Slashdot Mirror
Rich Pretexter, Poor Pretexter
theodp writes "David Kernell used pretexting to gain access to Sarah Palin's e-mail. And now Kernell faces the possibility of a 20-year prison sentence. HP used pretexting to gain access to its Board's phone records. And now HP faces the possibility of supplying phones to the very companies that were victimized in the HP pretexting scandal. So perhaps Kernell should try coughing up $14.5 million to see if that'll make his pretexting problems disappear. Seems to have worked for HP!"
In the HP case, I don't think they publicized or gave away that information to potentially harmful persons. Palin could legitimately fear identity theft while the HP case that was more invasive seemed to have a very small group of people accessing the private information. Basically, was there potential identity theft in either case? Kernell's jury was hung on that, if I remember. The other thing is that the HP employees didn't seem to want to press charges (aside from one, if I recall correctly). So the pretexting victims need to step up and remember, the telephone companies weren't the biggest victims, it was the actual phone account holders that had their records accessed via pretexting. I'm no legal expert on the issue but I think if the people whose records had been accessed stepped up to sue then the result would have been different. I imagine Palin will exercise all options in prosecuting Kernell and since she's not in anyway trying to salvage a relationship with Kernell he'll get the book thrown at him whether he's sorry or not.
Also, I read about this in ValleyWag and didn't see it linked to in the summary. Not sure if theodp works there or if it was just coincidence but if this comparison was gleaned from there, some small credit should be given.
My work here is dung.
What I find most interesting about this case is that the initial sentence is up to 1 year for the unauthorized access itself and 20 years for the "obstruction of justice". I just can't see how that punishment fits the crime.
Kernell panic!
I know about other people's email. I can read it from my house!
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
there will never be proof that HP or it's officers told someone to break the law. they told the PI's to get the info and it was up to them how to do it
Under American law, corporations have almost all privileges of citizenship without most of the responsibilities of citizenship. And people acting on behalf of a corporation have lots of legal protections that us regular schlemiels lack. They benefit extensively from the protection of the US military (both in and outside of US territory), and of course have ready access to all the more local services such as police, the fire department, municipal water supply, and so on. Thanks to the current Supreme Court, they also have full rights of political speech.
However, about the only responsibility of citizenship that they have to any degree whatsoever is that they are required to pay taxes, and many of them manage to dodge even doing that. Interestingly, if the interests of their shareholders conflict with the interests of the US, they are legally supposed to go with the shareholder's interest. So, for instance, if it is profitable to find a legal loophole that allows some subsidiary to sell uranium to Iran, a corporation capable of doing so is generally obligated to do just that.
The craziness of this: if Carly Fiorina pretexts to find out whether her husband is cheating on her, she's likely to be in a similar boat to David Kernell. If she pretexts to find out whether there's a leak on her board, she's now acting as a corporate officer, and thus the company is liable, not Carly, unless the prosecutor or plaintiff can convince a judge to pierce the corporate veil. Same person, same act, but in the second version there's an extra layer of legal protection.
I am officially gone from
Pretexting is just a made up word to make it look like they did something clever.
If Verizon can find the identities of the investigators who did it, they will prosecute them. They have a few IP addresses, but it hasn't resulted in any names.
Corporate espionage types do a better job of covering their tracks than David Kernell. He was sloppy, now he's going to federal pound-you-in-the-ass prison.
One important component you left out: the greater ability of corporations to influence government -- Disney, Halliburton, GlaxoSmithKline, etc. Other, more "polite", keywords to Google: rent seeking and Public Choice Theory.
We used to call these "criminal impostors" back in the day. If a thief, masquerading to be a cop, pulled you over and then stole your wallet, would you call it "pretexting"?
SJW: Someone who has run out of real oppression, and has to fake it.
There is no kdawson.
Drawing inspiration from the cartoon world the other editors set up one of those pecking bird novelties to press whatever key moves a submission from the firehose to the front page. They play games with each other by manipulating the office thermostat to affect the rate of peck. When Taco is in the office you see fewer kdawson stories because Taco is warm natured.
I'm not sure this is how pecking birds work but if it isn't there is probably a pecking bird geek in the crowd who will correct me.
They named it kdawson because those are the letters the Chinese characters on its label look most like. Kind of a pinyin for the ignorant.
"Sacrifice for the good of The State" - The State
Kernell does not face 2o years for pretexting. Kernell faces 1 year for unauthorized computer access and 20 years for felony obstruction of justice. To the best of my knowledge Kernell has not been sued by anyone over his unauthorized access.
HP settled a civil suit brought by Verizon for US$ 14 million. HP and the investigators hired who did the actual pretexting still face criminal charges. Those charge may result in jail time. There is little chance of a 20 year sentence as there is no felony obstruction charge in the HP case. Each count of unauthorized access carries a penalty which can run either concurrent or consecutive.
Verizon currently sells an HP netbook. HP may buy Palm, but there is no guarantee that Verizon will continue to carry Palm/HP phones. But, that US$ 14 million settlement may result in Verizon continuing to carry HP devices, especially if said devices are popular.
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
On January 24, 1990, in New York City, three MoD hackers were arrested. I had met all three before they were arrested. In terms of damage, only one machine they had ever been on had crashed, and all three denied crashing that one machine. There was no proof they had crashed it, and dozens of hackers had been on that Learning Link machine. Even if one had crashed it, which I don't believe, how can you accuse three people of the same crime? All three lived in poor or working class neighborhoods in New York, went to public schools etc. The judge said he would make an example of them and sent all three to jail.
I was 16 years old when they were arrested, and this was my first real experience seeing the "justice system" - an upper middle class WASP whose father was high in the military establishment admits he crashed thousands of machines and is called a misunderstood genius who made a mistake, and walks on charges. A year later three guys younger than him are arrested for crashing a computer which they all plausibly deny crashing (and how does it take three people to crash one computer anyhow), a computer which had dozens of other hackers on it. They come from working class neighborhoods in Queens, with modems connected to Commodore 64's, not Unix workstations at Ivy League schools like Cornell. They go to jail, Morris walks. An early lesson for me on how America really works.
Pretexting
Pretexting is the act of creating and using an invented scenario (the pretext) to engage a targeted victim in a manner that increases the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances. It is more than a simple lie, as it most often involves some prior research or setup and the use of a priori information for impersonation (e.g., date of birth, Social Security Number, last bill amount) to establish legitimacy in the mind of the target.[3]
This technique can be used to trick a business into disclosing customer information as well as by private investigators to obtain telephone records, utility records, banking records and other information directly from junior company service representatives. The information can then be used to establish even greater legitimacy under tougher questioning with a manager, e.g., to make account changes, get specific balances, etc. Pretexting has even been an observed law enforcement technique, under the auspices of which, a law officer may leverage the threat an alleged infraction to detain a suspect for questioning and close inspection of vehicle or premises.
Pretexting can also be used to impersonate co-workers, police, bank, tax authorities, or insurance investigators — or any other individual who could have perceived authority or right-to-know in the mind of the targeted victim. The pretexter must simply prepare answers to questions that might be asked by the victim. In some cases all that is needed is a voice that sounds authoritative, an earnest tone, and an ability to think on one's feet.
what would have happened to you if you'd gone around distributing thousands of CDs to people that, when placed in a computer, installed a rootkit?
Now, what happened to Sony?
You might be able to make the civil disobedience argument if he had, say, broken into the email account, downloaded everything, and sent it to a site like Wikileaks. Instead, he put the password on 4chan, and in the process he didn't really expose anything and delegitimized anything that might have been found.
Painting this kid as some sort of noble hacker/whistleblower is pure fantasy.
(At the same time, I do feel empathy for him, as we all know what law enforcement would do if someone broke into one of our personal webmail accounts: Absolutely nothing.)
I'm not sure this is how pecking birds work but if it isn't there is probably a pecking bird geek in the crowd who will correct me.
Well, as a matter of fact, they need to dip into water.
Typically, older birds are filled with freon-11, or most modern ones with methylene chloride, in a liquid/vapor mix. They operate mainly by having the water soaking their heads evaporate. This changes the temperature of the refrigerant, causing it to change density (some turns from vapor to liquid) and alter the balance of the bird. Without a water supply to replenish the system, it would soon no longer be able to "peck" at the submit key.
It's basically a heat engine, and you've removed the temperature differential.
When you're afraid to download music illegally in your own home, then the terrorists have won!
You managed to avoid the truly major difference in this case; The 20 year sentence is for felony obstruction of justice. The actual hacking of the e-mail account was only filed as a misdemeanor, and has a maximum sentence of 1 year.
This kid is the son of a Tennessee State Representative . I don't think he could be classified as "poor". Sounds like his daddy has simply left him to suffer the consequences of his actions alone and on his own. I suppose in some way you could call that good parenting. My cynical nature requires that I admonish his father with "Mike, you shoulda just called a few favors and sprung the kid."
Can you imagine what would happen if every lame-ass action originating at 4chan resulted in 20 years?
"The ferrets, they're every where I tell you!"
The settlement only covers the civil lawsuit.
HP and the investigators hired who did the actual pretexting still face criminal charges.