British hacker extradition sanctioned..

M

mortiz

Still Mildly Glowing
This piece of news has really got my goat today. Some of you may remember the story about British hacker Gary McKinnon who hacked some U.S. Military computers (around 90 allegedly) that were apparently very lax on security. Anyway, John Reid, our oh-so wonderful home secretary has decided to play the nice little lap dog and pander to U.S. foreign policy. It's the extradition laws between the U.K. and the U.S., they're completely fucked. If the U.K. wants to extradite someone from the U.S. we have to provide a good case and evidence to back up our claims (as it should be). Vice versa however the U.S. simply needs to provide a case outline of why they think the person should be extradited. What the hell's all that about? Can we take anymore of America's cock in our collective asses? I like how when the U.S. proposed a similar extradition treaty to the other European nations they all pretty much gave the U.S. the bird.

So this hacker, Gary McKinnon doesn't even get a chance to make a case in front of the British judge, even if the evidence if inaccurate or just plain wrong he has no way to retort. Gary McKinnon faces up to 30 something years in prison and millions of dollars in fines. It's bad enough to face 30 years in prison in your home country but in a foreign country? I get a sense here that the crime doesn't fit the punishment somehow.

His case is just one of many extradition cases, it's more that they highlight the lack of justice in this policy rather the cases themselves being particularly interesting.
 
30 years and millions of dollars in fines? Tough luck.

But he should look on the bright side - millions of nerds throughout the world (myself included) will look up to him as their hero and martyr. His actions have made him immortal, and a sentence in America will only reinforce this immortality.

H4cK d4 pL4n3T!!!
 
It would have been safer to point out to the US military:

"You idiots are using Windows NT, which is what you have been using ever since some morons in Congress and the Pentagon decided that NT was better than UNIX because it was cheaper. Since then, military websites and "secure" zones have been a fucking joke and the target of defacing kiddies since '97."

But, unfortunately, not even the US military pays attention to those they train and hire to sysop the systems for them, and have in fact been teaching most of the newer techs to be Windows Idiot Certified. Knowing how the software works on an OS level has been replaced with only having to know how to use a pre-packaged program's menu system.

Someone probably forgot to CHMOD a directory correctly, or something hideously simple like that.
 
Rosh has the situation down exactly. The same training and squadron base I went to for combat comm was also shared by some other techs including the computer techs. They have a 6 month tech school, learn straight out of Microsoft's NT book, and don't pay attention to shit. All they care about is what that knowledge will gain them when they get out of the Air Force, of course since none of those kids knew a damn thing about computers or the industry before they went in they don't realize that NT techs are worth very little anymore. All they do is load eight tons of extra software that's supposed to make things "safe" while slowing everything down and still leaving tons of holes. Doesn't help that the military can't decide what the hell to do about any of it. For instance: there's a rule we can't use IE - it's not very secure - but then there is a rule we can't download or install any other browsers on the systems, so everyone has to use IE... cute, huh? Military command has no goddamn clue about computers.


In either case, hacking a nations military is pretty goddamn stupid, even if the laws are unfair he brought it on himself. I have no sympathy for that.
 
I sympathize with the guy purely based on those fucked up extradation laws. England has its heads so far up the US ass.

Also, 30 years for hacking a computer? I know of murderers who got less.
 
Nova said:
Also, 30 years for hacking a computer?
Click to expand...
A computer?
Gary McKinnon who hacked some U.S. Military computers (around 90 allegedly)
Click to expand...


Also, the military throws a rather big fit when they get hacked, even if their security holes are their fault. They have a lot of trouble with hackers: from kiddies going for something to brag about, to identity theives going for enlisted records which are a goddamn goldmine to them. You can bet they'll prosecute to the fullest extent. Like I said, even though his sentance is fucked up, he should have known exactly what he was getting into. I have no sympathy for dumbasses.
 
PhredBean said:
Rosh has the situation down exactly. The same training and squadron base I went to for combat comm was also shared by some other techs including the computer techs. They have a 6 month tech school, learn straight out of Microsoft's NT book, and don't pay attention to shit.
Click to expand...

And, honestly, aren't required to know anything else for their job except to know how to use a simple menu system.

All they care about is what that knowledge will gain them when they get out of the Air Force, of course since none of those kids knew a damn thing about computers or the industry before they went in they don't realize that NT techs are worth very little anymore.
Click to expand...

What is why I get a HUGE laugh about the one military advertisement that has a friend of a guy in uniform asking him if he could have worked on computers outside of the military. Then you see a groundpounder montage, and the dumbass shaking his head and saying "no". Then I sober up as I come to the understanding that some kids actually take those ads seriously. The GI Bill has been turned into a total lie that does little but try to soak back money from troops, and veteran benefits are going downhill.

All they do is load eight tons of extra software that's supposed to make things "safe" while slowing everything down and still leaving tons of holes. Doesn't help that the military can't decide what the hell to do about any of it.
Click to expand...

The changes really made me cry and yearn for the old days when they used secure software. Really, I don't like the idea of someone hacking into an AEGIS system, but if the military's security is this much of a fucking joke - it's going to happen when it will catch the military with its pants down. It wouldn't be one curious fellow who managed to get their way in through one of the holes STILL present in NT.

For instance: there's a rule we can't use IE - it's not very secure - but then there is a rule we can't download or install any other browsers on the systems, so everyone has to use IE... cute, huh? Military command has no goddamn clue about computers.
Click to expand...

No, they don't, and I find it amusing that they assumed earlier that since everything that came with Windows was secure and safe. Which it still seems like they haven't learned, since that was an issue back when I was active duty, and they used IE despite it being an insecure mess, but since it was included with Windows it was considered approved software. Bureaucracy at work for a decade still goes nowhere, it seems.

In either case, hacking a nations military is pretty goddamn stupid, even if the laws are unfair he brought it on himself. I have no sympathy for that.
Click to expand...

For a time you could Winnuke navy.mil (which is also regularly defaced). For that to be changed, it DID take someone going to jail.

Now imagine what it would be like if someone WITH detrimental intent decided to hack into the very laughable US military security. I'm surprised it hasn't happened to a greater effect, but it likely has already happened but kept quiet.
 
I remember watching a Frontline a couple years ago about a high profile security compromise in the 90's that was kept all hush-hush, and still hasn't had all the light shed on it. It's good to know we're taking this terrorism thing seriously.
 
mortiz said:
U.S. Military computers that were apparently very lax on security...Gary McKinnon faces up to 30 something years in prison and millions of dollars in fines. I get a sense here that the crime doesn't fit the punishment somehow.
Click to expand...
What about the fact that it might be part of a plot to take all the really dangerous opponents out, not by securing the communication lines, but by giving them a chance to poke around with no sense of opposition, and monitoring the hackings. The most secure system isn't the one that has no holes, cause they are all holy, it's the one that no one uses them. So to disencourage the hacking, the punishments have to be really hard. And remember, you are using an old US military web now called internet, they are the medium, they know everything, even your thoughts. :evil:
 
Jarno Mikkola said:
What about the fact that it might be part of a plot to take all the really dangerous opponents out, not by securing the communication lines, but by giving them a chance to poke around with no sense of opposition, and monitoring the hackings.
Click to expand...

I'd like to believe that, but as one who was crying as he wiped out a UNIX installation to install Windows NT on several machines, I can for certainly say the security of the US military in regards to conventional computer networks is absolute shit.

Now for the NSA...

The most secure system isn't the one that has no holes, cause they are all holy, it's the one that no one uses them. So to disencourage the hacking, the punishments have to be really hard.
Click to expand...

Unfortunately, there's that whole 8th Amendment. Someone who commits vehicular manslaughter MAY only get a 1 year ban or so from driving in addition to all the other penalties. It still is comparatively non-existent to trespass.

The cracker is given a ban from computers for life, because the courts are just as fucking clueless as the military, and don't really understand how the world works now. Want a good example of the govt's technical incompetence? Most, if not all, still use a faded and cheesy clip-art repeating image as a tiled background and the HTML is utter ass even ten years ago.
 
look on the bright side! even Billy-Bob & Bubbah can use Windows!

seriously though. windows CAN be secured if taken appropriate measures, but yeah the US should've gone with Linux (or some other UNIX-based OS). the thing is, Linux isn't easy to secure either, as it requires a good deal of knowledge & know how. something your average tech doesnt have. 'securing' *cough* windows is more textbook stuff.
 
SuAside said:
seriously though. windows CAN be secured if taken appropriate measures, but yeah the US should've gone with Linux (or some other UNIX-based OS).
Click to expand...
The military has been pushing to swap to a customized UNIX based OS for awhile, the Air Force has contracted out thirdparties to hammer out the system, but it's "been in the works" for far longer than even the military's system of overtesting something to death can account for.
 
SuAside said:
seriously though. windows CAN be secured if taken appropriate measures, but yeah the US should've gone with Linux (or some other UNIX-based OS). the thing is, Linux isn't easy to secure either, as it requires a good deal of knowledge & know how. something your average tech doesnt have. 'securing' *cough* windows is more textbook stuff.
Click to expand...

The problem with that is that most *nix systems, even the BSDs, often are more secure in a default installation than Windows NT can be "optimized" for, and at far less overhead of "required to secure the system" software.

Then you get into the actual HOW of securing the systems, and with *nix it's fairly straightforward once you figure out how, by paying attention to the installation instructions included with just about every *nix software released. Once you learn a couple, removing taint options and such like that are standard for installation. Installing software onto a server isn't something that should be taken lightly, and mere techs shouldn't be doing that anyways.

With NT, it tells you it's protected by the check box, and it still dies a merry little death. Oh, and because you clicked that checkbox, it just opened up a problem somewhere else due to Windows NT's programming being a total fucking mess.

PhredBean said:
The military has been pushing to swap to a customized UNIX based OS for awhile, the Air Force has contracted out thirdparties to hammer out the system, but it's "been in the works" for far longer than even the military's system of overtesting something to death can account for.
Click to expand...

Yeah, once the reports of crappy security kept rolling in, in particular from the navy.mil website, the military had to address it. But since saving the military a few bucks can go through faster than a technical addition or recommendation process, it took a year to fuck up the military systems so it could pad some numbwit admiral's pocketbook, and it is now taking more than a decade to un-fuck them.
 
Roshambo said:
Then you get into the actual HOW of securing the systems, and with *nix it's fairly straightforward once you figure out how, by paying attention to the installation instructions included with just about every *nix software released. Once you learn a couple, removing taint options and such like that are standard for installation. Installing software onto a server isn't something that should be taken lightly, and mere techs shouldn't be doing that anyways.

With NT, it tells you it's protected by the check box, and it still dies a merry little death. Oh, and because you clicked that checkbox, it just opened up a problem somewhere else due to Windows NT's programming being a total fucking mess.
Click to expand...
well, UNIX-based security really does need specialists to secure. it's not that straight foward as you say. if you want it to be secure, there is no way in hell that you just follow install instructions. every server will need a specific config dependant on role, place in the network, physical location, people allowed to connect,... that makes it a pretty expensive deal.

but of course it's a choice: Windows, up & config'ed in no time flat. add some extra security & you have a half decent system that you'll have to reboot every once in a while because it's not entirely stable. (well, NT does suck donkeyballs of course, but 2003 was pretty respectable & not all that bad depending on your goals)
or on the other hand: Linux, pretty hard & specialised to config depending on the parameters, but once it's up, it'll probably take an EMP to break down again.

i'd say Linux is more suited for military, but hey, nowadays everything is built by the lowest bidder anyway. (or the one that gives most perks to the people that are calling the shots)

Roshambo said:
Yeah, once the reports of crappy security kept rolling in, in particular from the navy.mil website, the military had to address it. But since saving the military a few bucks can go through faster than a technical addition or recommendation process, it took a year to fuck up the military systems so it could pad some numbwit admiral's pocketbook, and it is now taking more than a decade to un-fuck them.
Click to expand...
i'm betting that taking the cheap way out is a faster track to promotion as well, as it's pretty hard to sell massive expenses in a time where everything is being cut back on.
 
Roshambo said:
I'd like to believe that, but as one who was crying as he wiped out a UNIX installation to install Windows NT on several machines, I can for certainly say the security of the US military in regards to conventional computer networks is absolute shit... The cracker is given a ban from computers for life, because the courts are just as fucking clueless as the military, and don't really understand how the world works now.
Click to expand...
The thing is, you and them aren't weeping out the most dangerous opponents the Corporation America has, the ones that jeopardize the real power structures and the money flow. The ones that do are either shot, or turned quietly.
 
AFAIR the NASA servers had either a blank or default passwords... he's no hacker, just an UFOfanatic who knew too much about computers.

And thank god your military network is not integrated with LINK16 in any serious way.
 
For instance: there's a rule we can't use IE - it's not very secure - but then there is a rule we can't download or install any other browsers on the systems, so everyone has to use IE... cute, huh? Military command has no goddamn clue about computers.
Click to expand...

Some systems here in Iraq have been getting Mozilla Firefox, but those are the ones sent to a civie company.
 
You must log in or register to reply here.
Back
Top