Good Samaritan Hacker To Be Arrested

from the cracking-down dept

Adrian Lamo, the well-known good Samaritan hacker – who finds vulnerabilities in corporate computer systems, and then helps the companies fix the problem – is being sought by the FBI, who have an arrest warrant for him. It’s believed to be the end result of the famed hacking from nearly two years ago. At that time, he broke into the computers and found quite a lot of private info. While some companies have been happy about Lamo helping them fix their vulnerabilities, the NY Times was anything but and have been threatening to have him charged for ages. After all this time, some had thought that it was to be forgotten. Apparently, that’s not true. I don’t deny that he probably went a bit to far in poking around the NY Times computers, but hacker prosecutions always seem to go too far. He did no actual harm, but will (undoubtedly) be charged with causing many millions of dollars worth of damage. Hopefully he can get himself a good lawyer – but with the public fear of hacking and new legal threats to put hackers in jail for life, he may not be free for some time. This just means that vulnerable systems he might normally be helping to patch will now remain open for hackers who really do have malicious purposes.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Good Samaritan Hacker To Be Arrested”

Subscribe: RSS Leave a comment
Ed Halley says:

No Subject Given

I agree that the charges may outweigh the crime, and in fact the guy should be let off if (1) there really was no harm done to infrastructure or privacy, and (2) he acted conscientiously about reporting the security vulnerability once discovered.

However, the “millions of dollars damage” stuff has some basis in reality. Just because a white-hat cracker says he did no harm doesn’t mean the IS department can just trust that. No, they have to rebuild and scan a lot of data, at the expense of that time and labor and lost opportunity. Maybe not “millions” but surely a much larger cost than a pat on the back and a handshake to the refrain, ‘aw, that’s okay, no harm done.’

Also, the newspaper numbers regarding damages comes from the insurance claims. If your company is hit, you take a claim on your data integrity insurance to the tune of the worst case cleanup costs. You then find out the real costs during a real cleanup over the coming days and weeks. You then realize that your data integrity insurance premiums will be higher for the next N years. These are real costs to the company, costs that would not have been true if the cracker hadn’t poked around on systems that don’t belong to him.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...