back to article British LulzSec hackers hear jail doors slam shut for years

Three British members of the notorious LulzSec hacktivist crew and a hacker affiliate were sentenced today for a series of attacks against targets including Sony, News International, the CIA and the UK's Serious Organised Crime Agency. The youngest of the four accused avoided jail with a suspended sentence while the other three …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge
Stop

Re: Got off lightly

Just Sony alone claimed they lost $20 million which is not unreasonable given how long PSN was down, the loss of reputation, the loss of revenues and the theft of 24 million account details.

LulzSec hacked Sony, which required Sony to bring down PSN, and fix PSN's codebase so that it was fit for purpose. What proportion of the $20m total cost are you assigning to Sony for being incompetent, and to LulzSec for exposing their incompetence in a criminal manner?

11
5
Anonymous Coward

Re: Got off lightly

Twat,

The front door was open is no defense for burglary, any more than lax network security is a defense for hacking.

it's still an offense in the UK thankfully, tho Merkin's seem to think an open door is their right to burgle

6
3

Re: "endangerment of life"

How is it not endangerment of life to divert to repairing vandalism, resources which would otherwise be spent on looking after the public?

4
1

Re: "endangerment of life"

How is it not endangerment of life to divert to repairing vandalism, resources which would otherwise be spent on looking after the public?

I suspect the "would" would be "could" and the fact would be "wouldn't"..

This is a real case of "your side, their side, and the truth". I'm suspecting the truth is in between all the polarised sides' viewpoints..

2
0

Re: Got off lightly

"LulzSec hacked Sony, which required Sony to bring down PSN, and fix PSN's codebase so that it was fit for purpose. What proportion of the $20m total cost are you assigning to Sony for being incompetent, and to LulzSec for exposing their incompetence in a criminal manner?"

Oh I see Lulzsec were just doing them a favour! It all makes sense now.

And if I kick in your door, smear faeces all over your bed and walls, and steal your home sex tapes and bank account records and release them on the web I'd be doing you a favour too for not having a stronger door. You'd thank me for it. Right?

7
2
Silver badge
Happy

Re: DrXym: Got off lightly

"..... these sentences amount to little more than a slap on the wrist...." Yes, but with luck it will give the US authorities just enough time to get their indictments in and the extradition requests sorted, then they can go rot in an US prison at the US taxpayers' expense.

1
3
Silver badge

Re: Got off lightly

Oh I see Lulzsec were just doing them a favour! It all makes sense now.

And if I kick in your door, smear faeces all over your bed and walls, and steal your home sex tapes and bank account records and release them on the web I'd be doing you a favour too for not having a stronger door. You'd thank me for it. Right?

Er, no - that isn't what I said at all. Tone down the "Righteous of Romford", this isn't the Daily Mail.

My point is that part of the "loss" to Sony is Sony having to do what they should have done in the first place. You can't attribute the totality of the costs to LulsZec, Sony are also to blame.

Sony made the choice to ignore industry standards and just hashed passwords instead of hashing combined with a salt. It was this failure that meant that passwords were readily decipherable by use of rainbow tables.

The $20m cost of the intrusion was largely related to having to provide ID theft monitoring services to all US users, which would not have been necessary had the appropriate measures already been taken.

You can tell from Sony's actions that they are partly culpable. They have a duty of care to protect their users personal information using industry standards. They failed to do so, and so have had to pay for ID theft protection, credit card fraud monitoring and protection, and so on.

3
1

Re: Got off lightly

With the kiddie porn, was a he a pedophile or are we talking about some 4chan pictures?, i'm fairly sure that this lot are part of the 4chan crowd and one visit there will give you an idea of the sort of pictures that get posted for shock value, its not a CP den.

Sounds like they threw a net out and trawled to try and beef up their case as much as they could.

The prison sentences are shockingly long, regardless of how much time they might get off. Prisons have been around for an awful long time and we still have a problem with crime. It is reasonable, by now, to assume that prison is not a viable solution to crime.

These boys need helping to become more responsible citizens not locking up. There are better ways to deal with this than prison.

If one of them did turn out to be a pedophile though then I consider that the kind of thing that prisons are useful for, you cant cure or train somebody to not be a pedophile so locking them up seems the only way to deal with that particular problem at the moment.

Lulzsec, if nothing else, helped to harden the internet, some companies are taking better care of our data now.

1
1
Silver badge
FAIL

Re: bexley Re: Got off lightly

"With the kiddie porn, was a he a pedophile or are we talking about some 4chan pictures?...." COUGH* apologist * COUGH! Yeah, like everyone that visits 4chan keeps copies of the pics. Oh, wait - no I didn't, and not because I didn't find them "shocking" enought but because I'm not a paedophile.

".....Sounds like they threw a net out and trawled to try and beef up their case as much as they could....." Sounds like "they" didn't have to do much at all seeing as these prime-grade numpties got caught not only with a shed load of evidence of the crimes they committed, but also got thoroughly grassed up by their equally vacuous online buddy (who it turned out valued his real-life freedom more than protecting his e-chums). Maybe they should have invested more time in finding real friends offline.

".....These boys need helping to become more responsible citizens....Lulzsec, if nothing else, helped to harden the internet.....". Oh yes, 'cos they're just such sharp in-duh-viduals, right? Wrong! They did nothing new or inventive, they just used simple social engineering, known vulnerabilities and downloaded tools, just like the majority of the skiddies out there. They committed crimes and need to be punished, and then they need to be put on probation to make sure they have learned their lesson. And if they have not learned how to become responsible, productive citizens, and decide to return to their criminal ways, then I'm pretty sure they'll be caught and sent back to prison again, no matter how smart they, or you, think they are.

0
2
Pint

What would be more....

... interesting would be an analysis of the various architectures & technologies attacked and how it coped with it.

Real data from real life situation, not security marketing lies.

1
0
Anonymous Coward

Let me get this straight.

You can sell fake bomb detectors in what was effectively a £55million fraud and that directly result in the deaths of circa 300 people (if I remember the figures correctly) and get 10 years (barely one month per death, more like 2 weeks with time-off).

If you hack and only cause monetary damage circa US$20million (£13million), you get just shy of 2-3 years (probably out in 1-1.5)?

I'd not sure about anyone else, but those terms do not look proportionate to me.

6
2

Re: Let me get this straight.

10 years sentence for £55m fraud so roughtly £5.5m damage = 1 year sentence

So £13m damage = 2 years 4 months

By your own reasoning maths says it's pretty much proportionate.

3
3
Anonymous Coward

Re: Let me get this straight.

So 300~ deaths don't matter?

7
0

Re: Let me get this straight.

How would you define 'proportionate'?

If you were (even if only for the purposes of comparison) going to put a pretty high monetary value on a human life and aim for sentences linearly proportional to 'costs', then virtually any crime which didn't involve taking a life (apart from maybe the very largest fraud/theft cases) would end up with sentences so short they'd barely be worth handing out..

With the bomb detector scammer, at least some of the money he made should be confiscated, with an increased sentence if it seems like he's hiding anything, and if we're lucky, by the time he's up for release, one of the countries he sold fake goods to will be looking to extradite him for trial on some suitably serious charge.

2
0
Alert

"jailed for terms ranging from 24 to 32 months"

I bet they're hoping that, like Chris Huhne, they only end up serving a quarter of their sentences inside.

Or aren't they posh/ rich/ well connected enough for that...?

0
0

Re: "jailed for terms ranging from 24 to 32 months"

It is not about being posh or rich enough, I cannot remember now exactly how it works but every prisoner serving under a certain length of time is eligible to apply for tag and in England has their sentences halved. So for an 18 month sentence you would service 4.5 months inside. Assuming you have been of good behavior of course. However over a certain length of time you do not just serve quarter, 18 months is the maximum you can receive and only serve quarter, the eligibility for tag with a sentence any higher than 18 months and less than 5 years increases. I think 4.5 month is the maximum one is allowed to be out on tag for.

0
0
Silver badge

What level...?

Not that any prison is fun, but I'm assuming, since there was no violence nor threat of violence, that they'll be assigned to a minimum-security facility fir non-violent offenders. Even in these unenlightened United States we frequently keep the violent, likely-to-reoffend population separated from the ones that are most likely to be rehabilitated and successfully re-enter society. Surely the UK does the same...?

1
0
Coffee/keyboard

Surely the main thing here is that these "kids" could do these sort of things, which shows the weakness in hi-tech security companies that you would normally not have to think twice about the quality of security?

On the other hand, making £2,500 a month on a botnet is pretty impressive, imagine that much money at 21!

I know they have to be punished, but at the same time they have obviously got a good functioning brain that could lead to a decent career, however because the companies who have been made fools of are embarrassed, that career will never happen

1
3

Ignoring the illegality, I'm not sure to what extent 'having a good functioning brain' would square with 'risking a £2500/month income for the sake of taking part in a protest which was always unlikely to achieve much'.

As long as there are people out there who are skilled, honest and not reckless, I'm not sure how much of a career should await someone who at best only ticks one of those boxes.

3
0
Silver badge
Facepalm

Re: Senior Ugli

"....On the other hand, making £2,500 a month on a botnet is pretty impressive, imagine that much money at 21!...." Seriously? Do the maths - the six hits he was convicted of, each at £2500, even if he managed them in one year, equates to an annual income of £15k, which is about what a junior sysadmin gets in the UK. I have known plenty of coders on more than that at age 21.

My uncle was a copper and would explain it to you the same way he explained to me why there never a shortage of losers ready to replace drug dealers he used to lock up. The problem is that losers are always looking for a shortcut to money, and they would look at that £2500 hit and fail to consider the risks involved. The money in drugs is even better, but the thing the losers fail to see is that there are very, very few drug dealers that live past forty, and they're usually the ones that got arrested and are in prison. There may be e-crims making big bucks, but they are getting caught and ending up with the type of criminal record that pretty much screws up their chances of working as anything other than first line PC support monkeys. But there will always be more ID10T5 that will think "Wow, £2500...."

2
1
Anonymous Coward

Re: Senior Ugli

My old man once told me that the true price of crime was always having to look over your shoulder.

0
0
Mushroom

Oh...poor little Ryan Cleary the "Choir Boy"..........and Kiddie Porn Fan.

"After the seizure of Cleary's computer and and subsequent recovery of deleted files, the hacker was charged with downloading and possessing indecent images of children following a second arrest on October 4, 2012.

Under the U.K. COPINE scale — a measure of the severity of images the images in question were classified as child "erotica" and deliberate sexual posing. A total of 46 images contained children aged between six and 18 months, whereas others included children aged between ten and 15 years.

The defense team said that Cleary is not a "professional pervert" or sexually obsessed, but rather was obsessed with finding data and using his computer — a reason laid at the door of his client's Asperger's syndrome. "

BULLSHIT!

How convenient to hide behind an alledged disease. The little prick should be locked up, and the key thrown away for this alone.

3
3

Re: Oh...poor little Ryan Cleary the "Choir Boy"..........and Kiddie Porn Fan.

He did 6 months work experience at the BBC but it never went further than that. He never became a *professional* pervert.

2
1
Silver badge
Mushroom

Having been

infected with with a cheery trojan that went on to screw up every HTML file and every .exe file in my PC in a vain attempt to preserve itself(thank gawd steam just downloaded clean copies of its game .exe files each time instead of marking me out as a hacker and banning my account) and costing me time and money to get the windows partion scrubbed, with loss of data etc etc (praise the lord for the Linux partion where all my financial stuff lives)

I can happily say the the guy who was making money out of his bot net should have his fingers cut off with a cheesegrater and have the sludge inserted in his rectum with a 12 gauge, before being welded up in a steel box then buried under 50 feet of concrete and subjected to a nuclear bomb.

If he pleaded guilty of course...... not guilty and convicted.. well I'd get downright evil on him

7
1

Bunch of kids giving the establishment the run around? Whatever next!

Hire them.

0
2
Silver badge

Surely the prisons should be there to lock up people who are a danger to society such as violent criminals which i hardly see some DDOS script kiddies being. It will cost us tax payers 1000s to have them locked up while it would be better having them picking up litter in the parks on community service and paying a fine (perhaps by having to sell their computers to pay for it)

It sounds like knee jerk sentencing again like what we had after the riots where people with no previous convictions would get 2 years for looting a bottle of wine

1
1
Anonymous Coward

Que?

"This is not about young immature men messing about," prosecutor Sandip Patel told the court "[,] LulzSec saw themselves as latter-day pirates [motivated by] anarchic self-amusement"

Yarr, there be no quarter for bilge sucking 'immature' lubbers amongst the hands on any jollyboat matey.

0
0

Que?

My father told me one should always practice 'anarchic self-amusement' in private! Otherwise there will be consequences.

Bert

0
0
Anonymous Coward

It's all good

I guess A$$nonymous ain't as anonymous as they thought they were. There crims are going to get a real education in prison. What goes around generally comes around sooner or later. I'll bet their arses will pucker when that prison cell door slams shut.

1
0
Silver badge
Unhappy

I'm sure gaol is awful in and of itself, but

...imagine going without internet access of any kind for the duration of your sentence.

Now THAT would be punishment enough for me.

0
0
Anonymous Coward

Much more sane punishments than...

...in the US of A. Pretty lame none the less. Any intelligent network opperator would promote attacking his/her network - free penetration testing. The Pentagon network opperator must have a massive ego not unlike the suits at Sony. What a bunch of cry babies.

1
3

Re: Much more sane punishments than...

>>"Any intelligent network opperator would promote attacking his/her network - free penetration testing."

I'm not a security professional, but I'm guessing that professional penetration testing doesn't involve things like publishing personal details of innocent third parties who happen to have data on a system under test.

If someone set upon you while walking down the street and punched the shit out of you and then tried to claim it was a 'free unrequested boxing lesson', I wonder what your response would be?

Would you apologise for being largely to blame for not being 'handy' enough?

1
1
Devil

Little point if you're caught.

Seems to me these guys need to hack how they've being hacked.

1
0
Anonymous Coward

I thought they were all pretty much shopped to the Old Bill by someone in their own network, the Yank lad? No honour among thieves.

And yeah, while I won't take any joy in a bunch of kids getting locked up, let's not pretend these were kids just messing around. A 100,000 node botnet that you're hiring out for criminal enterprises is a pretty serious undertaking and doesn't just 'happen'. He knew what he was doing, and he knew it was illegal, so I don't feel sorry for him in the slightest.

3
0

Page:

This topic is closed for new posts.

Forums

Biting the hand that feeds IT © 1998–2018