Is this the guy who repeatedly spoofed MAC addresses as his machine got blocked so he could get back in? Is this the guy who actually connected a network device to the MIT network by sneaking into a wiring closet (covering his face from the security cameras the whole time) so he could spool off data? Was this the guy who had agreed to abide by the TOS on use of JSTOR? Was this the guy who decided that he was above the system and the rules didn't apply to him 'cause he was so special that he would never get caught. We won't ever know what punishment would have been meted out so all that speculation is idle talk. Hacking is serious, breaking into networks is serious. The old days of fun hacking for status and prestige are gone. If you get caught the legal machine starts to move and it grinds exceeding fine.
If you work for an organization that has it's act together a wipe is a waste of time. All your stuff is on the company backup especially the all important user data. There was probably some sort of terms of usage document you were shown or training you took that warned you about keeping personal stuff on your seat. If it's a big company that is staying on top of compliance stuff then the backup is in more than one place. Just go quietly and don't make a fuss that might make someone want to look at your stuff. Credit Card numbers and such are not really that much more at risk than they are at the vendors you gave them to electronically. Passwords can be changed. If you have been stupid enough to be visiting sites that were forbidden by your company or just plain common sense then...well... myself and every other professional sysadmin out here wishes you a hearty FOAD.
Except it won't. One of the things they want to do is remove Government regulation from the Carriers and let them set terms and usage based on the "free market". In my area (SE Va) you can get Verizon or Cox cable. There is no competition and lacking any regulation we would be pretty much screwed. The concept of "Net Neutrality" where you can get what you want from whom you want would be out the door and gone. Because there is virtually no viable alternative you would be helpless in the face of your Carrier. But I'm sure they would do the right thing, that's how the "invisible hand' works isn't it?
At my Agency we use DBAN if we are going to re-use the drive. Otherwise if the drive is failed and has data on it or if it is just no longer serviceable (ye olde SCSI anyone) it goes into a burn box and IT Security takes it to a secure incineration facility. Encrypting the data and then losing the keys does not destroy the data. It just makes it unavailable to you at this moment. Next year that impossible to crack encryption might not be so far out of reach. If the contract is written that the drives get destroyed then replacing them is the cost of doing business. It is admirable to try and save money but I would rather be sure... This is the classic case of "don't leave them for dead, leave them dead".
I have over a decade with a government agency. During that time I have increased in skill and capability. I do all the things I did when I started as well as all the new stuff. The only thing that changes is who owns me when the contract gets rebid. Every few years I get a new pimp. Because I am valuable to my org I will get picked up on the new contract. In effect I am a permanent government employee. The Government however is losing it's ass paying for me. Currently my pimp charges around $140k/year to the government for my services. A GS15 civil servant tops out at about $129k/year, most of the ones around me are masters or PhD level folks. The Contractor who owns me is making upwards of $50k just to funnel my salary from the government to me. At the same time they never miss an opportunity to cut benefits. (Yes I know they have to cover some extra costs like employer social security and such but I pay for my own health plan.) I'm a profit center for them and help pay the overhead for my immediate supervisor, his boss and the local project manager. There's a lot of fat here the Government could trim but that's hard to do in our heavily Corporatized system. This is just an FYI (so leave my karma alone!).
Calling a sub-orbital jaunt a "trip into space" is like calling wading in the Pacific "deep sea diving". Rocket science is difficult and expensive. Only an few private firms can actually get a payload into orbit and if you give a quick google you can get video of quite a few of these guys blowing up on the pad, or failing to get orbit and other mission failing scenarios. So before you pile on NASA make note that it is still the pre-eminent spaceflight operation in the world. No other organization has done what NASA has done. None have even come close. (Full disclosure: I am an SA at NASA).
As Microsoft moves further into the entertainment business the actual computational side will either spin off or die off. Frankly I don't give a damn if the hollywood guys and the music guys all go broke. We have somehow bought into this idea that what they "create" entitles them to obscene profit and privilege. The resources law enforcement wastes making sure these parasites can afford more hookers and crack is a travesty. Now you can expect to have your mission critical and production machines lose their minds when some content protection system kicks in. Sorry about the rant.
Well if I could find the F*cktard in question a quick foot to the groin might be forthcoming, but they have long since departed the site. As far as "trepass" goes, a child might open the closed door of a neighbor's house and go in, an adult would not (let alone go down the lane trying every door they could). The presence of even a default password indicates that you are not supposed to go in. The door was not "open" (but it surely could have used a better lock...). Imagine how your beloved would feel if she came home and discovered someone had been inside going through her knickers.
LOL, The victim (machine) stopped the bullet (code) that flew through the air (public network) sent by the gun (machine) that was discharged because someone pulled the trigger (BOFH!). Is it the fault of the victim that they were hit? Isn't this like blaming the guy the American Vice President shot for getting in the way. (Guns don't kill people! People with guns kill people!) Anyway, sorry for the silliness. The point is this bozo caused criminal injury (lost time and money) because of his actions; he is a criminal.
I have no problem with him being tried in Britain (I'm originally from Suffolk myself) but your argument that because he was in Britain while he was breaking these laws is somewhat specious. Although his physical body was in the UK his "presence" if you will, was in the machines he was accessing Stateside. That is the nature of networks; you can directly impinge things miles away from you. If I hacked an Iranian bank and stole money then I would expect to be prosecuted under their laws and rightly so (like smuggling drugs in Malaysia, bad idea!). Just because I don't like the consequences doesn't mean I should be treated specially. I would imagine that the majority of crimes are committed by people who know that they are indeed breaking the law and in the case of cracking systems that number probably approaches 100%. My team and I lost time and money because this idiot
didn't have the moral character to resist the temptation to break the law.
Cheers!
McKinnon did not accidently wander into those systems, he did it intentionally knowing he was breaking the laws in both the UK and the USA. I took over as SA on a machine he had previously compromised. When it was determined that it had been "hacked" (yeah it takes mad skillz to exploit the old default MS SQL password) I had to report it and deal with the ensuing fun. After the forensic analysis (which was very fruitful) the box had to be reinstalled from scratch:NT,SQL and a particularly ugly document management application. Now those of you reading this who are actual professional system administrators know that we probably had other things to do. So if Gary is worried about spending time in a Virginia prison, tough. Thats where we keep criminals.
(Sorry, didn't mean to rant).
Think of the mayhem one could wreak upon a target system or network with the resources the AF could bring to bear! Not only that but it provides a chance for all those fat lazy hackers to get in shape and actually earn a living (basic training ya know...)
Linux Distros have become like the English language. The Queen's English, Amercian Southern, Yankee Vernacular and some of the American minority patois are all technically "English". The "standards" often vary slighty from place to place. An Englishman won't mind if you come by and "knock-up" his sister, a Southerner will shoot you. SGI and Sun are both UNIX systems but good luck on just picking up your code and going back and forth. The Mac and Windows boxes for the most part will work with applications written for their respective Operating Systems (don't get me started about linux drivers:) When my developers write for these platforms they spend their time on the functionality of the application for the user, not getting it tweaked to run on Mandrake (oops, won't run on Mandrake but works great on Debian). We would love to have a common Linux because we spend money on other OSes. This is not a flame or a religious position but rather an economic one. Hey, where can I get that Teletubbies theme!
WTF. We have 3 distros here at my site with each user picking the desktop du-jour. When software won't run on one flavor they try it on another flavor. Everyone is willing to standardize as long as its their flavor. The Linux community needs to have one base distro (hmmm, whatever became of that anyway...)I don't have time to deal with them all. Until that happens use a Mac or use Windows.//insert grinding teeth here
Hmmm, doesn't SGI have an office just down the road from NASA Ames. Between the $160 million price tag and the cost for yearly maintenance it looks like SGI can make payroll for a few more months! Sure does look cool though...
We have a couple of hundred Macs and I can see a lot of them coming up and going down just by turning on my Rendezvous enabled iChat. They have to broadcast when they make any changes. Add a couple of hundred happy Windows users into this (running god only knows what kind of Rendezvous enabled apps) and we have even more wasted bandwith. I am an old school "save the bandwith for real work" person. Your comment about wireless was something I hadn't thought about, all our APs are indeed 11b.//sigh
Lovely, yet another protocol that will be chatting across my network. You all remember WINS. Survey says this seems to be another noisy
shouting match to allow my users to share crap instead of working. Which port do I block?
Ack!!!!!
Slashdot Mirror
OMG not the hops too! Think of the children!
Is this the guy who repeatedly spoofed MAC addresses as his machine got blocked so he could get back in? Is this the guy who actually connected a network device to the MIT network by sneaking into a wiring closet (covering his face from the security cameras the whole time) so he could spool off data? Was this the guy who had agreed to abide by the TOS on use of JSTOR? Was this the guy who decided that he was above the system and the rules didn't apply to him 'cause he was so special that he would never get caught. We won't ever know what punishment would have been meted out so all that speculation is idle talk. Hacking is serious, breaking into networks is serious. The old days of fun hacking for status and prestige are gone. If you get caught the legal machine starts to move and it grinds exceeding fine.
Oh yeah this means fusion power is just around the corner (again). Bitch has more corners than a broken Rubick's cube...
If you work for an organization that has it's act together a wipe is a waste of time. All your stuff is on the company backup especially the all important user data. There was probably some sort of terms of usage document you were shown or training you took that warned you about keeping personal stuff on your seat. If it's a big company that is staying on top of compliance stuff then the backup is in more than one place. Just go quietly and don't make a fuss that might make someone want to look at your stuff. Credit Card numbers and such are not really that much more at risk than they are at the vendors you gave them to electronically. Passwords can be changed. If you have been stupid enough to be visiting sites that were forbidden by your company or just plain common sense then...well... myself and every other professional sysadmin out here wishes you a hearty FOAD.
Except it won't. One of the things they want to do is remove Government regulation from the Carriers and let them set terms and usage based on the "free market". In my area (SE Va) you can get Verizon or Cox cable. There is no competition and lacking any regulation we would be pretty much screwed. The concept of "Net Neutrality" where you can get what you want from whom you want would be out the door and gone. Because there is virtually no viable alternative you would be helpless in the face of your Carrier. But I'm sure they would do the right thing, that's how the "invisible hand' works isn't it?
At my Agency we use DBAN if we are going to re-use the drive. Otherwise if the drive is failed and has data on it or if it is just no longer serviceable (ye olde SCSI anyone) it goes into a burn box and IT Security takes it to a secure incineration facility. Encrypting the data and then losing the keys does not destroy the data. It just makes it unavailable to you at this moment. Next year that impossible to crack encryption might not be so far out of reach. If the contract is written that the drives get destroyed then replacing them is the cost of doing business. It is admirable to try and save money but I would rather be sure... This is the classic case of "don't leave them for dead, leave them dead".
I have over a decade with a government agency. During that time I have increased in skill and capability. I do all the things I did when I started as well as all the new stuff. The only thing that changes is who owns me when the contract gets rebid. Every few years I get a new pimp. Because I am valuable to my org I will get picked up on the new contract. In effect I am a permanent government employee. The Government however is losing it's ass paying for me. Currently my pimp charges around $140k/year to the government for my services. A GS15 civil servant tops out at about $129k/year, most of the ones around me are masters or PhD level folks. The Contractor who owns me is making upwards of $50k just to funnel my salary from the government to me. At the same time they never miss an opportunity to cut benefits. (Yes I know they have to cover some extra costs like employer social security and such but I pay for my own health plan.) I'm a profit center for them and help pay the overhead for my immediate supervisor, his boss and the local project manager. There's a lot of fat here the Government could trim but that's hard to do in our heavily Corporatized system. This is just an FYI (so leave my karma alone!).
I'm gonna start using diseases. Nothing like connecting to "Syphilis" to get ftp. And nobody is going to try and crack into a server named "Herpes".
Calling a sub-orbital jaunt a "trip into space" is like calling wading in the Pacific "deep sea diving". Rocket science is difficult and expensive. Only an few private firms can actually get a payload into orbit and if you give a quick google you can get video of quite a few of these guys blowing up on the pad, or failing to get orbit and other mission failing scenarios. So before you pile on NASA make note that it is still the pre-eminent spaceflight operation in the world. No other organization has done what NASA has done. None have even come close. (Full disclosure: I am an SA at NASA).
As Microsoft moves further into the entertainment business the actual computational side will either spin off or die off. Frankly I don't give a damn if the hollywood guys and the music guys all go broke. We have somehow bought into this idea that what they "create" entitles them to obscene profit and privilege. The resources law enforcement wastes making sure these parasites can afford more hookers and crack is a travesty. Now you can expect to have your mission critical and production machines lose their minds when some content protection system kicks in.
Sorry about the rant.
Well if I could find the F*cktard in question a quick foot to the groin might be forthcoming, but they have long since departed the site. As far as "trepass" goes, a child might open the closed door of a neighbor's house and go in, an adult would not (let alone go down the lane trying every door they could). The presence of even a default password indicates that you are not supposed to go in. The door was not "open" (but it surely could have used a better lock...). Imagine how your beloved would feel if she came home and discovered someone had been inside going through her knickers.
LOL, The victim (machine) stopped the bullet (code) that flew through the air (public network) sent by the gun (machine) that was discharged because someone pulled the trigger (BOFH!). Is it the fault of the victim that they were hit? Isn't this like blaming the guy the American Vice President shot for getting in the way. (Guns don't kill people! People with guns kill people!) Anyway, sorry for the silliness. The point is this bozo caused criminal injury (lost time and money) because of his actions; he is a criminal.
I have no problem with him being tried in Britain (I'm originally from Suffolk myself) but your argument that because he was in Britain while he was breaking these laws is somewhat specious. Although his physical body was in the UK his "presence" if you will, was in the machines he was accessing Stateside. That is the nature of networks; you can directly impinge things miles away from you. If I hacked an Iranian bank and stole money then I would expect to be prosecuted under their laws and rightly so (like smuggling drugs in Malaysia, bad idea!). Just because I don't like the consequences doesn't mean I should be treated specially. I would imagine that the majority of crimes are committed by people who know that they are indeed breaking the law and in the case of cracking systems that number probably approaches 100%. My team and I lost time and money because this idiot didn't have the moral character to resist the temptation to break the law. Cheers!
McKinnon did not accidently wander into those systems, he did it intentionally knowing he was breaking the laws in both the UK and the USA. I took over as SA on a machine he had previously compromised. When it was determined that it had been "hacked" (yeah it takes mad skillz to exploit the old default MS SQL password) I had to report it and deal with the ensuing fun. After the forensic analysis (which was very fruitful) the box had to be reinstalled from scratch:NT,SQL and a particularly ugly document management application. Now those of you reading this who are actual professional system administrators know that we probably had other things to do. So if Gary is worried about spending time in a Virginia prison, tough. Thats where we keep criminals. (Sorry, didn't mean to rant).
Think of the mayhem one could wreak upon a target system or network with the resources the AF could bring to bear! Not only that but it provides a chance for all those fat lazy hackers to get in shape and actually earn a living (basic training ya know...)
Linux Distros have become like the English language. The Queen's English, Amercian Southern, Yankee Vernacular and some of the American minority patois are all technically "English". The "standards" often vary slighty from place to place. An Englishman won't mind if you come by and "knock-up" his sister, a Southerner will shoot you. SGI and Sun are both UNIX systems but good luck on just picking up your code and going back and forth. The Mac and Windows boxes for the most part will work with applications written for their respective Operating Systems (don't get me started about linux drivers :) When my developers write for these platforms they spend their time on the functionality of the application for the user, not getting it tweaked to run on Mandrake (oops, won't run on Mandrake but works great on Debian). We would love to have a common Linux because we spend money on other OSes. This is not a flame or a religious position but rather an economic one. Hey, where can I get that Teletubbies theme!
WTF. We have 3 distros here at my site with each user picking the desktop du-jour. When software won't run on one flavor they try it on another flavor. Everyone is willing to standardize as long as its their flavor. The Linux community needs to have one base distro (hmmm, whatever became of that anyway...)I don't have time to deal with them all. Until that happens use a Mac or use Windows. //insert grinding teeth here
Spaceship One is cool yes, but it can't get to Orbit. Before you call the cost differences "embarassing' be sure to compare apples to apples...
Hmmm, doesn't SGI have an office just down the road from NASA Ames. Between the $160 million price tag and the cost for yearly maintenance it looks like SGI can make payroll for a few more months! Sure does look cool though...
enviromental preasure = evolution, no preasure and you end up in a static situation, ergo Mac users have peaked evolutionarily speaking, Ack!
Its the one button mouse. Very hard to master for your average Mac user. Ack!
We have a couple of hundred Macs and I can see a lot of them coming up and going down just by turning on my Rendezvous enabled iChat. They have to broadcast when they make any changes. Add a couple of hundred happy Windows users into this (running god only knows what kind of Rendezvous enabled apps) and we have even more wasted bandwith. I am an old school "save the bandwith for real work" person. Your comment about wireless was something I hadn't thought about, all our APs are indeed 11b. //sigh
Lovely, yet another protocol that will be chatting across my network. You all remember WINS. Survey says this seems to be another noisy shouting match to allow my users to share crap instead of working. Which port do I block? Ack!!!!!