Return-Path: <sentto-279987-1398-994418977-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 06 Jul 2001 04:30:07 -0700 (PDT) Received: (qmail 15633 invoked by uid 510); 6 Jul 2001 10:31:37 -0000 Received: from fk.egroups.com (64.211.240.232) by 204.181.12.215 with SMTP; 6 Jul 2001 10:31:37 -0000 X-eGroups-Return: sentto-279987-1398-994418977-fc=all.net@returns.onelist.com Received: from [10.1.4.56] by fk.egroups.com with NNFMP; 06 Jul 2001 11:29:37 -0000 X-Sender: david.alexander@bookham.com X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-7_2_0); 6 Jul 2001 11:29:36 -0000 Received: (qmail 76277 invoked from network); 6 Jul 2001 11:29:35 -0000 Received: from unknown (10.1.10.26) by l10.egroups.com with QMQP; 6 Jul 2001 11:29:35 -0000 Received: from unknown (HELO mimesweeper.bookham.com) (195.166.17.164) by mta1 with SMTP; 6 Jul 2001 11:29:35 -0000 Received: from alpha.bookham.com (unverified) by mimesweeper.bookham.com (Content Technologies SMTPRS 4.1.5) with ESMTP id <Tc0a80102a9549498c368@mimesweeper.bookham.com>; Fri, 6 Jul 2001 12:24:52 +0100 Received: by alpha.bookham.com with Internet Mail Service (5.5.2650.21) id <M2C6BB6Z>; Fri, 6 Jul 2001 12:27:08 +0100 Message-ID: <86F477BCF025D411912F00508BACC30A02DC1785@alpha.bookham.com> To: 'E Com Sec postings' <e-com-sec@yahoogroups.com>, 'iwar submissions' <iwar@yahoogroups.com>, 'Orthus security list submissions' <security@orthus.com> X-Mailer: Internet Mail Service (5.5.2650.21) From: David Alexander <david.alexander@bookham.com> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 6 Jul 2001 12:27:07 +0100 Reply-To: iwar@yahoogroups.com Subject: [iwar] UK hacker walks free from court Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Yet again the law proves powerless to prosecute hackers: here is the latest news from the BBC news website: A west Wales teenager who hacked in to high-profile e-commerce sites to expose poor security has been sentenced to three years psychiatric care. The judge at Swansea Crown Court made the order after hearing evidence saying that Raphael Gray was suffering from a mental condition which needed medical treatment not incarceration. Gray from Clynderwen, Pembrokeshire, had admitted gaining unauthorised entry to computer systems around the world as part of a multi-million pound credit card mission. The 19-year-old stole at least 23,000 card numbers from customer databases, publishing thousands of them on his own websites in an effort to shame the site owners. The teenager was sentenced to a three year community rehabilitation order with psychiatric care on Friday. His activities brought FBI agents and Canadian Mounties to the tiny west Wales village to make an arrest after a lengthy investigation. Weak security Using an £800 computer he bought from Dixons, Gray hacked in to the ordering functions of top international retail sites in the UK, US, Canada and Thailand over six weeks between January and February 1999. The self-styled "Saint of e-commerce" set about publishing details of 6,500 cards on two of his own websites - where he used the information as an example of weak security in the growing number of consumer websites. Working with an unnamed accomplice who was later eliminated from inquiries, he wrote on one site: "Maybe one day people will set up their sites properly before they start trading because otherwise this won't be the last page I post to the net." The teenager included on his sites details of his infamous database cracks in a "hall of shame," boasting law enforcers would never find him "because they never catch anyone. The police can't hack their way out of a paper bag." The computer studies student was at the keyboard when the FBI agents and officers from Dyfed Powys Police turned up at the door of his home, which he shared with his mother and two sisters, last March. During their investigations, the FBI said closing the hacked accounts and re-issuing new cards could cost the credit card industry $3m. At Swansea Crown Court last June, Gray admitted six charges of unlawfully gaining entry to corporate websites and four of dishonestly obtaining services. Colin Nicholls QC, defending, said: "He was obsessed by his crusade - he is a highly-strung man going through an abnormal period in his life." Gray's infamous case was the toast of the hacker fraternity. In a vote posted on his website, 56% of respondents believed his actions were carried out in the name of a good cause. David Alexander M.INSTIS Global Client-Server, Communications & Infrastructure Manager Bookham Technology plc DDI: 01235 837823 Mobile: 0779 988 1284 David.Alexander@Bookham.com ======================================================================= This e-mail is intended for the person it is addressed to only. The information contained in it may be confidential and/or protected by law. If you are not the intended recipient of this message, you must not make any use of this information, or copy or show it to any person. Please contact us immediately to tell us that you have received this e-mail, and return the original to us. Any use, forwarding, printing or copying of this message is strictly prohibited. No part of this message can be considered a request for goods or services. ======================================================================= Any questions about Bookham's E-Mail service should be directed to postmaster@bookham.com. ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:36 PDT