Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Wants UK Hacker To Pay To Fix Holes He Exposed

Posted by kdawson on from the on-second-thought-make-it-a-kryptonite dept.

bossanovalithium writes "Gary McKinnon, whose tribulations we have followed for several years now, is the UK hacker trying to escape extradition to the US. It appears he is expected to foot the bill for the US Government patching holes his breaching uncovered — to the tune of $700,000. It's not really the norm for someone to pay for exploits to be patched — damages fixed, yes, but this is a very different thing." The article paraphrases Eugene Spafford as saying that the victim of a cybercrime should not take the blame. "If someone broke a door to rob a store, he said, it was usual to charge them the cost of the door." Isn't the McKinnon case more like charging him to buy the lock that had been missing when he walked in?

4 of 403 comments (clear)

  1. China and Iran will tell Washington about it? by rwade · · Score: 3, Informative

    South Korea (the one with Seoul) probably would tell Washington about it, but it's unlikely that China or Iran would. It's more likely that they would exploit the vulnerability in secret.

  2. Re:Taking responsibility for ones actions. by cabjf · · Score: 3, Informative

    "Great, now everyone knows we have the holes and we actually have to fix them. Everything was fine when people just assumed we had a secure system. Now this guy goes and rains on our parade. Let's try to get him to pay for fixing them."

  3. Re:No, that's just plain silly. by Timmmm · · Score: 4, Informative

    This is clearly a very intelligent person whose skills are of immense value.

    From Wikipedia: McKinnon claimed that he was able to get into the military's networks simply by using a Perl script that searched for blank passwords; in other words his report suggests that there were computers on these networks with the default passwords active.

    Note that this is never ever reported in news articles. It is always that he 'hacked into' the computers. I think most people would agree that trying blank passwords doesn't really count as hacking, and most people have probably done it at one point in their lives. It is completely ridiculous that he could be extradited over this.

  4. Re:If he's a hacker... by Tacticus.v1 · · Score: 4, Informative

    Except the US Congress have not Ratified the Extradition treaty with the UK
    The UK can not request extradition of people from the USA

    http://en.wikipedia.org/wiki/Extradition_Act_2003#US_ratification.2C_2006