NASA Hacker Wins Right to Extradition Hearing

E5Rebel writes "Gary McKinnon, the UK-based ex-systems administrator accused of conducting the biggest military hack of all time, has won the right to have his case against extradition to the U.S. heard by the House of Lords."

question....

[lordvalrole]

How do they figure £475,000 worth of damage? I don't know much about the case (or really anything of it) but did he actually do harmful damage to the crap he hacked into...or is it potential damage? I can never trust half the money numbers people throw around these days.

Tit for tat

[Anonymous Coward]

Well, it needs saying so someone better had. Firstly the guy is an unhinged twunt who got high on too much weed and went looking for "UFO evidence".
Ergo, he represents absolutely ZERO threat to the security of any group (unless of course you guys actually DO have those UFOs hidden :)

So basically he's being punished because he embarrased a US institution that should know better about computer security.

Secondly, we here in the UK are in a bit of pickle and wish this would go away. See, some crazy Russian murdered another Russian spy in London with some nasty radioactive poison. Pretty serious right? But if we want him to stand trial and be extradited from Russia then we'd have to give them an equally unpleasant mafia boss who is hiding in London that Putin wants. Stalemate. Both countries are hiding behind the skirt of "We don't extradite people to countries where they would face danger or unfair trial"

Problem: The USA is a country that tortures prisoners and disappears people to secret prisons and we know this because the UN has condemned it as a human rights abuser. We have a serious crediblity problem if this guy goes to the USA.

I see a deal.

Let's say, we give this dangerous hacker to the USA and they promise he'll get a fair trial In return and we'll take George W Bush for the multiple war crimes he's indited with to the International Crimial Court at the Haugue (and promise he will get a fair trial) and let's call it quits huh?

Re:Plea bargain

[_KiTA_]

Hmmm... that's a strange thing to criticize... this is a pretty standard practice in US criminal law - cooperate, forfeit your right to a trial, and you get off easy.

Except, is that legal in the UK?

I mean, yea, yeah, he's being tried in the US. But don't his rights as a UK citizen apply as well?

Don't you mean "Cracker"

[racyrefinedraj]

I read "Nasa Hacker" as a talented programmer employed by NASA. Isn't this place nerdy enough not to fall into calling crackers hackers?

Re:Tit for tat

[Anonymous Coward]

we know this because the UN has condemned [the USA] as a human rights abuser
we'll take George W Bush for the multiple war crimes he's indited with

Please cite your sources.

This guy sounds like a Skr1p7 k1dd13.

[Anonymous Coward]

A "former system administrator"? What, did he run a home email server using Windows 2000 and IIS?

The guy spent some time locating unsecured entry points to high profile sites and is then heralded by the clueless media rabble as some kind of "uberhacker", instead of the fool he really is.

It doesn't take skill to do the kind of thing his type did, just a lack of good sense. He probably thought nobody would ever notice...maybe he even left clues so that he would get noticed...

Re:question....

[ScentCone]

But - if those systems were your responsibility - what would it take you to satisfy the people you report to that there was no damage? How many hours of review, extra archiving, and other admin chores would you face in the wake of known break in? Do you just take the cracker's word for it that he didn't alter anything, or do you have to spend lots of time checking that out, and probably get some third parties involved in auditing that look-see, just to be sure? None of that is free, and most of it's very expensive.

Re:aliens are for real

[omeomi]

You know why people starve in Africa? It's cause they have like 30 children.

I think, generally speaking, when you have a vast impoverished region, it has more to do with horribly corrupt governments, and not so much to do with having "like 30 children". From what I understand, families in highly impoverished areas with high mortality rates do tend to have a lot of children, with the hope that some of them will actually survive, and maybe even prosper, but I would suggest that's more an effect of poverty rather than a cause of it. The reason that average American doesn't have tons of children isn't because we're smarter than the rest of the world, it's because all of our children have a reasonably good chance at survival, and a good chance at a comfortable life. Their chances at success are made better if we only have a few children, so we can afford to pay for their education, but in a region like Darfur, having just 2 children and hoping for the best probably means none of your children will make it to adulthood...

Plea Bargain

[BrookHarty]

I thought it was because the UK doesn't have a Plea bargain agreement system, it would break UK law.
So the US basically said accept our plea or end up in prison for life. I think thats where the human rights issue also comes in.

One of the biggest problems with US law is the plea bargain system, thats why the laws are so horrible, it makes people want to bargain instead of going to court. Its not to punish people, its to keep everyone out of jury trials.

Hell, if everyone went to a trial for everything, could you imagine the crippling effect it would have on the courts? Everyone citizen would have to pull multiple jury trails to keep up with it.

Re:Tit for tat

[Short Circuit]

* He scanned 65,000 machines in about "8 minutes" by "tying together other people's machines" using a 56k dial up connection
        * During a hacking escapade he chatted to an engineer who "saw" him, via WordPad
        * His connection was so slow he wrote a clever program that "turned the colour down to 4bit colour and the screen resolution really, really low, and even then the picture was still juddering". Juddering ?! What kind of display was he using, a slide projector ?
        * He couldn't save any of the pictures he downloaded but despite the "juddering" low resolution "It was a picture of something
that definitely wasn't man-made" and what with the slow connection, when he got cut off "I saw the guy's hand move across."
C'mon, this guy is an utter joke, none of the above is plausible. If any of these claims were anywhere near true then he is a script kiddy at best. Mentally unstable more like.

The first item sounds like a botnet. I've (legally) done the second item, over VNC. The third item sounds plausible if he turns the VNC bit depth way, way down. And, yes, the outcome would behave very much like a slide projector on a dial-up connection.

As for the fourth item, I don't know why he didn't think to take a screenshot of his VNC window; That would have given him something to save. And I don't know what he was referring to by some guy's hand moving.

All in all, it sounds like he used a botnet to find a PC running unprotected VNC, and connected to it with compression turned way up, and color depth turned way down. At some point, some poor guy noticed his computer acting up on his own, and chatted with the cracker by opening up a text editor and taking turns typing. All of this is very plausible.

Poodle

[giorgosts]

Britain is America's poodle. This guy, for all intends and purposes, has to be tried in the UK, by the British system. Does the USA extradite American nationals to the UK? Do they extradite them e.g. to Italy, where several CIA agents have been sentenced (in absentia) for conspiracy?

Birth control....

[Anonymous Coward]

I think, generally speaking, when you have a vast impoverished region, it has more to do with horribly corrupt governments, and not so much to do with having "like 30 children". From what I understand, families in highly impoverished areas with high mortality rates do tend to have a lot of children, with the hope that some of them will actually survive, and maybe even prosper, but I would suggest that's more an effect of poverty rather than a cause of it. The reason that average American doesn't have tons of children isn't because we're smarter than the rest of the world, it's because all of our children have a reasonably good chance at survival, and a good chance at a comfortable life. Their chances at success are made better if we only have a few children, so we can afford to pay for their education, but in a region like Darfur, having just 2 children and hoping for the best probably means none of your children will make it to adulthood...

It also has to do with people's fear of being uncared for in their old age. In a country where you have no pension system or health insurance the best way of guaranteeing that you won't have to starve in your old age is to have lots of kids. Lack of access to birth control also plays a role in how common large families are in the third world. Another penomenon in some communities both in the poorer developing world as well as in some more developed regions is a lopsided male/female ratio caused by gender-selection since girls are often less valued than boys. Girls are often exposed, aborted or their survival rate is simply lower because what expensive health care a family can afford is lavished on the beloved sons. This is becoming an epidemic in some regions in China. From what I have been told by a friend of mine who used to be involved in aid work, the advantages of being able to control how many kids they have is not something that is lost on people in the developing world. If anybody thinks I am trying to put down poor people and people in developing countries, all of the things I have described so far used to be features of communities in W-Europe and N-America until quite recently and that includes my own country. Here in the west we take things like birth control pills and condoms for granted but in the developing world birth control is often out of people's reach financially or it's not available due to the inadequate state of their country's infrastructure and healthcare system which as you pointed out is often the result of corruption and colossal inefficiency brought about by cronyism and mismanagement. Paradoxically in some cultures (both in developed and developing countries) what some people want isn't just plain old birth control as we know it today, it's gender selective birth control. If that technology ever becomes easily available (and I'm sure an elite group of biotech companies is hard at work ensuring it will be) it will further exacerbate the problem of lopsided male/female ratios.

Re:question....

[Sobrique]

Ahh, but if you're J Random Sysadmin, then you'll find it _far_ easier to blame the hacker, than it would be to get someone to listen to your professional opinion that you security 'needs work'.

And less prone to actually losing your budget. I have direct experience of a previous employer, where we were requesting a network kit upgrade for 5 years, and each year, it got dropped from the budget, because 'well, it seems OK'. We spent that long rebooting switches, and almost daily 'firefighting' to keep the rising tide away from our sandcastle.

And then one day, it all fell over, in a critical fashion. The usual recriminations vanished very quickly when we pulled out the 5 years of budget paperwork.

So, lets just imagine, that the SA there _knows_ security needs work. But as with all such things, it takes time and a serious effort to get a 'proper' secure system setup. I mean, you can't just turn off telnet on a few servers, and hope that's ok :).

And they get hacked. And it goes public. As said sysadmin, wouldn't you then take the opportuntity to implement that idea you've had for ages, to tighten up security, and make everything a little bit better, only this time you have managers practically forcing you to do what you wanted to do all along. Better yet, you can spend loads of moolah with impuginty, and pull it out of the 'emergency response' budget, and proceed to wave the 'ooh hacker' flag when anyone questions you over it.

Re:Plea bargain

[TapeCutter]

I belive you have misread the GP, I think you missed the "what's good for the goose is good for the gander" parabole[sic?]. From an Aussie/UK point of view US prosecuters seem more interested in plea bargains than they say, a sound case against the person who is on trial. I understand deals are made to save money and court time in all three countries but that should not be the first concern of the DPP. Once "justice" has been seen to be done then the DPP can start haggling about the price tag.

It should be difficult to put a citizen in jail and impossible to seek state sponsored revenge through executions, but to an outsider (like me) it sometimes appears to be a dutch auction where they start at "life or death" and work down until the guy in the orange suit cracks. Not trying to be offensive here but do prosecuters in the US get a "job rating" based on some measure of "success"?