Cyber-criminal Left In Charge of Prison Computer Network

samzenpus writes "A 27-year-old man serving six years for stealing £6.5million using forged credit cards over the internet was recruited to help write code needed for the installation of an internal prison TV station. He was left unguarded with unfettered access to the system and produced results that anyone but prison officials could have guessed. He installed a series of passwords on all the machines, shutting down the entire prison computer system. A prison source said, 'It's unbelievable that a criminal convicted of cyber-crime was allowed uncontrolled access to the hard drive. He set up such an elaborate array of passwords it took a specialist company to get it working.'"

Re:Hmmm.

[arth1]

Civilized countries rehabilitate prisoners, and yes, that includes schooling them on what they will find in society once they've served their sentence.
The alternative, a punishment based system like in the US, causes those coming out of prison to be unemployable, and their only recourse is crime. Which is one of the main reasons why the recidivism rate and percent of the population in prison is much higher in the US than in other western countries.

Re:Stupid Brits

[Antique+Geekmeister]

And this felon had "no authority" over the prison computer system.

You don't need "authority", you just need access.

Re:OMG NOT THE HARD DRIVE ONE ONE 1111

[gnick]

...should always have been done so under supervision and with logging...

I agree with the logging side, but if they give him Admin then all the log will contain is him locating and killing the logging script (This CAN be avoided, but I doubt that they would have gone through that much trouble even if they were logging). The supervision probably would have been pointless though. More than likely, it would be a trained guard standing over him watching him do EXACTLY what he did. And, if asked what he was doing, he'd explain that he was adjusting permissions so that everything would work. If they hired somebody to supervise that could accurately determine whether he was being malicious, they could probably just ask the supervisor to do the job.

Hell, if you ask me to supervise an inmate in a chem lab while he brews up aspirin and he's actually making nitroglycerin, I'd probably stand there and ignorantly watch him make nitroglycerin.

Sounds like typical authoritarian over-reaction.

[Fantastic+Lad]

I mean, come on. The man must have known that he would get caught, which leads me to wonder if in fact he really did anything wrong.

Anybody here who wrote a program for a prison system would consider it irresponsible to NOT set passwords. But before you are given a chance to explain the very good reasons for what you've done, the big men with truncheons who are already watching you like a hawk assume the worst and start running around like Chicken Little with the sky falling.

That's my guess.

And chickens just LOVE it when the sky falls; it gives them a sense of purpose and an excuse to play 'hero'. Heck, I know a couple of cops, and they are good people, but their world view is very slanted due to regular exposure to the criminal element. Without a healthy means of grounding to the real world, their sense of reality can become wildly inaccurate. Add to that some over-enlarged ego, lots of fear, pack-mentality and a bit of down-home stupid, and you're looking at a system where innocence is not assumed and some really terrible things can -and do- happen.

I'm not saying the guy was mister pure-heart, but I bet the whole story isn't being represented here. --What with the hysteria that both police and the media typically spin themselves into over anything to do with computer 'hackers', I think this is entirely likely.

But it appears that many posters here aren't capable of remembering the patterns they see in the news wrt this kind of story. Hackers!

-FL