posted on Oct, 19 2012 @ 05:22 AM
Let's clear up this "hacking" aspect once and for all.
I'm not making any claims regarding what he said he saw nor am I making any claims about his skill level in regards to computer security /
In this case, he merely used a known security vulnerability in the remote desktop software PC Anywhere. The security hole would allow anyone to login
using a blank password. Nothing complicated and for once in the hacking realm "just about anyone could do it".
It took zero talent to make use of this security hole, just the basic knowledge to scan for computers running the software. Once he found some, all he
had to do was try and connect with that blank password and default user account. Easy as pie.
Now, if I were to leave the keys in my Ferrari, engine running and radio blasting in some States in the US not only would it be difficult to prosecute
someone for walking up and driving away, I'm also fairly certain I could not sue that person for the cost of installing an alarm system in the car or
for the cost of classes to teach me not to leave my keys in the car.
In fact, in most states I could be cited for leaving my keys in said car.
Every hacking case I've ever been involved with where a State or Federal Government entity was involved included "ZILLIONS" of dollars of claimed
damages. This is a clown shoe circus act, IMO. The US Government uses software with a known security flaw, fails to patch that software and then want
to collect millions of dollars in restitution when someone uses that flaw to walk in the open door and look around.
Nothing was destroyed, nothing changed - he just walked in the door they left open and looked around the house.
The software vendor provided the patch for free and as for the cost in admin time to apply the patch, well that's a standard part of the job -
applying patches and updating software. Most governments and big companies even have automated high end software that takes care of making sure every
copy of X is updated and patched, they just have to 1, stay up to date on gaping security flaws and make sure they have the patches and 2, make sure
the patches are applied. Again, standard tasks of the mysterious job of "network admin" / "desktop support" or whatever it's called in
For some reason the government has this license to commit fraud and make people pay restitution based on imaginary damages and "required remedies"
that were required anyway combined with more imaginary work that no one will actually perform. (The bad man needs to pay for us to perform a full
security audit of every government and military computer / network and secure any problems).
Given they charge every hacker they prosecute millions in restitution for this security audit and magic fixit I wonder why not even 1 judge has asked
them why they still haven't gotten around to it despite collecting the money for it and pointed out the current hacking case might not have happened
IF they had ever gotten around to securing those networks.
So, even though he broke "the law" I'm glad he hasn't been handed over to the US Federal Dept of Clown Shoes Justice so they could take turns
bending him over. IN this case though, the kid was no "uberhacker" by any stretch of the imagination.
Just to play devils advocate, however - a known uber hacker used the same flaw to steal more credit cards than anyone before or since (so far).