Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×

UK Hacker loses Extradition Case 370

Posted by ScuttleMonkey from the stylish-orange-jumpsuit dept.
SnakeOil Steve writes to tell us that Gary McKinnon, the alleged hacker who broke into Army, Air Force, Navy, and NASA systems, has just lost his extradition case. From the article: "'My intention was never to disrupt security. The fact that I logged on and there were no passwords means that there was no security,' McKinnon said, outside the hearing at London's Bow Street Magistrates Court. 'I was looking for UFOs.'"
This discussion has been archived. No new comments can be posted.

UK Hacker loses Extradition Case More

UK Hacker loses Extradition Case

Comments Filter:

  • Nice Try (Score:3, Insightful)

    by MBCook ( 132727 ) <foobarsoft@foobarsoft.com> on Wednesday May 10, 2006 @01:51PM (#15302494) Homepage
    I was just looking in that guy's house for a nice new TV. It wasn't breaking in because he left the door open.

    You want to guess how well that flies? I agree it is stupid that there were no passwords on the system, but just like a yard without a fence, the fact the fence is there does not imply permission to run around there and dig up the flowers.

    And it's the military. You really think you can poke around in the military's systems without them coming after you?

    • Re:Nice Try (Score:5, Insightful)

      by FireFury03 ( 653718 ) <slashdot@NoSPAm.nexusuk.org> on Wednesday May 10, 2006 @02:03PM (#15302587) Homepage
      I agree it is stupid that there were no passwords on the system, but just like a yard without a fence, the fact the fence is there does not imply permission to run around there and dig up the flowers.

      What constitutes "permission" to access unpassworded network services? Do you need written permission? If so I guess everyone who accesses public web servers is guilty of cracking them since they didn't get written permission from the server owners.

      It may sound silly, but there really isn't a lot of difference between a public unpassworded service and a private service that's been left unpassworded on a public network. It's certainly impossible to tell if it's legitimately public before connecting to it and there's no guarantee you can tell that it's not supposed to be public once you have connected.

      Lets say you connect to a web server - how are you to know if that's a public web site or a private company's intranet site that they didn't bother to password protect?

    • Re:Nice Try (Score:3, Informative)

      by drinkypoo ( 153816 )

      I was just looking in that guy's house for a nice new TV. It wasn't breaking in because he left the door open. You want to guess how well that flies?

      Actually, in the US, it flies pretty well. You're still trespassing, but if you break into a locked house, then you're breaking and entering. Physical property law reflects the very real difference, why doesn't it apply here?

      Also, "looking for a TV" is a prelude to theft. Looking for UFO evidence on someone's computer is a prelude to copyright infrin

    • Comment removed (Score:5, Insightful)

      by account_deleted ( 4530225 ) on Wednesday May 10, 2006 @02:15PM (#15302688)
      Comment removed based on user account deletion
      • I suppose you obtained permission from every contributor (read: copyright holder) on slashdot.org before you broke into port 80 and pirated all of this text and graphics to your computer, correct?

        Give me a break. This guy spent at least a year (2/01 to 3/02) hacking into U.S. Government computer systems, he's 40 years old, and he's more than competent with computers. He knew exactly what he's doing, and he knows what he's doing when he obfuscates the issue by saying that he logged into systems that did

    • Re:Nice Try (Score:3, Insightful)

      by robertjw ( 728654 )
      just like a yard without a fence, the fact the fence is there does not imply permission to run around there and dig up the flowers.

      True, but I would assume that any government building with an unlocked doors during 'normal business hours' would be fair game to walk go in to. This was a publicly accessible server out in an area (the Internet) where the assumption is that everything not locked down is accessible.
    • But he wasn't using that defense to say he's completly innocent, just that 70 years in a US jail is a unfairly harsh. Also, to disprove the US government's accusations that he caused almost 3/4 of a million dollars worth of damage by accessing computers using blank passwords.

    • but just like a yard without a fence, the fact the fence is there does not imply permission to run around there and dig up the flowers.

      Let's take that analogy one step further.

      Just because you're at the door trying the lock doesn't mean you should be prosecuted right?

      Technically, even trying the lock should be an offence no? You're still tresspassing if you're trying to brute force passwords too if that's the case (IMO that's not a BAD thing).

    • Re:Nice Try (Score:5, Insightful)

      by dwandy ( 907337 ) on Wednesday May 10, 2006 @02:26PM (#15302770) Homepage Journal
      I agree it is stupid that there were no passwords on the system, but just like a yard without a fence, the fact the fence is there does not imply permission to run around there and dig up the flowers.
      It's not quite so simple.
      The reason you know that a yard without a fence is still private property is because there is social history - first around property, and more recently around 'suburb property'. So now we have an acceptance of what is private and what is not, even if it's not marked.
      But, if you are in the middle of nowhere, and crossed no fence and passed no sign, you could be under the impression that you're still on public property. While you may still be trespassing, no judge is going to find you guilty. The rightful owner can certainly ask you to leave, but charges are never going to stick.
      So, by the same token, any computer system that has no password could easily be assumed to be open to the public.

      I'm strongly against computer owners who take no steps to mark the territory as private who then sue and/or lay charges. Anything I can access using a typical browser or ssh/telnet/ftp/whatever client is public property. As soon as it prompts me for a password, or even displays a notification that this is private, then anything beyond that is unauthorised access.

      Note that shopping centers are private property, and yet we assume we can enter and move about freely. Sure, they can ask us to leave, but we work under the assumption that since the door is open, we are free to enter.
      Once inside, there are often doors that are either locked or marked for no entry, and again, we assume that these areas are off-limits, but the rest of the area is 'public' (of course, not in the legal sense)
      So, if from my computer I can access a remote computer belonging to the US Army, am I breaking the law?
      Those who immediately say 'yes' forget that the US Army [army.mil] has a very public HTTP server which anyone can access freely.

      So now the questions are (much more correctly) how does one tell whether one is on 'private property' out in the wilderness? Because that is what the internet is - a giant otherwise unmarked wilderness. Sure, parts of it look like the burbs with the on-line shopping and home-pages, but there's a whole host of other computers out there performing tasks, responding to credit, time, stocks quote, system update and various other queries. Which of those is public? Which is private?
      It's only by putting up signs and locks that people can know which computers are public and which are not ... in my opinion the onus starts with the computers owner. If you attach a computer to the public network (aka the internet) and you fail to take a minimum of steps to state that this computer is private, than you should have no recourse if someone accesses it without your expressed permission.

    • Re:Nice Try (Score:3, Insightful)

      by BoredWolf ( 965951 )
      Actually, there is no presumption of privacy without protecting yourself. Lets say that you don't have a fence around your yard; whatever happens to persons in that yard is therefore your responsibility, because there is no restriction to trespassing. If the person destroys your property, they are liable. Conversely, if they slip on your front doorstep and break their neck, you are liable because they are technically not trespassing. No harm, no foul on either party. Why should computer systems be any

  • Title is not quite true (Score:4, Informative)

    by mustafap ( 452510 ) on Wednesday May 10, 2006 @01:52PM (#15302504) Homepage

    The judgement opens up the option for his extradition.

    The decision is now with our Home Secretary.

    • Re:Title is not quite true (Score:5, Insightful)

      by purple_cobra ( 848685 ) on Wednesday May 10, 2006 @02:13PM (#15302668)
      Sadly, Reid will happily extradite him. Bush will *tell* Blair, and Reid would never think of opposing The Anointed One.
      Much as I think McKinnon is an idiot he should be tried and, if found guilty, punished in the UK: he stands some tiny chance of a fair trial here, along with a proportionate sentence. All that crap about causing so much damage to a network that it "took more than a month to repair" (quote taken from the BBC News story) has the strong smell of bullshit. I suspect this is more concerned with the US military being shown, once again, to be incompetent and entirely incapable of securing anything than with the alleged damage this plonker caused.
      Shame he didn't want anything from our own MoD: if he'd hung around long enough I'm sure he could have picked-up one of the many laptops they've left lying around over the years.

      • Re:Title is not quite true (Score:4, Funny)

        by mpcooke3 ( 306161 ) * on Wednesday May 10, 2006 @05:35PM (#15304319) Homepage
        "took more than a month to repair" (quote taken from the BBC News story) has the strong smell of bullshit

        They probably included the time it took to set up that security system called "passwords". so as to make sure no other leet hackers could break in.

  • Disclaimer (Score:2, Interesting)

    by sonixtwo ( 878390 )
    I'm sure as soon as he attempted the connection or got logged on that there was a welcome message that said "unauthorized activity prohibited" or something to that effect. How he didn't see this coming I will probably never understand.

    • Re:Disclaimer (Score:3, Interesting)

      by liliafan ( 454080 ) *
      Actually I work for the DoD and we just got a new regulation on displaying banners on connection, it is entirely possible there was no banner at the time of the 'break in'.

  • Ouch (Score:2, Insightful)

    by Umbral Blot ( 737704 )
    From the article "McKinnon faces a maximum sentence of five years in federal prison and a $250,000 fine." That has gotta hurt. The article also claims that his activities shut down the systems for a week. If that is true he might deserve this punishment, but I find it somewhat hard to believe that the military's computers were actually down for that long. Couldn't they just have done a clean boot?

    • Re:Ouch (Score:5, Informative)

      by AuMatar ( 183847 ) on Wednesday May 10, 2006 @02:19PM (#15302724)
      The system was comprimised. You don't just reboot them- you need to reimage the system to make sure nothing was left behind by the intruder. For a military system, they probably did a forensic search to see what he had access to and what information may have been comprimised. That takes time.
      • yes but he didn't compromise them, he found them in that condition. I'm not saying he's not guilty of trespassing but a lighter sentence would do just fine. Now he's pretty much dead.
      • If they were that wide open, I'd say that these procedures were necessary anyway, and probably long overdue...

  • He will learn to eat his words there (Score:2, Funny)

    by Anonymous Coward
    "My intention was never to disrupt security. The fact that I logged on and there were no passwords means that there was no security" "My intention was never to pound him in the ass. The fact that he shared my cell and he was not resisting my attacks means that he wanted to get pounded in the ass" said Gary McKinnon's cell/life mate, Tiny

  • I really hope... (Score:4, Insightful)

    by joe 155 ( 937621 ) on Wednesday May 10, 2006 @02:01PM (#15302568) Journal
    that the Home Secretary does not let this one go forward... as someone mentioned previously in a discussion a few days ago; we all break laws in countries which we're not in, that's ok, we shouldn't be able to be prosectued for it (I know he also broke UK law - but he should only be prosecuted under that). How would Bush feel if someone tried to prosectue an American for saying that Iran's leadership was being foolish and that they are wrong - that's illegal in Iran - where's the extradition to Iran - you can't have it both ways
    • The difference is we have extradition treaties with the UK. If somebody in America hacked into MOD systems they would probably be extradited as well.
    • Not exacly. This guy crossed international boundaries when he hacked into U.S. Government property, thus he is subject to U.S. law. If he were to poke around on systems in the U.K. that contained the exact same information then perhaps your reasoning would be more appropriate.
    • Where were the servers he broke into? In the US. Therefore, he broke US law in the US. When a person breaks a law of another country, in that country, and then goes back to his country, that's what extradition treaties are for. Now, I don't think we have an extradition treaty with Iran, but if we did and someone went to Iran, insulted the government, and returned to the US, we would have to hand that person over to the Iranian government if they asked. I'm not saying any of this is necessarily right or wron

    • Re:I really hope... (Score:5, Informative)

      by Mike Buddha ( 10734 ) on Wednesday May 10, 2006 @02:14PM (#15302677)
      How would Bush feel if someone tried to prosectue an American for saying that Iran's leadership was being foolish and that they are wrong - that's illegal in Iran - where's the extradition to Iran - you can't have it both ways

      Your understanding of International Law is woefully inadequate/misinformed. The US has extradition treaties with countries they determine are lawful, like the UK. The US does not consider Iran a country that would respect American Law, and therefore have not agreed to an extradition treaty with them. Yes, in fact you can have it both ways.

      If you'd checked, you'd know that in fact Iran has in the past issued warrants calling for the arrest of foreign citizens. Those warrants carry no weight outside of Iran and the countries (if any) that have extradition treaties with it.

      • Re:I really hope... (Score:5, Informative)

        by pla ( 258480 ) on Wednesday May 10, 2006 @02:51PM (#15303007) Journal
        Your understanding of International Law is woefully inadequate/misinformed.

        And yours appears woefully naive. International law means "The US gets what it wants, everyone else can go pound sand".

        Not saying I consider it right, just callin' it as I see it.



        The US has extradition treaties with countries they determine are lawful, like the UK.

        Or, say, Italy? Oh, but we just can't let them have 22 CIA operatives charged with kidnapping and torture on Italian soil.

        Or Venezuela, seeking the extradition of a KNOWN terrorist the US has decided to harbor, because he only terrorized Cuba? How well would that fly if the UK responded to the US request "Oh, well, we'd love to, and normally we disapprove of cracking military computers, but well, he only attacked the US, not anyone that matters"?

        Or Spain, currently seeking the extradition of three US soldiers for the murder of a Spanish reporter?

        Or India, who currently wants Warren Andersen (former CEO of Union Carbide) for that little Bhopal mess?

        I could go on.


        So... Yeah. International law... Whatever helps you sleep.

        • Re:I really hope... (Score:5, Insightful)

          by Jim_Callahan ( 831353 ) on Wednesday May 10, 2006 @03:16PM (#15303211)
          As someone else in the thread has noted, a lot of the US extradition treaties are one-way (i.e. extradition in the other guy-> US direction was traded for something other than the reciprocal right). This means that the US can demand extradition of a lot of foreign citizens while those people's countries can't do the same to us. This isn't our fault necessarily, it's what both parties agreed to whenever the treaty was signed.

          Also, extradition generally has to be approved by the country doing the booting, so it's hardly a level of bullying beyone the normal bullying associated with any form of politics. There are doubtless times when countries denied the US the right to prosecute their citizens: in this case, they didn't, because they agree that the man is a criminal and know that nothing worse would happen to him under U.S. law than under their own law.

          • Re:I really hope... (Score:3, Insightful)

            by hyfe ( 641811 )
            This means that the US can demand extradition of a lot of foreign citizens while those people's countries can't do the same to us. This isn't our fault necessarily, it's what both parties agreed to whenever the treaty was signed.

            Come again? Whose fault is it then?

            I know the one-way extradition treaty you have with Norway is bugging the hell out of us, BUT IF WE GO AGAINST YOUR BLOODY ADMINISTRATION IN ***ANYTHING*** WE'LL LOOSE ***ALL*** SUPPORT FROM YOU RIGHT AWAY SO WE'RE PRETTY MUCH STUCK WITH WHATE

    • Re:I really hope... (Score:3, Insightful)

      by Billosaur ( 927319 ) *
      as someone mentioned previously in a discussion a few days ago; we all break laws in countries which we're not in, that's ok, we shouldn't be able to be prosectued for it (I know he also broke UK law - but he should only be prosecuted under that).

      I really hope that's not some kind of excuse for his behavior. Just because he was in the UK and broke a US law doesn't give him the opportunity to walk off into the sunset. He needs to face the music; he willfully violated US law. Reverse the situation -- if he

      • These guys [thepiratebay.org] break US law all the time, but there's nothing the US government can or should do about it, espicially because as far as their own government is concerned, they are acting entirely within the law. A fact which is lost on may companies judging by all the legal threats [thepiratebay.org] against them. None of which have come to anything.

      • Reverse the situation -- if he were in the US and broke into a UK computer, you'd think that was ok?

        Actually, yes.

        As I pointed out in a post from the previous thread [slashdot.org], the US does not have a reciprocal extradition treaty with the UK.

        It's funny that the Judge said: there was no "real, as opposed to fanciful, risk" of McKinnon being prosecuted under anti-terror laws, when Britian only agreed to the treaty three years ago to avoid delays in bringing terrorism suspects to trial in the U.S.

    • we all break laws in countries which we're not in, that's ok, we shouldn't be able to be prosectued for it

      Well it's definately a difficult question when it affects another country - if you launch an warhead at another country, it may not be illegal to do so in your own country but the place you launched it at is sure as hell not going to be happy. I'm not really expressing an opinion either way but I can certainly see both sides of the arguement.

      Note: I'm specifically talking about actions which affect a w
    • all break laws in countries which we're not in, that's ok,

      Thing is, this guy wasn't hacking a UK server, he was hacking a US server, on US soil.

      If he was stealing in the UK, he shouldn't be charged with theft in the US, but as it stands the crime was really committed on US soil.

      I'd be more sympathetic to your argument if the server was on non-US soil. Then it'd be arguable that he didn't commit any crimes against the US, and shouldn't be tried in the US.
  • What does this mean for people in *this* country that do such things? Let's assume they're treated the same with a adjudication system...what kind of trial could they expect from a jury 'of their peers'? I think this precident would serve as a big deterent showing the long arm of US justice.

  • This is ridiculus! (Score:2, Insightful)

    by Anonymous Coward
    No country in the world should extract their citizens to U.S.A. because U.S. goverment says so. If goverments are "forced" to extract their citizens to U.S., then U.S. should extract their citizens to abroad, if citizens are accused of violating the law of other country.

    • Re:This is ridiculus! (Score:2, Informative)

      by IflyRC ( 956454 )
      So, the guy who is accused of killing his wife/daughter in the USA then fleeing to England should not have been extradicted? By your sense of logic, Britain should have not allowed it and the US should not have had the ability to ask for it.
    • Crazy mods. How is this mess insightful?

      No country in the world should extract their citizens to U.S.A.

      You misspelled "extradite."

      If goverments are "forced" to extract their citizens to U.S., then U.S. should extract their citizens to abroad, if citizens are accused of violating the law of other country.

      Yeah. That's how extradition treaties work. The fact that the US and UK have one is the reason we're having this "insightful" conversation.

    • This is ridiculus!

      Not as ridiculous as spelling ridiculous that way, though.

      No country in the world should extract their citizens to U.S.A. because U.S. goverment says so.

      Are you that uneducated, or are you just hoping that someone else will ratchet up their Amerika Is Teh Evil rating another notch based on your rant? There is no force involved in an extradition. That's the whole point of a treaty. The treaty governs the circumstances under which criminals in both countries may be extradited to the

  • Spock: Insufficient facts always invite danger (Score:4, Funny)

    by digitaldc ( 879047 ) * on Wednesday May 10, 2006 @02:04PM (#15302597)
    "I was looking for UFOs."

    Judging by the look on his face [nwsource.com]could he be one of them? [google.com]
    Of course he lost the Extradition case, we can't even transport to Mars let alone Alpha Centauri.
    This whole mess could have been avoided if he had only tuned in regularly to the History Channel. [historychannel.com]

  • A couple of points (Score:5, Insightful)

    by Anonymous Coward on Wednesday May 10, 2006 @02:07PM (#15302617)
    Given the US track record on treatment of detainees, torture, imprisonment without trial and so on I am very suprised and disappointed that any government would willingly allow their citizens to be taken into custody in the US. Here in the UK we have an issue with "illegal imigrants" who remain in this country because on arrival they plead persecution and their lawyers find it easy to block their deportation back to a repressive regime. By the same standards the USA is clearly a repressive regime.

    Also, I've heard this story from all sorts of sides and opinions ranging from "He's a harmless wannabe cracker who just walked into unsecured .mil sites looking for UFO information and is now being persecuted by overzealous 'security' gimps keen to make an example of someone (presumably because they never catch any real intruders who are far too smart)" all the way to "He's a publicity seeking prick who set this whole thing up to get busted as some kind of bid for fame"
    Whatever the outcome I'd like to see the same standards applied to SONY as to this kid. If he goes down then I want to see SONY programmers arrested and deported to the UK to face multiple criminal charges because installing rootkits is an offence under the Computer Misuse Act in this country.

    With all these double standards I can't see people retaining any repect for justice or the law. Once governments undermine the law with such blatent corruption of principles it's a one way ticket down to social disintegration.
     

  • Field analogy (Score:2, Insightful)

    by 9mm Censor ( 705379 ) *
    if there is a field in the middle of no where, with no locked gate, or no signs saying "dont go here" is it wrong to walk there?
    • Yes, and that field is called the United States.
    • if there is a field in the middle of no where, with no locked gate, or no signs saying "dont go here" is it wrong to walk there?

      It's only an analogy if the comparison resonates in some way, or sheds light on a situation because of an obvious parallel. In what way is a middle-of-nowhere, unmarked, empty field in any way like the inside of a government computer network housing data? To better frame an analogy for you:

      "If a person walking down the street sees a building labled Government Science Info War

  • Hacker loses Extradition Case? (Score:3, Funny)

    by fak3r ( 917687 ) on Wednesday May 10, 2006 @02:09PM (#15302637) Homepage
    Wow, that's gotta suck, hope he finds it soon! Anyone know what he had in that case?
  • They will proceed with the highest punishment possible just to scare us all in advance.
    Wait and see.

  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Wednesday May 10, 2006 @02:10PM (#15302649)
    Comment removed based on user account deletion
    • And before anyone makes a brain dead "leaving my house open does not give you the right to come in and snoop around" analogy, let's be clear that by virtue of having something published on the internet, you are inviting people to take a look.

      Ahem. Having a gateway of some sort (normally locked, but stupidly not, in a case like this) through which you must gain access, and then poke around a file system his not the same as bumping into something "published" on the web. Surely you're not suggesting that t

  • McKinnon didn't hack anything (Score:5, Insightful)

    by t35t0r ( 751958 ) on Wednesday May 10, 2006 @02:14PM (#15302675)
    I've said this on digg and i'll say it here again, he didn't hack anything. In his interviews it was said that the systems were already compromised and were being used by people from eastern european countries. I commend him for seeking the truth but not for going about it idiotically. In any case he doesn't deserve anything more than a few months in jail (if that even, better in a halfway house if there are such things in the UK), probation, and community service.

    This has gotten way out of proportion. He didn't even do anything to damage US operations nor was this even his intent, he's not a terrorist and had no malicious intent. I would rather make sure those idiotic sysadmins never worked in IT for the rest of their lives since they left administrator passwords open! Freakin morons.

  • attractive nuisance doctrine? (Score:2, Interesting)

    by Anonymous Coward
    * There was no security.
    * I was looking for UFOs.

    Could this fall under the "attractive nuisance doctrine"?
    http://en.wikipedia.org/wiki/Attractive_nuisance_d octrine [wikipedia.org]

    (IANAL)
  • ...But considering our (The USA's) government is trying to allow torture for "illegal combatants", who's to say he won't be considered one and shipped off to a torture camp? Here in the USA, he'd probably be tried for some asinine terrorism chagre and sentenced to life in a torture camp or to death.

  • UFO Technology (Score:2, Interesting)

    by adius ( 613006 )
    Is UFO technology something to laugh about?

    Yes, the subject of UFOs seems funny, but when military whistleblowers claim there is some truth behind the technology...that is a different matter.

    www.disclosureproject.org

    If the witnesses on the Disclosure Project site (as referenced by the hacker) are really from the government, we all must reconsider our position. According to their claims, our government has free energy technology capable of powering the world without dirty fuels.

    Think about the implications a
  • 'I was looking for UFOs.'

    Well quite clearly he's going for the insanity plea.
  • It is a hazy issue when the crime commited is somewhat abstract. But this only means that prosecuters can paint any kind of picture they want. Which of course means he is screwed. However having seen his interview, he didn't talk like he had a clue. especially when descibing his methods; in fact it sounded like he was using VNC or something similar on a dial up connection (and by his own admission in 4bit colour depth). As for the whole alien thing, that sounds like a desperate attempt to publicise his pli

  • A country that extradites its own citizens ... (Score:4, Insightful)

    by Ihlosi ( 895663 ) on Wednesday May 10, 2006 @04:24PM (#15303767)
    ... should consider itself a vassal.

Slashdot Top Deals

"If it ain't broke, don't fix it." - Bert Lantz

Close