Just a note. If Max Butler had not released a worm that allowed him private access to machines he had not rights to, I doubt he would be arrested. He did. He was arrested. He was offered a deal. The deal went bad. He was convicted (plea) and jailed. A better title might be "A Black Hat Hacker (who also did good things from time to time) goes to jail. But then it wouldn't be a very good article. Had he not been an informant prior, or had the deal not be offered, would anyone defend him? He released a worm that gave him private access to machines for which he had no rights. All other factors are mitigating at best, but they do not override that. As for reporting: Max's arrest in March 2000 followed his refusal to wear a wiretap into a meeting with a friend, Matthew Harrigan, then chief technical officer of San Francisco security services firm MCR and an ex-hacker who went by the handle of "Digital Jesus." This is like people on late night radio (Loveline) who say "My boyfriend is in jail. "What for?" "Parole Violation." As though he was not in jail for an actual crime..... On Wed, 2002-06-19 at 13:27, Lyle Leavitt wrote: > Seth, > > Good point. I forget that in our court system "white-hat hacker" is an > oxymoron. So I should just tell the media that the "rumor" is that > default passwords are going unchecked at AT&T. That's my story and I'm > sticking to it. End of story. Bad guys win. Why did I waste my time? > > A 'White Hat' Goes to Jail > http://www.wired.com/news/politics/0,1283,44007,00.html > > Geo - Is this legal stuff covered in the PRS training? > > -Lyle > > Seth Arnold wrote: > > > > On Wed, Jun 19, 2002 at 03:42:09AM -0700, Lyle Leavitt wrote: > > > I selected several email addresses from the results. I then tried > > > logging into their email with password as the password. Sure enough I > > > got in 2 out of the 8 that I tried. > > > > Lyle, I'd like to discourage doing this in the future; you've actually > > accessed several accounts without proper authorization. Lets not forget > > that Randal Schwartz did several years of community service for simply > > _finding_ passwords on intel machines -- he didn't even try any of them. > > _I_ know your intentions are good, _you_ know your intentions are good, > > but proving that to a jury might be difficult or pointless or both. > > > > Cheers > > > > -- > > http://www.wirex.com/ > > > > ---------------------------------------------------------------------- > > Part 1.2Type: application/pgp-signature > > _______________________________________________ > Prs2002 mailing list > Prs2002@private > http://lists.whiteknighthackers.com/mailman/listinfo/prs2002 > -- Zot O'Connor http://www.ZotConsulting.com http://www.WhiteKnightHackers.com
This archive was generated by hypermail 2b30 : Wed Jun 19 2002 - 14:01:20 PDT