Feeds

back to article York CompSci student pleads guilty to Facebook hack

A computer enthusiast from York has admitted hacking into Facebook. Glenn Mangham, 26, pleaded guilty to hacking into the social networking site between April and May this year at a hearing in London's Southwark Crown Court on Tuesday. The court heard that the incident sparked a major security alert amid fears that some form of …

COMMENTS

This topic is closed for new posts.
Silver badge
Happy

Admirable

You do a crime, you get charged with it, you plead guilty, and you don't whine about mental disorders. You take your punishment like a man, and get on with your life afterwards.

Not that there are any parallels with another case in the public eye...

5
6
FAIL

lolwut?

""attack did not involve an attempt to compromise or access user data"."

Well no, it wouldn't. You can get that just by sending a friend request.

5
0
FAIL

'Allo 'allo, wotz been going on 'ere then?

So a “software development student” manages to crack facebork security put in place by a whole team of “security experts”

What was the "highly sensitive intellectual property"? Details of a flawed security application?? And to crown it all facebork only found the activity by accident!!!!

“At Facebork nothing is more important to us than the security and integrity of our site, and we take any attempt to compromise our security network incredibly seriously. We work closely with law enforcement agencies and the police to ensure that offenders are brought to justice”

It was lucky for facebork that Mangham was "of good character", I wonder what would be the outcome if somebody of dubious character did the same thing?

Methinks that facebork should report themselves to the plods for implementing poor security.

5
0
Anonymous Coward

I wish they'd make up their minds

>At Facebook nothing is more important to us than the security and integrity of our site

NO, no, and thrice no

At Facebook nothing is more important to us than the privacy of our users

HTH

0
0
Anonymous Coward

I think they had it right in the first place. How are they going to f**k the FB suckers over again and again if some spotty git simply wanders in and has the ability to syphon out all FB's juicy marketing data that FB were going to sell off to all those slimy, scumbag ad bidders?

2
0
Anonymous Coward

@AC 10:24

I think you ought to learn to read between the lines and not take everything so literally.

0
0
Silver badge

Good

We cannot have people like this going around pointing out security flaws.

Security needs to be 100% black-boxed and hidden from view.

Only via total obscurity can we ever have safe systems otherwise people will be able to work out how to circumvent them. Anyone trying to shed light on security matters is clearly dangerous, quite possibly a terrorist and should be dealt with in the most sever terms possible.

Thus the only response from the courts should be to deport him to the USA (Facebook is, after all American) when he can be tried by a military court and executed.

The world will then be a safer place for us all.

5
0
Thumb Up

Frankly, if you give FB and likes your private information you already hacked yourself.

Further damage is only what you deserve.

2
0
Facepalm

Re: Good

While I agree with The BigYin@22:44 you can't go around breaking into sites, hide your tracks, get caught *then* go 'well it was for everyones good'. Its not for everyones good if you don't 'fess up and discuss it with FB but keep it for yourself - thats hard to claim as research

This makes the assumption that he didn't of course. If he did, then FB must have been proper pissed at him

0
1

What no extradition to the USA?

Perhaps Facebook could thank the man for pointing out the security holes or give him a job as a security advisor? This isn't a good way of fishing for a job but how else do you get the attention of a potential employer and get to prove how much better you are than their own staff?

At least FB admits there was no attempt to access personal data, that should save a couple of years on the prison sentence or, dare I predict, reduce it to a few months.

A shame Garry Mckinnon can't get quick justice in the UK, get given a few months inside, then that's it's, over and done with, he can then get on with his life. (So long as he doesn't consider a future holiday to Florida, I doubt the US would ever drop the warrant for his arrest.)

1
1
Bronze badge

Welcome to ostrich land

"This attack did not involve an attempt to compromise or access user data"

Not because FBook actually give a shit but simply because the hacker was not so motivated.

1
0
Facepalm

Hmm. They take any attack on their security incredibly seriously, yet they seem to be focusing on prosecuting the attackers rather than saying how they're fixing the security holes?

2
0
Bronze badge

What I really don't get is why these 'leet hackers do all their 'leet hacking from home, rather than a wifi hotspot, a VPN in the Middle East or both. And then they get caught and plead guilty. Surely if you're smart enough to hack into Facebook you could come up with some reasonable excuse. (My PC must have been compromised, my Wifi was hacked, my girlfriend did it then moved back to Elbonia)...

3
0
Silver badge

Another new business idea!

middle-eastvpn.com happens as soon as I get back to Dubai!

0
0
Thumb Up

WE...

are spying on our users! How dare you spy on us??

0
0
WTF?

Seriously, what kind of secret industrial process a company like Facebook could hide???

0
0
Anonymous Coward

Moron

Now for a lesson in reality.

0
3
Anonymous Coward

"At Facebook nothing is more important to us than the security and integrity of our site"...

... as long as they can get some student convicted for it. Otherwise, it's all about selling out the users' data. Just look at facebook's privacy record and how their spin machine regularly resembles a leaf in the wind. "Highly sensitive intellectual property" indeed.

0
0

I don't know all the details of the case but with no malicious damage/intent other than access, and from the sounds of it fairly intelligent hacking as opposed to brute force/ddos/script kiddie nonsense, then a little community service and a warning of jail time in Wandsworth should suffice I hope.

0
0

A little honesty at last

"At Facebook nothing is more important to us than the security and integrity of our site,..."

Users, privacy etc. all came a poor second.

0
0
Thumb Down

I hope he's also had the old heave-ho from Uni...

0
6
FAIL

Glenn: Uh Hi, yeah so i'm just going to use your proprietary code for this new social networking site I'm setting up for York Uni students.

Mark: Uh, no thanks, that's ours, Facebook does not steal ideas or code from anyone, therefore you should lead by our example.

Glenn: Uh, okay, I wasn't asking.

Mark: Fair enough, I've been there before, but you will end up in a world of hurt, I can't wait to stand over your shoulder and watch you write me a cheque.

Glenn: K.

1
0
Silver badge

"nothing is more important to us than the security and integrity of our site"

Nothing, especially not our users, whose security just gets in the way of selling the data we gathered on them...

0
0
WTF?

compare and contrast

"Mangham had downloaded and stored code he wanted to work with offline."

"resulted in the extraction of what prosecutor Sandip Patel described as "highly sensitive intellectual property""

Facebook: "This attack did not involve an attempt to compromise or access user data."

What kind of data could Facebook *possibly* have which a) some random geek would want to 'work with offline' and which b) could be described as 'highly sensitive intellectual property', but which is not 'user data'?

I call BS, facebook.

0
1
Anonymous Coward

'At Facebook nothing is more important to us than the security and integrity of our site, and we take any attempt to compromise our security network incredibly seriously.'

Translation:

'All your data are belong to us and if you hack us we can't monetise it as effectively.'

0
0

Refreshing honesty

'At Facebook nothing is more important to us than the security and integrity of our site...'

Nothing. Not even the security, integrity and privacy of your personal information.

1
0
Anonymous Coward

Precident being set here?

with respect for another hacker then?

Oh silly me.

He hacked some US Gov sited looking for details on Aliens. That must make him an 'uber terrorist' and deserves 10 lifetimes in jail with no chance of parole.

But why didn't the US try to extradite this guy with the same gusto that they have been doing with other cases?

Double standards then.

anon for fear of real black helicopters coming to my house.

0
0

So all hacking attempts are the same in the same way that all other offences are the same?

Whilst I feel a little sorry for McKinnon, hacking into military computers is always going to get you into hot water. Its not so much what he was looking for as to what access to the systems he hacked would give you the ability to see.

0
0
Thumb Down

Oh, we can't be bothered to do security properly

So let's shoot the messenger instead... In fact let's get the UK taxpayer to fund the messenger-shooting exercise for us. Facebook is well renowned for its almost comically amateurish approach to security (let alone privacy), seemingly doing just about enough to fend off the worst critics, but beyond that, little more.

Prosecutions like this do nothing for internet security. Odds are the next person to find a security hole will be better at covering their tracks, will live in a juristiction without such an obliging police force (to Facebook, that is), and/or they'll be more malevolent.

If anything prosecutions send the message: If you've found a security hole, don't tell anyone about it - and don't investigate - leave that to the black hats..

0
0
Anonymous Coward

The irony is delicious after all it's how TheFacebook first got it's own data..........

but apparently that was ok!

0
0
This topic is closed for new posts.