Forgot your password?
typodupeerror
Sony Security

Another LulzSec Member Arrested 211

Posted by Unknown Lamer
from the no-one-went-to-prison-in-wargames dept.
hypnosec writes "Raynaldo Rivera, aged 20, suspected member of LulzSec, has been arrested for his alleged role in the breach of Sony Pictures Entertainment last year. The first suspect, Cody Kretsinger, has already pleaded guilty and was indicted last September according to the FBI. Rivera, who also goes by names 'neuron,' 'royal,' and 'wildicv', surrendered to authorities and he has been charged with conspiracy and unauthorized impairment of a protected computer. The LulzSec member may be facing 15 years in prison if convicted." On the member who pleaded guilty: "Kretsinger, who pleaded guilty to the same two charges now facing Rivera, is slated to be sentenced on October 25. A federal prosecutor said he would likely receive substantially less than the 15-year maximum prison term carried by those offenses."
This discussion has been archived. No new comments can be posted.

Another LulzSec Member Arrested

Comments Filter:
  • by Viol8 (599362) on Wednesday August 29, 2012 @08:53AM (#41164963)

    Hopefully with these arrests and others a few months back, the keyboard warriors out there will start to realise that they're not untraceable and can't just do as they damn well please on the internet.

    I'm no fan of Sony but I hope this guy is banged up for a long time for stealing all that private data. And before any wannabe heros mod me down you might want to consider that YOUR data could be part of it.

    • by Shavano (2541114) on Wednesday August 29, 2012 @08:56AM (#41165011)

      And before any wannabe heros mod me down you might want to consider that YOUR data could be part of it.

      Or next.

    • by Anonymous Coward on Wednesday August 29, 2012 @08:58AM (#41165029)

      Hmm.. hate to break it to you but there ARE ways to be untraceable.. just like any criminal who gets bored they also get sloppy and hence getting caught.

      • by Anonymous Coward on Wednesday August 29, 2012 @10:12AM (#41166193)

        That's right. I'm behind seven proxies. Come at me bro.

      • "They" didn't "get sloppy", this kid, like so many others shoot off their mouths, brag and call attention to themselves!
        "Anonymous"
        "LulzSec"

        Anybody who is STUPID ENOUGH to self identify as a "member" IS, without any organizational structure whatsoever automatically a "member"!

        And because anybody who wants that kind of attention will undoubtedly have somthing that the blank faced automatons in the "justice" dept could label as "criminal" your self destructive desire for attention will be fulfilled!

      • by elucido (870205)

        Hmm.. hate to break it to you but there ARE ways to be untraceable.. just like any criminal who gets bored they also get sloppy and hence getting caught.

        There are ways but they don't work all the time. Proxies could be run by the authorities or acting as a honeypot. VPN services could be run by FBI agents. Groups like Lulzsec could be FBI fronts run by FBI informants, etc.

        If you do stupid things like align yourself with Antisec movement and declare war on the police agencies you should expect to get arrested. Who is stupid enough to target the CIA website?

    • by fm6 (162816) on Wednesday August 29, 2012 @09:04AM (#41165099) Homepage Journal

      I come at it from the opposite direction: I'm no fan of LulzSec, but Sony deserves to have its toenails removed for being so bloody sloppy about security.

      • by 1s44c (552956) on Wednesday August 29, 2012 @10:34AM (#41166601)

        I come at it from the opposite direction: I'm no fan of LulzSec, but Sony deserves to have its toenails removed for being so bloody sloppy about security.

        Dead right, I don't know how you got modded down.

        This was a SQL injection attack. Sony didn't follow that little rule about validating user input and should have known better. I'm not saying they deserved it because they didn't, but I'm saying it was bound to happen sooner or later.

        • by fm6 (162816)

          I probably got modded down by the same people who left AC posts accusing me of :"blaming the victim", Hey, if you're negligent, you bear some responsibility for the result. That doesn't mitigate Lulzsec's malice, but neither does Lulzsec's malice mitigate Sony's negligence.

        • If it's not some injection attack, it's going to be something else in the future... Where's the line? Since no standards exist in this field--none that remain static for longer than a year--how can anyone really expect anyone else to pass someone's muster when it comes to issues that are mostly relative in nature. After all, I suspect that nobody here is as good as I am when it comes to securing input forms. Ap pro po, you should all be fired from your jobs.
        • by epp_b (944299)

          I'm not saying they deserved it

          Fine, I'll say it, then: they deserved it.

          I'm a programmer who uses SQL on a regular basis; sanitizing user input is a trivial task.

          They most assuredly deserved it.

      • by elucido (870205)

        I come at it from the opposite direction: I'm no fan of LulzSec, but Sony deserves to have its toenails removed for being so bloody sloppy about security.

        Lulzsec didn't accomplish anything. They helped Sony more than hurt Sony and I don't like Sony but the revealing of user information made Sony into the good guy.

        • by fm6 (162816)

          Jeesus. You're like the 20th person to accuse me of being an apologist for LulzSec. What part of "I'm no fan" do you not understand???!!!

          Oh yeah, I must be fan of LulzSec if I say anything bad about Sony. I'm down on both of them. Can you wrap your feeble little brain around that simple concept?

    • by jellomizer (103300) on Wednesday August 29, 2012 @09:18AM (#41165299)

      You don't have to be a fan of Sony, to see what these guys are doing is wrong and criminal.

      Sony says we we want to run our business this way. The hackers go we don't like it. So except for just informing the public on their opinion (freedom of speech) they bring down the site, because for some reason we think that Our Ideas are right and any disagreeing idea is somehow motivated by some corrupt cause.

      If you are Pro-Choice then those Pro-Life people are trying to keep Women rights down.
      If you are Pro-Life then those Pro-Choice people are trying to make a world where woman don't need to have any consequences for their actions.
      If you are Republicans those Democrats are trying to keep the People addicted to government services so you can better control them.
      If you are Democrat those Republicans are trying to brainwash people to keep buying crap from these companies so they no longer need to innovate.

      We rarely ever get arguments anymore stating I understand your view, but I think my advantages may outweigh the disadvantages that you brought up. But we have moved to a world where a disagreement means your oponent has some Evil motive behind them. If you think your Ideological Opponent is evil then you feel justified hurting them in one way or an other.

      • Re: (Score:2, Insightful)

        by Anonymous Coward

        And what is your opinion of Sony putting a rootkit on your machine?

        • I don't like the process... But... I knew about it and didn't buy a root-kitted product.
          However what we call a root kit, others call a tool to help support the problems.

          I don't think the benefit of better support justifies the increased security risk on your PC.
          But is it really worth some holy crusade of breaking into their computers just so you can laugh at them and say Good you Deserve it?

      • by Hatta (162192) on Wednesday August 29, 2012 @10:38AM (#41166679) Journal

        You don't have to be a fan of Sony, to see what these guys are doing is wrong and criminal.

        But that's not why they're going to jail. Sony has done plenty of wrong and criminal things in their time, and no one there has gone to jail for it. Selective enforcement of the law is not justice.

        • So for the criminal things they probably needed to pay a fine. Which they did. Who do you jail when a company does something wrong? The CEO who may be too above in that particular decision making, the Middle Manager who was trying to make a directive bring in more money. Perhaps the lowly tech guy who did the work and didn't say No.
          Getting a big fine for a criminal act, usually does more, as it effects what they care about the most money. Companies don't care about people... Any person.. This idea makes

          • by Hatta (162192) on Wednesday August 29, 2012 @01:36PM (#41169227) Journal

            Who do you jail when a company does something wrong?

            That's the problem isn't it. The mistake these kids made wasn't committing crimes. It was commiting crimes without a corporation to hide behind.

            Personally, I'd be in favor of jailing both the CEO who gets the credit for success and should bear responsibility for criminal failures, and the lowly tech who didn't go to the police when asked to do something illegal for his job. That would be far more just than letting the rich and powerful get away with crimes.

      • by 1s44c (552956)

        That is the best argument I've read all week.

      • by Alex Belits (437) *

        Understanding someone's view is one thing, treating objectively wrong claims about reality as if they are valid, is something completely different.

      • by mcgrew (92797) *

        What's good for the goose is good for the gander. I'd be all for this guy going to jail if someone from Sony would have gone to jail for XCP, which vandalized thousands of their paying customers' computers. As it is, I say payback is a motherfucker and Sony got what was coming to them when this guy brok in to their systems. Actually, they deserve more. They deserve to be run out of business completely.

        Yes, I was a victim of Sony's hacking. Put Sony's president in prison and I'll be all for putting this guy

      • I'm with you up until the end where you say "If you think your Ideological Opponent is evil then you feel justified hurting them in one way or an other.". I don't feel that is the case at all with most people. I think it will motivate people to completely miss the logic of the opponents argument, but most people won't actually hurt them in one way or the other.

    • by mvar (1386987) on Wednesday August 29, 2012 @09:21AM (#41165355)
      I definitely believe criminal activity should be punished but sending in prison a 20-year old for 15 whole fucking years and treating him as if he is a war criminal or serial killer, for simply hacking into a computer of a multi-billion-dollar company (which as it seems didn't care to invest some of it's awfully lot of money in protecting it's customer's data) , is a little too much. Especially when at the same time there are other criminals out there who roam free thanks to their financial status.
      • by mvar (1386987) on Wednesday August 29, 2012 @09:24AM (#41165403)
        not to be misunderstood here: this kid should be punished but 15 years is just madness
        • by Lashat (1041424)

          IANAL nor have I read the actual indictment. However this article http://www.informationweek.com/security/management/second-lulzsec-sony-hacker-suspect-arres/240006432 [informationweek.com] states that the charges include conspiracy. It also indicates that they caught him "after VPN service provider HideMyAss.com was served with a court order seeking information related to several LulzSec exploits, including attacks against Sony, the U.K.'s Serious Organized Crime Agency, as well as NATO."

          Plus, the 15 years are possible and gi

      • I definitely believe criminal activity should be punished but sending in prison a 20-year old for 15 whole fucking years and treating him as if he is a war criminal or serial killer, for simply hacking into a computer of a multi-billion-dollar company (which as it seems didn't care to invest some of it's awfully lot of money in protecting it's customer's data) , is a little too much. Especially when at the same time there are other criminals out there who roam free thanks to their financial status.

        But it doesn't matter. His life is destroyed now and honestly you can thank Sabu for playing informant and helping to destroy it.
        He can also thank himself for being an idiot.

    • by mcgrew (92797) *

      I'm no fan of Sony but I hope this guy is banged up for a long time for stealing all that private data.

      I thank the guy for hacking Sony. Nobody from Sony went to jail when Sony vandalized my and thousands of others' PCs with their XCP trojan rootkit, why should this guy go to jail?

      Where's the justice?

    • Hopefully with these arrests and others a few months back, the keyboard warriors out there will start to realise that they're not untraceable and can't just do as they damn well please on the internet.

      Funny how different opinions can be. I just hope they'll be more careful in future.

    • by 1s44c (552956)

      I'm no fan of Sony but I hope this guy is banged up for a long time for stealing all that private data. And before any wannabe heros mod me down you might want to consider that YOUR data could be part of it.

      Well that's the thing. If he is proved guilty in a fair trail he should be punished but isn't 15 years too long?

      He didn't kill anyone, he didn't physically hurt anyone, nor did he do anything terribly bad with that data. All he did was embarrass a company that should have been taking better care of the data. Sony was going to leak all that data anyway if they hadn't already.

    • by Hatta (162192)

      the keyboard warriors out there will start to realise that they're not untraceable and can't just do as they damn well please on the internet.

      I'm no fan of Sony

      If you are Sony, you can do just as you damn well please on the internet. Still no arrests made for the rootkit fiasco, and that was every bit as illegal as this.

      There is no rule of law in America.

    • by Alex Belits (437) *

      And before any wannabe heros mod me down you might want to consider that YOUR data could be part of it.

      I would prefer if my data on insecure servers was taken by someone who widely announces the problem, rather than by someone else who would do it in secrecy and cause me some serious trouble.

    • Hopefully with these arrests and others a few months back, the keyboard warriors out there will start to realise that they're not untraceable

      No, hackers are most definitely not "untraceable"

      From TFA:

      "The hacker after posting all the data onto Pastebin, announced the hack through a tweet.
      "Hey @Sony, you know we're making off with a bunch of your internal stuff right now and you haven't even noticed?" LulzSec tweeted. "Slow and steady, guys."

      Especially when they brag about it.

      I bet he even hacked from his own computer. Or, rather, his parents' computer.

      I've said it before, I'll say it again - NEVER HACK FROM HOME. It will make your dad really mad when the FBI comes knocking.

    • by pclminion (145572)

      I'm no fan of Sony but I hope this guy is banged up for a long time for stealing all that private data. And before any wannabe heros mod me down you might want to consider that YOUR data could be part of it.

      It's just data. His crime is worthy of punishment, but what's prison going to accomplish? Apart from satisfying your sense of revenge, it'll just introduce him to a bunch of people I think we'd all rather he didn't know. If he's abused while in prison, he'll either have a psychotic break or he'll come

    • Hopefully with these arrests and others a few months back, the keyboard warriors out there will start to realise that they're not untraceable and can't just do as they damn well please on the internet.

      I'm no fan of Sony but I hope this guy is banged up for a long time for stealing all that private data. And before any wannabe heros mod me down you might want to consider that YOUR data could be part of it.

      I agree they went too far and I hate Sony too. I don't think revealing user data served the purposes of Anonymous in any way and if anything made Anonymous look like the bad guys and helped the opposition gain political cover to attack Anonymous and everything Anonymous was trying to do politically.

  • Raynaldo Rivera, aged 20, suspected member of Lulzsec has been arrested ....

    charged with conspiracy and unauthorized impairment of a protected computer. The Lulzsec member may be facing 15 years in prison if convicted....

    accused of hacking Sony Pictureâ(TM)s Web site in June 2011 through use of SQL injection attack and downloading thousands of records containing names, birth dates, addresses, e-mails, phone numbers, and passwords. The hacker after posting all the data onto Pastebin, announced the hack through a tweet.....

    "Hey @Sony, you know we're making off with a bunch of your internal stuff right now and you haven't even noticed?"

    The hacking collective claimed that they had managed to grab information of more than a million people whereas Sony countered the claims saying that only 37k records were actually stolen.

    there is no sense of proportion here, it's not justice. Maybe it is the people, whose records were stolen, that should be outraged, not Sony, Sony as a company should be humble about it and do whatever to mitigate the problem their lack of interest in security may have caused.

    But because large corporations like Sony are in bed with large governments, there will be no justice. Sure, send these guys to prison for 15 years because a company is outraged. How about company's clients?

    My point is - this is none

    • by bws111 (1216812) on Wednesday August 29, 2012 @09:20AM (#41165345)

      So to sum up your position: victims of crime should bear the full responsibility and costs associated with finding, trying, and punishing the criminals. Gee, I can't imagine why the rest of society does not agree with you.

      • by gl4ss (559668)

        I think you're missing the point where you can go and beat up twenty grandmas and end up with less time.

        or alternatively steal 500 million dollars from grandmas.

        it was still a pretty lulzy run, tbh.

        • by bws111 (1216812)

          15 years is the MAXIMUM sentence they could receive. They have not even been convicted yet, much less sentenced, so you have no idea how much time they will actually get. And I am pretty sure the MAXIMUM sentence for beating up twenty grandmas or stealing 500 million dollars is at least 15 years.

  • Pleaded at the quality of the proofreading as usual. Keep up the good work, editors.

  • really...come on really, was it that "protected" ?
    • by bws111 (1216812)

      Uh, yeah. "Protected" means protected by the law, not technical measures.

      • by SJ2000 (1128057)
        Depends on jurisdiction though, there are some western jurisdictions where lack of a published policy and access control mechanisms can imply open access which is enough to argue in court.
  • I was surprised to see they are still making arrests. I had expected all those involved were already in federal "pound me in the ass" prisons. Obviously I overestimated our law enforcement.
  • They give pro (facist / police state / surveillance / corporate) forces the perfect justification to slowly destroy the most important source of freedom and information since the printing press: the Internet.

    I just hope some of the wiser ones will still be around to help fight the forces of evil (and that ain't a video game console company, FFS).
    • by elucido (870205)

      They give pro (facist / police state / surveillance / corporate) forces the perfect justification to slowly destroy the most important source of freedom and information since the printing press: the Internet.

      I just hope some of the wiser ones will still be around to help fight the forces of evil (and that ain't a video game console company, FFS).

      Lulzsec went about things in the wrong/dumb way. Lulzsec should have never existed as it has diminished the reputation of Anonymous. If you believe in protecting internet freedom then I can understand that you will have something ideological in common with Anonymous, most of us do. But the current form of Anonymous does not do a very good job, as it's run as a headless vigilante organization without any direction. Many of it's ops actually damage it's credibility, such as doing DDOS attacks on sites (censor

  • Would he be facing the same 15 years if he hacked into Bob's Computer Shack's servers? Or do they consider it more severe because sony has more money and more clients? Is there some equation they use that determines "you stole this much data, so you do this many years in prison" ?

    Most of the sentences these days that have to do with computer related crimes seem outrageous.

    I'd understand if it got people killed. But what Sony has is banking information. Most banks have mechanisms to mitigate dama

Never trust an operating system.

Working...