Receive new posts as email.
RSS 0.91 | RSS 2.0
RDF | Atom
Podcast only feed (RSS 2.0 format)
Get an RSS reader
Get a Podcast receiver
| Sun | Mon | Tues | Wed | Thurs | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 |
This site operates as an independent editorial operation. Advertising, sponsorships, and other non-editorial materials represent the opinions and messages of their respective origins, and not of the site operator or JiWire, Inc.
Entire site and all contents except otherwise noted © Copyright 2001-2006 by Glenn Fleishman. Some images ©2006 Jupiterimages Corporation. All rights reserved. Please contact us for reprint rights. Linking is, of course, free and encouraged.
Powered by
Movable Type
« Stratascopic! Broadband from Blimps | Main | MSNBC Writer Praises EVDO »
Woe be to the highly unsuccessful cracker manques: The fellow who was deemed to have the most responsibility in a quartet that all pleaded guilty was sentenced yesterday to nine years in jail for his role in using a poorly secured Wi-Fi network run by Lowe’s to insert credit-card grabbing software into their systems. The judge reduced the potential longer sentence because Brian Salcedo provided information to Lowe’s on security problems on their network.
Salcedo accomplice Adam Botbyl pleaded guilty to lesser charges and was sentenced today to more than two years in federal prison, somewhat less than expected. Paul Timmins pleaded to a misdemeanor. The article notes he was charged with wardriving, but that’s incorrect: wardriving is generally passive. Timmins accessed the network, checking email according to his plea. The reporter writes, In wardriving, hackers search for vulnerable wireless Internet connections. But that’s a subset of all wardrivers. Most wardrivers pursue Wi-Fi networks like birders pursue birds; they aren’t searching per se for vulnerable networks.
Kevin Mitnick was only sentenced to five years, but prosecutors in the Mitnick case demonized him in order to make the case seem larger. He didn’t do anything admirable, but he revealed the massive security flaws in many companies social and technical infrastructure. His actual damages—the cost to repair what he did as opposed to the costs to properly secure their own systems—were very small.
Another colleague of mine spent several years under probation for proving to Intel when he was a contractor that their password choices were bad. He didn’t have their permission nor did he have any intent, but they decided to have him charged. He was obliged to pay the costs of their fixing a problem that he was demonstrating that they needed to fix.
In this case, prosecutors estimated that $2.5 million in damages would have been caused if Lowe’s didn’t uncover the inserted software on their network. The Wi-Fi access wasn’t really the point in the case at all, just their means of detected entry.
Posted by Glennf at December 16, 2004 2:33 PM
Categories: Legal
TrackBack URL for this entry:
https://db.isbn.nu/mt3/mt-tb.pl/2853