Accused Pentagon hacker Gary McKinnon is continuing to fight against extradition to the US after losing an appeal last week. Only the Law Lords now stand between the Scot and a US trial for allegedly breaking into and damaging 97 US government computers between 2001 and 2002 and causing $700,000 worth of damage, in what US …
If the law lords dont rule in Garys favour
then I will have lost all faith in the UK legal system, and it will cement my feeling that we are nothing more than the 51st state of the US.
The extradition agreement that the US is attempting to use to snatch him from his home country is heavily and unfairly biased towards the United States.
His alleged crimes, while carried out on US computer systems, were perpetrated in the UK, therefore he should be tried under UK law and serve any sentence within the UK.
I feel the comments regarding scapegoating him are wholly accurate, as was stated had a corporation suffered a breach of security due to the lack of foresight of the IT security team, someone would lose their job.
This is purely about shifting the media spotlight onto Gary, rather than the US military admitting their embarrasing and inexcusable lack of security.
Should have got a life?
Well, I feel sorry for the guy and all, but well, what a loser.
He's somewhat akin to a dumb kid poking a lion with a stick. Are we supposed to be shocked and surprised when the lion bites his arm off?
And his excuse? He was just a "bumbling amateur motivated by curiosity about evidence of UFOs". UFOs, FFS?! He should have got a life. Well, now he's going to get life.
Next time stick to playing D&D, rather than guessing passwords in the military industrial complex.
When big-game hunting
When you go out big game hunting (say you're hunting an Osama) and you can't even find the tracks, perhaps if you shoot a rabbit (called Gary) every now-and-again then no-one will point, laugh and tell you what a failure you are as a hunter.
The point here is not that Gary 'poked a lion with a stick' (he did). The point is the craven and disgusting performance of the British government in allowing this one-sided, unfair extradition treaty with the US.
'Evidence of bad faith'? There isn't enough space in El Reg's database to catalog the United States' bad faith.
"McKinnon (AKA Solo) admits he infiltrated computer systems without permission."
I don't even feel sorry for him. If he decided to climb through an open window at my house and then stumble around damaging my property "accidentally" while looking for something that clearly didn't belong to him, I would expect legal redress.
I don't really see why he should expect anything other than retribution from the US. It doesn't matter if their security is/was crap. He made an effort to force his way in. He didn't fall in there accidentally. Their failure to lock the door sufficiently is not an implicit invitation for him to jimmy it. His motivation is also irrelevant.
As far as extradition is concerned, I'd be interested to know if the UK government would be happy to waive jurisdiction if Russian hackers were discovered rifling through our military systems. I think not.
But worst of all, he's a gormless tool who clearly hadn't been paying attention to world events and the change in the political climate in the UK and the US, where to merely disagree with policy is now enough to have yourself branded a terrorist. What did he think was going to happen?
another sign of times
I guess I am not alone in seeing the distinct and horrible changes in this Country ever since Blair and his "Labour" government came into power. Not only do we not have decent NSH, Education or Transportation systems we can now also be shipped off to the USA at the drop of a hat. Bring back "OLD" Labour anytime ,and at same time bring back some common sense. YES Gary did do wrong, but 45 years in jail is bloody ridiculous !!
Send him to Australia
Seems to me that the attitude here is not much different from the time when we used to round up the homeless and destitute, accuse them of some random crime and ship them thousands of miles away.
I still don't understand why breaking a computer is worse than murder, rape and child molestation.
I don't think this guy should be getting off without being punished for breaking the law, but no matter how artificially high the dollar amount of damage is, surely a first offense for breaking some computers ought to be punished with a fine (exactly how many $4000 servers and $2000 workstations is he supposed to have destroyed in order to total $700,000 of damage - or are they suggesting that it would take 10,000 man hours to restore tape backups?).
So they were military computers? He's not a US citizen, not even a resident, so he hasn't committed treason against his country - the only possible excuse for seeking a prison sentence or worse.
No it has always puzzled me that while I may think script kiddies, malware authors and the like are arseholes who deserve a good slapping - if they haven't actually stolen anyone's money, haven't actually raped, killed or otherwise injured an actual person - why should they go to jail?
Next we'll be sending people to prison for not paying their debts, and shipping them off to the colonies for not owning a home.
"looking for something that clearly didn't belong to him" (amongst other snippets)
He was looking for information and freedom of information/knowledge one of the motivating factors to the original "hackers" from the 50's. If an alleged "High Security" system was left without "high security" it's no surprise someone got in eventually... even manufacturer documents tell you to change default passwords so it's pretty obvious the US Military can't even Read The Fucking Manual! I wouldn't be surpised if the codes for their nuclear arsenal were still "1111" - whose fault is that? Not the likes of you and me, we're fed on bullshit from the governement and told what to believe... in this case, it's the fault of someone who lives 4000 miles away and happened to try a default password.
All you idiots abusing Gary should can it. Do I bitch at you because of your interests? I dare anyone of you to post your hobbies/interests and let people make the same judgement about you! I bet half of you don't even change your admin passwords. Just like the US Military aparrently...
The US should be ashamed
As a US citizen and long time reader of The Register, I am actually in support of Gary, and hope that the Brits grow some balls (pardon my language) and refuse to do Bush's dirty work
Let's be honest. Government computer security over here is a joke, and our legal process is flawed and rampant with prosecutors who run pell mell to the courthouse with only half a case. (Take, for example, the giant issue all over our media over here with the Duke Lacrosse Team "Rape" Case)
So in short, I am honeslty ashamed to call myself a citizen of the US at this point.
And I absolutely did not vote for Bush.
You thought the French were arrogant....
Us Yanks have gotten so arrogant we can't see the forest through the trees. If the US government had a lick of sense they'd offer to stop pursuing him in exchange for his help (and others) in identifying network vulnerabilities. Pathetic.
Hasn't he been punished enough?
Seriously, what is the point of sending someone to prison? I can only think of two -legitimate- reasons: 1. Punishment and 2. If they are a danger to the public in some way.
Lets have a look at the first point. Punishment. From what I have read, this guy has already had his punishment. He lost his girlfriend and job because of this issue. Now he has had several years of hell trying to fight an extreme punishment. The USA have already destroyed his life and now they are trying to take the bits that are left so he can never re-build himself.
The second point - Being a danger. What kind of danger is this guy now going to be? Not only do I think he has learnt his lesson, but even if he hadn't, he has had -way- too much media spotlight recently to ever go back to his old ways.
While he is subject to offences under the CMA in the UK (as the act took place here), the CMA has been used to claim jurisdictition of cases where the attack originated abroad, but the system was in the UK, whats the difference here? The "damage" was done to a US computer so by our own standards, they have a claim for jurisdiction.
Another interesting point Ive thought about is what section of the CMA does the UK think he might be guilty of? If its section 1 , "unauthorised access" and there is no evidence of intent of use of this access for further criminal activities, then until the Police and Justice bill changes to sentences ACTUALLY filter through the maximum sentence in the UK is 6 months, which (under the old rules at least) was not extraditable (minimum 1 year jail under UK law for extradition to be considered, IIRC)
However, yes I agree that amount of effort and focus the US is putting into ruining a man's life for (effectively) a PR stunt is ludicrous.
Indeed a lack of proportions
Where are the proportions? $700,000 and 45 years in jail?
What did he really do or see in there, that could actually justify such a gross punishment? It's not like he raped women or murdered people.
If this becomes a new precedent, our world is more for the system itself than it is for us.
Am I the only one....
Come on, it has to be obvious by now that this was a honeypot. They dangled the bait, and he took it. He's an idiot. Does he deserve 45 years? Probably not, but does he deserve much sympathy? No, not really. In the end he broke US law, and it's something covered by our extradition treaties with the US. I don't like these laws. There's a lot of laws I don't like, and if there was a party willing to repeal or modify them then I would happily vote for them. At one time that might have been the tories, under whom the americans treated us as real allies... though that was when they had Reagan, who was honourable, and Maggie, who had more balls than the whole of parliament has now.
I expect the law lords will probably rule in his favour in the end, though he did break the law and should face some sort of punishment for it.
But that doesn't change the fact that he's an idiot.
I can sympathise with him
Several years ago, I pointed out to my boss that the personnel files of all staff were accessible, because the security was inadequate. He asked me to demonstrate by opening one of these files.
My reward for being so helpful was a disciplinary hearing and a demotion for unauthorised access, while dozens of IT-illiterate managers ran around frantically trying to separately password each file!
This is exactly the same. It's a bunch of incompetent top brass trying to cover their own arses by making somebody else a scapegoat.
Andrew - "CMA vagueries"
The Police and Justice "Bill" received Royal Assent some months ago and therefore is now the Police and Justice Act 2006.
And it only applies to England & Wales, because Scotland has always had its own completely separate civil and criminal justice systems (and education system, and banknotes, ...).
A Sign of Things to Come
I think we should all use this long ongoing horrific misjustice as a clear example of how far we have let our Governments' do whatever the hell they want.
To me it appears like yet another fear generation technique, I could go and murder 5 people and get less time in prison than Gary McKinnon is expecting to receive. Scapegoat? Most definately, I've heard of serial rapists who have had shorter prison terms.
This is clearly a travesty of justice and it's quite simply to deter anyone from trying in future, what I don't understand is, why they would allow someone from China, for example, to access this data and then prosecute one of our "western alliance's" own citizens.
Now the question I think you should be asking is rather not why they have done this, but what are they hiding from their own people.
Is it as clear cut as hiding their own technical illiteracy and inadequacy or do they fear the fact we may one day lift the veil of mass deceit, control and manipulation that has covered our eyes for at least 50 years?
Proportionality of sentencing
Computer crime is almost unique in that the perpetrator doesn't even have to be in the same country as the target of their attack. As such it is likely that the individual may have a detachment from the offence which they would not do otherwise and as such assume the crime is victimless and therefore not worthy of serious punishment.
This is the approach taken by the British government certainly when it comes to sentencing guidelines under the CMA. I would tend to agree with this although of course there is likely to be a cost with cleaning up although over $7000 per PC in this case seems excessive.
I believe it is the harshness of the likely punishment is one of the main reasons why people sympathise (or at least empathise) with McKinnon. 45 years is scandalous and I would have thought it highly unlikely he will get anything like that. Community service seems to be the in thing at the moment (Naomi Campbell, Snoop Dogg, Boy George) so here's my prediction:
2 years suspended sentence +
$10,000 fine +
400 hours community service
Yes but no but
I agree that he did wrong and should be punished - but why not just convert him into a security expert/anti hack expert?
Then the problem is turned into a positive thing.
The US reaction is going overboard, although saying that if Gary gets extradited then we are the 51st state is inaccurate in my opinion - because we already are and have been for some time now.
Dang me if the colonials didn't make us colonials. Maybe they do understand irony after all.
Jail Time and Fine
If you knowingly break into any computer system, even a friend's PC, you are breaking the law and you deserve to be put in jail and pay a hefty fine. We should make an example of this guy just to send a message that we will and can prosecute people like this. Otherwise you are inviting more attacks. So I say give him the maximum fine and the maximum penalty.
If an agent of a foreign country breaks into government computers belonging to another country, that is called espionage and the penalty should be the same as for spying.