Hacker Behind Leaked Nude Celebrity Photos Gets 10 Years

wiredmikey writes "A U.S. judge sentenced a computer hacker to 10 years in prison on Monday for breaking into the email accounts of celebrities and stealing private photos. The hacker accessed the personal email accounts and devices of stars including Scarlett Johansson, Christina Aguilera and Renee Olstead, among dozens of other people he hacked. The hackers arrest in October 2011 stemmed from an 11-month investigation into the hacking of over 50 entertainment industry names, many of them young female stars. Hacked pictures of Johansson showed her in a state of undress in a domestic setting. Aguilera's computer was hacked in December 2010, when racy photos of her also hit the Internet. Mila Kunis' cell phone was hacked in September that year with photos of her, including one in a bathtub, spread online. According to the FBI, the hacker used open-source, public information to try to guess a celebrity's email password, and then would breach the account."

Wake up call

[davydagger]

"According to the FBI, the hacker used open-source, public information to try to guess a celebrity's email password, and then would breach the account."

Further proof celebs are fucking dumb. This guy wasn't a "real hacker".

I don't know what is more disgusting, celebrities themselves, or psycho brand of psychonphants they attract.

Re:Wake up call

[dav1dc]

I agree - is it still considered a "hack" when all the attacker did was guess the password from common (public domain) knowledge??

I don't think it changes the degree of wrong in his actions - but in this light we shouldn't revel in the miraculous technical innovations used to snipe some celeb p0Rn.

Re:Wake up call

[WD]

I don't think the quote is right. The technique used to gain access is not to guess the password, but to guess the answers to the password recovery questions. The password itself can be strong, but when you've got a site that provides recovery questions like "Where were you born?", what are we to do? The clever approach would be to have an answer scheme that isn't guessable via public knowledge, but also something you can remember if you need to use it. There's a difference between "fucking dumb" and not being aware of weaknesses in web service authentication schemes.

Re:Wake up call

[stdarg]

As illegal as breaking and entering into someone's home and stealing photos from a bedroom safe

I don't think it's as illegal as that. If someone breaks into your home and goes into your bedroom, that's scary not just because they stole your photos or money, but they could have easily run into someone and had to decide -- do I attack this person, do I turn this burglary into a rape, do I leave witnesses, etc.

I just looked up common sentences for burglary, and found an article that discusses burglary laws in New York (http://criminal.findlaw.com/criminal-charges/burglary-penalties-and-sentencing.html ). As I suspected, the main differences between degrees of burglary are whether it was a dwelling where someone lives and whether a weapon was involved. Both combined is first degree. One or the other is second degree. Neither (breaking into a store for instance) is third degree with a maximum sentence of 7 years. Hacking a phone should be the LEAST serious of any of those, really a fourth degree.

The reality is that hacking isn't that bad.

Re:Wake up call

"Illegal wiretapping gave Mr. Chaney access to every email sent to more than four dozen victims, and allowed him to view their most personal information," said US Attorney Andre Birotte Jr.

Gosh that sounds a lot like, "Illegal wiretapping gave the federal government access to every email sent to more than forty million victims, and allowed them to view their most personal information." Nobody went down for that one, though.

Re:Wake up call

[bill_mcgonigle]

I admire your creativity, but for normal mortals:

Q: What's your mother's maiden name?
A: qU$%3HHr28k4

OK, that makes me somewhat dependant on LastPass, but that's a somewhat smaller risk than outlined in TFS.

Re:Wake up call

[TheCarp]

Yes but.... if he broke into her home, stole physical photos, and released them.... most people would easily consider it as much, if not more, of a violation.... but would he ever face nearly the jail time for that as he did for this? I doubt it strongly.

Now, that isn't condoning what he did, clearly he was wrong, hell, I even called into question whether that FBI dad who tracked down the pedophile principal had overstepped ethical bounds by reading the reports in the first place. However, the punishment, if there is to be one, should not be out of proportion with the crime....

This puts him away not just longer than someone who commited a nearly identical crime by different means, it puts him away longer than many violent criminals who actually physically harmed people.

Hell, he will likely do more time than Whitey.

Re:Wake up call

[Tsingi]

Yes but.... if he broke into her home, stole physical photos, and released them.... most people would easily consider it as much, if not more, of a violation.... but would he ever face nearly the jail time for that as he did for this? I doubt it strongly.

10 years is a fucking joke. Bankers destroyed the world economy and no one, except Iceland, charged any of them. There is no justice.

Re:Wake up call

[SternisheFan]

If you can break into my car and make exact copies of the stuff inside without depriving me of those things, and then put the window back exactly as you found it - have at it.

Thanks, where do you park?

I would still be committing the crime of b&e, breaking and entering, for which you would have the legal right to prosecute me for. First I'd need to obtain a notarized statement from you saying you allow me to do these things. Without that statement from you, it'd still be illegal.

And the pics and videos of you and your wife/girlfriend in various stages of undress (performing certain acts) that I copied from your car and posted them on the internet, that's okay with you too, right? Just asking.

how many years in prison

did Rupert Murdoch and his son get?

10 years does not fit the crime

[jdastrup]

10 years is a ridiculous amount of time to be in prison for something like this. Child molesters and murderers get less time.

Password Guessing != Hacking

Seriously. Stop it.

HSBC laundered money, execs lose/reduce bonuses

[RichMan]

Why does it seem there is one set of rules for the little people and another set for big business?

"HSBC executives brushed off complaints from other bank employees, so that the problems persisted for eight years, the report says.

In addition, some HSBC bank affiliates skirted U.S. government bans against financial transactions with Iran and other countries, according to the report. And HSBC’s U.S. division provided money and banking services to some banks in Saudi Arabia and Bangladesh believed to have helped fund Al Qaeda and other terrorist groups, the report said."

http://www.thestar.com/business/article/1227431--hsbc-laundered-billions-of-dollars-for-mexican-drug-cartels-senate-investigation-finds

"The penalty includes a five-year agreement with the US department of justice under which the bank will install an independent monitor to assess reformed internal controls. The bank's top executives will defer part of their bonuses for the whole of the five-year period, while bonuses have been clawed back from a number of former and current executives, including those in the US directly involved at the time."

Re:HSBC laundered money, execs lose/reduce bonuses

[DickBreath]

I think that this article about High Court versus Low Court justice will explain it for you.

U.S. is crazy

[fredprado]

Seriously. The guy did deserve to go to jail, but 121 years?!!! And he pleaded guilty to get "just" 10 years? It is no surprise U.S. prisons are full and U.S. has the highest number of prisoners per capita in the World...

Like they didnt want it to happen

[JustNiz]

I consider the real sickness here is the wierdness that is the mind of apparently most Hollywood stars.
I mean why do they apparently all carry nude pictures of themselves on their phones? Especially even knowing that phones can be hacked.
I can smell the Paris Hilton effect in action.... There is no such thing as bad publicity.

Quit blaming the victim

[SirGarlon]

Stop blaming the victim. I've heard this so often, I'm finally going to snap. (Nothing personal.)

Make up your mind whether IT administration is easy or hard.

If it's easy, then the IT profession is perpetrating a massive scam and collecting fat paychecks for what is basically an easy job. I don't believe that, and I do not think you will find many people on Slashdot who support that position.

On the other hand, if IT is hard, then it's not fair to condemn non-professionals from being unable to do it. Rather than calling people "stupid" for not knowing things that we take for granted, we could actually try to promote public awareness and give people constructive advice.

Re:Really?

Pics or it didn't happen.

Sure. Let's joke about posting personal pictures of a non-consenting party.

This comment wouldn't even come up if it was a man whose pictures were taken.

Re:Really?

[TWX]

Sure. Let's joke about posting personal pictures of a non-consenting party.

I don't have a problem with the jokes. And honestly while I don't agree with the illegal methods of obtaining the data that the hacker used, I also do not consider his data breach any worse than any other random data breach. Fact is, those who take naked pictures of themselves or allow naked pictures to be taken of them must accept that it's possible that others will see them. That held true for the girl who sent cheesecake-style pinup photos of herself to her soldier-boyfriend who would probably show the picture to his buddies, held true for the Polaroid revolution, held true for the 8mm camera era, held true for the videotape era, and holds true for the digital camera era.

Simply, if one doesn't want naked pictures of one's self to be seen, one should not take or allow taken, naked pictures of one's self. Literally that's it. Don't do it if you don't want them seen. The only reason for a picture to exist is for it to be seen, and the large number of prurient people in this world will be happy to look. If one never takes or allows these kinds of pictures to be taken then there will never be a chance of them being shared, leaked, or stolen.

This comment wouldn't even come up if it was a man whose pictures were taken.

You've never been around women gossiping that don't know that a man can hear them, have you?

Re:Really?

[Americano]

If they didn't want these pictures out there then they shouldn't have had them taken.

"Why would you protest the Patriot Act or warrantless wiretapping? If you've done nothing wrong, then you have nothing to fear, citizen!" Or, for that matter... "Why would you protest Facebook & Instagram's use of your photos in any way they deem financially useful? Its your own fault if you don't keep the photos under strict lock and key in an electromagnetically-shielded, hermetically sealed lockbox!"

Say what you really mean:

"But I liked seeing Scarlett Johannson's boobies, and don't think anybody should be punished for having helped me achieve that dream!"

Re:Really?

[MonkeyPaw]

You forgot to include "if she didn't want to be raped than she shouldn't have dressed like a slut".