When you break into a system using an exploit there is a chance that the shellcode will crash the system.
On Sun, Sep 28, 2008 at 11:03 AM, Exibar <[EMAIL PROTECTED]> wrote: > McKinnon did cause damage: > > "The charges include one incident - shortly after the attacks on September > 11 2001 - which brought down a network of 300 computers at the Earle naval > weapons station. Another raid apparently left 2,000 government machines in > Washington inoperable." > http://www.guardian.co.uk/technology/2006/apr/28/hacking.security > > A message left by him on a system: > > "As part of his quest he left this message on an Army computer in 2002: > "U.S. foreign policy is akin to government-sponsored terrorism these > days.... It was not a mistake that there was a huge security stand down on > September 11 last year ... I am SOLO. I will continue to disrupt at the > highest levels." > http://blog.wired.com/27bstroke6/2008/08/uk-hacker-gary.html (and many > other sources with the same message) > > Sure sounds like a criminal that knows what he's doing, and is doing it > willfully, doesn't it? > > Oh yah, and he's really only facing a fine and up to 10 years of prison > time in the US... I guess things really are different translating to the > metric system in the UK... > http://www.fortlewismwr.com/Computer_Fraud_Abuse_Act.htm > > Wondering what the maximum term in the UK is for the same crime? Hold on > to your seat... > LIFE IN PRISON (see next paragraph) > > "As the Divisional Court itself pointed out (at para 34), the gravity of > the > offences alleged against the appellant should not be understated: the > equivalent domestic offences include an offence under section 12 of the > Aviation and Maritime Security Act 1990 for which the maximum sentence is > life imprisonment." > > http://www.publications.parliament.uk/pa/ld200708/ldjudgmt/jd080730/mckinn-1 > .htm<http://www.publications.parliament.uk/pa/ld200708/ldjudgmt/jd080730/mckinn-1.htm> > That link is a link to the very court brief itself on McKinnin's appeal > in the UK... > > McKinnon should face the charges of computer crime that he's facing. He > should, and will, be tried, either in the US or in the UK. But, keep in > mind that it is the UK that will extradite him, and it is the UK that has > ruled that he *should* be extradited for his crimes.... > > > Ok, I'm done now :-) > > Exibar > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Kyrian > Sent: Sunday, September 28, 2008 7:31 AM > To: [email protected] > Subject: [inbox] Re: [Full-disclosure] Supporters urge halt to > hacker's,extradition to US > > [EMAIL PROTECTED] wrote: > >> "American officials involved in this case have stated that they want > >> to see him 'fry'."-- BBC. > >> > [IANAL, correct me if I'm wrong, etc, but...] > > Yes, that's a large part of the problem. > > That courts *can* be bought (usually indirectly via already-bought > officials, or more nasty methods), and that government officials have > said the above makes it worse still. > > The thought that US law was apparently changed from requiring damage to > systems to get a conviction to not requiring such damage, very recently, > is another problem. > > The fact that neither the US or the UK (as far as I'm aware) actually > has a sane enough legal framework for this sort of thing, or enough > police (anyonewho's dealt with the UK's former "High Tech Crime Unit" > will know this), judges (there are many examples of judges being "out of > touch" in their rulings), etc. who are actually aware enough of the > underlying technology to deal with it sensibly is another. > > I agree with whoever said that people should be extradited to the > country in which they caused damage, but not under circumstances like > these, and not when there is no agreed standard of law between the > country the person would be extradited from, and the one they would go to. > > In the UK it still requires damage to be done for it to be a criminal > offense, and that does not seem set to change. > > That it is possible to cause damage to (badly managed) systems by doing > absolutely nothing in a lot of circumstances (as I am finding right > now), that logs can be faked, and that the dividing line between probes > versus actual hacking attempts is at times a very narrow one, there is > plenty of reason not to agree extradite Gary. > > That he's "autistic" is probably neither here nor there, I'm afraid, as > it seems to be very common for people involved in computing the be > somewhere high on the autistic spectrum (even if they are not > 'officially' autistic). I have taken the test. I'm not telling, but I > know what I'm talking about. > > So, I shall be there, I won't be shouting or chanting, but I will be > there. I hope that the event is not hijacked by another purpose, and > that I do not get shot by the armed police at the US Embassy there (it > is a scarey looking place, which puts me on edge whenever I'm near). > Strangely I also find myself wondering if the staff there are paying the > London congestion charge yet, rather than ignoring it...? > > Just my 2c, or so. > > K. > > -- > Kev Green, aka Kyrian. E: kyrian@ore.org WWW: http://kyrian.ore.org/ > Linux/Security <http://kyrian.ore.org/Linux/Security> Contractor/LAMP > Coder/ISP, via http://www.orenet.co.uk/ > DJ via http://www.hellnoise.co.uk/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- http://www.goldwatches.com/ http://www.jewelerslounge.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
