Information Security News mailing list archives

Re: Italian Police Nab Hacker Group

From: InfoSec News <isn () c4i org>
Date: Fri, 18 Jan 2002 01:11:23 -0600 (CST)

Forwarded from: Russell Coker <russell () coker com au>
Cc: leon () inyc com

On Thu, 17 Jan 2002 11:01, InfoSec News wrote:

Forwarded from: leon <leon () inyc com>

I would like to say that anytime a website gets defaced there are
always monetary damages.  There are always qualitative damages
that are hard to put a dollar figure on.  If a customer goes to
the gap website and finds it defaced are they going to feel
comfortable doing business with them over the web?  Also the
webservers admin probably gets fired or reprimanded and some might
just not know how to secure their webservers.  Ignorance doesn't
beg or justify attack.


If the system administrator gets fired then that would be great!  I
think that most companies suffering security breaches should sack
their administrators.

Most security problems are caused by using ancient versions of
software that is well known to be insecure.  If that is found to be
the case then the person responsible should be sacked.  Also this
should be published as an incentive for other administrators to do
their job properly.

Some people say that this is harsh on poor administrators who don't
have time for security.  However I have never seen an administrator
who truely lacked time, but I have seen many administrators who were
too lazy to do their job properly.

The fact that these kids are going to get off with just a slap on
the wrist does not seem fair.  What do other people think?


For the 15yo's it's fair.  For the adult members of the group, it's
difficult to determine, the judge makes a sentence taking all factors
into account - which is more than what gets reported in email.  If
someone wanted to translate all the court documents into English and
post them on the web (court results are generally public) then perhaps
we could arrange a "trial by email".

-- 
http://www.coker.com.au/bonnie++/     Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/       Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/     My home page



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.

Current thread:

Italian Police Nab Hacker Group InfoSec News (Jan 16)
- <Possible follow-ups>
- RE: Italian Police Nab Hacker Group InfoSec News (Jan 17)
- Re: Italian Police Nab Hacker Group InfoSec News (Jan 18)
- Re: Italian Police Nab Hacker Group InfoSec News (Jan 18)
- Re: Italian Police Nab Hacker Group InfoSec News (Jan 18)
- Re: Italian Police Nab Hacker Group InfoSec News (Jan 20)
- RE: Italian Police Nab Hacker Group InfoSec News (Jan 21)