Long Prison Sentence for Man Who Hacked Jail Computer System To Bust Out Friend

A judge sentenced a Michigan man to 87 months -- 7 years 3 months -- in prison for hacking into a county jail's computer system and modifying prisoner records in an attempt to get an inmate released early. From a report: The man, Konrads Voits, 27, of Ypsilanti, will also serve three years of supervised release and will have to pay $235,488 in restitution to Washtenaw County, the cost of investigating and addressing the hack. Voits prison sentence stems from his actions in the spring of last year. According to his guilty plea, Voits admitted that between January and March 2017, he engaged in a social engineering campaign to hack into the Washtenaw County Jail's computer system. Initially, he engaged in a spear-phishing campaign. He sent emails to county jail employees, luring them on the "ewashtenavv.org" domain, a carbon copy of the county's official website of "ewashtenaw.org."

Re:Seven years? LOL

[tripleevenfall]

Meh. He may be a nerd but he's hardly a 'hacker'.

Can we stop calling phishers and social engineers 'hackers' already?

Re:

[MasterThis]

Do they not see the irony in this sentence?

Re:

[rahvin112]

Phreaking is the original hacking and it often involved a as much social engineering as it did technical knowledge.

Re:

[Joe_Dragon]

In oz beecher did not have That bad

Re:

[PPH]

nerds in prison?

How do you know he's a stereotypical nerd? Just because he knows his way around a computer? We've got a pretty good developer on staff that could pass for Vin Diesel.

He can hack himself out.

[Anonymous Coward]

Let's see how he does it.

second offense, probation

[ooloorie]

He had gotten into trouble before [mlive.com]. Looks like there is a probation violation involved as well. So, he didn't just get the long jail term for hacking, he got it for hacking while already on probation for stalking drug charges, and prior hacking charges.

Re:

[Zontar The Mindless]

There's also being an accessory to an escape from prison. Even if the escape attempt fails, that's still a crime, no?

He should be President

[Anonymous Coward]

Then he could just pardon all his criminal buddies. But no roasts! Thats just too much man!!

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Nidi62]

He sent emails to county jail employees, luring them on the "ewashtenavv.org" domain, a carbon copy of the county's official website of "ewashtenaw.org."

The difference between the domain names is that the latter ends in double-ewe dot org, the former in two vees dot org.

Is it possible for browsers to by default (with the default font) automatically insert just a little more room when 2 "v"s are typed consecutively? Not enough to be seen as a space between the characters but just enough to distinguish "vv" from "w". Do the same with "cl" or add the top and bottom lines to a capital "I" to distinguish it from a lower case "l". Seems like a small change to the default font would make a lot of these attacks go away.

Re:

[The-Ixian]

"What were you doing when this error came up?" "Nothing"

Users definitely are fond of their "nothing" statements:

- Nothing works = I got an error message in a single program and everything else is ok
- Nothing ever works = I get an error every day but I don't report it until I am having a bad day
- I did nothing to cause this = I did something to cause this
- I saw nothing that could indicate a problem = I saw several warnings like I do every day. I just click on whatever it takes to get it out of my sight... but today WITHOUT WARNING my system won't boot!
- I store

Re:

[apoc.famine]

This is well known in the typography field. The space between letters is known as keming, and various fonts do it better or worse. This doesn't really have anything to do with the browser - it's font-specific.

Re:

[Khashishi]

But you can do much worse with unicode urls. For example visit this (safe) page which appears as https://www.apple.com/ [apple.com] in the Firefox address bar:
https://www.xn--80ak6aa92e.com... [xn--80ak6aa92e.com]
If Slashdot could support unicode, then the link here could also look like https://www.apple.com/ [apple.com] . Of course, slashdot doesn't.

Re:

[Zontar The Mindless]

I think only Americans do that. I got switched to outside-the-quotes while living in Australia, and have never looked back.

Trailing Dot

[nuckfuts]

... it looks like the website has an extra '.' after the '.org'.

Actually, placing a trailing got at the end of a domain name is not "extra". It is the correct way to specify a fully-qualified name. The final dot refers to the root DNS zone. In practice, however, applications usually let one omit the final dot.

Re:

[Zontar The Mindless]

"will have to pay $235,488 in restitution to Washtenaw County, the cost of investigating and addressing the hack."
This is concerning that if convicted, a 'defendant' would then have to pay for the State's cost of investigating them (and possibly prosecuting them). As good as that may feel for some severe cases, that just seems wrong in principle!!!

Had it not been for Voit's actions, there'd have been no need for an investigation costing $200K+.

Since Washtenaw County has now fined someone to address the hack, there should never ever be another person improperly released from prison???

<sarcasm>No, because obviously there can be only one way, ever, to hack a system.</sarcasm>

Logic. You and it should consider making friends sometime.