World's Biggest Hacker Held 631
Hieronymus Howard writes "The London Evening Standard is reporting that the "worlds biggest computer hacker" has been arrested in London.
Gary McKinnon, 39, was seized by the Met's extradition unit at his Wood Green home.
The unemployed former computer engineer is accused of causing the U.S. government $1 billion of damage by breaking into its most secure computers at the Pentagon and NASA. He is likely to be extradited to America to face eight counts of computer crime in 14 states and could be jailed for 70 years. Apparently he broke into U.S. military computers to hunt for evidence of a UFO cover-up."
Smart? Yes. A Nut? Perhaps. How about both? (Score:5, Interesting)
It sounds like an excuse to me.
So is the guy really nutty or is this just an attempt to justify his illegal activities?
Then again, perhaps he was on to something?
Re:Smart? Yes. A Nut? Perhaps. How about both? (Score:2, Insightful)
If you're that good you're doomed to either be retarded or wacko.
This obviously proves it
Re:Smart? Yes. A Nut? Perhaps. How about both? (Score:3, Insightful)
Re:Smart? Yes. A Nut? Perhaps. How about both? (Score:5, Insightful)
Re:Smart? Yes. A Nut? Perhaps. How about both? (Score:3, Interesting)
And on a related note, what accounts for the $1billion damages? I'd wager a large part of that is plugging security holes that should not have been there in the first place. Although it's stated in the article that fixing the problem and tracking him down cost £570,000 pounds.
In fact, reading the article, I can find no reference to $1 billion. It's estimated that he may be fined £900,000 (that figure makes so much sense), but if that equates to $1 billion at the current exchange rate then I
Re:Smart? Yes. A Nut? Perhaps. How about both? (Score:3, Informative)
I've just read Bruce Sterling's "Hacker Crackdown", in which there is a similar claim by a large corporation (AT&T) of a document being worth almost $80k, while a very similar document was sold for 13 bucks by the same company to anyone who asked for it.
The interesting part was how they arrived to the 80k figure for a 12 page doc. In it they computed, among other things, two weeks of a typist and an observer...
Re:Smart? Yes. A Nut? Perhaps. How about both? (Score:4, Funny)
Re:Smart? Yes. A Nut? Perhaps. How about both? (Score:5, Funny)
Re:Never? (Score:3, Funny)
He Got The Wrong System (Score:5, Funny)
Re:He Got The Wrong System (Score:5, Funny)
A Darwin Award nomination, say I! (Score:5, Insightful)
And what does he look for? UFO information! Now he's facing 70 years in prison.
Come on, that must be the equivalent of tipping a Coca-Cola machine onto yourself.
It's a good thing he didn't download Eminem songs! (Score:5, Funny)
Re:Smart? Yes. A Nut? Perhaps. How about both? (Score:5, Funny)
Re:It MOST CERTAINLY is not! (Score:3, Insightful)
If I owned a shop and I closed the door and forgot to lock it and turn on the security system. But put the closed sign up at the end of the day and a guy walked in and robbed me blind. And the next day we found the theif he would still be arrested for stealing or if he read my books he would still
what? (Score:3, Insightful)
they'd do better hiring this guy to teach their sysadmins a thing or two.
Re:what? (Score:3, Interesting)
they'd do better hiring this guy to teach their sysadmins a thing or two.
They hire overpaid techs that do shoddy work. They have to come up with these figures in order to make sure the public doesn't mind them wasting taxpayer dollars to track him down all over the world.
Re:what? (Score:3, Funny)
Hey! I'm one of those overpaid, shoddy techs, you insensitive clod!
Re:what? (Score:4, Interesting)
Re:what? (Score:5, Insightful)
Re:what? (Score:5, Informative)
Re:what? (Score:3, Insightful)
That, and it may help in budget appropriations. Your budget is likely to be cut if you don't spend all of the money in a year. If you're behind on spending, say by $100 mil, you could say "but this hacker cost us $1 billion in damages! We're only going to charge $100 mil for our trouble, though..."
Re:what? (Score:2)
Easy. Human life is "priceless", and think about how many sys admins killed themselves after getting fired for letting a UFO spook break into their systems.
Anyways, at least this guy was using his power for good. At least, we hope. Maybe he planted fake evidence of WMD in Iraq.
Re:what? (Score:5, Informative)
Re:what? (Score:4, Funny)
He compromised over 3 Libraries of Congress worth of information, which costs the government such a large amount of money that, if stacked in $20 bills, it would be the size of four Volkswagen beetles. And if you don't know that it takes 1/4 billion in twenties to equeal a Volkswagen bug, then turn in your nerd card at the door.
Re:what? (Score:3, Interesting)
Part of the "lock down" may even include completely replaing large systems not only so you can start clean, but also so the compromised systems can be assessed, studied and used for evidence.
Then you have to figure out what other areas may have been expose
Re:what? (Score:3, Informative)
Re:what? (Score:5, Insightful)
Not to mention that they should be found and fixed regardless of any intrusions.
=Smidge=
Re:what? (Score:5, Insightful)
Yeah, that makes sense. Pawn the cost of fixing your security holes on the guy who found them.
If my house ever gets burglarized, I'm going to try to get the burglar to pay the contractor to fix the "hole" the burglar got in through.
Re:what? (Score:5, Funny)
Re:what? (Score:3, Insightful)
that's BS. you didn't see Ford suing its customers that discovered the flaws in their cars and forced fixes did you?
counter argument: Ford's customers paid for something and were then endanged.
counter counter argument: citizens pay taxes to be protected and the government fails at this job when it uses crap systems.
Re:what? (Score:2)
While I don't condone in any way what this guy did, you can't charge the guy who cracked your poor security system with fixing it. If someone breaks into your house becasue you never bought a lock for your door, you can't throw 'lock for the door' in with what he took.
Re:what? (Score:2)
While not $1 billion in damages there is a cost to recovering and reconstructing those accounts.
That's what backups are for. With proper backups, those deleted accounts could have been restored in hours.
NBD.
Re: (Score:3, Insightful)
Re:what? (Score:4, Interesting)
Obligitory Slashdot Discussion (Score:5, Funny)
I don't believe that this guy is the world's biggest hacker. Have you seen Cowboy Neal??? Now that's big!
This guy was looking for UFOs. In Soviet Russia, UFOs look for you!
We all know that if he was an uber-hacker he would have created a Beowulf cluster of all the computers he hacked.
One billion in damages? That number has to be inflated. (Actually the article says 570000 pounds which is only about 1 Million US dollars according to my currency calculator [ostermiller.org])
Re:Obligitory Slashdot Discussion (Score:4, Funny)
No, I'm New Here (Score:4, Funny)
Re:Obligitory Slashdot Discussion (Score:4, Funny)
Re:Obligitory Slashdot Discussion (Score:3, Funny)
For how much?
Re:Obligitory Slashdot Discussion (Score:5, Funny)
Wow, that guy IS big.
Re:Obligitory Slashdot Discussion (Score:2, Funny)
Sweet Jesus. (Score:4, Funny)
If you do $1 Billion worth of damage just to look for UFO conspiracy information, you deserve to be locked up.
Although this could help his insanity plea.
"Damage" (Score:2)
He exposed how inadequate our systems are and upgrading them cost $1 billion dollars; therefore he did $1 billion dollars worth of damage.
Re:"Damage" (Score:3, Interesting)
Insanity plea indeed... (Score:2)
This just in (Score:5, Funny)
UFO cover-up (Score:2, Interesting)
Biggest Hacker? (Score:2)
LS
Whoah (Score:5, Funny)
World's Biggest Hacker? (Score:5, Interesting)
Re:World's Biggest Hacker? (Score:2)
One beeelllliiioonn dollars? (Score:5, Interesting)
Where do they get that from? If that's really the case, it would only take about 6,000 people to cause enough damage to double the national debt!
The article doesn't mention anything anywhere about pure damages, for starters. It mentions the costs associated with tracking and capturing the guy, and costs correcting some of the problems - combined. Those costs are listed as 570,000 pounds. At the exchange rate I just looked up (1.83 dollars to a pound), that's still only 1,054,500 dollars, which is more like a meeelllion dollars. Even if they tack on the 950,000 pound in fines, that's still not even three million.
That's a far cry from a billion... and about two million less than the damages Kevin Mitnick was supposed to have caused.
Frankly, they should have just let this guy find some "evidence" of UFOs. Then he might have spent his time trying to convince people of it instead of looking for more!
Re:One beeelllliiioonn dollars? (Score:4, Informative)
I think some chump is getting confused about millions and billions. He probably thought the US million was a UK billion or something like that. It is now generally accepted everywhere that a billion is a 1,000 million, not a 1,000,000 million.
The wikipedia article [wikipedia.org] clarifies
In other news . . . (Score:4, Funny)
Re:One beeelllliiioonn dollars? (Score:4, Informative)
"The Briton was indicted in 2002 by a federal grand jury on eight counts of computer-related crimes in 14 different states.
It claimed that he hacked into an army computer at Fort Myer, Virginia, obtained administrator privileges and transmitted codes, information and commands.
Unauthorised access
He is accused of then deleting around 1,300 user accounts.
The indictment alleged Mr McKinnon also deleted "critical system files" on the computer, copied a file containing usernames and encrypted passwords for the computer and installed tools to gain unauthorised access to other computers.
A loss of over $5,000 (£2,725) to the Army stemmed from the alleged damage, according to the indictment."
So in the space of three years, $5K becomes $100M? Nice rate of return, if you can get it...
1 billion $ damage? (Score:3, Insightful)
World's biggest computer hacker (Score:2)
Exactly how large is he?
Re:World's biggest computer hacker (Score:4, Funny)
Huh? (Score:2)
Don't they mean cracker? (Score:2)
Re:Don't they mean cracker? (Score:5, Funny)
Re:Don't they mean cracker? (Score:5, Funny)
Re:Don't they mean cracker? (Score:4, Funny)
Re:Don't they mean cracker? (Score:5, Informative)
Dear editor,
I am a computer hacker. By this, I mean that I enjoy learning and exploring computer technology. I have a degree in computer science, and am involved in many not-for-profit computer-technology endeavors. I am not a criminal. I do not violate computer security, I do not write malicious software, and I do not intentionally cause harm to the computer systems that I have access to. Any computer system access that I have has been given to me through legitimate means. It has come to my attention that you have used the term 'hacker' in the article linked below to indicate a person who intentionally violates computer security systems: http://www.thisislondon.co.uk/news/articles/19164
The proper term for such a person is 'cracker' or 'security breaker', i.e. one that "cracks" computer security. By using the term 'hacker' in the way that your publication has done, you spread misinformation about me, and people like me. You are demeaning and destroying a culture that, above all, values learning, knowledge, and wisdom. Please stop insulting hackers by equating them with criminals. For more information, see here: http://www.catb.org/~esr/jargon/html/appendixc.ht
Please issue a correction, and please make sure that a clear distinction is made in the future.
(your name here)
A Proud Hacker
And my reply, if I were an editor would be (Score:4, Insightful)
As it turns out, that is not correct. According to the Merriam-Webster Unabridged Dictionary, the American Heritage Dictionary, and the Oxford English Dictionary the word hacker has two meaning in relating to computers. One of them is a person who is an expert with computer and/or someone who peruses computer knowledge for its own sake, the other is a person who uses their skill with computers to gain unauthorized access to systems.
This is not an uncommon situation in English, for a word to have two related connotations, one positive and one negative: For example the word exploit. When used as a verb it can be used to mean a full positive use of something, such as to exploit one's talents means to make full use of your talents in a good way to achieve a goal. It can also be used in a negative way, such as to exploit illegal immigrant financial gain means to take unfair advantage of someone's position to your own selfish benefit. Both uses are not only accepted, but common. It is the context that dictates the meaning of the word.
The same is true with the word hacker. Your special interest sites like Slashdot do not set the stage for the English language, nor are they the authority on its correct usage. Thus in our article using hacker to describe someone who uses computer skill to gain illegal entry to systems is in every way as correct and accurate and a skilled programmer calling themselves a hacker. Thus we will not be issuing a correction, as there is nothing to correct.
In the future if you believe a word is being used incorrectly, I suggest you make a quick check with a dictionary to ensure that you are not confused. There are several online websites including www.dictionary.com, www.oed.com, and www.webster.com that will allow you to look up the definitions of words with ease.
Sincerely,
Editor-in-Chief person.
Re:And my reply, if I were an editor would be (Score:5, Insightful)
A respectful computer expert (that is, a computer expert that respects the skills, opinions, and decisions of other computer experts) would understand the distinction between the usual news article's use of the term 'hacker' and the more correct term as I have described it. However, the average lay-person will not understand the distinction, and will be left with a negative connotation whenever encountering the word 'hacker'. Therefore, as a hacker (in the non-malicious sense), it is my duty to defend myself, and others like me, by communicating to insensitive publications the inherent offensiveness of careless use of the term 'hacker'. If a publication receives a request like mine (see GP), and chooses to respond to it as you have, it is an indication of the publication's insensitivity and intentional alienation of a significant non-malicious worldwide subculture. Therefore, if I do receive a response from either of the publications I've contacted today, and it's similar to yours, I will do whatever is in my power to spread the word about their discriminatory practices. Not that I want to do that - I hope that my letters will incite changes in the treatment of the term 'hacker'. In any case, I'm doing my part to ensure that 'hacker' loses its negative connotation, since the correct definition of it describes me, and others like me, much better than 'computer expert', 'computer enthusiast', 'geek', 'nerd', 'programmer' (et. al.). If ethnic groups can be defensive about what they wish to be called, then subcultures should have the same right.
Re:Don't they mean cracker? (Score:3, Insightful)
"We?" What's all this "we" stuff? The adoption of "cracker" by the script-kiddies to mean something else in addition to saltine and Southern racist and illicit-vault-opener remains among the dopey-est linguistic forays of the past twenty years. For many of "us," "cracker" can't cease having any IT-related meaning fast enough.
Of course, if "war-driving" enters the popular lexicon of national newsrooms with any meaning bey
Dreams do come true! (Score:2)
Ok, but the big question isn't answered (Score:2)
Apparently he broke into US military computers to hunt for evidence of a UFO cover-up.
Did he find any?
Will they plea?? (Score:2, Interesting)
Re:Will they plea?? (Score:2)
What are we going to do, drop him on Pyongyang?
Translation .... (Score:2)
Say it one more time... (Score:2)
Free On Bail (BBC) (Score:4, Interesting)
http://news.bbc.co.uk/2/hi/uk_news/4071708.stm [bbc.co.uk]
Re:Free On Bail (BBC) (Score:5, Funny)
Say G'bye to Gary (Score:2)
It'll be the next conspiracy...
Most secure? (Score:5, Insightful)
Maybe it's just me, but any device connected to any other device is no longer to be considered as secure.
I would have guessed that the gubbermint's "most secure computers" would be airgapped, but apparently that is not the case. Or, perhaps, the author of TFA is being just a bit sensational and overdramatic. ;)
Re:Most secure? (Score:5, Informative)
Of course, something as Earth-shattering as UFO proof wouldn't get anywhere near a computer only approved for 'Secret'. Think secure facilities with guards, shielded rooms and computers, and vaults. Where classified networks do exist, you'll see mandatory physical separation distances between cables to avoid crosstalk, heavy use of fiber optics, pressurized conduits, and so forth.
Fortunately I don't often have to deal with that stuff. As exciting and mysterious as classified data processing might sound, it's mostly boring and a freaking pain in the ass to deal with.
A more reputable UK Paper (Score:3, Informative)
The Evening Standard releases The Metro and Evening Standard Lite. All are rubbish.
Photo of worlds biggest hacker finding UFOs (Score:3, Funny)
He looks kinda feminine to me...
Odd facts in this case (Score:5, Insightful)
"Most of the alleged hacking took place in 2001 and 2002. At one stage the US thought it was the work of the al Qaeda terror network. "
OK, so this must have been some serious stuff going down for them to think that he was al Qaeda. Or was it?
"Friends said that he broke into the networks from his home computer to try to prove his theory that the US was covering up the existence of UFOs. "
Uh oh, we're talking mentally off here.
"He is accused of a series of hacking offences including deleting "critical" files from military computers. The US authorities said the cost of tracking him down and correcting the alleged problems was more than £570,000. The offences could also see him fined up to £950,000 if found guilty on all charges. "
Here it comes, the big bill for this mentally off "al Qaeda" operative. "Lesse, captain, I spent my lunch hour running a scan." "Aha! We'll bill that time as worth £50,000!"
"Prosecutor Paul McNulty alleged that McKinnon, known online as "Solo," had perpetrated "the biggest hack of military computers ever". He was named as the chief suspect after a series of electronic break-ins occurred over 12 months at 92 separate US military and Nasa networks.
Ah, it gets better. This guy must have been hot stuff! They think he's some kind of master criminal or something. Or al Qaeda maybe.
"It is alleged that he used software available on the internet to scan tens of thousands of computers on US military networks from his home PC, looking for machines that might be exposed due to flaws in the Windows operating system.
Many of the computers he broke into were protected by easy-to-guess passwords, investigators said. In some cases, McKinnon allegedly shut down the computer systems he invaded. "
WHAT?! He's just a script kiddie??! All this fuss over some guy port scanning Windows boxes??
"The charge sheet alleges that he hacked into an army computer at Fort Myer, Virginia, where he obtained codes, information and commands before deleting about 1,300 user accounts.
Other systems he hacked into included the Pentagon's network and US army, navy and air force computers. "
So let me get this straight. Some nutcase into UFOs uses script kiddie technology to port scan Windows boxes and somehow manages to get into the Pentagon and the military? Are you kidding me? Either they are running Windows boxes with easy to guess passwords and insecure networks, or else they should have charged him with a lot worse stuff than standard port scanning. Or maybe the reporter has no clue what he did, but this doesn't add up.
The only thing that does make sense is the U.S. military thinking a script kiddie UFO chaser was a master criminal at work...
Re:script kiddie technology? (Score:3, Funny)
Re:Odd facts in this case (Score:5, Interesting)
The evidence so far is that the guy IS a skript-kiddie, and probably not a very good one at that. If, after countless reviews and endless debate, many Federal agencies are still scoring D or worse on their own evaluations, I cannot find any reason to have any confidence in their ability to secure their systems.
Perhaps, instead of wasting time chasing UFO spotters, they should be putting more time and effort into getting their own house in order. Windows machines are rated for standalone security, not network security, and Windows is only C-class even then. That may be fine for a desktop hosting seriously unimportant files, but I would not regard that as nearly good enough for servers or desktops likely to have files of significance.
For the sorts of establishments we're talking here, I would say that a minimum of B3 on internal security and something comparable for network security should be the minimum for anything beyond the kiosks they've been pushing people onto.
Error (Score:2, Informative)
-Paul McNulty, US Attorney for the Eastern District of Virginia
"Most secure computers" - I doubt it (Score:5, Insightful)
Sure, it's possible to hack intelligence agencies but it I'd put money on it failing to get you the really juicy stuff!
Re:"Most secure computers" - I doubt it (Score:3, Funny)
You've never worked for the government, have you ? It shows.
Believe, my lemming friend, and try to use those critical thinking skills every once in a while. The feds can hardly even define "really important", and certainly have a hard time keeping track of their own doings. Breaki
World's Biggest Hacker (Score:2)
He didn't commit a crime in the US (Score:5, Interesting)
The judge should rule that he can't be extradited to the US until he has been tried in the UK and then only if the US has charges that don't fit into double jeopardy.
Re:MOD PARENT UP (Score:3, Insightful)
seems he didn't find any evidence (Score:2)
70 years? Nope! Offer of employment? Yes! (Score:2)
.
One Beeelion Dollars!!! (Score:3, Insightful)
3.9 Million Citigroup Customers' Data Lost [slashdot.org]
the corporate mentality never ceases to disillusion me--where's the class action lawsuit?
Good! (Score:3, Insightful)
It's bastards like this that screw things up for grey-hats everywhere. Ok, you were curious, you wanted information, and the information wanted to be free... good enough. But you don't go deleting files and user accounts! How fraggin dumb can you be? "Hmm, I just hacked NASA and no-one knows.... I think I'll fuck things up!".
If he'd just gone looking for the information and gotten busted, I would have had sympathy for him. But he just went to wreck shit up. "Looking for UFOs" is just AOL-Speak for "Shit, I got caught being a dick and I need an excuse, quick!"
The UK should *not* extradite anyone to the US... (Score:3, Interesting)
Re:So... (Score:5, Funny)
Re:So... (Score:2, Funny)
A really fat nerd was the mental picture that came to mind first.
Re:At least make an attempt to hide it... (Score:2)
Re:"World's biggest hacker" (Score:2)
I'm currently listening to NPR right now and they're talking about terrorists. The question of weight brought up this question to me:
Do they have any fat suicide bombers? My thinking is no, as their bellys would cushion the impact of the bomb.
Wellcome to cynicsville, population: Me. (Score:3, Interesting)
What does that tell us? We care more about our files than our children. While I don't think that breaking into a computer system just to prove you can is a smart idea (not saying that was the case in this situati