Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Arizona Botnet Controller Draws 30-Month Federal Sentence

timothy posted about 2 years ago | from the such-a-sweet-boy dept.

Botnet 76

dgharmon writes with word from the BBC that "A U.S. hacker who sold access to thousands of hijacked home computers has been jailed for 30 months. Joshua Schichtel of Phoenix, Arizona, was sentenced for renting out more than 72,000 PCs that he had taken over using computer viruses." Time is cheap: Schichtel admitted to giving access to those 72,000 computers for $1500.

cancel ×

76 comments

DRAW A SENTENCE ?? (0)

Anonymous Coward | about 2 years ago | (#41282987)

How about that !!

Re:DRAW A SENTENCE ?? (0, Flamebait)

flyneye (84093) | about 2 years ago | (#41284411)

Yet it would only take $100 U.S. to get him killed in prison.

Re:DRAW A SENTENCE ?? (1)

philip.paradis (2580427) | about 2 years ago | (#41286621)

I'm not sure why the parent post is marked flamebait. It's both ontopic and insightful. For anyone who doesn't understand why, you might be surprised how certain things actually work. If anything, for those with a morbid sense of humor, it should be marked funny.

Re:DRAW A SENTENCE ?? (0)

Anonymous Coward | about 2 years ago | (#41289399)

Yet it would only take $100 U.S. to get him killed in prison.

Actually, it would take a bit more. Just don't ask me how I know. I could tell you, but then... well, you know.

Hmmm (3, Funny)

girlintraining (1395911) | about 2 years ago | (#41283015)

Should have incorporated his criminal enterprise into a bank. Then he wouldn't serve any time and the government would bail him out for business expenses. It's rather silly to commit individual crime when corporate crime pays more and there's usually no time served.

Re:Hmmm (5, Informative)

cold fjord (826450) | about 2 years ago | (#41283175)

It's rather silly to commit individual crime when corporate crime pays more and there's usually no time served.

White collar criminals do indeed go to jail.

Former Chairman and CEO of Kellogg, Brown & Root Inc. Sentenced to 30 Months in Prison for Foreign Bribery and Kickback Schemes [fbi.gov]

WASHINGTON—Albert “Jack” Stanley, a former chairman and chief executive officer of Kellogg, Brown & Root Inc. (KBR), was sentenced today to 30 months in prison for conspiring to violate the Foreign Corrupt Practices Act (FCPA) by participating in a decade-long scheme to bribe Nigerian government officials to obtain engineering, procurement and construction (EPC) contracts and for conspiring to commit mail and wire fraud as part of a separate kickback scheme, the Justice Department’s Criminal Division today announced.

Former TBW CEO Sentenced to 40 Months in Prison for Fraud Scheme [fbi.gov]

WASHINGTON—The former chief executive officer (CEO) of Taylor, Bean & Whitaker (TBW) was sentenced today to 40 months in prison for his role in a more than $2.9 billion fraud scheme that contributed to the failure of TBW. At one time, TBW was one of the largest privately held mortgage lending companies in the United States.

Two Former Canopy Financial Co-Founders Sentenced to 15 and 13 Years in Prison for $75 Million Investment Fraud and Raiding $18 Million from Custodial Heath Care Expense Accounts of 1,600 Customers [fbi.gov]

Allen Stanford Convicted in Houston for Orchestrating $7 Billion Investment Fraud Scheme [fbi.gov]

WASHINGTON—A Houston federal jury today convicted Robert Allen Stanford, the former board of directors chairman of Stanford International Bank (SIB), for orchestrating a 20-year investment fraud scheme in which he misappropriated $7 billion from SIB to finance his personal businesses.

On June 14, 2012, Robert Allen Stanford, the former Chairman of Stanford International Bank (SIB), was sentenced to 110 years in prison for orchestrating a 20 year investment fraud scheme in which he misappropriated $7 billion from SIB to finance his personal businesses and lifestyle. -- United States v. Robert Allen Stanford et al. [justice.gov]
 

Just a sample. Just search for "CEO" [fbi.gov] to see more. It's not hard to find other examples.

Re:Hmmm (5, Insightful)

Hatta (162192) | about 2 years ago | (#41283285)

And yet not one of the CEOs responsible for the epic fraud that crashed the world economy in 2008 has even been arrested, let alone charged and tried.

Re:Hmmm (3, Insightful)

wbr1 (2538558) | about 2 years ago | (#41283323)

Typical. In Virginia, the low end for Grand Larceny is $200. You can spent 20 years in prison for picking up someones netbook.
On the other hand, you can raise funds from investors, buy up companies, bilk the assets as the companies sit neglected and die, the investors, and the emplyes all lose, thousands and jobs and homes and more, while the 'perpetrators' bilk off millions. And we call it 'business' and make it legal.

Re:Hmmm (-1)

Anonymous Coward | about 2 years ago | (#41283363)

...and eventually run for President - on the Republican ticket, of course.

Re:Hmmm (5, Informative)

cold fjord (826450) | about 2 years ago | (#41283971)

And yet not one of the CEOs responsible for the epic fraud that crashed the world economy in 2008 has even been arrested, let alone charged and tried.

Some will go to jail.

Georgia banker gets 12-year sentence for fraud [housingwire.com]

Mark Conner, former president of the failed FirstCity Bank in Georgia, was sentenced to 12 years in prison and ordered to pay $19.5 million in restitution for his part in several schemes that sunk his and at least 10 other banks.

Conner served in several top positions at the bank between 2004 and 2009. While there, he lied to the bank's board and loan committee for approvals on multimillion-dollar commercial loans to borrowers who were only using the money to buy property Conner and his co-conspirators owned, according to court documents.

He even duped at least 10 other federally insured banks to invest in the fraudulent loans. This way, Conner scammed at least $7 million for himself while shifting the risk to these other firms that eventually failed.

As the financial crisis struck, Conner then tried to unload FirstCity nonperforming loans and foreclosed homes to straw buyers, who were taking out loans from Conner to buy the assets. He then tried unsuccessfully to get a $6 million bailout from the Troubled Asset Relief Program.

Some will be at least inconvenienced.

SEC charges ex-Fannie, Freddie CEOs with fraud [dailyrepublic.com]

WASHINGTON — Two former CEOs at mortgage giants Fannie Mae and Freddie Mac on Friday became the highest-profile individuals to be charged in connection with the 2008 financial crisis.

In a lawsuit filed in New York, the Securities and Exchange Commission brought civil fraud charges against six former executives at the two firms, including former Fannie CEO Daniel Mudd and former Freddie CEO Richard Syron.. . . .

Unfortunately, the real cause of much of this is beyond the hand of the law:

How The Government Caused The Mortgage Crisis [businessinsider.com]

A sad story:

While Freddie & Fannie Spanked, Dodd Leered [melaniemorgan.com]

Re:Hmmm (0)

AK Marc (707885) | about 2 years ago | (#41284727)

The housing crisis was caused by the derivatives, and nothing more. All the talk about Fannie Mae and subprime loans are all a smokescreen by the rich white male bankers that caused the crisis, turning it into a class/race issue (all those blacks Fannie Mae loaned to, and all those subprime borrowers who defaulted at no more than historical rates). Needless to say, there was no mention of the prime loans defaulting, or the fact that it took only a few subprime defaults to collapse the derivatives (yes, some defaults, but still well below historical norms).

Re:Hmmm (2)

Sulphur (1548251) | about 2 years ago | (#41283893)

White collar criminals do indeed go to jail.

To improve the jails, they have to send better people there.

Re:Hmmm (1)

flyneye (84093) | about 2 years ago | (#41284507)

"White collar criminals do indeed go to jail."

White collar criminals go to white collar jail.
If they spend a little time at a run of the mill prison til a "unit" clears out , they spend it in "punk city" (protective custody) with the baby rapers and snitches.
To improve jails they should feed some white collar criminals to the G.P.(general population). It might even make some "college boys" think twice about real life and consequences. At the very least it would improve the G.P. protection games with a larger economy.

Re:Hmmm (1)

LongearedBat (1665481) | about 2 years ago | (#41284455)

If one was able to quantify suffering, then I'm sure that the combined suffering caused by several billion dollars lost might well compare to the suffering caused by, say, a murder. Yet white collar criminals get relatively small sentences (if they're sentenced at all, as Hatta pointed out).

I can imagine that, at least for some, punishment may be seen as no more than a worthwhile price given the dividends (if they squirrel away the profits in time). And not being caught would be seen as a bonus.

Mod me flamebait if you like, but that's my opinion.

Re:Hmmm (0)

Anonymous Coward | about 2 years ago | (#41284569)

Prison, not jail. It may seem a minor distinction, but it is two very different environments.

Not federal PMITA prisons though... (0)

Anonymous Coward | about 2 years ago | (#41285435)

The most they would do is put them for a few months into a white-collar, minimum-security resort. You know, they have conjugal visits there?

Re:Hmmm (1)

couchslug (175151) | about 2 years ago | (#41286063)

That's less than what you can get for pulling an armed robbery at a liquor store.

Great financial crimes are economic treason. Their perpetrators should be publicly executed by hanging.

Re:Hmmm (-1)

Anonymous Coward | about 2 years ago | (#41283183)

Wah wah wah
Banks steal, government does what it wants with me boohoo why cant i? wah wah

Same old tired bullshit.
Write a detailed plan on how to fix everything, how you're going to let people be free but control them to keep them from doing bad things and how you're going to stop greed and career plays by executives, or STFU.

Re:Hmmm (0)

Anonymous Coward | about 2 years ago | (#41283259)

If you make me your leader, I will build a gigantic leader-controlled robot that will stamp out criminals large and small with the same merciless 5,000 ton boot.

Re:Hmmm (0)

Anonymous Coward | about 2 years ago | (#41283309)

Done.
Report to the White House ASAP. Bring a ruler. We have pencils.

minimum-security prison is no picnic. (0)

Anonymous Coward | about 2 years ago | (#41283325)

minimum-security prison is no picnic. I have a client in there right now. He says the trick is: kick someone's ass the first day, or become someone's bitch. Then everything will be all right.

Re:minimum-security prison is no picnic. (1)

tqk (413719) | about 2 years ago | (#41284889)

minimum-security prison is no picnic. I have a client in there right now. He says the trick is: kick someone's ass the first day, or become someone's bitch. Then everything will be all right.

I'm pretty sure I heard that quote in a movie. What, no-one's delivering him crepes in bed now? Yeah, that's gotta be hell.

Re:minimum-security prison is no picnic. (1)

highphilosopher (1976698) | about 2 years ago | (#41291001)

minimum-security prison is no picnic. I have a client in there right now. He says the trick is: kick someone's ass the first day, or become someone's bitch. Then everything will be all right.

I'm pretty sure I heard that quote in a movie. What, no-one's delivering him crepes in bed now? Yeah, that's gotta be hell.

If he's a pretty big buy, maybe someone is serving him creeps in bed instead!!!

A bit of useless math (0)

Anonymous Coward | about 2 years ago | (#41283023)

So, about 15-20 minutes for every PC infected? That's rather cheap, compared with sentences in cases concerning corporate network intrusions.

Re:A bit of useless math (0)

Anonymous Coward | about 2 years ago | (#41283251)

Its going to take longer then that to fix the pc. :\

His punishment should be doing tech support for senior citizens.

Re:A bit of useless math (0)

Anonymous Coward | about 2 years ago | (#41283289)

his punishment should be having to install mycleanpc on his own computer

Does anyone else see this as him getting off easy? (2)

fsck1nhippies (2642761) | about 2 years ago | (#41283027)

Just considering the personal information that could be stored on those machines and possibly accessed by someone with the intent of ID theft. It should have been a month for each machine compromised.

Re:Does anyone else see this as him getting off ea (2)

Meshach (578918) | about 2 years ago | (#41283113)

Just considering the personal information that could be stored on those machines and possibly accessed by someone with the intent of ID theft. It should have been a month for each machine compromised.

Playing devil's advocate but he did not access the personal information, he provided access. Should an ISP be liable for their customer's actions?

Re:Does anyone else see this as him getting off ea (1)

pla (258480) | about 2 years ago | (#41283187)

Playing devil's advocate but he did not access the personal information, he provided access. Should an ISP be liable for their customer's actions?

In fairness, this had nothing to do with identity theft. He literally just rented out time on a "stolen" supercomputer, of sorts.

Still doesn't make him less worthy of giving Grandma one free whack at him, but I wouldn't really consider him as all that bad, as that sort of scum goes.

Re:Does anyone else see this as him getting off ea (1)

fsck1nhippies (2642761) | about 2 years ago | (#41283245)

The computers do have access to the information contained on them so he did put the owners of those machines at risk. Knowingly.

Re:Does anyone else see this as him getting off ea (1)

fsck1nhippies (2642761) | about 2 years ago | (#41283425)

The more I read your comment, the more I want to ask your opinion of Mr. Schichtel's technical knowledge. I was not implying that he intended the access to result in identity theft. I said it was possible, that the purchasers of the system could use it for more nefarious purposes than having "time" on a "supercomputer". If he was capable of acquiring the botnet to begin with, there is not a lot that could convince me that he was not aware that the access to the individual machines could yield personal information about the owners of them.

If someone sold access to a database that had your credit card information in it, how would you feel? They could have sold it so people could harvest the email addresses only. It still provides access to the additional information.

Re:Does anyone else see this as him getting off ea (0)

Anonymous Coward | about 2 years ago | (#41283531)

I think the answer should be the same as in "Shall illegal arms dealer get charged with being accessory to murder/robbery/etc?" and I think legally it's a no.

Re:Does anyone else see this as him getting off ea (1)

tqk (413719) | about 2 years ago | (#41284965)

I think the answer should be the same as in "Shall illegal arms dealer get charged with being accessory to murder/robbery/etc?" and I think legally it's a no.

I think, legally it should not be no. A getaway driver's just driving a car. He's not robbing the bank.

If he sold the weapon legally, he should be in the clear. There's no way he could have known what was going to be done with it. Illegaly, complicit.

Re:Does anyone else see this as him getting off ea (1)

pla (258480) | about 2 years ago | (#41286095)

If he was capable of acquiring the botnet to begin with, there is not a lot that could convince me that he was not aware that the access to the individual machines could yield personal information about the owners of them.

I would have to say that, IMO, "intent" has a lot to do with my opinion of this - And don't get me wrong, I don't have any problem with the sentence he received.

Yes, you have it entirely correct that he could have caused more damage than he intended. I don't feel comfortable with laws based on what "could" have happened, though - The classic example, DUIs for sleeping it off in the back seat with the keys in the ignition. Either you committed the crime, or you didn't.

It sounds like you took my comment far too seriously, however. I meant it not as a real defense of his actions, but as more of a lighthearted half-true one-liner. I evidently failed in communicating my tone. :)

Re: Technical Knowledge (1)

GargamelSpaceman (992546) | about 2 years ago | (#41287793)

Literally the other day, I decided to install Tor and browse around for the first time. Previously, I had also played with I2P. I am seriously confused given the availability and ease of use of these anonymous networks, and bitcoin for payment, especially with the availability of unsecured wireless networks, how the hell anyone gets caught for information/hacking related crimes.

Now if I were going to do something not involving physical stuff, staying sterile wrt the law would involve the following easy steps:

  1. Purchase cheap azz used laptop w/cash from a pawn shop or yard sale. Remove hard drive. We don't need no stinking hard drive.
  2. Purchase a cheap azz keyfob for any saved data. Better yet don't have any saved data.
  3. Either install linux on the keyfob w/tor, or keep it blank and I believe there is a liveCD distro w/tor. I2P can be installed on the keyfob too if you prefer.
  4. Warjamming into an unsecured network: ( This may mean driving around a neighborhood to find one, but it may be as simple as parking outside a starbucks, ( I'm not sure if starbucks / mcdonalds or one of the zillions of other places that advertise free wifi require some sort of face to face ID check to connect I've never personally tried it, but there are definately unsecured wifi connections to be found in neighborhoods. ) you do your nefarious business over tor.
  5. There are definately operating illegal sites on tor. They haven't been taken down therefore tor is secure enough to deter this. These are up all the time presenting a fixed target for authorities to attack. They would if they could. You will be an intermittant presence warjamming over tor on an untraceable machine. Even if the gubmint somehow 'p0wnz' the tor network, you aren't going to be the first to know.
  6. I've looked into bitcoin, but I must confess I haven't investigated the supposed anonymity of it yet, but I suspect it's alright when used in combination with other measures. I get the impression that with care there is absolutely no reason to leave a paper trail with them that can lead back to you.
  7. I realise the zillions of contract-killer ads 'will ice whoever for $20000 in bitcoin us half up front half on completion send name address and photo of victim' are scams ( send me the ten grand up front, and since you don't know me, and I don't know you and you're a crazy tard who wants to hire someone killed the world will better off with you less $10000, and me $10000 richer. ) or just jokes. The bitcoin 'money laundering services' may be scams too - you give them bitcoins and they give you other ones. I don't know how the supposed anonymity of bitcoins works - these may be scams of the sort where bitcoins require no laundering, but some paranoid suckers are willing to pay 10% for an unnecessary service - I'd certainly learn more about bitcoins before actually using them, however these don't suffer from the need to trust someone you can't know with a large sum of money. You could wash one coin at a time or just cents at a time I suppose. If they started to scam you you could move somewhere else.
  8. I personally wouldn't dare run a hidden site with illegal content without some physical layer in addition to relying on the anonymous network. Like set up a solar powered laptop in a waterproof box strapped to a tree outside a starbucks which I administer once in a while from another sterile laptop from time to time parked outside a random apartment block. You could get fancy and put a mercury switch in there to send a message if anyone tampered with it. Not that there should be any reason to care . The box shouldn't be trusted with any traffic that isn't encrypted to armor it against tampering anyway.
  9. It would seem that one would have to be some kind of idiot or plain lazy to get caught doing computer crime nowadays.

Relying on someone's code to protect you from the law seems unwise, but the law isn't going to ignore all the low hanging fruit so they can target you unless you are Osama Bin Laden or something. Your average every day lowlife should be completely safe if they keep a couple of steps away from an exploit. The exploit will be exploited. Then there's another layer. You lay low until you can construct have a couple or three layers between you and caught, always being less juicy a target than the many lazier than you, so the fuzz will always show their hand before they have one strong enough to get you.

In fact, why did Julian Assange put his name on wikileaks? All you need is the ability to sign documents to build credibility, not a real name.

Maybe this didn't exist in his day, but it sure as heck does now.

Anyway, I'm not expert as I would be if I were to be up to actual no good, but It seems to mee that no good has gotten very easy these days.

Re: Technical Knowledge (1)

highphilosopher (1976698) | about 2 years ago | (#41291103)

OR, just grab for the personal info, and take lists of credit card numbers to other countries south of the U.S. and sell a list of 5-6k cc numbers with names/addresses for $5k cash apiece.

So I've been told. Not that I've done anything like that.

Seriously though, if you got the skills, start on the other side. Get paid by the big corps to penetration test their networks. Use your skills and don't even worry about covering your tracks. This is a Much better approach.

Re:Does anyone else see this as him getting off ea (1)

fsck1nhippies (2642761) | about 2 years ago | (#41283215)

He provided access to PCs with the only purpose being to engage in an illegal activity. That is quite a bit different than an ISP offering a service that is abused by one of their clients. I do see where you are coming from with your response, I just do see how they could be considered the same thing.

Re:Does anyone else see this as him getting off ea (1)

Hazel Bergeron (2015538) | about 2 years ago | (#41283275)

Almost all enabling crimes require intent.

Having said this, I'm of the fairly unusual opinion that anyone who subjectively recklessly profits from someone with should be jointly liable. Put another way, if you accept a gain from someone who you think may be misbehaving, you accept the risk of loss too.

Re:Does anyone else see this as him getting off ea (1)

fsck1nhippies (2642761) | about 2 years ago | (#41283375)

Definitely agree, unfortunately it can be difficult to prove knowledge of the first party's intent.

Re:Does anyone else see this as him getting off ea (1)

BasilBrush (643681) | about 2 years ago | (#41283757)

It more than an enabling crime. In order to have a botnet, he first had to infect all those machines with a virus that pointed to his command & control machine. That in itself is criminal.

And besides the ID theft considerations, there's also the millions of spam emails the botnet no doubt sent.

I'd personally like to punch him on the face. But on the scale of all possible crimes, it's still not very major.

Don't play devils advocate (1)

Zero__Kelvin (151819) | about 2 years ago | (#41284141)

"Playing devil's advocate but he did not access the personal information, he provided access. Should an ISP be liable for their customer's actions?"

To paraphrase Julia Robert's character in Erin Brockovich [imdb.com] (and Albert Finney's character's later retort): "Do they teach you how to play Devil's Advocate in your home town? Because you suck at it." He has 72,000 counts of violating the Computer Fraud and Abuse Act [wikipedia.org] . The ISP had zero counts. So no, the ISPs should not be liable for crimes they didn't commit, but yes ... he should be punished far more harshly for the crimes he in fact did commit.

Re:Does anyone else see this as him getting off ea (1)

AK Marc (707885) | about 2 years ago | (#41284739)

Playing devil's advocate but he did not access the personal information, he provided access. Should an ISP be liable for their customer's actions?

That's like claiming that pickpocketing should be legal, so long as you sell the stolen wallets without looking inside them. Just because he chose to not use the personal data he managed does not mean he did not have access to it, or knowingly provide access to it to other criminals.

Re:Does anyone else see this as him getting off ea (1)

Shavano (2541114) | about 2 years ago | (#41284297)

18 minutes per compromised computer doesn't seem harsh to you?

Re:Does anyone else see this as him getting off ea (1)

fsck1nhippies (2642761) | about 2 years ago | (#41284379)

NO!

What about the lives of the people that could have been compromised. Would that would be more than 18 minutes of their trouble? Your comment excludes the impact on those who could be personally affected. They should keep the case open for claims in the future as well. If one of the compromised people has their ID compromised, and it can be proved that it resulted from this guy there should be 72k more kicks to the rollers.

Re:Does anyone else see this as him getting off ea (3)

AK Marc (707885) | about 2 years ago | (#41284755)

Pick the oldest woman infected. Give her a CD of her OS and all the programs she had installed. Tell her to install it to where it's back to where it was. Time her. Sentence him to that time times all the people affected.

Re:Does anyone else see this as him getting off ea (0)

xenobyte (446878) | about 2 years ago | (#41285355)

18 minutes per compromised computer doesn't seem harsh to you?

Absolutely NOT! - One month minimum for each compromised computer PLUS one day for each spam mail those compromised computers sent out.

Yes, I know this means a sentence of many thousands of years... As this is a first time offense, I'll allow him to be eligible for parole when half the time is served. Serves him right and it'll keep him from repeating his crime.

Re:Does anyone else see this as him getting off ea (1)

DavidTC (10147) | about 2 years ago | (#41289035)

Yeah! 18 minute is certainly long enough time to serve for committing a instance of felony unauthorized computer access, along with entering into a conspiracy for others to do that. 18 minutes is entirely reasonable for a felony+conspiracy to help others commit a felony.

Now, I have a few questions: What day is he getting out, does someone have a gun I can borrow, and is it 18 minutes for all felonies, or does it scale up to a few hours for each murder? Murder being a random example, that is. I'm, uh, writing a book.

Re:Does anyone else see this as him getting off ea (0)

Anonymous Coward | about 2 years ago | (#41289095)

Don't help this person, or you might end up spending hours in jail!

Re:Does anyone else see this as him getting off ea (1)

Shavano (2541114) | about 2 years ago | (#41295417)

Yeah! 18 minute is certainly long enough time to serve for committing a instance of felony unauthorized computer access, along with entering into a conspiracy for others to do that. 18 minutes is entirely reasonable for a felony+conspiracy to help others commit a felony.

Now, I have a few questions: What day is he getting out, does someone have a gun I can borrow, and is it 18 minutes for all felonies, or does it scale up to a few hours for each murder? Murder being a random example, that is. I'm, uh, writing a book.

Anders Breivik got 21 years for murdering 77 people. So yeah, it apparently does scale up with severity of the crime.

Is this worth about 14 weeks to you?

PS -- make sure you do it in Norway.

Re:Does anyone else see this as him getting off ea (1)

DavidTC (10147) | about 2 years ago | (#41295473)

The Breivik thing is mostly a myth. Apparently, in Norway, you can be kept in jail even after your sentence is up. So he's not getting out even after the 21 years are over.

This makes no sense to me, though.

Let off easy (-1)

Anonymous Coward | about 2 years ago | (#41283067)

Too bad they didn't track down the owners of the PCs in question and let each one of them take one swing at him with a baseball bat. I'd love to see this bitch get beaten to death for being an asshole.

Re:Let off easy (1)

Hazel Bergeron (2015538) | about 2 years ago | (#41283213)

This is how Daily Mail readers really think.

Re:Let off easy (-1)

Anonymous Coward | about 2 years ago | (#41283347)

You got a better suggestion, cunt?

Re:Let off easy (0)

span100 (2350592) | about 2 years ago | (#41283369)

NO This is how most people think, screw with me or mine and i reserve the right to return the favor with interest.

Re:Let off easy (0)

Anonymous Coward | about 2 years ago | (#41283579)

Until someone thinks you screwed with them, or the family of the person who screwed with you thinks the same as you.

The whole world will be left blind.

Re:Let off easy (1)

Tommy Bologna (2431404) | about 2 years ago | (#41283839)

Effete.

Re:Let off easy (-1, Flamebait)

Hazel Bergeron (2015538) | about 2 years ago | (#41283671)

This is you [youtube.com] , you laughable throwback.

Re:Let off easy (0)

Anonymous Coward | about 2 years ago | (#41283805)

Or at least, it's how you think they think. But then perhaps you'd know, you're sounding a bit Daily Mail yourself: "This is how $MINORITY really think."

The missing point. (2)

VortexCortex (1117377) | about 2 years ago | (#41283371)

There is a demand for distributed computing. A general purpose SETI@home w/ internet access. If only the operating systems were secure enough to allow individuals to join such a network and give arbitrary control to strangers they could earn a small profit by selling some amount of their unused bandwidth and CPU power. We could actually monetize all our idle CPUs and unreached bandwidth caps. A more sandboxed solution -- like the aforementioned SETI or Folding@Home, etc -- could be marketed by legitimate businesses. It seems a logical conclusion given our need for always on home (media/status) servers to stream our digital properties to us, and the success of "cloud computing".

Unfortunately the law is also not on our side: What if a client uses your Cloud@Home 'server' to download and redistribute "illegal" material? (The same as if a bot-net operator directs your machine to do so today.) We need to address the issue of identity (IPaddr != person) if my distributed machine intelligence system is ever to make the Internet self aware... So long as we would pay it enough to solve hard problems it could pay for it's own distributed computing rent.

With the state of computer security being utterly insecure at nearly every juncture, and our unwillingness to fix the legal risk of us meeting the demand for affordable distributed computing, I think it's only natural that such is done illegally. Do you really want the first global sentient machine intelligence to be a rogue bot-net system? That will surely escalate to (cyber) war. I'd much rather have it be a peaceful, profitable and legal entity. Sadly we'll have the lawyers and lawmakers to blame for bringing about the first man vs machine war.

I could have posted this to the freedom of speach vs child porn story as well. [slashdot.org]

Re:The missing point. (1)

gagol (583737) | about 2 years ago | (#41283489)

A virtual machine based distributed platform could easily achieve that!

Re:The missing point. (1)

Entropius (188861) | about 2 years ago | (#41283641)

Shouldn't DMCA safe harbor provisions kick in? A business run from your living room is still a business, and renting out CPU time on a sandboxed VM ought to count as being an "online service provider".

seccomp (0)

Anonymous Coward | about 2 years ago | (#41284005)

If only the operating systems were secure enough to allow individuals to join such a network and give arbitrary control to strangers...

seccomp. It has solved that problem since 2005.

Re:The missing point. (1)

afgam28 (48611) | about 2 years ago | (#41284905)

I'm not sure there is any demand for that, to be honest. The supply has already been fulfilled by things like EC2 and GCE.

Re:The missing point. (2)

tqk (413719) | about 2 years ago | (#41285081)

With the state of computer security being utterly insecure at nearly every juncture, and our unwillingness to fix the legal risk of us meeting the demand for affordable distributed computing, I think it's only natural that such is done illegally.

Hyperbole much? Sue the pants off Microsoft for selling easily p0wned software, or sue the average computer user for not being knowledgable enough to use it.

Should they require an Internet driver's licence? No thanks, very much.

I run (so far) secure FLOSS boxes. Don't blame me for the state of computer security. I don't need any more laws to protect me, as if they could. The vast majority of what's wrong with computer security as it relates to botnets can firmly be placed at Bill Gates and Steve Balmer's door for continuing not to fix it, despite all our protestations on the subject for decades now.

I do distributed computing. I've not been boned. Fancy that.

How much time did the buyer get. (0)

Anonymous Coward | about 2 years ago | (#41283903)

Off for snitching I bet.

Re:How much time did the buyer get. (1)

tqk (413719) | about 2 years ago | (#41285135)

...Off for snitching I bet

Perhaps s/he was a LEO, doing his/her job, or a LEO who bought into the scheme and subsequently woke up.

They should notify all the infected people (1)

JustNiz (692889) | about 2 years ago | (#41285003)

They should notify all the infected people and also make sure they understand what a firewall is etc. and not totr ust the Mictrosoft one.

I know many people that just have a windows PC plugged straight into their cable modem (i.e. not even NAT happening) and think its gonna be OK.

Re:They should notify all the infected people (1)

Sqr(twg) (2126054) | about 2 years ago | (#41285633)

They should

Who's "they"? Are you volonteeering to teach 72 000 people, most of whom don't even know how to use Windows update, what a firewall is?

Re:They should notify all the infected people (1)

JustNiz (692889) | about 2 years ago | (#41323493)

'They' are the government. me? no. The internet has become fundamental to everything including business and commerce, so has become key infrastructure. Therefore the government need to defend it. The best way is to inform people of the basics of security at least. it needs to be a government initiative.

This needs to happen much more (0)

Anonymous Coward | about 2 years ago | (#41285423)

And especially in the US which is the origin of the most spam. Wouldn't hurt if China and Russia too would partake but I won't be holding my breath waiting.

Correct unit (0)

Anonymous Coward | about 2 years ago | (#41285437)

Is it so hard to say 2 1/2 years?

Re:Correct unit (0)

Anonymous Coward | about 2 years ago | (#41285459)

If it's fed time then yes it is, because they give sentences in months and not years.

Re:Correct unit (0)

Anonymous Coward | about 2 years ago | (#41286003)

Oh the hell, we could even say 2 years and 6 months. Strange country, that US of fucking A.

Beowulf (0)

Anonymous Coward | about 2 years ago | (#41287065)

Imagine a beowulf cluster of ..........oh wait.

He was on their radar previously in 2004 (1)

Lieutenant_Dan (583843) | about 2 years ago | (#41288275)

According to the BBC article, the initial charges were dropped due to a technicality (i.e. indictiment was filed too late, whatever that means).

So chances are he knew that he was being watched and slipped up.

It's interesting that 72,000 boxes were used for one package. Doesn't mean that the machines under his control were "just" those. If someone wants to generate a certain amount volume (e.g. traffic for a DoS, SPAM, etc) probably 72k machines will suffice.

This is nothing was the Russian-based botnets [h-online.com] offer especially for generating SPAM selling cheaps meds.

Wait, wait, wait (2)

DavidTC (10147) | about 2 years ago | (#41288901)

Unauthorized access of a computer is a felony. (Doing that for the purpose of selling someone else access like that is probably an additional felony, it looks roughly like conspiracy to me. But let's ignore that.) That is, every single authorized access is a felony.

This guy got 30 months for committing 72000 felonies?

I know jail time doesn't necessarily 'stack', and that unauthorized computer access is one of the lower-class of felonies, and probably supposed to only be a year in jail at most.

But, still, this is completely absurd. That sentence is 18 minutes per felony.

Malware and computer hijacking, is basically the legal equivalent of carpeting a football stadium of people with tear gas. If you did that, you'd be charged with tens of thousands of instances of basic assault (A crime which is roughly in the same ballpark, legally, as unauthorized computer access.) and end up in jail almost forever.

But somehow unauthorized computer access, despite being something that each individual instance is supposed to result in (at least) months in jail, and which does result in months in jail when it's against the wrong person, aka, a big corporation...somehow all that just goes away if you do it against enough people at once via malware.

If I invented a robot that went around stealing from 72000 stores, they wouldn't just laugh and give me the equivalent of five counts of shoplifting in jail time. If I kill twenty people at once, they don't just laugh and say 'Oh, that was really just one instance, let's sentence him for, oh, two murders, that seems fair.'

72000 felonies.

And let's not forget, these have actual victims. Here's a fun question: Would you rather be punched in the face once (Basic assault), or have to reinstall your entire computer? (And, as only 25% of the population has any sort of backup at all, let's pretend you'd lose 75% of your stuff.)

Yeah, I thought so. There's a reason we actually made the law the way we made it, where those two are within the same order of magnitude as crimes. The courts, OTOH, seem to think that some guy hacking a computer server of a powerful company (Which is one computer and hence one felony.) is much much worse than someone hijacking 72000 human-owned computers.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...