nanog mailing list archives
Re: UK ISP threatens security researcher
From: Donald Stahl <don () calis blacksun org>
Date: Fri, 20 Apr 2007 11:57:14 -0400 (EDT)
It *is* a criminal offence under extensions to the original CMA1990 in the Police and Justice Act 2006. The maximum penalty was also increased to two years imprisonment. I don't think this particular incident is enough to attract a custodial sentence, but he will almost certainly end up with a well-deserved criminal record for his stupidity if somebody can be bothered to press charges.
Some people's opinions are truly astounding.Why do we even bother having best practices if people aren't going to follow them?
No damage was done- that's a hell of a lot more than you can ask from a damned hacker. And if your provisioning system doesn't blow- then fixing the problem isn't a big deal either.
Would your insurance company pay a claim on your stolen car if you left it running, with the doors wide open, in Harlem? Of course not.
Nobody wants to take any responsibility for their own stupidity. The only criminal act here was the negligence on the part of the ISP. They got embarrassed- no harm was done- get on with your damned life.
The fact is that people will ALWAYS be curious- it's what makes human beings so amazing. People will explore their surroundings and if you don't want them to- then try taking some basic steps to ensure they can't.
As for the laws? Prison is for people who irrevocably harm society- some stupid kid who went exploring his cable modem DOES NOT QUALIFY. And what about a criminal record? Who the hell does that help? Give the guy a record and force him to go to work for the spammers and botnet writers? Great thinking.
"well-deserved criminal record for his stupidity." Where is the criminal record for the idiot who allowed remote access with a single username and password to every single cable modem? That's pretty damned stupid.
Honetly- when did we all become such vindictive assholes? Had the guy caused any real damage then you might have an argument. He didn't. We need to stop letting companies abuse the law instead of performing due dilligence.
-Don
Current thread:
- Re: UK ISP threatens security researcher, (continued)
- Re: UK ISP threatens security researcher Gadi Evron (Apr 19)
- Re: UK ISP threatens security researcher Leigh Porter (Apr 20)
- Re: UK ISP threatens security researcher Stephen Wilcox (Apr 20)
- Re: UK ISP threatens security researcher Valdis . Kletnieks (Apr 20)
- Re: UK ISP threatens security researcher Gadi Evron (Apr 20)
- Re: UK ISP threatens security researcher Kradorex Xeron (Apr 20)
- Re: UK ISP threatens security researcher Donald Stahl (Apr 20)
- Re: UK ISP threatens security researcher Valdis . Kletnieks (Apr 20)
- Re: UK ISP threatens security researcher Kradorex Xeron (Apr 20)
- Re: UK ISP threatens security researcher Gadi Evron (Apr 19)
- Re: UK ISP threatens security researcher Donald Stahl (Apr 20)
- Re: UK ISP threatens security researcher Patrick W. Gilmore (Apr 20)
- RE: UK ISP threatens security researcher Rod Beck (Apr 20)
- Re: UK ISP threatens security researcher Gadi Evron (Apr 19)
- Re: UK ISP threatens security researcher Simon Lyall (Apr 19)
- RE: UK ISP threatens security researcher Stasiniewicz, Adam (Apr 19)
- Re: UK ISP threatens security researcher Gadi Evron (Apr 20)
- Re: UK ISP threatens security researcher alex (Apr 20)
- Re: UK ISP threatens security researcher J. Oquendo (Apr 20)