Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dutch Developer Added Backdoor To Websites He Built, Phished Over 20,000 Users (bleepingcomputer.com)

Posted by BeauHD on from the bolting-to-the-door dept.

An anonymous reader quotes a report from BleepingComputer: A Dutch developer illegally accessed the accounts of over 20,000 users after he allegedly collected their login information via backdoors installed on websites he built. According to an official statement, Dutch police officials are now in the process of notifying these victims about the crook's actions. The hacker, yet to be named by Dutch authorities, was arrested on July 11, 2016, at a hotel in Zwolle, the Netherlands, and police proceeded to raid two houses the crook owned, in Leeuwarden and Sneek. According to Dutch police, the 35-years-old suspect was hired to build e-commerce sites for various companies. After doing his job, the developer also left backdoors in those websites, which he used to install various scripts that allowed him to collect information on the site's users. Police say that it's impossible to determine the full breadth of his hacking campaign, but evidence found on his laptop revealed he gained access to over 20,000 email accounts. Authorities say the hacker used his access to these accounts to read people's private email conversations, access their social media profiles, sign-up for gambling sites with the victim's credentials, and access online shopping sites to make purchases for himself using the victim's funds.

77 of 123 comments (clear)

  1. I knew it! by Anonymous Coward · · Score: 4, Funny

    There are two kinds of people in this world I hate.

    Those that are intolerant of other people's cultures and the Dutch.

    1. Re:I knew it! by Mr+D+from+63 · · Score: 1

      There are two kinds of people in this world I hate.

      Those that are intolerant of other people's cultures and the Dutch.

      How about people who don't know what "phishing" means?

    2. Re:I knew it! by gnick · · Score: 1

      Obviously, phishing means hacking and hacking means "stealing with a computer." What other definitions could there possibly be? Duh.

      --
      He's getting rather old, but he's a good mouse.
    3. Re:I knew it! by gweihir · · Score: 1

      I get it! You mean to say in a circumspect way that you are Dutch! Nice!

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    4. Re:I knew it! by TechyImmigrant · · Score: 1

      There are two kinds of people in this world I hate.

      Those that are intolerant of other people's cultures and the Dutch.

      I met a drunk Dutch guy in Seattle last week. He was quite the bore.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
  2. Why not name him? by haruchai · · Score: 3, Interesting

    He's been in custody for over 6 months and is not a minor so why keep his name a secret?

    --
    Pain is merely failure leaving the body
    1. Re:Why not name him? by Anonymous Coward · · Score: 5, Informative

      The Dutch never reveal the names of the accused, even after they are found guilty after trial, has to do with the privacy laws.

    2. Re: Why not name him? by Anonymous Coward · · Score: 2, Interesting

      Because he's not yet been found guilty, and some cultures take a more enlightened approach than others when it comes to destroying potentially innocent lives via the judicial system.

      Think he'd ever find work again, if found not guilty, but named all over Google anyway?

    3. Re: Why not name him? by Anonymous Coward · · Score: 1

      I also like keeping guilty people anonymous simply because it seems like in todays celebrity driven culture there's some portion of the population who will do anything to become famous, including doing some quite heinous crimes. Lets not turn criminals into minor celebrities and make them look as cool as possible. I remember looking at the front page of CNN thinking "is it really appropriate to be using the ISIS glamour shots on the front page? Are you trying to make them look as cool and bad ass as possible?"

    4. Re:Why not name him? by Holi · · Score: 5, Insightful

      Wow, what's the recidivism rate in Europe compared to America? Yet you seem to think there system is worse then our lock up everyone we don't like policy.

      Sorry but an American critiquing anyone else's prison system is the height of hypocrisy.

      --
      Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
    5. Re:Why not name him? by Desler · · Score: 1

      Weak trolling is weak.

    6. Re:Why not name him? by Desler · · Score: 4, Informative

      Considering the US has the highest recidivism rate, around 76%, in the world, the EU countries by definition are doing better. Norway, as an example, has the lowest recidivism rate, around 20%, in the world.

      http://www.businessinsider.com...

    7. Re:Why not name him? by hcs_$reboot · · Score: 2

      Because nobody here can pronounce it.

      --
      Slashdot, fix the reply notifications... You won't get away with it...
    8. Re:Why not name him? by Anonymous Coward · · Score: 1

      Well of course the US has the highest recidivism. We lock people up - often for minor crimes - and then we allow employers to ask if they have ever been convicted of a crime. With a checkbox on an employment application. Duh! Nearly nobody will hire a person who checks the box. And if they don't check the box, a background check finds that they are lying and they still won't be hired. So of course you are going to do more crime if you cannot work to make a living. You aren't just going to say, "well, I screwed up and now I should be homeless, have no food, and die". You will steal things. We make minor criminals into major ones this way. This is obvious. Only apparently not obvious to lawmakers in the US...

    9. Re:Why not name him? by ctilsie242 · · Score: 5, Informative

      As a devil's advocate, it can be argued that other than a direct victim or people who are affected by the criminal's actions, keeping the names of people arrested private isn't such a bad thing. It is a better system than here in the US where as soon as someone is booked, that info goes into hundreds of databases, and even if charges are dropped or the person is found innocent, the arrest record is still public, and can affect finding work in the future. It just might be that the public humiliation of having some peccadillo be forever branded into a person's virtual hide is far greater a punishment than the offense requires.

    10. Re:Why not name him? by Opportunist · · Score: 2

      Not really. Unless you want to detain him forever.

      Else you're one day going to release someone whose only possible career is one as a criminal. Is that what you want?

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    11. Re:Why not name him? by Ol+Olsoc · · Score: 4, Interesting

      Considering the US has the highest recidivism rate, around 76%, in the world, the EU countries by definition are doing better. Norway, as an example, has the lowest recidivism rate, around 20%, in the world.

      Hey! We pour the most money into our prison system, so it must be the best.

      Sad to say, the get tough on crime crowd in conjunction with the war on drugs, has turned the US Prison system into insanity. Then there is the aspect of money, which in some cases gets you three months for sexual assault rape, http://www.cnn.com/2016/09/02/... versus getting 50 years for stealing a rack of ribs. http://www.huffingtonpost.com/...

      And yet, the people who think that what amounts to a life sentence for stealing food is a fine idea, almost universally don't want to pay for that incarceration.

      We're Kookoo for Cocoa-Puffs some times.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    12. Re:Why not name him? by Ol+Olsoc · · Score: 1

      Because nobody here can pronounce it.

      Hmmm, not sure if +1 funny, or +1 insightful........

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    13. Re:Why not name him? by Opportunist · · Score: 2

      That's what you get when you base your justice system on the idea of revenge.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    14. Re: Why not name him? by ctilsie242 · · Score: 1

      I remember back in the 1980s, as soon as the press stopped naming people in public who committed suicide, the amount of public suicide pacts and other items went down. What bothered me about the press wasn't the fact that a mass murderer was named. A few years ago, there was a mass shooting at UCSB. The shooter was not just named, but his writings and his YouTube videos were published, and the press spent most of the holiday going through his life like a biography of a hero. What the press should have done is give the guy an emasculating nickname, and from that point on, if the incident comes up, it will be "Happy Bunny" or "Lollipop Licker" who is named for that event, with all his/her writings not readily available, so the person never gets any press after the action. Definitely no monuments with the shooter's name on it. Just the victims.

    15. Re:Why not name him? by mwvdlee · · Score: 5, Insightful

      Because you want to be able to punish ex-criminals after he has received his punishment according to the law?
      If a criminal is released from prison, it should be assumed he won't commit crimes again.
      If you assume an ex-prisoner will commit crimes again, your prison system isn't working.

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    16. Re:Why not name him? by mwvdlee · · Score: 2

      You're asking the wrong question.
      Why ever release his name at all?

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    17. Re:Why not name him? by mwvdlee · · Score: 1

      Hey! We pour the most money into our prison system, so it must be the best.

      Your prison companies will be happy to make your prison system even better by increasing their profit margins.

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    18. Re:Why not name him? by slashrio · · Score: 1

      Well, we all know whom the US prison system in reality is for.
      Hint: it has to do with financial gain.

      --
      "Trump!!", the new Godwin.
    19. Re:Why not name him? by houghi · · Score: 1

      Innocent until proven guilty. Also the way Europe thinks about privacy is different from how the US thinks about it.
      In Europe everything is private unless it is public.
      In the US everything is public unless it is private.

      And this is for all people, not just for a selected group. This thus includes people who are in prison. It is not that they suddenly are perceived as sub-human. They are still part of our society.

      --
      Don't fight for your country, if your country does not fight for you.
    20. Re:Why not name him? by thegarbz · · Score: 2

      That's where they go wrong. (seriously)

      With crime, criminality, and incarceration rates at a fraction of the USA, to borrow some popular culture references: if this is wrong I don't want to be right.

    21. Re:Why not name him? by Ol+Olsoc · · Score: 2

      Hey! We pour the most money into our prison system, so it must be the best.

      Your prison companies will be happy to make your prison system even better by increasing their profit margins.

      Hard to imagine that people could not figure out that in a corporatocracy, that applting the profit motive to incarcerating humans would not lead to demands and baksheesh to incarderate more humans. If you have to make more profit every quarter, you need more prisoners, for longer periods of time. The most contradictory thing about that, is that you need to take care of the prisoners so that they live as long as possible, maximizing the profit per prisoner, while the get tough on crime crowd wants them all dead as soon as possible, so they pay as little as possible. Guess who wins?

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    22. Re:Why not name him? by houghi · · Score: 1

      In Belgium the employer can ask if you have a clean slate. What they will get is a yes or no. After a while these will be removed depending the type of crime. You also see the time it happened.
      It is only in very specific places where I was responsible for customers money that this was actually asked. If you are a desk jockey, most likely nobody will ask.

      --
      Don't fight for your country, if your country does not fight for you.
    23. Re:Why not name him? by Desler · · Score: 1

      What if the person was wrongfully convicted and later determined to br e innocent?

    24. Re:Why not name him? by Desler · · Score: 1

      #1 in the world! USA! USA! USA! /sarcasm

    25. Re:Why not name him? by Desler · · Score: 1

      Trying to shift the goalposts. How cute...

    26. Re:Why not name him? by Desler · · Score: 1

      We're #1! We're #1! /sarcasm

    27. Re:Why not name him? by Oswald+McWeany · · Score: 1

      I thought I read the US was abolishing all private prisons.

      (because what you said, was correct).

      --
      "That's the way to do it" - Punch
    28. Re:Why not name him? by Oswald+McWeany · · Score: 2

      Dutch is easy- it's just German looking words pronounced as if they were English words. Dutch to me always sounded like "fake German" being spoken by an English speaker.

      --
      "That's the way to do it" - Punch
    29. Re:Why not name him? by gweihir · · Score: 1

      Because it is not the US and civilized countries have laws that protect the identities of people that are not yet convicted?

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    30. Re:Why not name him? by gweihir · · Score: 3

      They don't. They just have realized, like any civilized country, that punishment is the task of the state and _nobody_ else. Hence they do not release names. This is actually pretty standard in Europe.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    31. Re:Why not name him? by gnick · · Score: 1

      If you assume an ex-prisoner will commit crimes again, your prison system isn't working.

      At least in the U.S., it's a good bet that a criminal will re-commit. This may be a sign that the prison system isn't working, but it doesn't change the fact that we have a recidivism rate of over 50% in the first year after release alone.

      That said, if we don't give "rehabilitated" convicts the benefit of the doubt after "paying their debt," we're pretty much guaranteeing that they'll have to return to crime. Convicts do need the ability to escape their criminal past.

      --
      He's getting rather old, but he's a good mouse.
    32. Re:Why not name him? by Ravaldy · · Score: 1

      Why would we want to give any wiggle room to those who, of their own will opted to be malicious? Isn't trust earned? Why should they get a free pass after screwing up royally?

      IMO going to prison is just part 1 of a 2 phase process. Re-integration is probably the hardest part because now you need to earn people's trust again.

    33. Re:Why not name him? by Anonymous Coward · · Score: 1

      Uh huh. Which is why the recidivism rate in the Netherlands is more than 20% lower than in the US?

    34. Re:Why not name him? by ctilsie242 · · Score: 3

      What wiggle room? The justice system here in the US is a meat grinder that destroys lives, even people who were innocent. Take NYC, for example. Someone gets arrested for jaywalking. Unless they bond out, they are going to be staying at Riker's for over a year until trial. Even after trial, if they are found lily-white innocent, their lives are ruined. They are most likely evicted, their job is long gone, and any vehicle they had is either repossessed or impounded and sold.

      What do we want in the US, a -justice- system, or a -revenge- system? A -justice- system is designed to ensure crimes are not repeated, and rehabilitation is part of that. What we have now is a -revenge- system. It is great if one likes watching people suffer, and great if you have private prison stock, but not if you have any ethics or a conscience. Yes, we need to lock up some people well away from society to keep the streets safe, but why should someone who was caught with a bag of marijuana be locked up for life, and even if they get released, will never be able to hold a meaningful job.

      I'd rather have my taxpayer dollars go for vocational rehab in prisons, so someone getting out has a chance of a job. This way, they can work, or even just cruise on welfare... both are cheaper on the taxpayer than locking them up in a private, for-profit prison for the rest of their life.

    35. Re:Why not name him? by haruchai · · Score: 1

      I thought I read the US was abolishing all private prisons.

      (because what you said, was correct).

      That may not be as big a deal as it sounds .....http://www.mockingbirdpaper.com/content/abolishing-private-prisons-biggest-lie-economic-recovery

      --
      Pain is merely failure leaving the body
    36. Re:Why not name him? by david_thornley · · Score: 1

      As an employer, why would I want to hire someone with a criminal record? If that person does hurt someone else while working for me, I'm likely to be sued for providing an unsafe work environment by deliberately hiring someone with a criminal record. It's safer to reject the applicant and hope none of the crimes we're forcing him to commit just to survive have an impact on me.

      If I couldn't know if there's a criminal record when making the hiring decision, or if I were confident of not being liable if something goes wrong with such a hire, I'd be much more interested in hiring someone with a record.

      --
      "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
    37. Re:Why not name him? by Ol+Olsoc · · Score: 1

      How bad do things have to get for America to get their shit together?

      I think we've had a really bad memory leak, and regardless, have voided our warranty.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  3. Oh that is just textbook xkcd... by teslar · · Score: 4, Funny

    https://xkcd.com/792/

    1. Re:Oh that is just textbook xkcd... by Holi · · Score: 1

      Comic from 2010, gotta wonder if that is where the idea originated.

      --
      Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
    2. Re:Oh that is just textbook xkcd... by chihowa · · Score: 1

      Why is xkcd (through fastly) still using a cert signed by a revoked intermediate CA? Isn't three months long enough to sort that out?

      --
      If you want a vision of the future, imagine a youtube comments section scrolling - forever.
    3. Re:Oh that is just textbook xkcd... by chihowa · · Score: 1

      OK, it looks like the fix for them accidentally revoking their certificate was just to un-revoke it and pretend that it never happened. Clearing my OCSP cache "resolved" the issue. That whole affair really reinforces my faith in the CA system.

      --
      If you want a vision of the future, imagine a youtube comments section scrolling - forever.
    4. Re:Oh that is just textbook xkcd... by Quirkz · · Score: 1

      "Since March of 1997 I don't really believe in anything." That's oddly specific. Curious if he's referencing a specific thing/event, or if that's a callback to a personal moment of truth, or just a weirdly detailed joke?

      --
      The Quirkz Handbook of Self-Improvement for People Who Are Already Pretty Okay
    5. Re:Oh that is just textbook xkcd... by ChoGGi · · Score: 2

      However, he reveals that "since March of 1997" he doesn't really believe in anything. This could possibly refer to the March 26, 1997 incident in San Diego, California, where 39 Heaven's Gate cultists committed mass suicide at their compound. It is a plausible explanation, since one of them was the brother of Nichelle Nichols (a Star Trek actress), so the event got a big resonance in nerd circles (and Randall often refers to Star Trek in xkcd). However, given Black Hat's strange behavior, it could be anything, even Bill Clinton banning federal funding for human cloning research.

      https://www.explainxkcd.com/wi...

  4. EULA by wardrich86 · · Score: 1

    Should have just added a line to the EULA that he would be able to gain access to your account(s) if you register. Nobody reads the EULA, and there'd be no case against him because it would be in the EULA.

    This should also set the precedent that the government can be arrested if they put backdoors into things... of coursehttps://yro.slashdot.org/story/17/01/18/0527225/dutch-developer-added-backdoor-to-websites-he-built-phished-over-20000-users#, that will never happen. Nothing is illegal if the Government is doing it.

  5. Re:You get what you pay for... by worf_mo · · Score: 1

    Because doctors, lawyers, accountants, engineers and other trusted professionals are less prone than software developers to do shady or outright illegal things when exercising their profession? I don't have any specific data about that, but members of any of the above categories pop up in the relevant sections on the news now and then. If you are a crook you're crook, and no regulating body neither an insurance will change that.

    But of course nobody wants to pay for that, so they get what they pay for.

    As far as TFS goes, none of of his customers have paid him to siphon their customer's data. If he wasn't happy with what his customers were willing to pay he could simply have not accepted the jobs.

    OTOH there are many examples of software projects - some of them are mentioned on this site now and then - that were badly handled although absurdly high amounts of money have been paid.

  6. The town name just was too funny. by MensaMoron · · Score: 1

    He is a Sneak Thief from Sneek.

  7. What Backdoor? by coofercat · · Score: 1

    Anyone know how he got the information out of the sites he'd created? How did he 'install some scripts'? And even then, how did he get the data out?

    I realise that if you're hiring someone like this you might not be so-inclined to watch logs and whatnot, but there must be some sort of trail left by his accesses.

    1. Re:What Backdoor? by The-Ixian · · Score: 1

      My guess is that he had the credentials to legitimately log in to the web hosts and make whatever changes he wanted.

      In the tradition of: "you touched it last, it's yours", many professional web dev outfits will also just take the role of web server maintainers (even if they typically suck at that job) or, at the very least, hang on to the web host credentials in case the client comes back to them with problems or changes.

      If you are the web dev, you could very easily, for example, e-mail yourself in addition to the legitimate recipient for every submitted web form. Really, anything you can do on a web site, a copy could be sent to the web dev. I would assume this could include everything from names and e-mail addresses to passwords and credit card information. It just depends on what the site does.

      --
      My eyes reflect the stars and a smile lights up my face.
    2. Re:What Backdoor? by LordWabbit2 · · Score: 1

      Clearly you are not a developer. All you would have to do is create webpage which when you pass it a certain variable pops up a form to upload something and run it on the server. The webpage does a legitimate task (registration for instance) but if you access it with webpage.php?action=registers instead of webpage.php?action=register it jumps to a separate section and allows you to upload a file etc. Even if someone were to give the site a once over it would be hard to pick up. To make it even more secure you can have it check for a cookie or originating IP address so that if someone else tries it, it will ignore it.

      Developers have access to very sensitive stuffs, there is a very high level of trust that the developer is not going to do what this guy did. Firstly they are expensive to hire, what they produce can only be understood by another developer, so just having the code double checked (properly, not just a quick look) will almost double your costs, so it's rarely going to happen.

      I'm not sure about other countries, although I imagine it's pretty much the same everywhere, but any financial institution here does a full background check before they will hire you. Any criminal record and you won't even get an interview. Bad debt is almost as bad, if you are black listed don't even bother applying. Sometimes they will make an exception for black listing, depends on the situation, but in all my years I have only heard of one.

      --
      There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
    3. Re:What Backdoor? by coofercat · · Score: 1

      You're right - I'm a devops, so I know a lot about sysadmin, and a bit about dev. I know he *could* do all those things, but I was looking to find out what he did do, and how he covered his tracks (if at all). I doubt most of the site owners would be checking /var/log/audit logs or /var/log/nginx/access.log or whatever, but if they had been, would they have been able to see something going on?

      It my impression that most criminals aren't nearly clever enough. He *could* have written scripts to snaffle the data and delete the logs that showed it happening, but I guess I'm wondering if he did all of that and if in fact, there's a clear trail of evidence on the systems he delivered.

    4. Re:What Backdoor? by swb · · Score: 1

      It my impression that most criminals aren't nearly clever enough.

      Maybe small-time criminals like home burglars or armed robbery people aren't clever enough, but someone capable of delivering a working e-commerce site? I'm assuming there that all the cleverness required to pull it off is built-in.

      My question is -- they caught THIS guy, but how many have done the same thing and not gotten caught? There's possibly millions of e-commerce sites out there written by people with nobody looking over their shoulder and not enough resources for someone to check for something like this.

      Surely this isn't the only person to give in to a moral hazard like this.

    5. Re:What Backdoor? by coofercat · · Score: 1

      Right - so back to my original question... what *did* he do?

    6. Re:What Backdoor? by LordWabbit2 · · Score: 1

      I doubt he did any of this on a major FOSS projects main trunk, it would definitely have been picked up there. He could have modified a WordPress site to add the functionality / backdoor and deployed that directly onto the server. No one would think to check that the code was not standard. I doubt he did that though, since they have an update function which would have wiped out his backdoor. I suspect this was all custom code, probably some cookie cutter website he used with a lot of his clients.

      --
      There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
    7. Re:What Backdoor? by LordWabbit2 · · Score: 1

      The clever ones are not criminals, they get away with it. There are some scary smart people working on the trojans etc. out there. Some of the stuff is hand coded in assembler, which they structure in such a way that the usual debuggers get confused and either crash or start following the wrong path, all just to make it more difficult for the white hats to figure out how to shut down the botnet.

      --
      There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
  8. Re:You get what you pay for... by volodymyrbiryuk · · Score: 1

    There is an interesting talk by Robert C. Martin on a similar topic: http://developeronfire.com/pod...! The registration will probably lead to more bureaucracy to the point where we will have "regulation bodies" who exist for their own sake.

    --
    sudo rm -r -f --no-preserve-root /
  9. Re:You get what you pay for... by The-Ixian · · Score: 1

    What I don't understand is why he needed "back doors".

    During the course of work (obviously depending on scope) you may need access to sensitive information: admin passwords, internet utility bills, access to admin e-mail accounts (postmaster, webmaster), employee rosters, internal topology information, router passwords, the list goes on. All of this stuff is usually handed over without a second thought.

    I have known these details and more for many local companies in my course of work. I have never abused that trust (I actually go out of my way to try to not remember passwords and other sensitive information), but I can certainly see how it could be abused without ever having to install any malware.

    --
    My eyes reflect the stars and a smile lights up my face.
  10. Hello Mr. victim by SpaghettiPattern · · Score: 1, Funny

    Hello Mr. victim. It is me, Steffen van der Hast-Gracht of the Amsterdam police. Wiz my partner and also I am very happy to say my lover Ronald. I am terribly sorry to inform you zat you haf bin vukked ofer ze Internet by some ferry dubious person stemming from Ze Nezerlands. Vee haf already prepared ze forms for you to fill in so zat you can claim insurance, psychological help and absent time from yor wurk. Vee also made petition on ze Internet for you to arrange a silent march over ze canals. You ken bye flowers from my nephew but if you don't want or you don't like also from any other shop. Yes. End may I infite you for a romantic evening with you, your partners, our dogs and a few convicted drug dealers zat reely reely promise to take ze right path very soon.

    --

    I hadn't the slightest objection to his spending his time planning massacres for the bourgeoisie... (P.G. Wodehouse)
  11. Re:Maybe they'll let him go by Opportunist · · Score: 1

    Dude, if you start dressing as a woman in a male prison, you better be serious about it...

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  12. Re:Hmm by Ol+Olsoc · · Score: 1

    Why do they continue to call these people hackers?

    I hear Xanax is now being prescribed for Pedantic Anxiety Syndrome. Ask your Doctor if Xanax is right for you!

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  13. Re: guilty people? by slashrio · · Score: 1

    He's a suspect. He will only become guilty when the judge has ruled so.

    --
    "Trump!!", the new Godwin.
  14. Back door unneeded by CODiNE · · Score: 1

    Could have just left a couple vulnerabilities sprinkled in odd places and used poor hashing practices. He'd have complete deniability as it looks just like 90% of websites out there.

    --
    Cwm, fjord-bank glyphs vext quiz
  15. Re: not obvious to law makers by slashrio · · Score: 1

    It is obvious to them, but on the other hand there are the re-election contributions from lobbying prison-organisations that stand to gain from more prisoners.

    --
    "Trump!!", the new Godwin.
  16. Re:You get what you pay for... by IRGlover · · Score: 1

    He was using the accounts of the USERS of the websites, not the OWNERS. Putting in a backdoor would mean that even when the admin passwords are changed, he would still have access to the data. Also, a backdoor likely also gives a level of plausible deniability to deflect suspicion should a 'hack' ever be spotted internally - "it can't have been me. I never had access to the live server. I just gave you the code to deploy yourself".

  17. Re: Hmm by Ol+Olsoc · · Score: 1

    My doctor prescribed me Xanax and I feel great.!..!.!;$:)/);&;@:):63$;@/@/);),6$3@/@dhshxhfkkchehdud

    Whoa, sorry I just blacked out and fell asleep with my head on the keyboard. What was I saying? I can't remember.

    You were saying "Life is damn good!" 8^)

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  18. Re:Useless account creation by Oswald+McWeany · · Score: 1

    I think he's my doppleganger because a lot of women say his name when they meet me.

    --
    "That's the way to do it" - Punch
  19. Re:Maybe they'll let him go by Oswald+McWeany · · Score: 1

    I'm not even sure how one would go about "dressing up" as a woman in prison. It's not like prison uniforms come a wide variety of fashion styles that prisoners get to pick.

    "Oh, like, this orange jumpsuit is so, tacky. I'll try the black and white stripes, it is so slimming and fabulous, like, oh, I can add this red belt as an accessory, that would be like, so rad."

    --
    "That's the way to do it" - Punch
  20. Just like roaches. If by pjv936 · · Score: 1

    you see one there must be hundreds. There has to be other developers who have installed backdoor into the web sites they built. You should have your web site source code checked for a backdoor..

  21. Re:Hmm by Megol · · Score: 1

    The original meaning? Which of them? That some people are hacks?

    Words can have multiple meanings and commonly do. Words also change meaning (or accumulate more meanings). There is no problem accepting people can be hacks, that there are many elegant hardware hacks, that some people are excellent hackers and that some people are hacking into other peoples computers. Not for me anyway, YMMV.

  22. Re:Things that make you go Hmmmmm. by Oswald+McWeany · · Score: 1

    You can probably add Slashdot to that list. They are collecting all our opinions about Trump, AI being real, and the slashvertisement of the day and are going to use that information against us.

    --
    "That's the way to do it" - Punch
  23. Re:So by tattood · · Score: 1

    This proves the importance of using different passwords for every online service you use.

    --
    WTB [sig], PST!!!
  24. Re:Useless account creation by tattood · · Score: 1

    People think I am weird if I don't like to create an account if I can help it and often don't use a service if it forces the issue for some nebulous reason.

    Then stuff like this happens. Again. And even more services force account creation.

    Even if you don't create an account, the company still has your name, email and mailing address, and credit card info if you actually bought anything. That is why I only use virtual credit cards on websites, or PayPal.

    --
    WTB [sig], PST!!!