Slashdot Mirror

← Back to Stories (view on slashdot.org)

Photobucket Hackers Nabbed, Face Serious Charges From US Authorities

Posted by ryuzaki0 on from the until-somebody-loses-an-eye dept.

The U.S. Department of Justice said in a statement released Friday that two men, Brandon Bourret, and Athanasios Andrianakis, of Colorado Springs, Colorado and Sunnyvale, California, respectively, were arrested for their sale of software designed to breach the security of photo-sharing site Photobucket.com; their "Photofucket" app, says the linked Register report, was used "to plunder Photobucket's users' private and password-protected information, images and videos, it has been alleged ... The charge sheet against Bourret and Andrianakis details one count of conspiracy and one count of computer fraud, aid and abet – both of which carry a maximum prison sentence of five years and a fine of up to $250,000. In addition, the men stand accused of two counts of access device fraud, which carries a higher prison sentence of up to 10 years and a fine of up to a quarter of a million dollars, per count." The indictment, filed in Federal District Court in Colorado, is far easier to read than many.

6 of 142 comments (clear)

  1. When is the NSA going to be held accountable? by Anonymous Coward · · Score: 5, Insightful

    "...their "Photofucket" app, says the linked Register report, was used "to plunder Photobucket's users' private and password-protected information, images and videos, it has been alleged .."

    Sounds exactly like any one of the many NSA programs that have been pointed out over the past year after Snowden relased info.

  2. "Hacking" goes a little far here.. by Anonymous Coward · · Score: 4, Informative

    The assets in question were not "protected" by passwords, they were stored on publicly accessible and easily guessable URLs. I mean, if by protected by password they mean anyone without the password could take common camera file names and type in an easily guessable URL without the password then well ya.
     

    1. Re:"Hacking" goes a little far here.. by Sqr(twg) · · Score: 4, Interesting

      So, the question is: Is it illegal to issue HTTP GET requests (that conform to all specifications and obey the robots.txt of the site in question) if the owner of the site didn't intent for the content at that URL to be available to you?

      In other words: Is requesting a (non password-protected) webpage equivalent to representing yourself as someone who is authorized to access than page?

    2. Re:"Hacking" goes a little far here.. by mrbester · · Score: 5, Insightful

      Enough with this shit about "trespass". Property laws ate irrelevant. If a page is publicly available then it is public. If it isn't meant to be public then the onus is on the provider to make it private as in contrast to your house, the web is default public by design.

      --
      "Wait. Something's happening. It's opening up! My God, it's full of apricots!"
  3. Photobucket's punishment? by hawguy · · Score: 4, Insightful

    How much jail time did Photobucket executives get for allowing such lax security in their app in the first place? Must be at least twice the 5 years that these two are getting. Maybe more. Right?

  4. Re:Man talk about straight out if Sci FI by l0ungeb0y · · Score: 5, Interesting

    By that definition, shoplifters should get 20-30 years. You are one fucked up individual if you think these twerps deserve what amounts to a life sentence over grabbing some nudies. Three to Five years? Sure -- but people like you who support these totalitarian policies are the reason why our country is turning into a Fascist Police State. So fuck you very much for helping to burn our freedoms to the ground you fuck.