back to article UK student in dock over Anonymous £3.5m PayPal attack

The trial of a British university student accused of participating in attacks by hacktivist collective Anonymous against the websites of PayPal and others has begun in London. Prosecutors say Christopher Weatherhead, 22, was studying at Northampton University when he allegedly took part in "Operation Payback", the packet- …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

A whiff of American military

"The payment-processing firm was also obliged to buy additional hardware and services in the aftermath of the attacks." - they should probably already have bought such protective equipment. Can't blame the students for that.

4
8
Anonymous Coward

Re: A whiff of American military

this is just to provide the reasoning why they demand xxx billion USD in damages

1
4
Anonymous Coward

Re: A whiff of American military

A sophisticated DDoS attack is targetted against a company with a size that was hitherto un-precidented and the victim of the attack is to blame for having to buy more hardware/services to prevent that attack, not the people attacking them? Are you sure you've got this the right way round?

I really hate the current trend in Reg comments for blaming the victims of a crime for bringing it upon themselves.

14
4
Gimp

Re: A whiff of American military

>> I really hate the current trend in Reg comments for blaming the victims of a crime for bringing it upon themselves.<<

You see this all the time on Slashdot.

The geek at the core is technocratic not libertarian. He believes that his unique skills and training put him somehow above the law, and answerable to no one.

7
2
Anonymous Coward

@second AC,

I'm blaming the victims of the crime for being dumb enough to be a multi-national without proper protection against attacks and then trying to blame the attacker for their own failure to do a proper job of it in the first place. I mean ... paypal ... internet finance. They should have protection like the proverbial Sherman bleedin tank.

Did no one learn anything from McKinnon and the US military having wide open security ten years ago, then the military trying to blame McKinnon for their own inability to run a decent shop?

7
9
Anonymous Coward

@Michelle

Locking yourself up securely is different to preventing DDoS attacks larger than those which have been previously seen. I don't think that anyone is suggesting that PayPal were wide open in this respect.

Anyway remember that we only have the McKinnon legal team's word for the fact that these servers were wide open. I find it very hard to believe that NASA AND US military servers which would have been on different builds and OSes (some reports of unix and others of Windows) both had blank passwords, it's simply not credible.

7
5
Anonymous Coward

The issue with DDoS is it's difficult to mitigate packet-blasting. The only real way to do it is have better pipes, or better control over your pipes, and it's too expensive to have either of these for a very long time, even for a group like paypal. They'd do fine to weather the storm; these DDoS attacks don't really cost any money, since they just take the site down for a period of time.

There are actually hundreds of DoS/DDoS attacks launched every day, some of them exponentially more powerful than those that Anonymous launched, but because they aren't high-profile targets or launched by a high profile group (if they think Anonymous actually represented the dark side of the internet, they are sadly mistaken; I hate hyperbole in these situations), they don't ever make the news.

Anonymous aren't really relevant or dangerous, except in terms of garnering media attention; while they did no damage directly to paypal, I bet the media coverage of HACKERS ATTACK ECOMMERCE did do damage of a sort.

So, paypal sets out to get Anonymous shafted.

Those guys all deserve each other.

3
0
Silver badge
FAIL

Re: @second AC

"....They should have protection like the proverbial Sherman bleedin tank...." You don't seem to know much about tanks or criminal law. The Sherman was nicknamed the "Ronson" and the "Tommie Cooker" becasue it had a nasty habit of bursting into flames and frying the crew when hit. Whilst it had OK armour when introduced, it was used more because it was available in large numbers, was reasonably fast and reliable, and shot the mass-produced Yank 75mm shells. Perfectly protected it was not.

As to criminal law and responsibility, do you have a two alarm triggers on each of your doors and windows and steel shutters over all of them? No? Oh, so no-one can be blamed for burgling your house and stealing all your possessions because you obviously didn't put enough effort into securing it? Luckily for you criminal law still makes it a crime even if you left your door unlicked. Similarly, criminal law makes the cybercrime commited by Nerdo and his skiddie pals still cybercrime even if PayPal had been completely unprotected (which they were not).

Fail.

5
5
Boffin

Re: @Michelle

Sorry entirely credible the larger the organism the less likely they are to move swiftly.

If you read Sarbanes Oxley act (post McKinnon) there is a section that specifically states change default password and make sure one is set.

2
0

Re: @second AC

yes, just because i left my car running and unlocked in the bad part of town... doesn't mean it isn't illegal to steal my car. however, the incident would take a lower priority than other crimes where the victim had no reason to suspect they were making themselves a target.

the WORD of the law protects you to a certain extent, but society still judges you for being stupid. personal responsibility is not dead, and we all know corporations are people now.

paypal had every reason to expect retaliation from hackers. anonymous practically formed over the sony vs geohot fiasco...

2
4
Anonymous Coward

Re: @second AC

> yes, just because i left my car running and unlocked in the bad part of town ...

If you want an car analogy then what PayPal failed to do was attach the trailer with the 6 spares wheels just in case all four car tires and the 2 trailer tyres ever got punctured at the same time. They also forgot to attach the reserve fuel tank to the top of the car and put a spare engine in the back seat.

2
2
Thumb Down

I'm not sure people would have said "oh no can't pay with paypal I'll not buy it ever".. more likely they just bought it later when paypal was working...

1
2
Anonymous Coward

Or...

They purchased it some other way, thus loosing paypal money. More likely they also thought that paypal doesn't seem that reliable, which lost reputation for them, which is hard to quantify, but results in fewer customers because there is loss of trust.

4
2
Anonymous Coward

I cant ever remember taking that attitude for any purchase. When I've gone through all the steps of purchasing (picking the item, finding cheapest supplier, choosing the type of delivery) there is little to no chance that I'll come back later when Paypal/Visa/Mastercard/etc are working (and possibly miss dispatch time of the item for that day). I will simply use a different payment method for the item.

2
0
Big Brother

Wonder when those responsible for, say, the Stuxnet attacks

will be placed in the dock ?...

Henri

2
4
Anonymous Coward

Re: Wonder when those responsible for, say, the Stuxnet attacks

Yes, I'm sure that the countries which originated Stuxnet have extradition treaties with Iran.

5
0

This post has been deleted by its author

Thumb Down

Case for the defence?

Do we get to hear that as well? Or is El Reg going to continue in the fine tradition of legal reporting and 'forget' to report it?

5
2
Anonymous Coward

Re: Case for the defence?

You must be new here.

If you want balanced journalism, you came to the wrong place.

2
1
Anonymous Coward

Re: Case for the defence?

Right, here is how things work.

When you go to court the prosecution presents its evidence. Once they have done that it is the turn of the defence and they present theirs.

Journalists, no matter how good or bad, can only report on what has been presented in court. At the moment it is only the prosecution who have presented any evidence and so this is what is getting reported.

There are several things that might result in journalists not reporting on the defence and they are:

1. The defence presents no evidence.

2. The Judge believes the prosecution has not met the minimum standard so directs the jury.

3. The defence's arguments are to boring.

4. The defence's evidence is so short the trial is over before it can be reported.

Personally, I'd go for number 3 although I think the Register will report it. The defendant will claim, he didn't do it and/or his computer was hacked and/or he was only joking when he said lets attack Paypal and/or etc. All of these are fairly predictable and boring.

3
0
Anonymous Coward

Skiddies

> Weatherhead was described in court as the network administrator for the AnonOps group

You would that that a network administrator would have enough ability to hide their tracks from the police.

Apparently one of the more knowledgeable in anonymous doesn't even have that ability.

Like I've always said, anonymous aren't hackers, they are a bunch of skiddies

2
0
Silver badge
Boffin

Re: Skiddies

"....You would that that a network administrator would have enough ability to hide their tracks from the police....." It's highly likely that he was grassed up by one of the other Anons that have been collared. There all so brave in cyberspace, all so quick to grass when facing jailtime!

3
2
Bronze badge

Re: Ploddies

When interviewed by the police, you get one copy of the recording and they get another. I forget who has the thirds.

So who gets the copies of the harddrives and who watches that the police are procuring evidence honestly?

When the finnish Faltfeet trod all over that 9 year old non-adult (AKA little girl AKA moppet) for not downloading a song, who was acting in locum parentis, so to speak, for the impounded evidence?

0
3
Anonymous Coward

It says sophisticated attack. Sorry, I thought earlier on it said they were cannon fodder using loic?

3
0
Anonymous Coward

I'm surprised the article is open to comments

Bearing in mind this is an ongoing trial and we don't yet know the outcome......

0
1
Anonymous Coward

Re: I'm surprised the article is open to comments

we can have the trail on the internet

0
0
Silver badge
Boffin

Re: I'm surprised the article is open to comments

There is nothing stopping you posting comments on an ongoing case even before an arrest, as long as you're not on the jury or a member of either the prosecuting or defending legal teams. As long as it's not libelous (and then whichever party you libeled would have to prove it was libelous), you can post as much theorising and publicly-available material as you like.

0
1

In US they get credit in UK they go to jail

In US hackers get credit and rich, in UK hackers go to jail.

Google the words "Nicholas Allegra" and you will see that fact.

He is 19 years old the world famous hacker.

Want more facts? Google "George Hotz"

0
0
Anonymous Coward

Re: In US they get credit in UK they go to jail

All hackers should do a minimum of 5 years prison time plus repay treble damages, IMO.

0
2
This topic is closed for new posts.

Forums