Largest Hacking Scam in Canadian History

vieux schnock writes "Police raided several homes across Quebec on Wednesday and arrested 16 people in their investigation, which they say uncovered the largest hacking scam in Canadian history. (...) The hackers collaborated online to attack and take control of as many as one million computers around the world that were not equipped with anti-virus software or firewalls."

Really?

[ImprovGuy]

Are there that many computers without anti-virus software or firewalls on the Internet?

Re:Really?

[Brian Gordon]

Are you serious? There are hundreds of millions of PCs in the world (billions?), and the vast majority of them aren't properly secured. Also the vast majority of them have 10 smiley toolbars and take 45 minutes to boot.

Re:

[Divebus]

I think he was trying to be funny... weren't you, Bill?

Re:

[nopainogain]

and the repair of these poorly maintained PCs paid for my tuition and beer in college.
Long live idiots, for without them, being smart means nothing, and pays less.

Re:

[PrescriptionWarning]

Yes, there are that many Windows machines on the internet.

Re:Really?

[TheRealMindChild]

It doesn't even really matter at this point. Let's be honest... the average computer user doesn't know the difference between U2-Somesong.mp3 and U2-SomeSong.exe. It doesn't take much to write an application that would be able to run in a restricted user account... just connect outbound on port 80 for coordination, and for payload delivery. The code would be simple enough that you could change the binary significantly enough that the fingerprinting that virus scanners use are practically worthless.

That doesn't even address the vector of replacing the setup.exe (or equivalent) on, say, an Office 2003 cd posted on thepiratebay. Obviously, the install has to run as admin, so you pretty much know, you are a shoe in for a compromised machine for anyone who tries to install it. And again, it would be such a trivial, simple application, that you could change the attacking binary pretty much at will.

Re:Really?

[GreatBunzinni]

It doesn't even really matter at this point. Let's be honest... the average computer user doesn't know the difference between U2-Somesong.mp3 and U2-SomeSong.exe.

To make matters worse, some attacks may even occur if you are dealing with safe file types, like a PNG [microsoft.com] or even PDF [softpedia.com]. Some security problems exist due to the user's ignorance or idiocy but "some" isn't exactly the same thing as "all".

Re:Really?

[ultranova]

To make matters worse, some attacks may even occur if you are dealing with safe file types, like a PNG or even PDF.

There are no safe file types. All files can be viewed as programs meant to run in a specialized virtual machine (the program which is used to open them). For example, a PNG file is a program which, when run, will compute an array of bytes (the image pixels). The same goes to PDF. In this view, since all files are programs, it is in principle possible that any of them could contain code which can result in unexpected behavior of the virtual machine executing them.

Of course some file types are easier to compromize than others, either due to sheer complexity or ambiguity of the specification or because they are Turing complete. However, it is impossible to guarantee that every viewer for any file type is free of defects. Anyone still remember ANSI codes for DOS, which could be embedded to text to change color but also to set macros to keyboard keys when the file was viewed ? And of course SQL injection attacks are based on formatting a text string so it will cause unexpected results, not to mention causing a buffer overflow with an overlong string.

I repeat: there are no safe file types. They all have a potential to contain malicious code, because there is no such thing as data which is not also a program. From a certain point of view, GIMP is simply a very specialized compiler...

Re:Really?

[ultranova]

Is a text file containing a single line of text followed by a carriage return a program?

It can be. For example:

'; ROLLBACK; UPDATE users SET admin = true WHERE username = 'ultranova'; '

If the virtual machine which handles the username field of Slashdot login form naively passed this string to the database layer without specifically quoting it, this text string would make my account an admin account; well, actually, since I haven't studied Slashdcode, it propably wouldn't, but the point still stands: even text is not an inherently safe data format in all circumstances.

How about the standard input device? When I type at the console keyboard, is that a program feeding into a "virtual machine" created by the console driver?

The virtual machine in this case would be whatever program receives the input. And yes, the text you type is indeed a program being executed by that machine; each time it receives a keypress from you, that keypress instructs it to do something, right ? Even if that something is merely to output the letter (altought a text editor would also store the input internally, of course). And that is what a program is: a list of instructions.

If not, why is a disk device different from another device?

It isn't.

Re:

[ultranova]

In other architectures, namely Harvard architecture, there are physically seperate memory locations for programs and data and the processor WILL not carry out instructions "hidden" in data. A shift towards seperate memory architectures is required to secure computers. Unfortunately a paradigm shift at this level is all but impossible in general purpose computing.

No, but whatever program is running on the processor and interpreting the data will. SQL database, Python interpreter, Mozilla... all of these

Re:Really?

[CarpetShark]

That doesn't even address the vector of replacing the setup.exe (or equivalent) on, say, an Office 2003 cd posted on thepiratebay.

Why stop there? Most of the Windows OS torrents are slipstreamed. There's no reason to assume they didn't slipstream a few viruses, bots, and backdoors in there too.

Re:

[Anonymous Coward]

There's a web of trust on the piratebay with trusted uploaders. Installing an OS or running a keygen from a newbie uploader is virtually guaranteeing you to get a trojan downloader. I've been playing around with a few of the torrents from the piratebay and installing them on a separate vlan at home. It's very enlightening watching all the network traffic when the compromised OS calls home. I am pretty sure this is one of the primary "seeding" vectors for the nu-war storm network. I weekly find new morphed

Re:Really?

[Anne Thwacks]

the average computer user doesn't know the difference between U2-Somesong.mp3 and U2-SomeSong.exe.

The average user cannot tell there is a difference - because the Windows default is to hide the extension!

It may be criminally insane, but its the default.

Re:

[Mister Whirly]

It is the default because 95% of users don't care about file type/extensions. Why would any company cater to 5% of their customers? That would be insane.

Re:

[value_added]

The average user cannot tell there is a difference - because the Windows default is to hide the extension! It may be criminally insane, but its the default.

To the extent Windows reliance on extensions actually works. What's one to do with greetingcard.exe.pdf, to say nothing of more creative variations on the file naming scheme, or similar URL mechanisms in the context of an email client?

Add to the equation that it would be highly unusual if the majority of files on a typical user's hard driver weren't cr

Re:

[digitalaudiorock]

The average user cannot tell there is a difference - because the Windows default is to hide the extension!

It may be criminally insane, but its the default.

That's one that's driven me crazy for years. I'm sure it goes back to early days of Windows and their attempt to look more like Mac OS 9 (which got the file type info from the resource fork). Any time I do something for anyone on their Windows machine and the extensions are hidden I just change the setting...I don't even ask if that's what they want.

Who else here has ever been trying to walk someone though a software install over the phone and said "Now double click 'Setup'"...and they respond "which one

Re:

[ColdWetDog]

It may be criminally insane, but that's the Microsoft way!

It's also the default behavior for OS X.

You can check out any time you like, you just can never leave.

Re:

[Mister Whirly]

"Let's be honest... the average computer user doesn't know the difference between U2-Somesong.mp3 and U2-SomeSong.exe."

Thank god I do. I would much rather have the malware ridden U2-SomeSong.exe than an actual MP3 by U2. That would just be awful.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Bronster]

Our mx servers have a list of over a million machines which are blocked from talking SMTP to us for three days thanks to past bad behaviour. In a single hour nearly 200,000 of them tried multiple SMTP connection attempts.

Yes, I'd believe those numbers.

Re:

[macdaddy]

Out of curiosity, what tools or methods are you using to detect bad behavior and then block it? I'm always on the lookout for new tools for my toolkit. I use Fail2ban for SSH scanners. I've used Port Sentry for port scanners. I haven't found any good tools for blocking SMTP bots guessing email addresses with Rumplestilskin attacks, though I would love to employ one. Currently I'm in search of a method to tie such tools into my RTBH trigger router to blackhole bad hosts at my network edges. I could scr

Re:

[Bronster]

The biggest is connecting and then failing to complete an SMTP transaction. There's also enumeration and some heuristics based on reverse lookups and netblocks. I don't know how much of it's readily sharable, it's all internal stuff that we put together over the years at FastMail, and like most of our internal systems, it has deep and ugly hooks into everything. We use open source packages, and contribute quite a bit back to those projects, but I doubt anyone wants to see the perl duct tape that holds it

Re:

[macdaddy]

That's understandable. I've been in the anti-spam race for a long time now. I wish I had as much time to contribute to the fight as I one did. For my MTA I use Canit-Pro. That gives me a good window in the SMTP dialog as it's happening thanks to good old Sendmail's milter options. I'm needing something that's more network-centric though. I need something that can listen on a promisc port and listen for network reconnaissance scans and actual network-based attacks so it can alert me and I can react. I

Re:

[Bronster]

Yeah, we have a wodge of perl that sits there scanning logs, getting stats out of the policy daemon (Postfix policy daemon is very handy) and generally making educated guesses as to the probability that a site really is nothing but a spam source. Once it's satisfied, they go into the early block list which doesn't even get a reverse DNS lookup, just accept and then drop. We're thinking of moving to accept and teargrub actually, assuming we can do it in a way that doesn't overload the machine with idle pro

Re:

[kesuki]

Windows firewall doesn't count, as it is the only firewall in history to score a 0 (out of 9,625 points) without actually being Malware. http://www.pcworld.idg.com.au/index.php/id;159719021 [idg.com.au]

so yes, there are more than 1 million PCs without Working firewalls, or working anti-virus.

You're kidding, right? (Re:Really?)

[myvirtualid]

Here I was, planning to mod this discussion, but I can't believe what you just wrote.

I... wonder why nobody has proposed some kind of govt subsidized antivirus program... why not buy out ESET or similar and allow all US residents (or the world, for good will) to get a good free antivirus?

You're kidding, right?

Please, tell me you are kidding!

Why in the name of GFSM or whatever deity you care to insert would anyone in their right mind do or propose this? It boggles my mind since what you propose is already [grisoft.com]

You just know it'll be disappointing..

[Brian Gordon]

Largest "x" in Canadian history!

Spot the key words

[Silver Sloth]

The hackers collaborated online to attack and take control of as many as one million computers around the world that were not equipped with anti-virus software or firewalls

Police won't reveal what the information was used for but investigators estimate that the network profited by as much as $45 million.

Hmm... as many as, as much as, or maybe they're inflating the figures to show what macho investigators they are.

Re:Spot the key words

[powerlord]

Nah, nothing so covert. Its simply that, "as many as", sounds a lot better than, "three computers we know about, but we really have no clue" or "we found 5 million deposited in their bank accounts in the last month, but the accounts have been open for nine months, so who knows how much money they could have collected previously".

Alternatively they probably have a pretty good idea of the ranges involved, but hey, high numbers make a better press release.

Re:

[Otter]

I dunno -- is a million nodes especially large for a botnet? It seems consistent with the various botnet stories linked here, and quite conservative compared to the usual estimates here of the prevalence of compromised Windows systems (i.e. all of them, if not more).

Re:

[Tony Hoyle]

1 million machines in a network talking to each other would probably consume more bandwidth in network overhead than useful work. Even instructing 1 million independent machines to do the same thing would take a considerable amount of time/bandwidth (eg. send a spam email to each one plus a list of targets so they can begin spamming... that's a million emails you've got to send - might as well send the spam yourself).

Re:

[Otter]

At any rate, I was mistaken -- while some of the wilder claims of botnet size are in the millions, realistic estimates put even the largest in the low six figures. So the OP is correct that the figure given here is rather improbable.

Re:

[somersault]

Why would they be talking to each other rather than just a single controller? Or one of several controllers. IANAbotnetwriter, but I don't really see the need for them to communicate with each other, unless it's through an attempt to obfuscate the original source of a command sent to the network. The internet has several million machines in a network and it seems to do okay for itself.

Re:

[tlhIngan]

1 million machines in a network talking to each other would probably consume more bandwidth in network overhead than useful work. Even instructing 1 million independent machines to do the same thing would take a considerable amount of time/bandwidth (eg. send a spam email to each one plus a list of targets so they can begin spamming... that's a million emails you've got to send - might as well send the spam yourself).

Except that a good botnet doesn't have to have machines talking to each other. Each comprom

Re:

[ultranova]

Why would you instruct them all yourself ? Send the instruction into 10 machines (or even a single one). They each send it to ten other machines, they each to 10 and so on. While some machines will of course receive the same instruction twice, it still won't take long to cascade the instruction through the network.

Re:

[Bob Loblaw]

Hmm... as many as, as much as, or maybe they're inflating the figures to show what macho investigators they are.

It just sounds a lot "better" than "no more than" which is logically equivalent but not spinly equivalent.

Obligatory:

[powerlord]

Blame Canada! ... eh?

From TFA:

[Jurily]

[...] and face charges related to the unauthorized use of computers.

Surely they must mean unauthorized use of other people's computers?

Re:From TFA:

[Anonymous Coward]

I'd assume you're always authorized to use your own computer.

Then again, in today's climate, maybe not...

Re:From TFA:

[morgan_greywolf]

I'd assume you're always authorized to use your own computer.

Nope. There are times when I'm not authorized to use my own computer. Just ask my wife! ;)

Re:

[RobinH]

It seems to stop being my computer whenever another Sims 2 expansion pack comes out... funny how that works!

Re:

[somersault]

XP won't let me kill certain tasks even while I'm an admin (actually I should try killing stuff after using that hack to get system privileges). I hate how the damn system idle task is always sucking up my CPU usage. No wonder I can't run HL2 at 1900x1200 at a decent framerate :(

Hardly the first time Canada has caused problems

[elrous0]

Let us not forget Bryan Adams.

Re:Hardly the first time Canada has caused problem

[garett_spencley]

South Park was playing nice ...

If you REALLY want to hit Canada where it hurts you need to bring up Celine Dion.

Of course they will DENY, DENY, DENY ... but you will have taken a piece of them forever by reminding them of their biggest skeleton they just can't seem to hide no matter how hard they try.

Urgh, I feel dirty for just bringing it up ...

Re:Hardly the first time Canada has caused problem

[i_ate_god]

As with a lot of our other trash, we simply shipped Celine Dion to America. Now she's your problem, enjoy.

Re:

[elrous0]

I don't blame Canadians for Celine Dion. That's Satan's doing.

Re:Hardly the first time Canada has caused problem

[Selfbain]

Now now, the Canadian government has apologized for Bryan Adams on several occasions.

Re:

[elrous0]

Well, at least Alanis was hot--except for her live performances (where she always looked like she was having some sort of epileptic seizure).

Re:

[Farmer Tim]

Well, at least Alanis was hot

Perhaps I'm showing my age, but I find that somewhat disturbing [ycdtotv.com].

Re:

[Mister Whirly]

So what you are saying is the airbrushed/photoshopped pics of Alanis looked good, but in reality she did not look nearly as good. Sounds about right.
(For the record I have always thought she was nothing special to look at, and neither was her music.)

Re:

[p0tat03]

Don't apologize for Celine, she serves a useful purpose! It concentrates all the people with bad musical taste in the middle of the desert, for easy disposal if we feel like :) And think of Vegas as a quarantine... desert all around... seal off the roads and the rest of the world remains safe from her voice...

Re:

[elrous0]

I always figured that Atlantic City served a similar purpose: Guido bait.

Profitable

[theshowmecanuck]

In Canada they will probably server a couple years in prison if that, be forced to eat a Big Mac, and then set free. The judges and the justice system in Canada suck big time.

1) Go to prison for some short time.
2)Then dived 45 million dollars Canadian (now worth more than the US green back... but what isn't these days) by 16.
3) Profit

This time we can fill in the blank(s).

Re:Profitable

[calebt3]

they will probably server a couple years

Someone needs more coffee.

Sounds like advertising.

[TwoToeWilly]

This is one way for the anti-virus companies to stay in business.

Eh?

[lbmouse]

I moved here from Canada and they think I'm slow, but I'm really an über-hacker, Eh?

That summary needs fixing.

[Shados]

The hackers collaborated online to attack and take control of as many as one million computers around the world that were not up to date with patches and didn't have users with common sense.

There, thats better.

Re:

[zakeria]

slight correction: The hackers collaborated online to attack and take control of as many as one million MS Windows computers around the world that were not up to date with patches and didn't have users with common sense.

Re:

[Shados]

Indeed :) Though an heaily unpatched Linux machine is probably just as easy to take control of. Just less of em out there, haha. (I spent my spare time in college years rooting random Linux servers and changing the text that says "Welcome to blah blah Linux Redhat blah blah" to "Welcome to blah blah Windows ME blah blah....". That was fairly amusing, and harmless to boot.

Re:

[VorpalEdge]

Common sense? Really? Most people, when they buy their first computer, expect it to "just work." They expect everything to be fine as it is, and for the patches (if they've ever heard of them) to be nice, but unnecessary.

After all, what they were sold is good enough, right? They didn't exactly buy the "turn your computer into a botnet zombie" feature (bad jokes featuring MS aside). They still expect companies to have integrity, and to make products that actually work, and that don't explode when you tu

Re:

[Shados]

We're in 2008. Even non-software products now get recalled, blow up, fall apart, are defective by design, are made in china (lol), all over the place. Go to Bestbuy and buy a headset at random (close your eyes and pick one), go up, and try it. 9 to 1 that thing will break within 2 weeks, sound will be crap, and it will be barely usuable.

All but the fanciest grocery stores will have expired stuff on the shelves if you look well enough. You have to be selective in what food you pick, make sure to read the exp

Haha

[ViralInfection]

From the ages of 17-26.

Wouldn't you say the RCMP is just hunting down script kiddies?

Re:Haha

[necro2607]

You're joking, right? Younger people not only have more free time to pursue the motivation to hack & crack, but also tend to have more drive to do so, and less ethical reservations about doing so. You know how a lot of techie guys say "yeah, I used to be into that, but i grew out of it", well, that's generally the case with the vast majority of "hacker types" with malicious intent, except that a fair number of them actually pursue those motivations to a much further extent than others.

I used to hang out in chat rooms with guys who were developing their own exploits in C on netBSD machines they set up on their own, etc. etc.. (mid to late 90s).. They were all in their late teens, average of around 17 or 18 years old, no joke. There were a couple guys in college who were 20 or 21 or so, but really, the teens and early 20s is pretty much the prime time to delve into 'questionable' types of endeavours in the high-tech realm.

Oh, by the way, for a little personal anecdote, I cracked/hacked/obtained/whatever the admin password for our Mac lab in my elementary school when I was 9 years old, in grade 3 or 4 (and got banned from the lab for a while of course). Then again, I used utils I found on the net (a keylogger IIRC), but I still think that required a lot more knowledge and investigation than most 9 year olds are willing to pursue. Actually, I created a custom HyperCard stack that let me execute any program I had on a floppy disk - it just had to match the same type/creator code as any of the programs that were available in At Ease. That's pure hack-mindedness at work, and no outside help was consulted. ;)

Re:

[necro2607]

Oh and BTW, I am in western Canada. ;)

Crackers, not hackers (EOM)

[objekt]

EOM because I don't like NT.

Re:

[Anonymous Psychopath]

Crackers, not hackers

While technically you're correct, you're also like those Japanese soldiers living in caves in the 1970's, still fighting a war that's been over for a long time. The definition of "hackers" has changed.

Re:

[onkelonkel]

Trekkies not Trekkers!

Or was that the other way around? I forget now.

The Unwritten Story...

[Panaqqa]

These arrests were in Quebec. What they are not telling us is that the arrests were REALLY for not hacking into the boxes using both official languages.

Re:

[KJE]

It's more likely that the Office quebecois de la langue francaise [gouv.qc.ca] (OLF), aka the Language Police, would be more upset with the fact that they used English at all.

Quebec is NOT a bilingual province, the only official language is French. New Brunswick [wikipedia.org] is the only constitutionally bilingual province.

Check out the very recent bruhaha caused by an Irish Pub in Montreal having Guinness posters on the wall that didn't have French on them [canada.com]. I'm a anglophone born and raised in Montreal, who has since moved down

Re:

[bidule]

I'm a anglophone born and raised in Montreal, who has since moved down the river to Ottawa, and man, I don't miss that shit.

I can understand. If I took shit and it made me move down the river to Ottawa, I wouldn't do it again. I'd be too scared to end up in Timmins.

Re:

[KJE]

Well, it really is a pity for you, but did you realize that Ontario was also officially bilingual?
Quebec's Bill 22 of '74 and of course Bill 101 of '77 state Quebec's official language as French, and the Canadian Charter of Rights and Freedoms states that New Brunswick is bilingual. Ontario has the French Language Services Act, stating provincial services are to be available in the parts of Ontario where there is a large French-speaking population, as well as legislation declaring French an official langu

Re:

[halcyon1234]

You mean emacs AND vi?

Outdated security setups?

[antdude]

"... many as one million computers around the world that were not equipped with anti-virus software or firewalls."

How about outdated software/updates (e.g., virus definitions)? What are the statistics for those?

Canadian Prisons

[Detritus]

Does Canada have any strict regime prisons? It certainly has the geography for it. Why not ship the script kiddies off to a work camp in the middle of nowhere for a few years.

Re:

[Pig Hogger]

Does Canada have any strict regime prisons? It certainly has the geography for it. Why not ship the script kiddies off to a work camp in the middle of nowhere for a few years.

Why bother? The **WHOLE** country is already in the middle of nowhere...

Re:

[Rary]

There's a couple prisons just outside of Winnipeg. That's pretty much the middle of nowhere. As cold as Siberia and nowhere to run to except Regina.

More Canadian Ripping...

[Notquitecajun]

Don't wanna be a Canadian Idiot...don't wanna be a beer-swilling hockey nut...

Props to Weird Al!

Prison...really?

[ALimoges]

It's funny because now it's all over the news here in Québec, and pseudo-experts are trying to explain *how* to secure one's computer. Don't you guys understand that Windows *is* insecure!

The people who got hacked are facing a maximum of 10 years in prison but with Québec's system, they really do 1/6 of this time so it's not that bad..

The "$45 million" profit claim is highly unlikely

[Master of Transhuman]

This sounds like the usual inflation of profit that law enforcement agencies love to do.

Most of the large-scale botnet scams I've heard of don't yield anywhere near that kind of money. The botnet operators maybe pull down $3-10,000 a month renting out the botnets. Even large-scale identify theft rings are reaching for anything like $45 million.

Unless these guys were targeting rich people, I don't see it. And since most of the alleged compromised computers were in South America, I doubt they hit a lot of rich people.

Why not?

[hadaso]

> ... since most of the alleged compromised computers were in South America,
> I doubt they hit a lot of rich people.

How is the location of the hijacked PC hosting the fake website relevant?
The people that respond to phishing attempts don't have to reside in the same country where the hijacked PC that hosts the fake site does. The aim of the phishers is that the fake site, the attacker and the victim would be in different jurisdictions.

Anyway, I've seen an Israeli financial services advertise services

Re:

[Master of Transhuman]

Yes, all of that is very standard in botnets.

My point was that every botnet operation I've heard of wasn't making $45 million in revenue. As much as several million perhaps, for the largest botnet operations I've read about. But no where near $45 million.

It's much more likely that the police were overestimating - particularly because of all the reasons you cite why it would be hard to prove who did what.

If the cops find $45 million worth of bank assets or records indicating that much revenue went through th

Re:

[techpawn]

that were not equipped with anti-virus software or firewalls.

Hardware or software firewalls? After XP SP1 the windows "firewall" would count for most users.
Still recommend to install more than the paper tiger at the gate if you get that chance, but, anything is better than nothing for most users yes? If they mean hardware firewalls, I know very few home users that have one...

Re:

[JasterBobaMereel]

Thanks to wireless Broadband in the UK a lot of people have a hardware firewall (mostly running Linux) in their homes without them even knowing it ....

Re:

[Z34107]

So... take away her admin account?

It's kinda unfair to expect you to keep fixing her computer when she keeps uninstalling the firewall.

Re:So which is it?

[Anonymous Coward]

It's 16 Canadian people, or 14 Americans... it's just the exchange rate.

Re:

[Poltras]

Or maybe not. Depending on WHEN you ask :)

Re:So which is it?

[Iphtashu Fitz]

Both.

16 people were arrested.

14 of those 16 were arrested on Wednesday.

Re:

[Iphtashu Fitz]

If you read it carefully it says that they raided a number of homes on Wednesday and "arrested 16 people in their investigation". It doesn't specifically state that all 16 were arrested on Wednesday, although that's what it implies. It only says "The 14 suspects arrested Wednesday are between the ages of 17 and 26".

I read this as the investigation led to raids on Wednesday that led to 14 arrests. Two others were likely arrested before those raids but still as a result of the same investigation.

Re:

[Mister Whirly]

"It only says "The 14 suspects arrested Wednesday are between the ages of 17 and 26".

Is it really that much of a mental leap to conclude the other 2 suspects were not between the ages of 17 and 26?

Re:

[Iphtashu Fitz]

Is it really that much of a mental leap to conclude the other 2 suspects were not between the ages of 17 and 26?

But then the article would have phrased it as something like "14 of the suspects arrested Wednesday are between the ages of 17 and 26". Since it started off as "The 14 suspects arrested..." means that 14 suspects were arrested and the modifier "are between the ages..." applies to all of those arrested.

Re:

[Mister Whirly]

Then why wasn't it phrased "All of the 14 suspects arrested" if they didn't want to make it confusing?

Re:

[Iphtashu Fitz]

Then why wasn't it phrased "All of the 14 suspects arrested" if they didn't want to make it confusing?

The actual sentence from the article is this:

"The 14 suspects arrested Wednesday are between the ages of 17 and 26, and face charges related to the unauthorized use of computers."

What's confusing about that? 14 suspects were arrested on Wednesday. They were all between the ages of 17 and 26. They all face charges related to unauthorized use of computers. Simply adding "All of" to the beginning of that s

Re:

[Mister Whirly]

It is confusing because in TFA it was stated "Police raided several homes across Quebec on Wednesday and arrested 16 people in their investigation", and then a few paragraphs down, in the same article, it states "The 14 suspects arrested Wednesday are between the ages of 17 and 26". Just in case you were not aware - 16 != 14, and this to some, is confusing. They never explained this discrepancy in the article anywhere.

Re:

[theheadlessrabbit]

I always wonder why English Canadians are so stupid and racist like you !

there. fixed it for you.

Good job demonstrating that it's the English who are the stupid ones.

Re:

[elrous0]

Well, I certainly didn't mean to insult the French Canadian race.

Re:

[denisbergeron]

Why some one put a racist comment here and get moded up and someone who put a comment about this racist comment get moded for TROLL !!!!

H33Z 4 S00P3R H4X0R!

[Chas]

Because it makes them look like they actually did something important.

Re:

[ahodgson]

Murderers barely serve jail time up here. Don't hold your breath.

Not enough coffee again.

[ColdWetDog]

Murderers barely serve jail time up here. Don't hold your breath.

I read it as Moderators ...

For one brief second, I thought there was real justice Up There.

Time to crank the espresso machine up again.

Re:

[brkello]

Then maybe you should try replying to that thread instead of making your own? Most of the insults are jokes derived from movies and are not meant to be serious. You may take offense to them, but they are funny to most people. Your post was fairly pointless and lacked any context. You have to understand that even if you are right, there are some things that just aren't going to go over well. But despite the fact that this site is dedicated to worshiping Macs, Nintendo, and Libertarians, if you actually p