back to article Newb admits he ran Satori botnet that turned thousands of hacked devices into a 100Gbps+ DDoS-for-hire cannon

The script kiddie at the center of the Satori botnet case has pleaded guilty. Kenneth Schuchman, 21, of Vancouver in Washington state, this week admitted [PDF] to aiding and abetting computer hacking in an Alaskan federal district court. In exchange for only having to confess to a single criminal count, and increasing his …

  1. Free treacle

    The future's bright...

    And, if people don't secure their connected lightbulbs, potentially weaponised.

    1. simonlb
      FAIL

      Re: The future's bright...

      Yeah, remind when our lives became so problematic that we had to connect all our home lighting to the Internet to resolve an issue that never existed.

      1. Anonymous Coward
        Anonymous Coward

        Re: The future's bright...

        That's totally dark to me. No, wait .. :)

        That said, I was doing stuff like that already for years - it's more or les the first thing you end up doing when you start messing experimenting with electronics. Computers just made it more interesting :).

      2. My other car WAS an IAV Stryker
        Flame

        Re: The future's bright...

        My Christmas lights display will be growing past the 15A limit of a normal US circuit breaker, so I have to split it across two outlets on separate breakers.

        Do I attempt to synchronize timers?

        Do I use RF master-slave?

        Do I go full IoT?

        Or do I go old-school with a relay in a box?

        I think you know the answer: add a few plugs and some extra wire and one 15A circuit can trigger a 10A one for 25A (x 120V = 3 kW) of wasted light and heat holiday joy. (And no RF or Wi-Fi based vulnerabilities. If the thing has issues it'll only be because I wired it wrong or poorly. Icon for the possible result to the house ---> )

        1. StargateSg7 Bronze badge

          Re: The future's bright...

          If you live in Canada, specifically the Province of British Columbia which has B.C. Hydro as your main hydroelectric sourced electricity provider, you can request 400 amp at 600 volts AC service at your detached home for 240 000 Watts of power to help blind every neighbour with your massive lighting displays!

          You can also use that service to power the electromagnet coils of your DIY cyclotron or linear particle accelerator system!

          I personally would use that power to make a beautiful Tesla Coil setup to fry those pesky bugs who keep eating freely out of my veggie garden! :-) :-)

          .

          .

    2. no user left unlocked

      Re: The future's bright...

      Its fine, all they have to do is reset them right?

    3. JJKing Silver badge
      Pirate

      Re: The future's bright...

      And, if people don't secure their connected lightbulbs, potentially weaponised.

      You mean something like lightsabres at dawn?

  2. coconuthead

    Will the right people be punished fairly?

    The linked article suggests that he is diagnosed with Asperger's so severe he is on a disability pension. If so, I would certainly hope to see some compassion from the court, and a sentence oriented towards treatment and rehabilitation.

    Meanwhile, was the Canadian ISP with 32,000 pwned routers penalised? It was a 0-day, but the routers were from Huawei, and many would say a 0-day was predictable. I don't know about this ISP, but many ISPs have a habit of preventing or making it very hard for their customers to use better-quality routers than the one they supply, all to keep support costs under control while offering the cheapest possible sign-up fees.

    1. Anonymous Coward
      Anonymous Coward

      Re: Will the right people be punished fairly?

      However much it would help reducing crime, at present it's still not illegal to leave your doors unlocked when you leave the house. Entering without permission is, though.

      The worst that the ISP has to worry about (apart from a massive labour cost fixing it all) is that customers walk, otherwise this hacker would also face further consequential damages.

      By the way, people with Asperger's can tell right from wrong too, they don't default to criminal behaviour.

      1. Cronus

        Re: Will the right people be punished fairly?

        Down vote for equating leaving your doors unlocked with selling door locks that open as soon as you push on them a bit.

        1. Anonymous Coward
          Anonymous Coward

          Re: Will the right people be punished fairly?

          Down vote for equating leaving your doors unlocked with selling door locks that open as soon as you push on them a bit.

          Really? As far as I can tell, there would be no substantive difference in mens rea.

          You could try to lob a civil case at the ISP arguing duty of care or diligence (if that wasn't excluded by default in the Terms by most ISPs), but as far as I can tell it would not change one iota in the criminal exposure of the hacker.

          1. Cronus

            Re: Will the right people be punished fairly?

            The guilt of the hacker is not in question here. I'm merely pointing out that there's a big difference between failing in your responsibility to lock your own door and then being broken into and having locked your door but unbeknownst to you the lock being faulty allowing anyone to break in with little more than a firm push on your door.

            Whether there is currently any laws that hold manufacturers responsible for such failures is also irrelevant. There was a time when hacking into someone's systems was also legal as there was simply no law prohibiting it yet. It was still wrong to do it even if there was no actual penalty. Likewise in this case, the manufacturer of the shoddy IoT gear might not face any civil or criminal case but refusing to patch vulnerabilities in widely deployed equipment is still wrong.

            1. Anonymous Coward
              Anonymous Coward

              Re: Will the right people be punished fairly?

              I think the main point of friction here is the expectation that anything is secure by default. Anyone who has ever been near technology knows that that expectation is pretty much the opposite of what happens in the Real World, and the challenge is to help Joe Average understand this.

              Irrespective of any measures that seek to impose this on suppliers, I think it's wrong to create the expectation that suppliers will get it right as that encourages a false sense of security. It's just a far too dangerous an assumption, and provably nowhere close to reality.

      2. Doctor Syntax Silver badge

        Re: Will the right people be punished fairly?

        "The worst that the ISP has to worry about (apart from a massive labour cost fixing it all) is that customers walk, otherwise this hacker would also face further consequential damages."

        Those whose systems got knocked off-line might be interested in claiming for damages. A skiddie might not be worth suing. An ISP on the other hand...

  3. Twanky

    Thank goodness.

    'The Satori malware preyed on a number of poorly secured IoT devices, including home digital video recorders (DVRs), surveillance cameras, and enterprise networking gear.'

    Thank goodness this criminal mastermind has been stopped and all the affected gear has been patched. Wait... the gear *has* been patched, right?

    1. SIP My Drink

      Re: Thank goodness.

      Yep... Errr... Nope...

  4. Anonymous Coward
    Anonymous Coward

    At least he appears to be well read

    I have a feeling he named this botnet after the brilliant "The Satori Effect" book by David Pesci (which is surprisingly hard to find online as -as far as I can tell- it was never released in book form in 2000, only in PDF).

    The perp is lucky that the prosecution had clearly not read this story, because that also starts with someone asking very basic things online, thus skilling up and eventually build something dangerous.

    If you ever come across this book, buy it, it's worth it.

    1. Roland6 Silver badge

      Re: At least he appears to be well read

      Interesting how even in the age of the Internet stuff can still disappear without trace. the only two references I can find to this work are:

      The Satori Effect - Slashdot

      Author's Life After `Amistrad'

      Even his LinkedIn profile doesn't mention it: David Pesci...

      1. Anonymous Coward
        Anonymous Coward

        Re: At least he appears to be well read

        Hmmm, maybe be has sold the rights. I need to re-read it as my memory of it has faded a bit, but I recall it eminently suitable for conversion to a movie.

        1. Roland6 Silver badge

          Re: At least he appears to be well read

          The Wayback machine seems to have capture some pages: https://web.archive.org/web/*/www.thesatorieffect.com

  5. Pascal Monett Silver badge
    Coat

    "The Satori malware preyed on a number of poorly secured IoT devices"

    there, FTFY.

  6. Prst. V.Jeltz Silver badge

    and would eventually call a police SWAT on his former buddy

    the 1983 hackers called , they want their prank back

    1. Anonymous Coward
      Anonymous Coward

      ...and a SWAT team sent to the following address...

    2. Anonymous Coward
      Anonymous Coward

      only if they can whistle properly...

  7. Anonymous Coward
    Anonymous Coward

    No Swatting charge

    who's dicks is he sucking?

    Sending a hit squad to a house should be punishable to the same degree. All these courts want is some money, there is no justice.

  8. Mayday Silver badge
    Devil

    How much?

    Couldn't see anywhere obvious how much he/those like him charge for this "service". The yanks don't mess around when it comes to sentencing and most of the time they start at the maximum and work back (but not by much). Wondering if the perceive it to be worth the risk.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019