NationStates Jolt Archive


Botmaster gets 3 years....

Rubiconic Crossings
29-08-2006, 00:19
http://seattletimes.nwsource.com/html/localnews/2003226994_botnet26m.html

"Botnet" hacker sentenced to 3 years

By David Bowermaster

Seattle Times staff reporter

A 21-year-old computer hacker has been sentenced to three years in prison for launching a "botnet" that attacked millions of computers worldwide and disrupted networks at hospitals, schools and the U.S. Department of Defense.

Judge Marsha Pechman delivered the sentence to Christopher Maxwell in federal court in Seattle Friday after a lengthy hearing that included five witnesses who testified about the damage caused by the botnet attack, which lasted at least 12 months.

only 3 years...yeah...should have been longer.....5 years min. I have little time for hackers...blackhat that is.

Anyway...the days of tossers like this getting a kushty infosec job are over...or at least starting to end.
Call to power
29-08-2006, 00:22
I think a more pressing issue with this is the fact that he managed to hack things like school systems and even the military (the one with all the nukes!)

this kid will probably get out of jail by working for the government which I think is good:)
Rubiconic Crossings
29-08-2006, 00:25
I think a more pressing issue with this is the fact that he managed to hack things like school systems and even the military (the one with all the nukes!)

this kid will probably get out of jail by working for the government which I think is good:)

It was lax security implementations on the side of the targets.this guy was no great genius.

He's was using adware popups ...I bet that all the compromised systems were using Internet Explorer in conjucntion with no anti-spyware and other lax security procedures.
Slaughterhouse five
29-08-2006, 00:36
really sucks to be him. im assuming that he probably isnt the toughest guy around and that he is going to be passed around for the next 3 years.

remember people, this is the size of your asshole before prison: o

and this is the size after: o


i also have a suspicious reason to beleive he will most likely be working for the rest of his life trying to pay the $114,000 to Northwest Hospital and $138,000 to the Department of Defense. i have a hard time seeing early retirement anywhere in his near future
JuNii
29-08-2006, 00:47
I still say, that in this age of Information Technology, Hackers should be treated like terrorists.

the threat of Gitmo should stop the majority of hackers... the rest will stop after the first dozen get sent to Gitmo.
Captain pooby
29-08-2006, 01:15
I still say, that in this age of Information Technology, Hackers should be treated like terrorists.

the threat of Gitmo should stop the majority of hackers... the rest will stop after the first dozen get sent to Gitmo.

The ones that suck will hang themselves in gitmo. The good ones will use the barbwire as copper and build a computer out of the toilet, koran, and toothbrush.
Posi
29-08-2006, 01:21
The ones that suck will hang themselves in gitmo. The good ones will use the barbwire as copper and build a computer out of the toilet, koran, and toothbrush.

ROFLMAO
Ifreann
29-08-2006, 01:22
The ones that suck will hang themselves in gitmo. The good ones will use the barbwire as copper and build a computer out of the toilet, koran, and toothbrush.

The good ones don't get caught.
Posi
29-08-2006, 01:25
The good ones don't get caught.

The really good ones hack their friends home early.
Rubiconic Crossings
29-08-2006, 12:13
I still say, that in this age of Information Technology, Hackers should be treated like terrorists.

the threat of Gitmo should stop the majority of hackers... the rest will stop after the first dozen get sent to Gitmo.

Criminals. Not terrorists.

Terrorism is a politically motivated act....what these people are doing has nothing to do with politics....

The other issue is that these guys are usually script kiddies...I know this counters what I said above and I admit I did not really think it through...

A real good blackhat might be politicially motivated or criminally motivated...who knows until the attack has taken place the reason for the attack stated.

Script kiddies...are like juve thugs....all brawn and no artistry and just motivated by their own need to be 'king of the hill'....not realising that the hill is made of sand...
Kanabia
29-08-2006, 12:28
A: "So, what are you in for?"
B: "Grevious bodily harm."
C: "Assault and battery."
D: "Grevious bodily."
E: "I created a bot network that attacked millions of computers worldwide and disrupted networks at hospitals, schools and the U.S. Department of Defense."
*SMACK*
Demented Hamsters
29-08-2006, 12:46
A: "So, what are you in for?"
B: "Grevious bodily harm."
C: "Assault and battery."
D: "Grevious bodily."
E: "I created a bot network that attacked millions of computers worldwide and disrupted networks at hospitals, schools and the U.S. Department of Defense."
A, B, C, & D together, "Guess we've just decided on who gets to play the sultry bitch then"
Hamilay
29-08-2006, 12:49
A: "So, what are you in for?"
B: "Grevious bodily harm."
C: "Assault and battery."
D: "Grevious bodily."
E: "I created a bot network that attacked millions of computers worldwide and disrupted networks at hospitals, schools and the U.S. Department of Defense."
*SMACK*
http://www.ctrlaltdel-online.com/comics/20040312.jpg
[NS:]MCLMM
29-08-2006, 13:01
The good ones don't get caught.

The good ones not only don't get caught, they get top filght infosec jobs.
Rubiconic Crossings
29-08-2006, 13:17
MCLMM;11612500']The good ones not only don't get caught, they get top filght infosec jobs.

Hop it troll boi.
[NS:]MCLMM
29-08-2006, 13:21
Hop it troll boi.

I'm going to sig your line, since it's the only one you have.
Rubiconic Crossings
29-08-2006, 13:43
MCLMM;11612578']I'm going to sig your line, since it's the only one you have.

Tell me....why do you feel the need to have all these accounts? What is now? 4 NS accounts...of which you have used 3 (that I am aware of) to troll NSG?

If you are RPGing on the other forums it makes sense to have those accounts....but you seem to use them here as well....most odd.
Gataway_Driver
29-08-2006, 13:45
What a waste of time sentencing a hacker. Give them a long and strict community service so they can actually repay their debt to society.
Rubiconic Crossings
29-08-2006, 13:49
What a waste of time sentencing a hacker. Give them a long and strict community service so they can actually repay their debt to society.

If it was just businesses affected I'd be happier with a lighter sentence....but here we are also talking about hospitals...so the damage could possibly be life threatening...which means a harsher tariff needs to be put in place.
Ifreann
29-08-2006, 13:51
If it was just businesses affected I'd be happier with a lighter sentence....but here we are also talking about hospitals...so the damage could possibly be life threatening...which means a harsher tariff needs to be put in place.

Make him do community service in prison. Somehow.
Gataway_Driver
29-08-2006, 13:51
If it was just businesses affected I'd be happier with a lighter sentence....but here we are also talking about hospitals...so the damage could possibly be life threatening...which means a harsher tariff needs to be put in place.

I completly agree, it just seems like a waste to just throw this guy in prison when he might be able to do something constructive.
Rubiconic Crossings
29-08-2006, 13:57
Make him do community service in prison. Somehow.

errrr....bumboi to the lifers????
Rubiconic Crossings
29-08-2006, 13:59
I completly agree, it just seems like a waste to just throw this guy in prison when he might be able to do something constructive.

well....what he did was not really a major challange...not easy ...but not very difficult either....he relied on others not caring about security.

Maybe all prisoners should be 'doing something constructive'.....

what that is...I leave up to you....
Deep Kimchi
29-08-2006, 14:19
Tell me....why do you feel the need to have all these accounts? What is now? 4 NS accounts...of which you have used 3 (that I am aware of) to troll NSG?

If you are RPGing on the other forums it makes sense to have those accounts....but you seem to use them here as well....most odd.

Sorry if you think I'm a troll just because I disagree with you on occasion. And a lot of NS General posters have more than one nation.

I have all my nations in one NS region, and each is a different type of nation - I like to see what the nation descriptions come out as depending on the types of policy.

And who appointed you the moderator? Should I report you for pretending to be a moderator?
Xerexopolis
29-08-2006, 14:27
Criminals. Not terrorists.

Terrorism is a politically motivated act....what these people are doing has nothing to do with politics....

The other issue is that these guys are usually script kiddies...I know this counters what I said above and I admit I did not really think it through...

A real good blackhat might be politicially motivated or criminally motivated...who knows until the attack has taken place the reason for the attack stated.

Script kiddies...are like juve thugs....all brawn and no artistry and just motivated by their own need to be 'king of the hill'....not realising that the hill is made of sand...

Hackers can also be politically motivated, but I doubt it's true in this case. Anyhow, to the hacker - so long, the internet will be a better place without you.

What a waste of time sentencing a hacker. Give them a long and strict community service so they can actually repay their debt to society.

I don't get people that try to rehabilitate the prisoners. It simply won't work. Prisons aren't made to rehabilitate people no matter how much you belive it - prisons are to keep the scum of a country away from normal population.
UpwardThrust
29-08-2006, 14:27
I think a more pressing issue with this is the fact that he managed to hack things like school systems and even the military (the one with all the nukes!)

this kid will probably get out of jail by working for the government which I think is good:)

This guy was nothing particularly special nor inventive ... I would be depressed if this guy did anything other then time
Rubiconic Crossings
29-08-2006, 14:28
Sorry if you think I'm a troll just because I disagree with you on occasion. And a lot of NS General posters have more than one nation.

I have all my nations in one NS region, and each is a different type of nation - I like to see what the nation descriptions come out as depending on the types of policy.

And who appointed you the moderator? Should I report you for pretending to be a moderator?

Oh good grief...now I'm a moderator? Get real DK.

Be my guest....do what you want..you are an adult so you don't need my permission do you :rolleyes:

Also you do not 'disagree'....you intentionaly go out to troll.

A perfect example...you stated how bad and evil journo's are and that you think they are worthless [sic] .... lo and behold a few days later....there you are.....quoting journo's....

As for multiple nations....I think I covered that already yes?

I remember when you first arrived here....and I figured you for a troll thenl...somethings never change.
UpwardThrust
29-08-2006, 14:30
What a waste of time sentencing a hacker. Give them a long and strict community service so they can actually repay their debt to society.

Yet this un-inventive idiot probably cost more "money" in the form of man-hours and computer time then any individual vandaliser or embeseler
Deep Kimchi
29-08-2006, 14:33
Yet this un-eventive idiot probably cost more "money" in the form of man-hours and computer time then any individual vandaliser or embeseler

It also has costs before he even exists. Think of the money spent on preventative measures.
Deep Kimchi
29-08-2006, 14:35
A perfect example...you stated how bad and evil journo's are and that you think they are worthless [sic] .... lo and behold a few days later....there you are.....quoting journo's....


Unlike you, I don't think in terms of inflexible, never to be changed or reviewed, absolutes.

I also am not trolling. If I was, the mods would deat me. Are you repeating the accusation that I'm a troll because you wish you were a mod? It sure seems like that.

Once again, if you have a problem with me, report it to Moderation.
UpwardThrust
29-08-2006, 14:36
It also has costs before he even exists. Think of the money spent on preventative measures.

I got a rough Idea :) ... it is billions uppon billions of dollars and climbing every year

I deffinatly work in a booming industry
Deep Kimchi
29-08-2006, 14:39
I got a rough Idea :) ... it is billions uppon billions of dollars and climbing every year

I deffinatly work in a booming industry

So maybe kids like this are good for job security.

Kind of like you working in an auto body repair shop, and the kids in the neighborhood throw rocks through car windows at night.
UpwardThrust
29-08-2006, 14:46
So maybe kids like this are good for job security.

Kind of like you working in an auto body repair shop, and the kids in the neighborhood throw rocks through car windows at night.

But bad for the other industries ... they are costing more then a broken window for sure
Nobel Hobos
29-08-2006, 16:55
The ones that suck will hang themselves in gitmo. The good ones will use the barbwire as copper and build a computer out of the toilet, koran, and toothbrush.

... and qualify. Go to work for the US government.

Us good guys really need a future cobbled together from a Koran, a toilet and a toothbrush. :D
Rubiconic Crossings
29-08-2006, 21:15
But bad for the other industries ... they are costing more then a broken window for sure

What annoys me is that you can mitigate most of this risk by implemeting and enforcing good security policies.

If only snr management understood that it is as important as insurance....in a way it is insurance.

Of course a really motivated 'hacker' can get you eventually...but even then there are methods you can put in place.such as not giving out email addresses or mobile numbers....or even names when someone calls reception...
UpwardThrust
29-08-2006, 21:21
What annoys me is that you can mitigate most of this risk by implemeting and enforcing good security policies.

If only snr management understood that it is as important as insurance....in a way it is insurance.

Of course a really motivated 'hacker' can get you eventually...but even then there are methods you can put in place.such as not giving out email addresses or mobile numbers....or even names when someone calls reception...

Agreed a good half of my job is justifying simple and necessary security policy upgrades.

No one wants to spend money on it but everyone is mad if it is not there.
Rubiconic Crossings
29-08-2006, 21:33
Agreed a good half of my job is justifying simple and necessary security policy upgrades.

No one wants to spend money on it but everyone is mad if it is not there.

I fnd one of the best ways of getting sign off is using examples...

The most recent being AOL's CTO :)

It never ceases to amaze me....laptops are such a point of failure and yet how many are allowed out of the office with no security?

You and I know that all you can do it mitigate risk up to a point but that is usually enough...how many machines get disposed of with out the hard drives destroyed?

Even just doing things like drilling holes in the silicone won't do anything...you can still recover data....same with 'de gaussing'...useless as the disk controllers on newer HDD are shielded...but there are ways...it does cost money but at the end of the day...how valuable is your data in the wrong hands?
UpwardThrust
29-08-2006, 21:39
I fnd one of the best ways of getting sign off is using examples...

The most recent being AOL's CTO :)

It never ceases to amaze me....laptops are such a point of failure and yet how many are allowed out of the office with no security?

You and I know that all you can do it mitigate risk up to a point but that is usually enough...how many machines get disposed of with out the hard drives destroyed?

Even just doing things like drilling holes in the silicone won't do anything...you can still recover data....same with 'de gaussing'...useless as the disk controllers on newer HDD are shielded...but there are ways...it does cost money but at the end of the day...how valuable is your data in the wrong hands?

For the university every single hard drive before it leaves is whiped to NSA standards with a 7 time whipe and bit randomizer then run through an electro magnet
Rubiconic Crossings
29-08-2006, 21:55
For the university every single hard drive before it leaves is whiped to NSA standards with a 7 time whipe and bit randomizer then run through an electro magnet

NSA's Overwrite standard is usefull but I perfer 'safety in numbers' hence I use a system/product that adheres to the following -

* Air Force System Security Instructions 5020
* Bruce Schneier's algorithm
* BSI (German overwrite standard by Federal Office for Information Security/ Bundesamt für Sicherheit in der Informationstechnik)
* German Standard VSITR
* HMG Infosec Standard No: 5 (baseline) [Note! Certified versions: 4.5 HMG and 3.7r1]
* HMG Infosec Standard No: 5 (enhanced) [Note! Certified versions: 4.5 HMG and 3.7r1]
* Navy Staff Office Publication (NAVSO P-5239-26) for RLL
* NSA (Overwrite standard by National Security Agency)
* OPNAVINST 5239.1A
* Peter Gutmann's algorithm
* The National Computer Security Centre (NCSC-TG-025)
* U.S. Department of Defence Sanitizing (DOD 5220.22-M, DOD 5220.22-M ECE)
* US Army AR380-19

Its actually quite usefull....but that is not all I do....electtonic mags (de gaussing) is pointless....I have the silicone shredded.

There is no way that data can be recovered from this method.

ps...Schriener...is ghod!