|
Grex > Agora35 > #28: Prosecution in the case of the Great M-net Crash | |
|
| Author |
Message |
| 25 new of 145 responses total. |
bdh3
|
|
response 84 of 145:
| 
Oct 3 04:22 UTC 2000 |
Look, I've never met the dude who broke root, never even seen any posts
and don't even know his login. But I do know he is 17 years old and
(somebody feel free to correct me) he did no actual damage. (He didn't
even change the menu shell so is prompted "Want Cookie" and responded
"No! Want Cookie" and refused to go further unless the user typed
'Cookie'...)
I do know that he's gonna have a hard time going to college and/or
getting a job from now on. "Have you ever been arrested/convicted
for/of a felony" is the usual form of the question on the application.
How sad, and for what...
|
bobcat
|
|
response 85 of 145:
|
Oct 3 05:42 UTC 2000 |
jazz, you're saying it took one month to restore the system to its
uncompromised state? This is an important point ad far as the proper
punishment is concerned.
Also, regarding volunteer effort's value: the IRS says it has none.
If I do 10 hours of work for the Red Cross, and do not charge them the $1000
I could have earned elsewhere, I certainly can;t deduct it from my taxes as
a contribution. You CAN deduct expenes involved in travel, etc.
As for restoring a system before the point it was compromised: you can never
really be sure it wasn't done long ago, and this VANDAL just spotted the
opening. The only thing you can do (which you would have done eventually
anyway) is secure the system NOW and restore any data lost. Everyone is of
course responsible for their own password, and the staff passwords would all
be reset by the person fixing the system. Free users need to change their own,
and are responsible for their OWN backups. Ordinary user's passwords are not
a big deal for the sysops, as they have no extraordinary privileges. You use
a free system at your own risk.
|
bdh3
|
|
response 86 of 145:
|
Oct 3 07:28 UTC 2000 |
And a responsible system would have been running 'tripwire' to note
exactly when and what critical system files were modified, detected same
when it happened and easy to correct. A truely less than stupid system
would have been monitoring any number of 'Net sites to fix security
holes before a '17-year old' script kiddy coulda even gotten in.
|
jerryr
|
|
response 87 of 145:
|
Oct 3 13:47 UTC 2000 |
don't you get tired of having sand in your ears?
|
jazz
|
|
response 88 of 145:
|
Oct 3 14:22 UTC 2000 |
I can't think of a way to encourage volunteers to spend all of their
free time monitoring rootshell and bugtraq for the patches to all of the
problems that crop up, the way some script kiddies do, Beady. Can you?
|
jp2
|
|
response 89 of 145:
|
Oct 3 14:23 UTC 2000 |
This response has been erased.
|
jazz
|
|
response 90 of 145:
|
Oct 3 14:29 UTC 2000 |
Uhm, he really didn't mention anything other than that the physical
hardware wasn't damaged, and that the intruder hopscotched to UofMd.
|
jerryr
|
|
response 91 of 145:
|
Oct 3 16:41 UTC 2000 |
alllrighty then. no, i'm not going to give you any details. they may or may
not ever see the light of day depending on what happens in court.
but, hey, why would anyone want to listen to jamie and me? knock yourselves
out. i'm done.
|
jazz
|
|
response 92 of 145:
|
Oct 3 17:34 UTC 2000 |
It just might have something to do with attitudes like "all you dumb
mother fuckers".
|
brighn
|
|
response 93 of 145:
|
Oct 3 18:01 UTC 2000 |
Did #91 smack vaguely of obstruction of justice via witholding evidence to
you, John?
|
jerryr
|
|
response 94 of 145:
|
Oct 3 18:07 UTC 2000 |
could you be any more obtuse? i am talking about information that the
prosecutors already have. i'm just not going to share it with you. i
tried to be nice and save y'all some effort because some of you keep
harping on how much m-nut lost and how it could have been avoided.
one mo' time - there is more involved here than m-nuts physical plant and the
replacement thereof.
if you have any more questions, contact the prosecutors.
|
brighn
|
|
response 95 of 145:
|
Oct 3 18:35 UTC 2000 |
Ah. Being nice to the dumb mother fuckers.
Sorry for being rude in response to your obvious gregariousness.
|
jazz
|
|
response 96 of 145:
|
Oct 3 18:43 UTC 2000 |
Where did brighn (or myself for that matter) ever say or even imply
that "it could have been avoided"?
Last I recall, I was actually supporting the argument that vandalism
damages a system beyond apparent replacement costs, and that it was unlikely
that even a full-time security staff could be expected to meet all possible
contingencies, let alone an unpaid volunteer staff working in their spare
time.
|
flem
|
|
response 97 of 145:
|
Oct 3 19:40 UTC 2000 |
There seems to be a certain amount of confusion as to what is going on in this
trial. I, for one, was under the impression that it was a *criminal*, not
a civil, trial. The kid isn't being prosecuted because he did monetary damage
to m-net, but because he committed a crime.
If you rape someone, you don't generally cause them a great deal of
financial difficulty. It can even be argued (occasionally; I'm certainly not
claiming this is the case for all or even a majority of rapes) that you don't
do any real damage to the victim. It can even be, and has been, argued that
"she was asking for it." Doesn't matter, it's still a crime and you're
(hopefully) still going to end up in jail for it.
IIRC, when you rob someone, the value of what was stolen is used to
determine how serious a crime it is (misdemeanor vs. felony), but, if I
understand correctly, that's a special rule that applies only to theft. It
doesn't apply, for example, to assault. ("The hospital bill was only $50,
your honor, so it shouldn't be a felony...")
In this case, I believe it to be the case that the law says that breaking
into a computer system without authorization is a felony. End of story.
Doesn't matter if it's a 386 or a supercomputer. (I'm not sure I agree with
the law, but that's my understanding of what it says.)
|
jazz
|
|
response 98 of 145:
|
Oct 3 19:45 UTC 2000 |
M-net was, at the time, wearing a tight red dress and "fuck me" pumps,
and therefore, deserved whatever it got.
|
jp2
|
|
response 99 of 145:
|
Oct 3 20:14 UTC 2000 |
This response has been erased.
|
jazz
|
|
response 100 of 145:
|
Oct 3 20:18 UTC 2000 |
You've proven your command of foul language, now let's see if you have
a working knowledge of being able to substantiate your point and differentiate
between fact and opinion.
|
jp2
|
|
response 101 of 145:
|
Oct 3 20:23 UTC 2000 |
This response has been erased.
|
brighn
|
|
response 102 of 145:
|
Oct 3 20:40 UTC 2000 |
color me confused. I thought I was the peanut gallery for this item. How'd
I get to be a central player worthy of this level of abuse?
This is an honest post. I thought I was meandering on some irrelevant garbage
about pranks, cause and effect, and other non sequitorial high horse falderal.
I don't give a damn about some punk and MNet. MNet can be swallowed into the
pit of Hell or demolished by Valkyries with PMS for all I care.
|
brighn
|
|
response 103 of 145:
|
Oct 3 20:43 UTC 2000 |
I guess 102 was for John, since he seems to be the one trying to drag me into
this. =} (Reading back...)
#99 was the second worst atempt to substantiate an argument I've seen this
week. Considering the worst was *yawn* *snort*, I wouldn't take it as a good
sign.
(This is my official return to Peanut Gallery comments...)
|
jp2
|
|
response 104 of 145:
|
Oct 3 20:45 UTC 2000 |
This response has been erased.
|
jazz
|
|
response 105 of 145:
|
Oct 3 20:54 UTC 2000 |
Please clarify in which of these posts I posted inaccurate information
displaying an assumption about the case:
#56 of 102: by Silent Tristero (jazz) on Fri, Sep 29, 2000 (11:54):
I don't entirely buy the explanation that a system's security staff
are responsible for any security compromises, to the point to which the
script
kiddie is off the hook, any more than a warehouse's security staff is
responsible to the point to which a cat burglar is off the hook. Especially
when it comes to freenets, it's not always possible to patch an exploitable
program or OS immediately, and sometimes it's not possible for a matter of
months. People with nothing to do and a subscription to bugtraq will always
be faster.
#75 of 102: by Silent Tristero (jazz) on Sun, Oct 1, 2000 (12:21):
None of the infrastructure of the internet is quite as impressive as
it's meant to be (and Worldcomm's headquarters are nowhere near as cool as
the office that the young-looking Generation D fellow scooters into).
Have to say I'm not terribly sympathetic for someone who gains root
and then immediately sets about destroying a system. Had he merely done it
to count coup, and send mail to staff or something along those lines, that'd
be one thing, but deliberately destroying other people's work isn't playing
very nice.
#80 of 103: by Silent Tristero (jazz) on Mon, Oct 2, 2000 (10:25):
The time to repair isn't really relevant. If you start a fire in a
warehouse and the warehouse puts out the fire because it was properly
equipped
with a fire extinguishing system, it's still arson. But in this case, it
was
about a month of volunteer and unpaid effort.
#88 of 103: by Silent Tristero (jazz) on Tue, Oct 3, 2000 (10:22):
I can't think of a way to encourage volunteers to spend all of their
free time monitoring rootshell and bugtraq for the patches to all of the
problems that crop up, the way some script kiddies do, Beady. Can you?
#90 of 103: by Silent Tristero (jazz) on Tue, Oct 3, 2000 (10:29):
Uhm, he really didn't mention anything other than that the physical
hardware wasn't damaged, and that the intruder hopscotched to UofMd.
#92 of 103: by Silent Tristero (jazz) on Tue, Oct 3, 2000 (13:34):
It just might have something to do with attitudes like "all you dumb
mother fuckers".
#96 of 103: by Silent Tristero (jazz) on Tue, Oct 3, 2000 (14:43):
Where did brighn (or myself for that matter) ever say or even imply
that "it could have been avoided"?
Last I recall, I was actually supporting the argument that vandalism
damages a system beyond apparent replacement costs, and that it was unlikely
that even a full-time security staff could be expected to meet all possible
contingencies, let alone an unpaid volunteer staff working in their spare
time.
#98 of 103: by Silent Tristero (jazz) on Tue, Oct 3, 2000 (15:45):
M-net was, at the time, wearing a tight red dress and "fuck me" pumps,
and therefore, deserved whatever it got.
#100 of 103: by Silent Tristero (jazz) on Tue, Oct 3, 2000 (16:18):
You've proven your command of foul language, now let's see if you have
a working knowledge of being able to substantiate your point and
differentiate
between fact and opinion.
In total, I've expressed the following about the case:
* Willard would make a good witness for the Defense.
* It took about a month to get m-net back up.
* M-Net staff are unpaid volunteers.
* JerryR hasn't presented any counter
* I do not believe that it is resonable to expect staff members to have
prepared for
every possible contingency.
* M-Net occasionally wears lingerie.
* JP2 can use foul language in a post on GREX.
Which one of these is inaccurate?
I'll concede about the lingerie bit.
|
jerryr
|
|
response 106 of 145:
|
Oct 3 20:55 UTC 2000 |
i have said it more than once - m-nut is only one element of the crime this
moron has been charged with.
i apologize for trying to stop the flow of conversation. knock yourselves
out.
|
jazz
|
|
response 107 of 145:
|
Oct 3 20:57 UTC 2000 |
#105 missed a bit of what I was trying to write - but it's been
corrected. JerryR has, since my last posting, presented one factual element
which he considers to have been left out of the discussion.
|
jerryr
|
|
response 108 of 145:
|
Oct 3 20:58 UTC 2000 |
whatever.
|