|
Grex > Agora35 > #28: Prosecution in the case of the Great M-net Crash | |
|
| Author |
Message |
| 20 new of 145 responses total. |
jerryr
|
|
response 126 of 145:
| 
Oct 5 13:00 UTC 2000 |
i think the point being made was i know that what happened went beyond m-nut
and it's hardware. a point i kept trying to make. no details are necessary
to say that. unless one chooses not to listen or believe me. y'all have that
right. believe it or not, i was just trying to save folks the time and
trouble of trying to figure out how to get this kid off with just a slap on the
wrist - based on the perceptioin that the only damage he had done was to m-nut.
|
jp2
|
|
response 127 of 145:
|
Oct 5 15:14 UTC 2000 |
This response has been erased.
|
jazz
|
|
response 128 of 145:
|
Oct 5 15:18 UTC 2000 |
Greg's got a point, but I don't think anyone was disputing the point
(though it could be read that way) that the damage (to society) was greater
than that of m-net. The only discussion I was aware of was whether a system,
in a civil case (and this one isn't a civil case, if I've been reading the
news correctly) should be able to sue for more than the actual hard cost to
fix, and whether or not a system's staff were responsible for intrusions, in
a general sense.
|
mdw
|
|
response 129 of 145:
|
Oct 5 21:00 UTC 2000 |
I don't think that staff being negligient is going to be a viable defense
for the kid.
|
scg
|
|
response 130 of 145:
|
Oct 5 22:20 UTC 2000 |
re 125:
Why not? Even if no money was spent, the value of donated labor is
sitll pretty easy to calculate. If you have somebody who normally charges,
say, $125 per hour, you can calculate the value of their donated labor at $125
times the number of hours they spent volunteering. Even if somebody normally
only works for their employer, and as such doesn't have a consulting rate,
you can look at what the market is paying consultants with similar skills.
It's not tax deductable, but that doesn't mean it doesn't have value.
|
twinkie
|
|
response 131 of 145:
|
Oct 6 04:07 UTC 2000 |
I think it's a riot that jazz is the only one who got the joke.
|
brighn
|
|
response 132 of 145:
|
Oct 6 04:19 UTC 2000 |
Good one.
You're still a twinkie.
|
twinkie
|
|
response 133 of 145:
|
Oct 6 04:29 UTC 2000 |
Ooooh...struck with another famous Grex zinger...
|
md
|
|
response 134 of 145:
|
Oct 6 12:06 UTC 2000 |
(Why is it a "Grex" zinger?)
Well, I think jerryr is making a good point. He says you can't
justify "just a slap on the wrist - based on the perceptioin that the
only damage he had done was to m-nut," because something of actual
value, a thousand miles from mnet, was indeed damaged.
The implication that, if it *had* been only mnet, a slap on the wrist
would be enough, confirms what many others here seem to be saying: why
ruin a 7-year-old kid's life for hacking a system that was pretty much
worthless to begin with? I agree with jerryr that it would be absurd
for Arbornet to sue this kid for anything.
(I still don't understand why the AG's office is making an issue out of
the fact that the mnet equipment was replaced. We all know the kid
isn't to blame for that. If the AG thinks he is, then I hope some
responsible Arbornet person, if such there be, will set her straight
ASAP.)
On the other hand, the University of Maryland, or whomever, might have
grounds for suing the kid. Also, with regard to the admittedly poor
security on mnet, I wonder if UMD has grounds to sue Arbornet?
|
md
|
|
response 135 of 145:
|
Oct 6 12:07 UTC 2000 |
(17-year-old. Sorry.)
|
jerryr
|
|
response 136 of 145:
|
Oct 6 13:11 UTC 2000 |
i hope they throw the book at him - find him guilty or let him cop a plea.
order community service and restitution. if he keeps his nose clean until
he is 21, expunge his record.
|
brighn
|
|
response 137 of 145:
|
Oct 6 14:23 UTC 2000 |
(look at your handle, you twinkie)
|
scg
|
|
response 138 of 145:
|
Oct 6 18:10 UTC 2000 |
Wasn't the University of Maryland system Jamie Howard's PC?
|
twinkie
|
|
response 139 of 145:
|
Oct 6 19:59 UTC 2000 |
(what's your point, you brighn?)
|
brighn
|
|
response 140 of 145:
|
Oct 6 20:02 UTC 2000 |
(that you must have a tasty cream filling)
|
twinkie
|
|
response 141 of 145:
|
Oct 6 20:47 UTC 2000 |
(so I'm told)
|
brighn
|
|
response 142 of 145:
|
Oct 6 20:59 UTC 2000 |
(I wouldn't know, and will never find out)
<set drift=off>
|
danr
|
|
response 143 of 145:
|
Oct 6 21:22 UTC 2000 |
Need I remind you boys that the "tasty creme filling" is mostly lard?
|
gull
|
|
response 144 of 145:
|
Oct 6 21:39 UTC 2000 |
My system was once hacked and used to port scan a few other domains. It was
a day before I noticed a process running that I didn't recognize. I
immediately notified the sites that had been scanned. Most were glad for
the heads up. One threatened me and the network I was on with legal action.
It took me a week to get my network connection restored after that.
Re #88: Seems like I heard somewhere that the delay between a security
problem being published and it being widely exploited is about two days.
I'm guessing not many sysops of free systems check Bugtraq or CERT every two
days. Heck, it generally takes software companies longer than that to even
admit there's a problem. There are stories of people bringing security
holes they'd found to Sun or Microsoft and being told, "If no one's lost
money yet, leave us alone and shut up about it." This is probably partially
due to the fact that software companies all exclude themselves from any
liability in such matters.
|
albaugh
|
|
response 145 of 145:
|
Oct 6 21:42 UTC 2000 |
Not that all real life analogies to cyber life are valid, but if IRL a
17-year-old "kid" picked the lock to someone's home, and found his file
drawer, and went through it reading his mail, and say, also locked the door
to the "shed" where people picked up their messages from the free community
bulletin board, would all that consitute a felony? Even if not, the fact that
the owner had an easily pickable lock would have been no justification. But
if those actions *did* consitute a felony, why wouldn't the cyber equivalent
of that also be a felony?
|