinking of Australia, a completely separate country about 1800 km away. You could drop Texas into the gap in between. (and nobody would miss it either)

  11. Not just once by shack420 · · Score: 5, Informative

    This is actually the second time this has happened in NZ this year...

    "Sahil Gupta, the second man charged over the Telecom voicemail hacking incident in April, walked free from an Auckland court last week.

    Gupta was charged along with a teenager who cannot be identified for legal reasons. The teen was charged with unauthorised access of a computer system and pleaded guilty. Gupta was charged under the same section of the Crimes Act and faced up to two years in prison.

    However two justices of the peace discharged Gupta saying there was no case to answer after a hearing in the Auckland District Court on Wednesday."

    more @ http://www.crime-research.org/news/21.01.2006/1770 / and all over ya google.

  12. Re:No surprise by spagetti_code · · Score: 4, Informative

    As an inhabitant of NZ, I think you need some lessons in Geography.

    Australia is where the convicts were sent.
    Colonists chose to go to NZ.
    Australia is 2.5 hours away from NZ by airplane - i.e. a *long* way.

    And we've got the Bledisloe Cup
    and Australia doesn't. :-)

    You need to spend some time with Google Maps.

  13. Re:Um, Exposing a problem is not CREATING a proble by tomhudson · · Score: 4, Insightful

    The judge was an idiot - what this guy did was just a new twist on the old "send them a bill and hope they pay at" scam.

    A man who accessed the Reserve Bank's telephone systems to find security weak spots then billed the bank for his unsolicited services told the Wellington District Court he was surprised when police questioned him about his actions.

    Gerasimos Macridis, 39, a researcher, represented himself in court before Judge Ian Mill.

    Macridis pleaded guilty to one charge of intentionally accessing a computer system knowing he was not authorised to do so.

    Police prosecutor Colin McGilivray told the court Macridis had telephoned the Reserve Bank on May 30, introducing himself as a security consultant.

    He outlined problems with the bank's telephone system, then requested payment for providing the information. He also contacted Telecom and asked for payment, outlining testing he had conducted, vulnerabilities he had found and ways these could be fixed.

    This is the same sort of scam that boiler-room ops do all the time - sending bills for unsolicited ad space in non-existent magazines, etc.

    The guy is scum. The judge was out to lunch on this one.

    Lets put it in terms slashdotters can understand ... someone does a pen test of your web site, and sends you a description of what they found, plus a bill for their unsolicited :advice" ... even though you didn't ask them to try to do any penetration testing and you never heard of them before ...

    Or someone tries to break into your house, then sends you a description of all the "security weaknesses" they found, plus a bill for their time.

    Just because its a phone system doesn't make it any less an attempted con job.

  14. Re:Um, Exposing a problem is not CREATING a proble by sjames · · Score: 3, Insightful

    Lets put it in terms slashdotters can understand ... someone does a pen test of your web site, and sends you a description of what they found, plus a bill for their unsolicited :advice" ... even though you didn't ask them to try to do any penetration testing and you never heard of them before ...

    Tell him you aren't going to give him a penny, but thanks for the free security audit!

    The judge's decision came from a correctional view of the justice system there rather than the punitive model used in the U.S. (despite the U.S. tendancy to falsely call prisons correctional facillities). That is, the judge believed that the process of justice up to that point had already convinced the defendant not to do it again and the free security audit was adequate restitution.