Ah the famous one way treaty from Uncle "smack in the face" Sam. See also the case of the Natwest 3.
(PS England is not synonymous with Britain / UK.)

Thats what u get for being a pleb, hacking.. should never have done it, you do the act you pay the price.

googun: *It may be worth noting that the extradition agreemement between US and UK only works one way. The idiots in the UK government neglected to arrange similar powers to pull people over from the US for trial in the UK.*

Of course that's the way it works, and for the same reason we won't hand over US citizens to the world court. Reason being? Because it would break USA law to do so - the constitution says something about being sovergn....

It may be worth noting that the extradition agreemement between US and UK only works one way. The idiots in the UK government neglected to arrange similar powers to pull people over from the US for trial in the UK.

If McKinnon managed to break into apparently secret and secure systems, one has to wonder at the idiots in charge of the systems, who left a way in for him. And what about their backup strategy? ... They did keep backups, didn't they?

They shouldn't be hiring McKinnon as a consultant. McKinnon did what, no doubt, any number of other people could do, and did what the US military dudes should already have known how to do and prevent.

McKinnon shouldn't be left to rot in prison for this. Yes, he messed with the wrong guys, but that makes him a fool, not a terrorist.

If u play with fire u get burnt

I assume they are also going to prosecute the system admins that allowed the hacker in, for gross negligence, and compromising national security. I suspect not however, they will have been promoted to a different job..

Ok, I just have to put my two sense in here. Major Corporations pay millions of dollars each and every year. I feel That something good should be made of this. The U.S military should hire Mr. McKinnon as a Security Consultant to intentionally try to hack into government computers to expose just how poor their current security is. Look at it this way. The many anti-virus companies out there hire these kids (experts), that intentionally write and distribute viruses and I believe the same goes for companies producing firewall software so why shouldn't the U.S. Government hire him to improve their security. Just my two cents (sense),lol

I don't think this guy is evil but he is careless. I mean he did even admit to accidentally wiping out some data on one of the servers from what i've read. Sorry but he's kind of moronic, sitting there smoking tons of dope while hacking into GOVT computers. That's real brilliant, yeah. Sorry i just don't have that much sympathy for people who live in their ex-girlfriend's aunts houses and use their computers while smoking gobs of weed while trying to find out about UFO's (if not so sad it would be absolutely hilarious).. guys like that give people who really want to know the truth a bad name. Not much sympathy here.

http://www.smh.com.au/ne...5512.html?oneclick=true

"........critical systems inoperable at Earle Naval Weapons Station in northern New Jersey shortly after the September 11, 2001 terrorist attacks."
We all know that the terrorists were the US government itself who let 9/11 happen. See "Loose Change" and all the other 9/11 websites.
McKinnon should bring that up as his defense! Opening the real barrel of worms.
Not for entering but for what he saw he will be locked up.

he was searching for the truth you PC Rat, you ****ing retard, go back to sleep.

I usually disagree with him, but on this one, he's dead on. Almost looks like it's starting to become a habit of his.

McKinnon was knowingly breaking the law. He's a criminal. What's worse, is that he's also a complete f'ing moron.

He gets what he deserves.

I *love* the double standard on this forum.

If it's a Company doing it to you, it's Evil™. If some idiot does it to the gov, he's a friggin' Hero.

Back to sleep, indeed. Wake me when ya'll start making sense (and not contradicting yourselves every other topic). I'm sure I'll get a nice long nap.

I suspect it's because when companies do it is due to greed and desire for profit, if you read the whole story he was doing it under 'moral' reasons believing the US govt. is witholding important information from the rest of the world.

I'm glad someone wants to stick up for the world personally, I have no respect for the govt., their WMD BS and no doubt a lot of other lies. Yea, damn hackers trying to bring us the truth. Time to go back to ignorant land :)

So if he's being persecuted for being a criminal, why are they slapping such massive penalties on him? Why do they want him extradited to the U.S? Why not try him in a U.K court under U.K rules like normal U.K hackers who crack U.S systems?

Infact McKinnon didn't even crack anything, he wrote autonomous perl scripts that just walked through systems, he's being shut up for the 'information he saw' not the 'crimes he committed'.

There's no double standard, this is a new case, new standards therefore need to be assigned.

It's just another way the U.K are cupping bushes balls.

"I'm glad someone wants to stick up for the world personally"

Yet another double standard. When it's the US government trying to "stick up for the world", everyone hates the US for it. Yet you stick up for a hacker? And since when has a hacker brought anyone the truth about anything? They're pretty secretive. He's just trying to save his own ass.

HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA.

*doesn't stop laughing for twenty minutes*

did you just say the U.S government sticking up for the rest of the world?

*resumes creasing himself*

...

Amazing all the apologists that rank criminals
have.

...

The Computer Rodent

...

Give him choices:

either manage to hack Al-Quaeda, do a tour in Afghaniraq, or give Bubba some TLC-- though for this last one he can be cut a break: he can choose from between Prison Bubba, Arkansas Bubba, or the likely stinkiest choice of the three-- HillaryBubba. If i had to give him a recommend, i'd steer him to the second one: since it's curved sideways, it won't gag him...I know Hill for sure would gag me to no end.

My view is this:

If they don't have it secure then it's their fault. Hire the guy and handle it.

The U.S. Government should have THE MOST bad@ss dudes on the planet running their servers and network security. If they don't, then they better rethink what they are doing.

Point blank.

So it's the homeowner's fault when the thief breaks in?

Please.

What do you think our goal in this matter should be? To scare those susceptible to extradition not to try breaking in, or to make sure no one can break in?

By scaring such guys with jail we are making sure security holes will stay un-patched and available to our real enemies.

According to what I've read about this, you can't really say a thief broke in here. If you leave your door wide open, I'm relatively sure anyone is free to walk in. You can ask them to leave, but you can stick them in jail or actually accuse them of anything worth 70+ years in prison.

Untrue, it is still illegal entry to enter without permission.

I had a car stolen once because one of my kids didn't lock their door and I neglected to check it (at least the police said there was no sign of forced entry).

Guess what, it was still considered a theft.

You don't gain status by hacking, it's no different than any other form of theft.

I hope he gets at least 50 years to think about it.

However, your insurance company laughed at you when you asked for recompense because stupidity doesn't deserve protection.

70 years is ridiculous. I would say 5-10 maximum is a fair sentence.

He caused no physical damage to anyone or anything. This claim of $700,000 is BS. He may have made some people hunt him out via his IP address which might have cost them a couple of grand. He has never destroyed any of their equipment.

So for something that has caused no actual damage, nor has rendered any one or anything helpless I view it as almost trivial.

And as most other people here suggest he should be hired to protect them.

I have personal experience of being caught and then hired. Back in College a friend and I copied the school website (which hadn't been updated in 4 years) and ripped the piss out of them. We got caught and excluded for a day and the Police got involved over the copyright infringement.
A year later they took us on to update the website and redesign it.

That is the sensible approach.
A bit of punishment, but then take the guy on because he is clearly smarter than the current work-force.

I even put it on my CV that I did it, and it makes employers sit up and take note.

So yes, it's still illegal; however common sense should prevail as he had no intention of harming anyone/thing and didn't either.

Many known theives later become aids in helping prevention of crimes.

If the home owner puts keys in all of the locked doors or leaves the doors open and a sign that they are on vacation yes, it's their fault.

I still think they guy did something he shouldn't have but he had permission to do "some things". He went too far and now is going to prison? That's too much.

The government should go to prison for leaving their crap wide open like that.

The guy shouldn't do any time at all.

"The government should go to prison for leaving their crap wide open like that."

how exactly was it left wide open?
did they leave file sharing on?

This isn't leaving the keys in the door. It's simply leaving them unlocked.

Entering the house without permission is still against the law. Even if the doors are unlocked.

You say teh gov should be locked up when their only "crime" was not putting up enough locks?

I admit leaving root open is stupid, Yes, someone should, and likely will. *definately* be fired.

home owner puts keys in all of the locked doors or leaves the doors open and a sign that they are on vacation yes, it's their fault.

I can't believe you think this way. One person's property is one person's property and *no-one* has any right to it regardless of security measures.

The guys a criminal, and should be treated as such.

He didn't take the equipment away, thus he didn't steal anything. His brain read it and aquired information, I suppose that is theft somehow? :)

There are laws against it however, but this is more like someone having left keys in the door, someone else taking a peak inside, then sodding off again. You might be a little angry, but as nothing was stolen I doubt you'd be uptight about it.

The goal should be to enforce the law.

We create and change the laws to advance our goals. Enforcing the law in itself is not a goal.

In this case our goal is to make sure our enemies can not penetrate our networks. And current law which scares everyone it can scare not no test our network's security, contributes to ability of those it can not scare to penetrate our networks. This law is wrong and should be changed.

Do you know how much it costs to analyze and replace equipment broken into by an unknown?

It really doesn't matter that he claims to have done nothing.

No, the insurance company did no such thing idiot. There was no evidence of it, only my assumption based on the lack of forced entry.

It probably cost close to $700K in equipment replacement and analysis costs.

The goverment more than likely isn't going to put hacked hardware back into service, like most private companies since there is no telling what else the guy did to it while he was in there.

I bet all those servers and the disks that were in them were destroyed.

"I have personal experience of being caught and then hired."

If that's true then you can't be trusted, so you aren't worth hiring no matter how "good" you think you are.

Am I meant to feel sorry for the high flying government who is stupid enough to hook important computers up to the internet lacking that much security?

Well if a hacker gets in some day that really wants to cause the US govt. trouble, I'll certainly never feel sorry for you guys.

That's broken logic.

1) If they're a decent company they should have multiple levels of backup so they will know what the hell has changed anyway. Yea, it'll cost time and money, but doubtful that much money.

Secondly, who are we meant to trust if you don't trust hackers? You know the person who has devised a lot of the security checks on bank checks used to commit fraud, now he works for the good side of the law and has made millions.

http://en.wikipedia.org/wiki/Frank_Abagnale

Better go lock yourself in a dark room, the real scary reality is out there. People who have broken the law actually work on the good side!

I'd rather hire someone who knows how to abuse the system, than someone who has worked on the outside not always knowing the latest tricks.

You backup bios flash, hard drive firmware, etc?

Just because you didn't find what said hacker did on disk doesn't mean it's not there.

Apparently you haven't ever been all that involved in risk assessment, risk mitigation, and asset protection practice.

Posting one case of one guy that decided against a life as a black hat is hardly proof of anything.

If your servers are not "locked in a dark room" then you don't deserve the role of managing them.

I suspect none of them work without being watched really very closely and everything they do subject to extensive peer review.

Maybe they are allowed in a sandbox built from backups at a DR site to perform an analysis, but I also suspect that few of them are touching any live environments.

;-)

Agreed

yea and if someone i don't know enters my door without permision I have every right to shoot their a**.

Babylon, just admit that you hate the US. That's what your biased argument is really about, anyway.

No I think it was a flaw in Windows Messenger that they forgot to disable when they reinstalled XP :P

I'm kind of slanting myself towards the fact that he stole information by reading it and should go to jail for that. More importantly he should get creamed in the face a many few years for deleting said systems. If he looked, he'd just be considered a spy and he could ask for asylum. Now if he deleted stuff, depending on what the computer was for/what it had on the drives at the time, he could have deleted days/weeks/months/YEARS worth of work. For that he definitely should do some major hard time.

I suppose you would hire a known sex offender to work in a child care center?

Hey, I have my own reservations when it comes to the US government but come on. Are you saying McKinnon wasn't aware that roaming around a governmental website was illegal? And, I am not talking about the Park Service. He hacked in to the US Army, US Naval and Pentagon. What if, by his activities, he interfered with aerial radar and caused a plane to crash?

And, some of you are arguing that the websites were wide open and it is understandable that McKinnon would take the opportunity to explore these websites. Well, if I come across an empty car with the keys in the ignition and decide to drive off with it, does it mean I didn't commit a crime?

Hey, you want to bash the American government and/or President Bush be my guest. But, how would you feel if an American hacked in to a British governmental website? How would you feel if the US government refuse to extradite him solely because he is an American?

I am glad I am not the only person to think what he did was stupid. I hope he doesn't end up with a 70 year jail term however he should be punished for his crimes. He was stupid but he is a grown man and should know what he was doing was wrong.

It is strange how so many people think this guy did nothing wrong.

> It is strange how so many people think this guy did nothing wrong.

What he did may be wrong and he may be stupid, but what we are doing is many times stupider. By threatening such guys with jail we are making sure our critical computer networks will remain insecure and open for our enemies.

Hackers should not be paid money for their illegal activities. By doing so you're only encouraging hackers to do more damage.

"And, some of you are arguing that the websites were wide open and it is understandable that McKinnon would take the opportunity to explore these websites. Well, if I come across an empty car with the keys in the ignition and decide to drive off with it, does it mean I didn't commit a crime?"

You miss the point. He didn't drive off with the car. He merely sat in it and looked at some of the stuff. Using the term 'hacking' is a bit misleading. If someone leaves the door open, you're just taking a curious look. Maybe it's not 'right' but it's not worthy of 70 years. Curiousity really is killing the cat here.

It's not like he took out any networks, I believe his side of the story more than the US one.

"According to the U.S. government, the Polish-born McKinnon caused $700,000 worth of damage and rendered critical systems inoperable at Earle Naval Weapons Station in northern New Jersey shortly after the September 11, 2001 terrorist attacks."

Puhlease. To cause that much amount of damage he sure must have taken out a hell of a lot of their PCs. Their critical PCs are linked up to the internet with security that bad? If the US side of the story is true I'd worry more about how awful the security in place is. Maybe someone could just login and send off a nuke or something.

Doesn't seem likely, does it?

"You miss the point. He didn't drive off with the car. He merely sat in it and looked at some of the stuff. Using the term 'hacking' is a bit misleading."

"According to the U.S. government, the Polish-born McKinnon caused $700,000 worth of damage and rendered critical systems inoperable at Earle Naval Weapons Station in northern New Jersey shortly after the September 11, 2001 terrorist attacks."

Yep, looks like he just "looked around".

In the Internet world nothing is totally secure.
Check out the link:
http://news.bbc.co.uk/2/...lick_online/4977134.stm

"SK: So you're saying that you found computers which had a high-ranking status, administrator status, which hadn't had their passwords set - they were still set to default?

GM: Yes, precisely. "

Why do they cover-up the problems they have by punishing the hackers.
Why not punish the personnels who used the blank or default passwords in the Network?
Aren't they the main reason for the security breach?

You will never know if they were really unprotected or not. Perhaps they were and there was a reason for it or perhaps he is just acting dumb so people think "he isn't a dangerous hacker why you picking on him". I don't believe 70 years a $1m+ fine is really the answer.

They are making an example out of him to scare other people away. It sucks for him but thats what they do. Simple rule: Don't break the law with the government, it will only end in tears.

Do you seriously think by giving these guys jobs it will secure our networks? The reason anywhere has security problems, be it the government or a large corporation, is that the technical people don't make the decisions, management do. I have done consultancy work for companies dealing with $100m+ projects and their file servers have logins such as public/public (username/password) because a manager somewhere found his username and password to complex to remember or he needed to give access to someone who didn't have an account, etc. As the manager could pull rank all the system administrators in the world couldn't stop him. They could go over the managers head but chances are they would be fired and the public account would be left there. Its sad but true. If there are servers with no root password, which I am sure there are, it is probably because some manager wanted easier access and the sysadmin didn't want the hassle or to lose his job.

"Don't break the law with the government, it will only end in tears."
Exactly right....

But there is no use in threatning people not to go through an open door, within which a lot of mysteries are there. Curiosity takes control over these threats and the threats loose their value in time. Basically the government should have had a very secure door which is constantly guarded.

"...scare other people away." - On the other hand, why not hire these people, they have the talent to spot out the loopholes in the security system.
Only a hacker knows what methods another hacker would follow to hack into a system.
What would happen if another hacker like him, hacks into their system and wipes out the entire n/w, so perfectly he could not be traced out?

I didn't say anything about giving them a job. I said by scaring everyone we can scare not to test network security we are making sure our networks will remain insecure and easily accessible for those who couldn't care less about our criminal laws.

According to his side of the story, he didn't cause any damage. So are you going to believe your crazy goverment who looks for scape goats? Iraq, WMD, etc? I wouldn't :)

Incidently: "Hey, you want to bash the American government and/or President Bush be my guest. But, how would you feel if an American hacked in to a British governmental website? How would you feel if the US government refuse to extradite him solely because he is an American?"

I'd feel disgusted the government can't secure servers to save themself but thankful it was highlighted before terrorists got in.

I'm not gonna believe the guy that just broke the law and hacked into a system knowing it was against the law, that's for sure.

He did more than he let on to.

Every guilty party claims innocent, only the nieve would believe otherwise.

The torrorists probably have gotten in before, just this guy is not careful and got caught. We are see "leak" from the government every week. When is the government going to wake up and do something about it. .

Using your poor analogy, sitting in an unlocked car does not require hundreds of hours of analysis to determine if my sitting in the seat broke other parts of the car. My sitting in the car does not require that the car be completely replaced with a car that can be trusted.

I heard this guy interviewed once on his way into or out of court and he said all of the servers he accessed had **NO ROOT PASSWORD WHATSOEVER** !!! That all he did was simply scan hit some computers try the blank password for root and voila he's in! He said he browsed and looked around for files related to UFO's because he thought perhaps they were hiding information on that.

This is a perfect example of how our government tries to entice or fake attacks (e.g. 911) and then use that as an excuse to come down on peoples rights and liberties. Plus they always like to punish the innocent as a scapegoat for their crappy acts. Look what the zionist pigs who run this world and the US are doing with those sheep farmers in Guantanamo. They were sold to US forces by the drug lords.

Well he is hardly going to say "they were super secure system and it took me 3 months to crack the root password to just one" is he? That makes him look REALLY guilty. He is just playing the "but the door was unlocked so I just had a look inside" card but the problem is you don't know if he is telling the truth or not.

Personally I do not believe he should be extradited however I do not believe he is some poor fool who accidently hacked into the FBI. Perhaps some of the systems didn't have root passwords, however he still should not have done what he did. He is a grown man and knows what is right or wrong. If you left your front door open and someone came in and you caught them in your living room you would want justice would you not?

imcbmi needs to REALLY lay off the cool-aid!!
US govt faked 9-11??? Man, you should really stop reading the far left propaganda or at the very least back up what you think with say... FACTS!!??!!

"If you left your front door open and someone came in and you caught them in your living room you would want justice would you not?"

If that ever happens to you, try getting $1.75 million in fines and a 70-year jail term from them. In reality they'd get a caution from the police and nothing more.

If you're listening to what the US govt. are saying about it, it hardly seems like they're telling the whole truth either.

What if it had been a terrorist group breaking into their poorly secured computers? They probably have in the past, maybe they even influenced information on the computers. Who really knows?

They should thank him for doing a favor in highlighting just how dire the security was and the potential trouble it could have caused.

zionist pigs

Yeah....

Uh..., you friends with altern8energy? If not, I'm sure you'd get along great...or kill eachother.

Either of which would be fine with me.

nice ... laws of usa being applied in UK
what next?

The UK has a extradition treaty with the US. No US laws were applied in the UK, they asked for him to face trial in the US, which is what will be done. The UK has also asked for persons in the US lots of times to face trial in the UK, but that does not mean UK laws are being applied in the US.

Nothing to do with US or UK laws. Its to do with our extradition agreement with the US.

For more info check out http://en.wikipedia.org/wiki/Extradition

"The UK has also asked for persons in the US lots of times to face trial in the UK,"

And usually when that has happened, the US Justice Dept has told them to **** off.

THe UK-US extradition treaty is one way traffic.

when was the last time US handed over someone to a foreign government?

I think the $700,000 worth of damages is a bit exgarated. Unless he broke into the server room and set all the equipment on fire, I don't see how it's possible. Not to mention if the server(s) went down it shouln't take more than five days to get it back up if it's a critical system. Most of the time it could be back up in 24 hours. I'm just speaking from my own experiences.

No doubt the number is exagerated however I think the biggest loss of cash was the admin work required to audit what he did and did not see, this could take months or peoples time. Not to mention any processes that would need to be scrapped because of what he did, even if those processes were rubbish, they were the processes in use and because of him they have been changed now and so that cost gets captured as damage he caused.

I'd guess their greatest "loss" wasn't monetary...but rather "losing face," having their lax security exposed, once again. Let's face it...when was the last time any government did anything efficiently?

If you all remember, most of the 9/11 hijackers didn't sneak into the U.S....but were invited here, by way of visas, a process where they should have been investigated before issuance. The visas expired and an inept federal immigration department, "just lost track of them" until 9/11.

When their "secure" servers are hacked, it's just another exposure of government agency ineptness.

we should hang onto this guy, and his skills and turn it to the advantage of the UK Intelligence services advantage. If this guy hacked in from his bedroom, using a dial up modem, then our Intelligence services could do with some help in their fight against terrorism.

You worded that very carefully as not to say "american" and "intelligence" in the same sentence

If you read how he did it you might not be so impressed. No doubt hundreds (if not thousands) of people try and hack into the FBI every day, I get hundreds of attempts on my servers at work every day, and I know I am not alone in this. Perhaps this guy had some balls and went a bit further than they (the FBI) allow people to go and they wanted to make an example out of him? Who knows.

The guy was very stupid to do what he did and he got caught which is even more stupid that doing what he did in the first place. This guy would be of very little use to our intelligence agencies, after all he is just a 'script kiddie'.

we should hang onto this guy, and his skillset and turn it to the advantage of the UK Intelligence services advantage. If this guy hacked in from his bedroom, using a dial up modem, then our Intelligence services could do with some help in their fight against terrorism.

70 years, yes far to long, but was his motives wrong, yes,

was his intentions wrong yes, of course they were,

lets imagine that he did find UFO evidence, and the evidence was solid as a rock, what do you think would happen world wide across the globe, panic, chaos, religous fanatic war's, civilian wars, it would be a mad frenzy, you could be looking at a social breakdown of all goverments 1 person knowing fine, a handful of people knowing again ok, but a entire world knowing that there really are UFO's, the death count would be tremendous, it's simple the world is not ready for some truths, and UFO stuff is deffiently on that list, the consoquences would be horific,

70 years, obviously they want to set a example, not the best way of handling it, i still believe 15-25 years without parole would safice, by the time he comes out, he would be useless, computer systems and software would of change by about 3 generations which would make him useless, 70 years is to much,

as for asking him to help them, i agree with some of the above posts, it would intice other people to try the same thing, which again would be out of the question, the risk is to great,

terroism is a real threat and the last thing 1 would want is a terrorist gaining access to there systems,

he knew what he was doing and it was wrong, every citzen on this planet has self discipline, going into a shop and seeing loads of deodrents does not give anyone the right to start opening them and testing them with out permission, did he ask for permission no,

the house was a good example, if i left my door open and went out, does that give anyone, anyone the right to enter my property without explicit permission, of course not, that is tresspassing on private propterty, which is a criminal offence in nearly all countries,

just entering my home with out permission is illegal, that is breaking the Law, and the criminal can't start saying "but the door was open", the judge would come back and say, a door open does not give anyone the right to enter that property in question,

again, to all you fools about the CAR, if i left my keys in the ignition, and the car door was unlocked, just my opening that car door, already that person has broken the Law, that is entering with out permission, wheather the person stills the car or not, this is still illegal,

the fact is, he entered a computer system, knowing forwell, what the system was, and who it was connected to, just by entering that system, he has broken the Law, saying the system was unlocked, is beside the point, he did not have permission to enter the system,

he knew what he was doing, he had motive, and intentions, that makes him a criminal and he should be charge accordingly, did the military f**k up, yes of course they did, but that isn't the question what's on trial, it entering without permission,

the fact is, he knew what he was doing, he had his own motives, and he could of put huge amount of lifs at risk, and by him doing this, is now already has caused other people out there to say "i'm gonna try that", not the sort of thing a millitary wants or needs,

he's a criminal and needs to go away, and no one actually knows what he was going to do with the information if he did find what he was looking for,

70 years, yes to long, no need for that, but 15-25 years would be a bit more like it,

a criminal is a criminal, and should be trialed as such, he needs to go away in prison, he brought this on his self, self control is in us all, we all have common sense in our souls, and many many of is has had opertunities in our life of doing something along these line, but we stop our selves, why, because we know in our soulds that it's wrong, and we would get into trouble,

It's the Golden Rule: "Do unto others as you would have others do unto you." It is the ultimate norm of high morality in our culture. Sure there are other morals by which we live, but this one phrase embodies our most cherished value: that we should treat people as we would like to be treated.

invading people's privacy is wrong, full stop.