If You Get Caught Hacking, Don't Lie About It

from the rule-number-one... dept

Earlier this year, we wrote a story about a guy who was apparently arrested for using Lynx to visit a tsunami relief site. The story was very very thinly sourced, so we asked for more info... and no one seemed to have any. Perhaps that's because the story wasn't actually true. It's now come out that while the guy used that excuse originally, he later changed his story pretty drastically. He had donated to the site and when he didn't get a confirmation, he got worried that it was a phishing scam, so he went probing to find out if the site was legit or not. That's a somewhat reasonable defense (though, it doesn't mean you'd get off...), but it wasn't what he said originally, so a judge found him guilty of unauthorized access. From the judge's comments, it certainly sounds like a big reason for finding him guilty is the fact that his story changed so much.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Oct 7th, 2005 @ 1:24pm

    No Subject Given

    No, no, no, the headline is ALL wrong...

    It should read "If You Get Caught Hacking, Stick With Your Lie".

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Afraid of my shadow, Oct 7th, 2005 @ 1:41pm

    Re: No Subject Given

    just make sure you don't get sued for that headline...

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    CloakedMirror, Oct 7th, 2005 @ 2:04pm

    The alternate outcome

    About four years ago, my eldest son got caught hacking the computers at his school when one of the hard drives went belly up right after he re-booted the system. When confronted, he was honest and owned up to it.
    I got a call from the principal that evening, and he was amazed that my son had been so up front about what he had been doing. In fact, he was so happy to have a student tell him the truth without hours of interrogation that he waived the mandatory three days of in-school suspension.
    Honesty will always afford you a better result than trying to hide the truth.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Dan Philpott, Oct 7th, 2005 @ 2:31pm

    Re: The alternate outcome

    Unless you are involved in Politics or Marketing.

    Dan

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    AZ, Oct 7th, 2005 @ 2:33pm

    Re: The alternate outcome

    Lying sure isnt the answer lol....
    I dont hack so I guess im safe..

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Oct 7th, 2005 @ 2:41pm

    Re: The alternate outcome

    First of all, he was a juvenile and he didn't go in front of a judge. That's not the real world. In the real world you might be able to get a plea bargain and light punishment but just magically telling the truth doesn't grant you much favor because that's what you are supposed to do. You don't get special treatment for doing what you are supposed to do.

    Second of all, making some broad generalized assumption like that is silly. Different circumstances call for different actions. Honesty may be the morally right thing to do but sometimes lying can keep your ass out of jail. The only bad times to lie are when you are caught red handed or when you involve other people in your lies without them knowing it and without them being able to back you up.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Mark, Oct 7th, 2005 @ 3:30pm

    Re: The alternate outcome

    Isn't politics pretty much just marketing now anyway?

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    misinformation spread, Oct 7th, 2005 @ 3:34pm

    No Subject Given

    So did he get arrested for lying or for using lynx? Which is it? Instead of spreading the hype that doesnt make any sense, how about digging for the real information.

    Instead it is just another retread of the same misinformation.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    DigitalBomb, Oct 7th, 2005 @ 4:22pm

    Right...

    Using the Lynx broswer is a crime? Really, tell me what law designates this specific early Unix web browser as an illegal peice of software. I use Lynx for most of the things that I do on the internet, it is VERY fast because it only has to load text and it gives you a choice ANY time something wants to access your computer (cookies, plugins, downloads, etc...)

    Lynx is for security. I have Linux just so I can have security, but no, the government wants us all to be nice little conformists and go buy a Macintosh or shell out the same amount of money for a Macintosh to get the latest screw-up OS from Microsoft.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Oct 7th, 2005 @ 4:28pm

    No Subject Given

    No, no, if you get caught hacking, don't say anything to the police. Ask for a lawyer.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Robert Martin, Oct 7th, 2005 @ 4:28pm

    Re: The alternate outcome

    "Honesty will always afford you a better result than trying to hide the truth."

    Grow up. Lies are not only essential social lubrication, they are necessary for any truly honest person's physical survival.

    Those who believe they are consantly truthful are merely in thrall to consensus reality.

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    erica ann (profile), Oct 7th, 2005 @ 10:47pm

    "Probing?"

    What do they mean by probing? Port scanning ? OS detection? Doing a whois or a dnslookup on the hostname? None of these are illegal or contribute unauthorized access to a system. Neither does using Lynx.

    Port scanning is seeing if a port is open on a server. It is not illegal. All it does is send a packet to a port to see if the port responds or not. It is a very legitimate tool used by network admins. When you open a web browser, you are sending packets to port 80 on a webserver. If it responds, you know the port is open. You can test other ports the same way or with a tool that tests all. It can be known as a precursor for an attack by script kiddies, but nothing about it is illegal.

    OS detection is just getting a fingerprint of a computer to see what operating system it is runining. Nothing illegal about that.

    Doing a whois on a domian to see who owns it is redily availbe from arin.net. That is public information. What would be agaist policy is if someone lied on the domain registration, but not looking at the information to see who owns the site. That is what it is there for. The DNS ifo is there as well.

    Lynx is a text based web browser. It is very popular and much faster to view websites via lynx. All it displays are content and links of a site. You can move from one page to another much faster because you do not have to wait for grpahics to load up. It is a standard browser availabe on most *nix boxes.

    Would someone please enlighten me on what is "illegal" about any of that? Now if he tried to brute force his way into the websites ftp and was successful and replaced files, or gained ENTRY to the computer or server.. I could see it being illegal.

    "Probing" a computer is not illegal. That is also a broad defination. What is illegal is gaining entry to one and altering or viewing content not meant to be seen.

    Even if you goto a website.. say http://www.whatever.com/1/2/3/4/index.html and use your backspace key to back up to the directory before such as http://www.whatever.com/1/2/3/ or http://www.whatever.com/1/2/ is not illegal at all. If it lists files in the directory than someone had better be more worried about the security of the server, but it is on that site for public display and if directories are lsiting and you see the contents.. then its not illegal.

    The way that is written makes no sense. Either that judge is clueless or a lot of details were left out of the story.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    SuperJudge, Oct 9th, 2005 @ 9:31am

    Re: The alternate outcome

    That's a very hopeful logical fallacy.
    'If my child was honest and was rewarded, then all children will be rewarded for honesty.'
    I'm certain that for this one pat on the back there are thousands who have paved a shorter road to their punishment. You have a good kid and he was lucky.
    Honesty will not always afford a better result.
    Michael Jackson may have lied.
    OJ Simpson did lie.
    I'm sure there were plenty of other times where other times where honesty put people in a worse place.
    I'm just splitting hairs, though. ;)

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    anon, Oct 9th, 2005 @ 7:11pm

    Re:

    The "hack" was a three level directory traversal (../../../) and the ' used to check for SQL injection problems.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Pete Austin, Oct 10th, 2005 @ 4:05am

    What this UK Law says

    "1. (1) A person is guilty of an offense if-
    (a) he causes a computer to perform any function with the intent to secure access to any program or data held in any computer,
    (b) the access he intends to secure is unauthorized
    ...
    (3) A person guilty of an offense under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months" - United Kingdom Computer Misuse Act 1990

    "The complication arises as to whether the access is unauthorized given that the servers are connected to the public Internet." - Gillian Law - IDG, commenting on another case

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Oct 10th, 2005 @ 4:19pm

    Re: What this UK Law says

    "(a) he causes a computer to perform any function with the intent to secure access to any program or data held in any computer"

    Isn't this exactly what a web browser, ftp client, email client...is designed to do? We secure access and data in another computer...

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Matt, Dec 7th, 2005 @ 6:42pm

    Re: What this UK Law says

    You forgot the other part:
    (b) the access he intends to secure is unauthorized
    THAT is what makes it illegal.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    sophie, Oct 16th, 2006 @ 10:15am

    got it

    help a computer hacker

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Feb 12th, 2007 @ 4:44pm

    LoL lie lie lie lie lie lie

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Feb 12th, 2007 @ 4:47pm

    lie stick wit ur lie lie lie lie lie lie lie dont tell the truth the truth wont set u free lie

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Anonymous Coward, Feb 12th, 2007 @ 4:47pm

    lie stick wit ur lie lie lie lie lie lie lie dont tell the truth the truth wont set u free lie

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    16 yr old 2 late :(, Sep 1st, 2009 @ 1:15pm

    i failed, tell the truth cuz there is no way out

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Brina, Oct 15th, 2009 @ 9:47am

    what that is dumb

    why!!!!!!!!!!!!!!! :)

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    ramilol, May 17th, 2010 @ 3:41pm

    well i got caught hacking

    this is what happened, i was hacking some people'facebook that i hated. they knew it was me the told the school principle. everything went okay i thinks so, they gave me a warning. after 3 months my principle called, which was weird! she was talking fast, the only thing i understand was that i am in trouble, i heard some word web. she was mad. i was so scared.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This