Slashdot Mirror
Canadian Hacker Sentenced To 5 Years For Yahoo Security Breach (seattletimes.com)
The computer hacker who worked with Russian spies was sentenced to five years in prison Tuesday for his role in a massive security breach at Yahoo. "U.S. Judge Vince Chhabria also fined Karim Baratov $250,000 during a sentencing hearing in San Francisco," The Associated Press reports. From the report: Baratov, 23, pleaded guilty in November to nine felony hacking charges. He acknowledged in his plea agreement that he began hacking as a teen seven years ago and charged customers $100 per hack to access web-based emails. Prosecutors allege he was "an international hacker for hire" who indiscriminately hacked for clients he did not know or vet, including dozens of jobs paid for by Russia's Federal Security Service. Baratov, who was born in Kazakhstan but lived in Toronto, Canada, where he was arrested last year, charged customers to obtain another person's webmail passwords by tricking them to enter their credentials into a fake password reset page. Prosecutors said Russian security service hired Baratov to target dozens of email accounts using information obtained from the Yahoo hack.
"Deterrence is particularly important in a case like this," the judge said during the hearing. He rejected prosecutors call for a prison sentence of nearly 10 years, noting Baratov's age and clean criminal record prior to his arrest. Baratov has been in custody since his arrest last year. He told the judge Tuesday that his time behind bars has been "a very humbling and eye-opening experience." He apologized to those he hacked and promised "to be a better man" and obey the law upon his release. The judge said it is likely Baratov will be deported once he is released from prison.
"Deterrence is particularly important in a case like this," the judge said during the hearing. He rejected prosecutors call for a prison sentence of nearly 10 years, noting Baratov's age and clean criminal record prior to his arrest. Baratov has been in custody since his arrest last year. He told the judge Tuesday that his time behind bars has been "a very humbling and eye-opening experience." He apologized to those he hacked and promised "to be a better man" and obey the law upon his release. The judge said it is likely Baratov will be deported once he is released from prison.
"...tricking them to enter their credentials into a fake password reset page."
Where's the "hacking" part? This isn't hacking, this is just a douchebag tricking idiots.
It didn't seem to work this time, but maybe next time!
So instead of prohibiting him from accessing any Internet-connected computer, we'll send him back to Kazakhstan where we can't keep a close eye on him. Brilliant!
As if having an illegal alien maid pick-up classified FAXes in a SCIF room even compares to anything Trump has done.
I have several friends career in the military that are still pissed-off about that. They all had someone they know that got nailed for less and lost their career. Just sucked that she let a person without a security clearance in her SCIF room, and she wasn't punished for that crime.
> lost their career.
Correct. If I remember correctly, the term SCIF came about in 1994, but before that I had a friend from high school that was in the Air Force for just over twenty years that in the early 1980s took a floppy out of secure room that got court marshaled with no retirement. I think the precursor to SCIF was JAFAN 6/9. We all knew the rules, and no one without clearance, not even a janitor, was allowed in. Just sad Hillary allowed not only a maid in the room, but allowed the maid to deliver classified FAXes.
I think everyone in the military knows someone that was punished severely for violations wrt classified materials. That is why we're so pissed off at Hillary for letting an uncleared maid into her SCIF room.
the term SCIF came about in 1994
I retired from the military in 1992, and I never heard the term SCIF until the accusations of Hillary Clinton allowing a maid without clearance into a SCIF room. I found this explanation of it that explains what it is:
https://en.wikipedia.org/wiki/Sensitive_Compartmented_Information_Facility
It says that Hillary Clinton had one in her home in DC. Was that the one that she allowed an uncleared maid to enter?
He was lucky he only lost his retirement. I think everyone that's been in the military knows someone that was put in a military prison for violating classified information protocols or got an Article 15 dishonorable discharge which is a felony. Two guys I went through basic with got that, and they can now no longer own guns or vote. I can see why they'd be angry that nothing happened to Hillary for doing worse.
> an illegal alien maid pick-up classified FAXes in a SCIF room
The illegal part hasn't been proved. Yes, her maid had access to FAXes and to Hillary's email:
https://nypost.com/2016/11/06/clinton-directed-her-maid-to-print-out-classified-materials/
And even worse asked senders to forward messages to her maid's personal email, but I don't think it was ever proven that her Filipino maid was here illegally. Also, it's strange that the FBI never asked for access to the maid's iMac.
This thing called the internet can't be secured in traditional sense because *YOU* don't control the world and there are places where hackers will not be tried. The only way to secure the internet is for individuals to take appropriate actions. One who gets online and thinks the government can or should protect them deserve neither freedom nor protection. And we won't even go into how the federal US courts have repeatedly stated the government has no obligation to protect you anyway. Rather the government has been deceiving us and is no better than a gang which uses violence against those who refuse to 'pay up'. Both have no issue with resorting to conversion, theft, and ultimately kidnapping and violence.
Does anyone else think that sentences for hacking should be scaled to reflect the actual degree of difficulty?
Yahoo should probably be "Time served in court waiting to be sentenced".