Penetration Testing mailing list archives
Re: Default Admin Account
From: "M.D.Mufambisi" <mufambisi () gmail com>
Date: Fri, 6 Feb 2009 09:18:40 +0200
I do agree with scott. The young fellow did commit a crime. Curiosity is not an excuse. However, having said that, someone at the military should be held accountable for such poor security practice. Someone did not do their job correctly considering the sensitive info the military deal with. Whilst the young man should be charged for unauthorised access to computer systems, someone at the military security should be charged with negligence. Regards, Munyaradzi mufambisi On 2/4/09, J.Hart, Elec.Eng.Tech. <starnetmaster () gmail com> wrote:
That's exactly what I am trying to figure out - who is at fault and who should take ownership. If it were a car and I left the keys in it and it was stolen, if the perpetrator was caught her would be charged, but my insurance company would not cover me cause I left the car in an unsecure state. So both take ownership - is it the same as in this situation? On 2/4/09, Scott C. Kennedy <sck () nogas org> wrote:Why does it matter if there were "default administration account on the US Military machines", it doesn't change the alleged fact that he accessed computers & networks without permission. One's reason for breaking the law doesn't matter whether he was "motivated by curiosity about evidence of UFOs" or not. If you broke into people's luggage at the airport, using the default luggage combination set from the factory because you were motivated by curiosity about evidence of Bigfoot. Would that make it any less of a crime? Scott On Mon, February 2, 2009 8:48 am, J.Hart, Elec.Eng.Tech. wrote:Hey all, I have been following the Gary McKinnon case for years now. My interest is in the legal area of penetration testing and the evolution of cyber law. What do IT Security experts and pen-testers think about the default administration account on the US Military machines? You can read about the case here http://freegary.org.uk/ -- "For the best in web site design - StarNET http://www.s-t-a-r.net-- "For the best in site design - consult with StarNET - if what you want is The Best of the Best - nothing else matters" http://www.s-t-a-r.net
Current thread:
- Default Admin Account J.Hart, Elec.Eng.Tech. (Feb 03)
- RE: Default Admin Account Prodigi Child (Feb 05)
- Re: Default Admin Account J. Oquendo (Feb 09)
- RE: Default Admin Account Prodigi Child (Feb 10)
- Re: Default Admin Account David Howe (Feb 11)
- Re: Default Admin Account J. Oquendo (Feb 09)
- Message not available
- Re: Default Admin Account J.Hart, Elec.Eng.Tech. (Feb 05)
- Re: Default Admin Account Paul Slade (Feb 10)
- RE: Default Admin Account Levenglick, Jeff (Feb 10)
- Re: Default Admin Account R. DuFresne (Feb 10)
- Re: Default Admin Account M.D.Mufambisi (Feb 10)
- Re: Default Admin Account J. Oquendo (Feb 11)
- Re: Default Admin Account J.Hart, Elec.Eng.Tech. (Feb 11)
- Re: Default Admin Account J.Hart, Elec.Eng.Tech. (Feb 05)
- Re: Default Admin Account pand0ra (Feb 11)
- RE: Default Admin Account Prodigi Child (Feb 05)
- <Possible follow-ups>
- RE: Default Admin Account jay . tomas (Feb 10)