Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Wants UK Hacker To Pay To Fix Holes He Exposed

Posted by kdawson on from the on-second-thought-make-it-a-kryptonite dept.

bossanovalithium writes "Gary McKinnon, whose tribulations we have followed for several years now, is the UK hacker trying to escape extradition to the US. It appears he is expected to foot the bill for the US Government patching holes his breaching uncovered — to the tune of $700,000. It's not really the norm for someone to pay for exploits to be patched — damages fixed, yes, but this is a very different thing." The article paraphrases Eugene Spafford as saying that the victim of a cybercrime should not take the blame. "If someone broke a door to rob a store, he said, it was usual to charge them the cost of the door." Isn't the McKinnon case more like charging him to buy the lock that had been missing when he walked in?

18 of 403 comments (clear)

  1. If he's a hacker... by supersloshy · · Score: 5, Interesting

    ...couldn't he fix them himself? With supervision, I mean.

    --
    "Our country is not nearly so overrun with the bigoted as it is overrun with the broadminded." -Archbishop Fulton Sheen
    1. Re:If he's a hacker... by Jurily · · Score: 5, Insightful

      couldn't he fix them himself? With supervision, I mean.

      If I tell everyone that some houses have a big fucking gap where a door should be, am I responsible for not installing one?

    2. Re:If he's a hacker... by ObsessiveMathsFreak · · Score: 4, Insightful

      You are if you made the owner look like a FOOL!! You're gonna fry.

      --
      May the Maths Be with you!
    3. Re:If he's a hacker... by netruner · · Score: 5, Insightful

      Sure, if a sufficiently arrogant and ignorant attorney brings a case against you.....

      Don't underestimate the arrogance of an attorney, or the ability of people to be swayed by theatrics over substance.

      It's not about what's fair, it's about what one can get away with.

      --



      DISCLAIMER: This post was not checked for speling and grammar- if you complain- you're a whiner
    4. Re:If he's a hacker... by Tacticus.v1 · · Score: 4, Informative

      Except the US Congress have not Ratified the Extradition treaty with the UK
      The UK can not request extradition of people from the USA

      http://en.wikipedia.org/wiki/Extradition_Act_2003#US_ratification.2C_2006

  2. Well, I've learned MY lesson! by NoYob · · Score: 5, Insightful

    If I find a hole in my Government's IT security, I'll keep my mouth shut and let the government hear about it from the Chinese or the Iranians or the S. Koreans or ...anyone but me because they'll send me to jail and make me pay.

    --
    It's NOT me! It's the meds! I'm on 1000mg of Fukitol.
    1. Re:Well, I've learned MY lesson! by Dog-Cow · · Score: 5, Funny

      Gary did scan another country (other than his own).

  3. Potholes by Whorhay · · Score: 4, Insightful

    I wouldn't report any kind of crime or safety hazard if this becomes a regular tactic.

    1. Re:Potholes by kylemonger · · Score: 5, Insightful

      The good guys will make you pay them for exposing holes.
      The bad guys will pay you.
      Hmmm, maybe I got the "bad guys" and "good guys" mixed up there.

  4. I have to agree with kdawson... by rwade · · Score: 5, Insightful

    This is exactly like charging for a lock that was never there. Another analogy -- it is like forcing the thief to pay for the security system that the store owner now feels that he has to buy to prevent future actions.

    If he damaged a system by hacking in, that's one thing. He should pay for that. But it's hardly his fault that the holes were there in the first place and he shouldn't be held responsible for funding the software improvements to prevent such actions in the future.

    1. Re:I have to agree with kdawson... by sumdumass · · Score: 5, Interesting

      This is not entirely unheard of.

      I had someone repeatedly break into my garage and take my gas cans for the lawnmowers and root through the cars for money. Eventually, they took an expensive looking but stock car radio. The time that happened, my then girlfriend walked into the garage to go to work and startled the intruder. He knocked her down and ran but wasn't afraid to come back.

      I eventually placed some hidden cameras in the garage and back yard with a dummy camera on the side of the house in plain sight. It took the guy about 5 days to realize the visible camera was a dummy and I got his picture including him rooting through everything and taking crap. I then placed a piece of a set of antique lamps made of sterling silver in the garage but locked them in a cabinet with a window. Anyways, those lamps were valuable enough to make his repeated breaking in worthy of a felony on the crap I could prove he stole alone.

      The prosecutor advocated that the guy pay for the security system and cameras that I had to install because of his actions. The judge agreed and order it as part of his restitution. Of course he couldn't pay while sitting in jail, but as a term of his parole, he had to make payments to an account until the costs were paid off. As I understood it, I could have sued him for the costs but doing it this way made it a condition of his freedom which meant I was more likely to get paid.

  5. Re:Taking responsibility for ones actions. by intermodal · · Score: 5, Insightful

    The holes aren't his "damage". The holes were already there. I don't care if a whole wall was missing, if an individual walks into a building and does damage or steals, the damage or stealing is what they are responsible for. Building the wall or replacing the lock is not their responsibility at all.

    --
    In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
  6. Re:Taking responsibility for ones actions. by Monkeedude1212 · · Score: 5, Insightful

    Repaying any damage he would have caused: Expected.

    Going to Jail for his actions: Expected.

    Paying 700,000 Dollars to fix the hole he DISCOVERED (not created): Unlawful.

  7. Faulty locks by Adrian+Lopez · · Score: 5, Insightful

    Isn't the McKinnon case more like charging him to buy the lock that had been missing when he walked in?

    Rather like the lock company demanding he reimburse them the cost of redesigning their badly designed locks?

    --
    "In prison you just have to shut your eyes and take it. Here you have to shut your eyes and give it."
  8. It's not paying for the lock... by spydabyte · · Score: 5, Insightful

    It's paying for the research, development, and possibly deployment of a new and improved lock.

    Analogies should be correct to be effective. Sadly, the most effective ones are often incorrect.

  9. Re:Taking responsibility for ones actions. by pla · · Score: 4, Insightful

    No, it is not simply like charging him to buy the lock that had been missing. If you entered someone's home uninvited and deliberately or accidentally caused substantial cost and damage to the homeowner, you should be liable for your actions.

    I know, right?

    Like last week, these kids walked uninvited across my lawn, and caused substantial damage to a number of blades of grass! And then to add insult to injury, their damned irresponsible parents just couldn't grasp their liability to pony up for the slab, four walls, roof, and two garage doors to "repair" the space their crotch-fruit just casually trespassed across!

    Sure, some scofflaws would point out that I didn't have a whole garage there to start with, so why should they have to pay for the rest? But hey, I had the good solid dirt underneath a future-garage, at least.

  10. Suit time! by Runaway1956 · · Score: 5, Funny

    You'll be hearing from our lawyers soon. The crashes involving our automobiles were entirely due to operator error. There is nothing wrong with our braking system!!

    Danny Ubanti
    President and CEO
    Ubanti Motor Company Inc Ltd

    --
    "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
  11. Re:No, that's just plain silly. by Timmmm · · Score: 4, Informative

    This is clearly a very intelligent person whose skills are of immense value.

    From Wikipedia: McKinnon claimed that he was able to get into the military's networks simply by using a Perl script that searched for blank passwords; in other words his report suggests that there were computers on these networks with the default passwords active.

    Note that this is never ever reported in news articles. It is always that he 'hacked into' the computers. I think most people would agree that trying blank passwords doesn't really count as hacking, and most people have probably done it at one point in their lives. It is completely ridiculous that he could be extradited over this.