Slashdot Mirror

← Back to Stories (view on slashdot.org)

Photobucket Hackers Nabbed, Face Serious Charges From US Authorities

Posted by ryuzaki0 on from the until-somebody-loses-an-eye dept.

The U.S. Department of Justice said in a statement released Friday that two men, Brandon Bourret, and Athanasios Andrianakis, of Colorado Springs, Colorado and Sunnyvale, California, respectively, were arrested for their sale of software designed to breach the security of photo-sharing site Photobucket.com; their "Photofucket" app, says the linked Register report, was used "to plunder Photobucket's users' private and password-protected information, images and videos, it has been alleged ... The charge sheet against Bourret and Andrianakis details one count of conspiracy and one count of computer fraud, aid and abet – both of which carry a maximum prison sentence of five years and a fine of up to $250,000. In addition, the men stand accused of two counts of access device fraud, which carries a higher prison sentence of up to 10 years and a fine of up to a quarter of a million dollars, per count." The indictment, filed in Federal District Court in Colorado, is far easier to read than many.

14 of 142 comments (clear)

  1. When is the NSA going to be held accountable? by Anonymous Coward · · Score: 5, Insightful

    "...their "Photofucket" app, says the linked Register report, was used "to plunder Photobucket's users' private and password-protected information, images and videos, it has been alleged .."

    Sounds exactly like any one of the many NSA programs that have been pointed out over the past year after Snowden relased info.

  2. "Hacking" goes a little far here.. by Anonymous Coward · · Score: 4, Informative

    The assets in question were not "protected" by passwords, they were stored on publicly accessible and easily guessable URLs. I mean, if by protected by password they mean anyone without the password could take common camera file names and type in an easily guessable URL without the password then well ya.
     

    1. Re:"Hacking" goes a little far here.. by Sqr(twg) · · Score: 4, Interesting

      So, the question is: Is it illegal to issue HTTP GET requests (that conform to all specifications and obey the robots.txt of the site in question) if the owner of the site didn't intent for the content at that URL to be available to you?

      In other words: Is requesting a (non password-protected) webpage equivalent to representing yourself as someone who is authorized to access than page?

    2. Re:"Hacking" goes a little far here.. by mrbester · · Score: 5, Insightful

      Enough with this shit about "trespass". Property laws ate irrelevant. If a page is publicly available then it is public. If it isn't meant to be public then the onus is on the provider to make it private as in contrast to your house, the web is default public by design.

      --
      "Wait. Something's happening. It's opening up! My God, it's full of apricots!"
    3. Re:"Hacking" goes a little far here.. by Sqr(twg) · · Score: 3, Informative

      What if the sign doesn't say "no entry", but instead "feel free to request any URL that you want" ?

  3. Re:Seems a bit harsh by rtb61 · · Score: 3, Interesting

    If you read the indictment, they did not just create the code, they actually used it themselves and showed others how to use it by demonstrating it. Now of course comes much greater consequences, their customer base is also in the firing line and they will all be turned over for a reduced sentence. This could lead to a whole bunch of crimes being exposed.

    --
    Chaos - everything, everywhere, everywhen
  4. Photobucket's punishment? by hawguy · · Score: 4, Insightful

    How much jail time did Photobucket executives get for allowing such lax security in their app in the first place? Must be at least twice the 5 years that these two are getting. Maybe more. Right?

  5. Man talk about straight out if Sci FI by future+assassin · · Score: 3, Interesting

    you get more time for hacking a corporation then you do for manslaughter.

    --
    by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
    1. Re:Man talk about straight out if Sci FI by Anonymous Coward · · Score: 3, Insightful

      As should be the case. the hacking is a malicious, intentional act, with forethought and planning. Manslaughter by definition is neither intentional nor malicious and was done without forethought. One is a crime you intentionally set out to do the other is circumstance/random/accidental.

    2. Re:Man talk about straight out if Sci FI by l0ungeb0y · · Score: 5, Interesting

      By that definition, shoplifters should get 20-30 years. You are one fucked up individual if you think these twerps deserve what amounts to a life sentence over grabbing some nudies. Three to Five years? Sure -- but people like you who support these totalitarian policies are the reason why our country is turning into a Fascist Police State. So fuck you very much for helping to burn our freedoms to the ground you fuck.

  6. This is a crime worse than murder by l0ungeb0y · · Score: 3, Funny

    So it only goes that they receive a fate worse than death. Place them under house arrest and block all network access except to 4chan -- which they shall be forced to moderate. To ensure they actively moderate, they will wear a shock collar around their neck which will administer increasingly painful jolts to prod them into action

  7. Re:Same amount you get for your lax home security by mrbester · · Score: 3, Insightful

    Your home is by default private. The web is by default public. The assumption that a public page is private just because it has your name on it is risible.

    --
    "Wait. Something's happening. It's opening up! My God, it's full of apricots!"
  8. Re:Bigger Fish by St.Creed · · Score: 3, Insightful

    The Chinese students were probably smart enough to do it from outside the USA's jurisdiction...

    --
    Therefore, by the (faulty) logic you're using, you're just a cow with a keyboard - osu-neko (2604)
  9. Re:No sympathy is deserved for these idiots. by CanEHdian · · Score: 3, Insightful

    Welcome to the Star Trek: We're Back fan movie website!

    Episode downloads:

    1. www.strekwb.test/episode1.mp4
    2. www.strekwb.test/episode2.mp4
    3. www.strekwb.test/episode3.mp4

    Episode 4 is ready and we sent the download link to a few people who we think are better than you and get to see it first!

    You're a foul, devious, stinking criminal if you think of trying www.strekwb.test/episode4.mp4 just for the heck of it.

    --
    When the copyright term is "forever minus a day", live every day like it's the last.