Alleged Hacker Lauri Love To Be Extradited To US

An anonymous reader quotes a report from BBC: An autistic man suspected of hacking into U.S. government computer systems is to be extradited from Britain to face trial, a court has ruled. Lauri Love, 31, who has Asperger's syndrome, is accused of hacking into the FBI, the U.S. central bank and the country's missile defense agency. Mr Love, from Stradishall, Suffolk, has previously said he feared he would die in a U.S. prison if he was extradited. Earlier, his lawyer said his alleged hacking had "embarrassed" U.S. authorities. Tor Ekeland said the U.S. government "had very, very bad security and these hacks utilized exploits that were publicly-known for months." Mr Love's lawyers said he could face up to 99 years in prison if convicted of the hacking offenses. Mr Love's defense team argues his depression and Asperger's syndrome mean he should not be sent abroad, but U.S. prosecutors say he is using his mental health issues as an excuse to escape justice.

Title is wrong.

[Wizy]

The ruling is that he can be extradited. He will be appealing this, and if that appeal fails he will be appealing to the EU Court of Human Rights.

He is not getting extradited just yet.

Re: Title is wrong.

Yeah, of course the title is wrong!

Lauri wouldn't love to be extradited, obviously!

Re:Title is wrong.

Assuming no harm was actually done to the machines in question, this man should be rewarded, not punished. Governments should have the best security money can buy. The information they deal with is sensitive and could ruin (part of) the country should it be released.

Following law "because it's the law" is such bullshit reasoning. How about we hold the government responsible for fucking up? Oh no, we could NEVER do that! It might take some civil unrest or suing the country itself. It might take *effort*, let's just take this person who found the vulnerabilities and throw them away until they die, then continue to do nothing about the real problem! /s

The real problem is the government is not competent enough to run its own computer systems. People who find and report vulnerabilities are doing society a great favor, and they get "rewarded" with jail time. That is just and fair only to bootlickers and blue bloods who aren't subject to the same rules.

Re: Title is wrong.

Better than Trumpf ordering a nuclear strike on him because, you know, it's obvious an alien and a terrist.

Re: Title is wrong.

Yay, one day destroying children's hospitals, the next prosecuting the mentally handicapped.

Good job USA.

USA! USA! ...murica

Re:Title is wrong.

Once media have finished milking Trump as a viable candidate, and especially once people actually go out and vote, he will lose so badly it will make your head spin

99 years?

He would have been better off murdering a few people.

Re:99 years?

That's what you get for emberassing the american government...

Unless your last name is Bush, Clinton, or Trump.

Re:99 years?

Don't do the crime if you can't do the time.

"I can't go to prison! I'm Depressed, and Autistic!" -So fucking what.

I'm not saying he did anything, or that there is evidence sufficient for conviction. I'm saying that Depression and Autism do not excuse criminal actions -they are irrelevant. Judge the man on his PROVABLE actions only. If found guilty, his condition should be presented to the judge for consideration when sentencing.

Re: 99 years?

No, it should not be a crime to look at information. The US government is getting up to thingdate RIGHT NOW that are extremely bad for all of humanity.

IIRC, this guy believed they are hiding aliens. So yes, mentally handicapped. The US needs to pay penance for killing so many children in aggressive wars, not go traipsing around the world grabbing retarded people for breaking into their incompetent networks.

Britain has a responsibility here to simply say no.

Re:99 years?

Some jurisdictions have a possible trial outcome of "Guilty but Insane". You still get locked up, tho...

Strange

[invictusvoyd]

U.S. government "had very, very bad security and these hacks utilized exploits that were publicly-known for months.

And so do the people running OS's having backdoors of the agencies .. strange..

No good dead goes unpunished

I'll never understand why these people who expose flaws in infrastructure should be prosecuted just because they are predisposed to find such flaws. They should be treated with respect like cops treat K9's. They sniff things out. It is in their nature. Why not give them a medal for exposing the incompetence at the very least. Better then being exposed to the US usual (and probably incorrect) suspects of China and Russia.

Re: No good dead goes unpunished

Maybe he should have gotten permission if he was doing a good deed.

How would you feel if someone was walking in a parking lot, testing all car door handles to see if they are locked? Just a good deed?

Re:No good dead goes unpunished

You don't understand things because you're stupid. Stop trying.

Re: No good dead goes unpunished

It is literally impossible to get permission from people who just keep turning a blind eye to security. To them a new hack was invented specially for them regardless of how old the used flaws are. In their eyes they do security audits by hiring red teams, then ignore everything the team found and make more laws to cover their asses. They know their security sucks and they think it's okay because they can use the police as a substitute. This leaves the system in an overall worse place because if a state sponsored attack were to take advantage of these flaws, extradition will be impossible. Another country would never allow extradition of their "cyber soldiers." This guy is only getting screwed because he's a civilian in a country that plays nice.

Re: No good dead goes unpunished

[Sarten-X]

That's not how it works... that's not how any of it works.

If you want to be a non-criminal hacker, but can't get permission from someone who doesn't care about security, you don't hack them. Period. You don't get to attack someone without invitation and keep your shiny clean reputation. This guy is getting screwed because he allegedly broke the law.

I've worked with red teams. If you're going to ignore their findings, you're better off not hiring them in the first place. See, red teams keep records. Those records can be subpoenaed, and if it turns out that you were told about a vulnerability and chose to ignore it, it's your ass on the line. Insurance companies won't pay for damages, approvals get revoked, and SLAs start invoking their failure clauses. It's a huge price tag that's almost always bigger that the price to fix the findings.

Re: No good dead goes unpunished

Yet somehow it's perfectly okay for the US government agencies to hack into the computers of innocent people in other countries. We can trust them to just be "making sure we locked our car doors".

Re: No good dead goes unpunished

[Hylandr]

it's your ass on the line.

You see officer we had a lot of problems with Bob and ultimately had to let him go due to some other compliance issues we uncovered. This, this we had no record of, but we will get on it immediately.

Re: No good dead goes unpunished

[Sarten-X]

When Bob, Bob's peer, and their manager all sign off on the pentest plan, it's a lot more difficult to claim ignorance.

Re: No good dead goes unpunished

Because the laws say that his kind of behaviour is breaking those laws,why not say that folk who use a gun to murder people are showing the weakness is gun safety systems.
The little scrote is yer typical white,middle class twat who thinks he has some kind of right to interfere with other people's computer and data systems,if mummy and daddy didn't have "connections",the test would have been on a one way flight across the pond years ago,if mummy and daddy didn't have so much money,they would not be able to afford the kind of defence they are buying him,if he was some poor council estate rat,he would already be in a USA jail,which is precisely the right place for years like this..fingers crossed he fails and ends up doing proper jail time in USA...he only has mild aspergers,not a serious mental problem,more a sign of the little shit not being disciplined properly as a kid,strange isn't it how all the white middle class brit brats like him always have a supposed mental problem,like the little twat who tried to grab a police officers gun and has just copped a plea bargain deal,and lots of others who claim the defence of being nutters.
Fuck em,they did the crime,now let them do the time..

Re: No good dead goes unpunished

That's no the point the point is you don't get up to 99 years in prison for jacking a car... america's "computer crimes misuse act" crap is completely disproportionate and basically a way for people who's concept of computer is "magic" and hacker is "voodoo witchcraft" who must be burned at the stake.

Re: No good dead goes unpunished

[AmiMoJo]

The issue isn't that what he did wasn't wrong, it clearly was. The issue is that the US judicial and prison-industrial complex falls way short of European standards. It's particularly bad for people with medical issues, and those accused of national security or crimes against the military.

We can't extradite people to places where their human rights are likely to be violated. The legal argument here centres on the fact that the US doesn't respect human rights, as defined by the European Charter on Human Rights (ECHR).

Re: No good dead goes unpunished

The issue isn't that what he did wasn't wrong, it clearly was.

Really? According to what barometer? According to Computer Weekly's report, officers had "fleetingly saw file structures that were allegedly stolen from the US Federal Reserve". That could mean anything. File structures are essentially folder hierarchies. Windows, OS X, and Linux systems all look rather similar when you take a look at the core system. If the US government gave two fucks about security, it was likely a Linux or BSD box, so there will be familiar things in /etc/, /usr/, and so on. Wait... that's a file structure that's likely on their servers! He clearly attacked them! Except probably not, especially since Britain's court dropped the investigation (though not before ruling he can be extradited, which is fishy to me)

Further, what exactly is wrong about locating vulnerabilities on a system and informing the owner(s)? Sure it seems sketchy, but if no actual damage was done and no attack was made, then how can we possibly assert that it was *wrong*, let alone attempt to justify sentencing this man to a jail term longer than that of murder, drug- and human-trafficking, etc?

This is merely a case of the United States being a bully caught with its pants down. The man deserves a reward and maybe even a job offer, because he's clearly doing a better job than the person(s) in charge of securing the US government's servers. Why is nobody focused on the staff who let a machine or cluster go without patching the months-old vulnerabilities? You could make a case for criminal negligence.

Re: No good dead goes unpunished

You've made up your mind about something that even the courts haven't had the chance to thoroughly examine yet. The best claim they have is a "fleeting glimpse at a file structure similar to that of the Federal Reserve", with nothing to back up that claim. So do you have special access to the case and the related evidence, or are you just another hard-nosed wannabe bootlicker who thinks law is a replacement for morality and jails are a replacement for asylums?

If the US acted on this and corrected their terrible security, this man just saved the US from a *worse* embarrassment. They're *lucky* that someone who was just curious stumbled across it. Had it been an actual threat, we'd likely be talking about money being stolen from Americans straight from their banks instead of a man who's being used as a scapegoat to cover up the incompetence of the United States.

I say this as a citizen of the US, for the record. Our government has no clue what it's doing when it comes to computers.

Re: No good dead goes unpunished

How does the US Military and Government differentiate between a foreign APT attacking their computing infrastructure, and some curious geek looking for evidence of hostile aliens running the UN?

That's the reason for these extradition clauses; it's assurance that people aren't going to be cheating or spying on each other overtly. Now covertly, that's a different discussion.

Compromising production infrastructure of some company because you are a security enthusiast requires you take on all of the risk and none of the rewards, and potentially trash their stuff. Not saying the altruism argument is fully invalid there, but there's more to it than that. There's also a huge difference between poking around the surface of a production infrastructure, like going to a trade show and opening an unmarked door, and delving into the inner core. Judges don't know how to tell the difference, geeks do.

Completely different situation, however, if you find a remote Zero-Day in the worlds finest software package, or a vulnerability in a security protocol, and release it to the general public. As much as the vendors, government, and even the public would just like you to keep your mouth shut due to the costs, facts are, if you can find it, the bad guys know about it too. This provides incentive for companies to release secure software when appropriate, because of the risk of a 3rd party posting up an unfavorable review on your software and the impact it will have on sales. Fix it, patch it, apologize for it, save face, move on.

Re: No good dead goes unpunished

[mbeckman]

...what exactly is wrong about locating vulnerabilities on a system and informing the owner(s)? Sure it seems sketchy, but if no actual damage was done and no attack was made, then how can we possibly assert that it was *wrong*"

What's your home address? I want to break in to test your security measures. How can you possibly assert that I am *wrong*?

Re: No good dead goes unpunished

127.0.0.1

Re: No good dead goes unpunished

[amias]

You clearly have no idea what you are talking about. Lauri is a highly ethically motivated hacker and a gentleman who has been stitched up by his government.
I've spoken with him and I know your assessment is only based on the contents of your ass , which also seems to be your mouth.

Re: No good dead goes unpunished

don't be such a cunt.

Re: No good dead goes unpunished

Fuck em,they did the crime,now let them do the time..

In the EU we know "99 years in jail for computer crimes" as cruel and unusual punishment. It's a legal term and it might very well be the last line of defence that eventually saves him from extradition. It doesn't mean that he would have to get sentenced for that 99 years in jail, it suffices that he could get sentenced to such a long time in jail.

Re: No good dead goes unpunished

Why is nobody focused on the staff who let a machine or cluster go without patching the months-old vulnerabilities? You could make a case for criminal negligence.

Government employees are protected from personal liability when acting on behalf of the government in the job role.

Re: No good dead goes unpunished

Of course it's OK. Everybody knows US protects the democracy (what's left of it), fights against terrorism (by aiding future terrorists) and takes cares of the children (by killing and imprisoning their parents). But hey, we're the good guys!

Re: No good dead goes unpunished

There is no such thing as "mild asperger": either you're autistic (and hence abnormal and mentally ill) or you're not.

Re: No good dead goes unpunished

almost but not quite (and very good, actually), but your last phrase should be:

>>we had no record of, but we HAVE OUR BEST PEOPLE ON IT NOW.

a Spectrum abuser

[turkeydance]

or is that Spectre?

Re:a Spectrum abuser

maybe he can move in with Julian Assange. turn the Ecuadorian Embassy into some kind of sperglord reserve. that is almost worth making into a tv series.

Meanwhile.....

Meanwhile Hillary is free and nurturing her clones.

No justice

U.S. prosecutors say he is using his mental health issues as an excuse to escape justice.

Not trying to defend what he did, but the USA does not have "justice".

"who has Asperger's syndrome"

[Nutria]

His defense team wants to set a precedent that Asperger's Syndrome is a Get Out Of Jail Free card.

Re:"who has Asperger's syndrome"

[SuricouRaven]

The UK generally accomodates mental health issues in prison. It isn't a get out of jail card, but it means he gets access to counselling and support. And the UK authorities already investigated the crime, and decided not to prosecute.

The US, on the other hand, takes a perverse pride in how terrible their prison system is. The public there expects, even demands that prisoners should suffer as much as possible. There is an ongoing legal conflict about providing prisons with air conditioning, when temperatures can easily reach the point of prisoners passing out and occasionally being hospitalised for heatstroke, yet administrators still refuse to address the situation because it would be seen as being 'soft on crime.' Prison rape is so common it's a subject for comedy, and that's the way the people like it. The emphasis is on punishment, not rehabilitation.

Re:"who has Asperger's syndrome"

[Nutria]

The UK generally accomodates mental health issues in prison.

Asperger's is a mental disease?

Re:"who has Asperger's syndrome"

[wonkey_monkey]

A mental health issue is automatically a disease?

Re:"who has Asperger's syndrome"

[Nutria]

A mental health issue is ...

so broad as to be meaningless.

Re:"who has Asperger's syndrome"

It's a disease you fuckwit. The medical profession specifically accepts it as a disease.

Re:"who has Asperger's syndrome"

[evilviper]

The US, on the other hand, takes a perverse pride in how terrible their prison system is.

That's only true in some few localities. This guy, however, would be going to federal prison, which are very high quality and safe institutions, not subject to the whims of local voters.

Prison rape is so common it's a subject for comedy

So are "Cowboys", and both for the same reason. They are mythical constructs that help writers, and don't really exist, outside of Hollywood:

See: https://slashdot.org/comments....

Re:"who has Asperger's syndrome"

It's a disease you fuckwit. The medical profession specifically accepts it as a disease.

not true, it doesn't even recognise aspergers. I'm diagnosed and my official diagnosis says "high functioning autism ", from speaking to ASD team members at specialist autism centre over long time they say I'd fall into high functioning aspergers with savant traits BUT aspergers isn't recognised here (UK) or many places as it is all just autism now.

Small typo in the title

[hcs_$reboot]

It's actually "Alleged Hacker Lauri Loves To Be Extradited To US"

Does Britain allow this?

I thought that most places can't extradite to countries that are known to torture people.

Technically "aspergers"

People who have (or claim to have) Aspergers are basically Autism-spectrum, but most of them know damn well what they are doing, they just don't care about the consequences of their actions, and blame it on their autism. Hence many of them are internet trolls and script kiddies (one could say all of 4chan are Aspergers.) Breitbart/8ch is a special case of alt-right and toxic behavior like gamergate, and MRA's coming together to form a super-storm of internet shitheads.

Re:Technically "aspergers"

Those people can't even keep their website alive, nobody cares as long as they stay on twitter.

Lauri Love to Be Extradited

[ememisya]

I swear I thought the article was about to explain how a man named Lauri would love to be extradited to US.

justice in US?

I doubt but maybe there is any, sure enough its system of 'corrections' comes straight from middle ages though.

So his defense is

[OverlordQ]

"Well you shouldn't have left your car unlocked if you didn't want me stealing your shit"?

Re:So his defense is

[RandomSurfer314]

No, his defense is essentially that the US prison system is so inhumane that nobody should be extradited to it. Which is unfortunately a very reasonable defense based on facts. He wants to stand trial in the UK, where he has committed his crimes.

Trying to escape "justice"?

The USA doesn't have a justice system.

It has a harsh and vindictive revenge system which seeks to utterly destroy people who embarrass it.

I just wonder

How often does the US extradite its citizens?

Re:I just wonder

[Alumoi]

POTUS: What do you mean extradite? Do you want to run out of CEOs?

Hey US gov, fix the damn bugs instead!

Instead of spending time and money to pursue a guy just getting through almost open doors, shut the damn doors!

The Chinese are not scared of your law, and are exploiting the hell out of you!

Re:Hey US gov, fix the damn bugs instead!

The Chinese are not scared of your law, and are exploiting the hell out of you!

The Chinese!?!?

Who the hell do you think we've sold you out to?

The whole Russia/China vs USA is Kabuki theater. There is no actual conflict. It's simply to keep the sheep in line while the infrastructure for global authoritarian governance and 'harmonization' of laws, all controlled together by China, Russia, and the US, is implemented worldwide.

-GCHQ/NSA/FSB/Ministry of State Security [China] (and their respective governments)

Re:Hey US gov, fix the damn bugs instead!

Russia no longer deserves to be mentioned with the US and China when it comes measuring global power. Russia has a GDP less than the state of California and a military in dire need of a total revamp. Russia's nuclear weapons are the only thing keeping them from being 3rd world country. As it stands the US could withstand a total detachment from trading with China while China could not survive without access to the US market. China has been upgrading their military but they cannot project any of that power out side of it's immediate territory. And they have allowed themselves to be encircled by missile defense systems and an increased US military presence and countries like Japan and SK who both have formidable militaries.

Statfor hacker goes free

[dbIII]

Meanwhile the Statfor hacker goes free because he was an FBI informant.
A bit weird when a guy who was only poking about looking for UFO stuff could be facing 99 years.

Re:Handmade Vintage Leather Messenger Bags

This is an unexpected break in the topic of discussion. I see /. has embraced in-comment advertising as a business model.

I'm sure my front door has "very bad security"

[naughtynaughty]

My front door could probably be picked relatively easily.

That doesn't mean you get to pick my locks, wander through my house and when arrested blame your intrusion on me.

We can argue over the appropriate punishment, we can argue about edge cases but "it was easy" isn't an excuse and neither is you having Aspergers.

Jurisdiction

If the guy wasn't in the US when he did this, the US does not have jurisdiction and the UK should not extradite him. If he has broken any laws in the UK, let the Uk prosecute him.

Re:Handmade Vintage Leather Messenger Bags

[daveime]

I see there is no Vintage Leather Penis Warmer, therefore please unsubscribe me from your advertising campaign.

poor excuse

I have no opinion on Love's guilt or innocence and no dog in the fight. I an however dead tired of the "they had shitty security so what I did was not really bad" defense. I know my neighbor leaves his ground floor windows unlocked, does that make it OK for me to pop open the window and stomp around his house, maybe 'borrow' a few things of his? The folks across the street have old locks, the kind I can 'bump', should law enforcement let me off when I bump his door and help myself to his pantry and NetFlix account?

Be careful how you answer because I know a lot of more sophisticated stuff so if you are OK with weak security being an excuse you might have to live with the consequences.