backtop


Print 42 comment(s) - last by James6.. on Apr 6 at 12:16 PM

Gary McKinnon will likely be sent to the United States to stand trial for various computer crimes

A British hacker accused of breaking into secured government computers and causing more than $700,000 in computer damages lost an extradition appeal in the U.K.  Last May, McKinnon was indicted in northern Virginia and New Jersey, at the same time a British judge decided that the hacker should be extradited to face charges.  This time, two leading British judges rejected the challenge -- McKinnon now wants his case to be heard in the House of Lords, England's highest appeals court.   

McKinnon compromised around 100 computer systems, some of which were operated by the Pentagon and NASA.  The alleged intrusions took place from February 2001 to March 2002, leading to McKinnon's arrest in 2002.  He was caught because some of the software he used in the attacks was later traced back to an e-mail address his girlfriend used.

McKinnon admitted that he made the intrusions, along with saying the damage was unintentional and he was looking for evidence of UFOs. The U.S. government has spent a considerable amount of time reassuring U.K. prosecutors that McKinnon would be given a fair trial once in U.S. jurisdiction.  

If convicted, the man who carried out "the biggest military hack of all time" could face up to 70 years in prison along with fines up to $1.7 million.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Playing Devil's Advocate
By Lord 666 on 4/4/2007 6:00:40 PM , Rating: 5
How does the time fit the crime? While $700,000 of loss is considerable, it is on a much smaller scale than 70 years in prison. Killers and rapists are served much less time than that.

More than likely he will be hired into a government agency.

Around that era, there was a much larger and dangerous vulnerability with SNMP that was never fully exploited.




RE: Playing Devil's Advocate
By codeThug on 4/4/2007 6:04:30 PM , Rating: 3
he'll never do 70, but 2-3 years would be a good deterrent. After that he and Mitnick can have all the margarita's they want while working for Citi-Bank


RE: Playing Devil's Advocate
By Christopher1 on 4/6/2007 6:47:03 AM , Rating: 2
In my opinion, even 2-3 years is too much for this. Really, if he could hack into a military system, the military should be THANKING him for pointing out holes in their security, but then again, the military NEVER likes people to point out their shortcomings at all!

We need to be ENCOURAGING people to try to hack into systems that are made to DOD specs that are NOT actually DOD computers, or not connected to the DOD computers that have secret information on them.

That way, the military will have the best of the best hackers trying to get into the system, and when someone does it, they can get the information on how they did it from them and pay them!


RE: Playing Devil's Advocate
By Puddleglum1 on 4/4/2007 6:54:14 PM , Rating: 2
It's more than just $700,000 worth of damage.
quote:
If convicted, the man who carried out "the biggest military hack of all time" could face up to 70 years in prison along with fines up to $1.7 million.
Also, it's "face up to" that many years. Rapists and murderers face quite a few years as well, although the sentences usually are much less.

I agree with your point, though. Lengthening the sentence simply to prove a point is pretty unfair justice.


RE: Playing Devil's Advocate
By Puddleglum1 on 4/4/2007 6:56:00 PM , Rating: 2
Err, I meant "it's more than just the $700,000" that affords such a great punishment.


RE: Playing Devil's Advocate
By Reflex on 4/4/2007 8:41:49 PM , Rating: 4
"More than likely he will be hired into a government agency."

This is a very popular myth, but its very very rarely true. The problem here is that no agency can trust such an individual since they have already proven they are willing to break laws. How do you ever give a person like that the keys to a secure network without putting that same network at risk? Having worked for security companies before I can say with certainty that 'black hats' are basically never hired by any security company that is reputable, and governments typically would rather just imprison them than hire them.

Its not like there is a shortage of security experts who choose not to abuse thier skills.


RE: Playing Devil's Advocate
By lumbergeek on 4/4/2007 10:38:35 PM , Rating: 1
Plenty of opportunity to work at a Government Agency - the White House, The CIA, the NSA...

... The willingness to break laws is a must for some government agencies.


RE: Playing Devil's Advocate
By Reflex on 4/4/2007 10:59:00 PM , Rating: 2
1) Your not breaking the law when your doing security work for the NSA. You have executive authority to do what you are doing.

2) You are the least likely to get into those agencies with any sort of criminal record(even if you were never caught or convicted). Whats more important than supposed skill is the ability of the agent themselves to be trusted by the agency. Black Hats are not trustworthy ever.

Black Hats do not know any 'secret techniques' that other security researchers are unaware of, they simply do not have the morals that White Hats and legitimate researchers have to disclose thier findings without exploiting them. Since there is a fairly large pool of legitimate security researchers and practictioners, there is really no reason to hire criminals. Why hire potential security risks when there are plenty of non-security risks who will do the same job?


RE: Playing Devil's Advocate
By edge929 on 4/5/2007 11:46:15 AM , Rating: 2
Because talents like this guy has are VERY few and far between. For the past 9 years I've worked as a computer programmer (like many others on here) and I've been working with/around/on computers since I could comprehend language but I'm no where near the knowledge level of hacking NASA or much less any reputable company for that matter. Sure, if I devoted my life to it, I'd pick some of it up pretty fast but I don't have the time nor the desire to learn those techniques.

There are good programmers and then there are OMGWTF!!11 this-is-ingenious, programmers.


RE: Playing Devil's Advocate
By Reflex on 4/5/2007 2:03:27 PM , Rating: 2
This guy did nothing special. Like most so-called 'hackers' he simply exploited known problems in commercial operating systems. NASA is not inherantly more secure than any Fortune 500 corporation, they use the same OS's with the same security programs. Like every other network connected system, the security is only as good as the administrator.

I guarantee you that ANY reputable security outfit could have exposed the same flaws he did. The holes are typically already documented, the real flaw is that such agencies have so many internet facing machines, as a result some are bound to have an unpatched flaw.


RE: Playing Devil's Advocate
By rnnh on 4/5/2007 12:59:30 PM , Rating: 2
quote:
1) Your not breaking the law when your doing security work for the NSA. You have executive authority to do what you are doing.


Why bother having laws at all then?


RE: Playing Devil's Advocate
By Reflex on 4/5/2007 1:57:29 PM , Rating: 2
Good point, and one the President has to answer considering how executive authority has been abused. But thats not really relevant to whether or not an authorized NSA agent is breaking the law, if the President and his deputies tell him to do something, breaking the law would be refusing. If Congress dosen't like it, they will change the policy that allowed whatever it was and the president will have to abide by it. But the NSA employees themselves are NOT breaking the law even when they seem to be ignoring it.


RE: Playing Devil's Advocate
By BladeVenom on 4/4/2007 8:59:45 PM , Rating: 2
It's not even as bad as Sony's rootkit. How many military and government computers were affected by that, and how many people from Sony went to prison?


By theapparition on 4/5/2007 8:18:23 AM , Rating: 2
While I do believe that 70 years is excessive for a non-violent crime (and I'm not going to speculate on what I think is a good time), it is worth noting that his time would most likely be served at a federal minimum security prison, aka "Camp Cupcake".
If maximum penalties were 1-3years, how many more individuals would be willing to take the risk. The whole point of long potential sentences is that judges can make a determination to the accused's remorse, past history, and potential future wrongdoings. By far, not a perfect system, but it has evolved this way for 220 years.


"The Space Elevator will be built about 50 years after everyone stops laughing" -- Sir Arthur C. Clarke

Related Articles
UK Hacker to be Extradited to US
July 11, 2006, 8:04 AM













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki