World's Biggest Hacker Held 631
Hieronymus Howard writes "The London Evening Standard is reporting that the "worlds biggest computer hacker" has been arrested in London.
Gary McKinnon, 39, was seized by the Met's extradition unit at his Wood Green home.
The unemployed former computer engineer is accused of causing the U.S. government $1 billion of damage by breaking into its most secure computers at the Pentagon and NASA. He is likely to be extradited to America to face eight counts of computer crime in 14 states and could be jailed for 70 years. Apparently he broke into U.S. military computers to hunt for evidence of a UFO cover-up."
Smart? Yes. A Nut? Perhaps. How about both? (Score:5, Interesting)
It sounds like an excuse to me.
So is the guy really nutty or is this just an attempt to justify his illegal activities?
Then again, perhaps he was on to something?
UFO cover-up (Score:2, Interesting)
World's Biggest Hacker? (Score:5, Interesting)
Re:what? (Score:3, Interesting)
they'd do better hiring this guy to teach their sysadmins a thing or two.
They hire overpaid techs that do shoddy work. They have to come up with these figures in order to make sure the public doesn't mind them wasting taxpayer dollars to track him down all over the world.
One beeelllliiioonn dollars? (Score:5, Interesting)
Where do they get that from? If that's really the case, it would only take about 6,000 people to cause enough damage to double the national debt!
The article doesn't mention anything anywhere about pure damages, for starters. It mentions the costs associated with tracking and capturing the guy, and costs correcting some of the problems - combined. Those costs are listed as 570,000 pounds. At the exchange rate I just looked up (1.83 dollars to a pound), that's still only 1,054,500 dollars, which is more like a meeelllion dollars. Even if they tack on the 950,000 pound in fines, that's still not even three million.
That's a far cry from a billion... and about two million less than the damages Kevin Mitnick was supposed to have caused.
Frankly, they should have just let this guy find some "evidence" of UFOs. Then he might have spent his time trying to convince people of it instead of looking for more!
Will they plea?? (Score:2, Interesting)
Free On Bail (BBC) (Score:4, Interesting)
http://news.bbc.co.uk/2/hi/uk_news/4071708.stm [bbc.co.uk]
He didn't commit a crime in the US (Score:5, Interesting)
The judge should rule that he can't be extradited to the US until he has been tried in the UK and then only if the US has charges that don't fit into double jeopardy.
Re:what? (Score:4, Interesting)
Re:what? (Score:3, Interesting)
Part of the "lock down" may even include completely replaing large systems not only so you can start clean, but also so the compromised systems can be assessed, studied and used for evidence.
Then you have to figure out what other areas may have been exposed by these breakins and do some heavy duty damage control there as well.
Then there's the cost of teams of investigators and their expenses. We're talking an international, multi-year investigation.
All those expenses can really start to add up. Doing an investigation "the right way" can really cost a lot.
It MOST CERTAINLY is not! (Score:1, Interesting)
Re:"Damage" (Score:3, Interesting)
Re:what? (Score:4, Interesting)
Re:Odd facts in this case (Score:5, Interesting)
The evidence so far is that the guy IS a skript-kiddie, and probably not a very good one at that. If, after countless reviews and endless debate, many Federal agencies are still scoring D or worse on their own evaluations, I cannot find any reason to have any confidence in their ability to secure their systems.
Perhaps, instead of wasting time chasing UFO spotters, they should be putting more time and effort into getting their own house in order. Windows machines are rated for standalone security, not network security, and Windows is only C-class even then. That may be fine for a desktop hosting seriously unimportant files, but I would not regard that as nearly good enough for servers or desktops likely to have files of significance.
For the sorts of establishments we're talking here, I would say that a minimum of B3 on internal security and something comparable for network security should be the minimum for anything beyond the kiosks they've been pushing people onto.
Re:what? (Score:2, Interesting)
British burglars burgle.
American burglars burglarize.
Re:what? (Score:2, Interesting)
burglarize
verb
(US)
burglarized, burglarizing
1. To burgle.
Etymology: 19c.
Wellcome to cynicsville, population: Me. (Score:3, Interesting)
What does that tell us? We care more about our files than our children. While I don't think that breaking into a computer system just to prove you can is a smart idea (not saying that was the case in this situation, but rather in general), but I would consider a child molestation as a much more heinous crime, that should always warrant a longer sentence.
Laws aren't there to protect you, they are there to protect the rich.
Some poor looser raping other poor looser's kids is bad for their work productivity, so it is illegal, but acts that could cause the rich to loose riches are much more illegal, because these things really matter to those who make the laws.
Re:Smart? Yes. A Nut? Perhaps. How about both? (Score:3, Interesting)
And on a related note, what accounts for the $1billion damages? I'd wager a large part of that is plugging security holes that should not have been there in the first place. Although it's stated in the article that fixing the problem and tracking him down cost £570,000 pounds.
In fact, reading the article, I can find no reference to $1 billion. It's estimated that he may be fined £900,000 (that figure makes so much sense), but if that equates to $1 billion at the current exchange rate then I think I better get over there and buy a town. Editors not reading the story?
The UK should *not* extradite anyone to the US... (Score:3, Interesting)
Re:what? (Score:2, Interesting)
Been there, done that. I scanned my formal school network, but i also found a securty hole in a form of syspref.inf with a working password, it was in the computer class room on the C:\ drive, in clear text. I did test the password to see if it was working. Took a peek at the schools servers, but i didn't damage anything.
Then the case got to the cops, they did use port scanning logs to proofe that i was trying to damage the school network by portscanning the lan. But offcose that was plain BS.
Also, the state lawyer didn't have any evidense to proof anything on me. And the School second-headmaster did confirm my word where i had refused to damage the schools servers.
The case went to trial, i am now waiting the outcome. I hope that i win.
(Now i will get flamed to hell and modded up)
Re:A Darwin Award nomination, say I! (Score:2, Interesting)