[iwar] UK hacker walks free from court

From: David Alexander (david.alexander@bookham.com)
Date: 2001-07-06 04:27:07


Return-Path: <sentto-279987-1398-994418977-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 06 Jul 2001 04:30:07 -0700 (PDT)
Received: (qmail 15633 invoked by uid 510); 6 Jul 2001 10:31:37 -0000
Received: from fk.egroups.com (64.211.240.232) by 204.181.12.215 with SMTP; 6 Jul 2001 10:31:37 -0000
X-eGroups-Return: sentto-279987-1398-994418977-fc=all.net@returns.onelist.com
Received: from [10.1.4.56] by fk.egroups.com with NNFMP; 06 Jul 2001 11:29:37 -0000
X-Sender: david.alexander@bookham.com
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-7_2_0); 6 Jul 2001 11:29:36 -0000
Received: (qmail 76277 invoked from network); 6 Jul 2001 11:29:35 -0000
Received: from unknown (10.1.10.26) by l10.egroups.com with QMQP; 6 Jul 2001 11:29:35 -0000
Received: from unknown (HELO mimesweeper.bookham.com) (195.166.17.164) by mta1 with SMTP; 6 Jul 2001 11:29:35 -0000
Received: from alpha.bookham.com (unverified) by mimesweeper.bookham.com (Content Technologies SMTPRS 4.1.5) with ESMTP id <Tc0a80102a9549498c368@mimesweeper.bookham.com>; Fri, 6 Jul 2001 12:24:52 +0100
Received: by alpha.bookham.com with Internet Mail Service (5.5.2650.21) id <M2C6BB6Z>; Fri, 6 Jul 2001 12:27:08 +0100
Message-ID: <86F477BCF025D411912F00508BACC30A02DC1785@alpha.bookham.com>
To: 'E Com Sec postings' <e-com-sec@yahoogroups.com>, 'iwar submissions' <iwar@yahoogroups.com>, 'Orthus security list submissions' <security@orthus.com>
X-Mailer: Internet Mail Service (5.5.2650.21)
From: David Alexander <david.alexander@bookham.com>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Fri, 6 Jul 2001 12:27:07 +0100 
Reply-To: iwar@yahoogroups.com
Subject: [iwar] UK hacker walks free from court
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Yet again the law proves powerless to prosecute hackers:

here is the latest news from the BBC news website:

A west Wales teenager who hacked in to high-profile e-commerce sites to
expose poor security has been sentenced to three years psychiatric care. 
The judge at Swansea Crown Court made the order after hearing evidence
saying that Raphael Gray was suffering from a mental condition which needed
medical treatment not incarceration. 

Gray from Clynderwen, Pembrokeshire, had admitted gaining unauthorised entry
to computer systems around the world as part of a multi-million pound credit
card mission. 

The 19-year-old stole at least 23,000 card numbers from customer databases,
publishing thousands of them on his own websites in an effort to shame the
site owners. 

The teenager was sentenced to a three year community rehabilitation order
with psychiatric care on Friday. 

His activities brought FBI agents and Canadian Mounties to the tiny west
Wales village to make an arrest after a lengthy investigation. 

Weak security 

Using an £800 computer he bought from Dixons, Gray hacked in to the ordering
functions of top international retail sites in the UK, US, Canada and
Thailand over six weeks between January and February 1999. 

The self-styled "Saint of e-commerce" set about publishing details of 6,500
cards on two of his own websites - where he used the information as an
example of weak security in the growing number of consumer websites. 

Working with an unnamed accomplice who was later eliminated from inquiries,
he wrote on one site: "Maybe one day people will set up their sites properly
before they start trading because otherwise this won't be the last page I
post to the net." 

The teenager included on his sites details of his infamous database cracks
in a "hall of shame," boasting law enforcers would never find him "because
they never catch anyone. The police can't hack their way out of a paper
bag." 

The computer studies student was at the keyboard when the FBI agents and
officers from Dyfed Powys Police turned up at the door of his home, which he
shared with his mother and two sisters, last March. 

During their investigations, the FBI said closing the hacked accounts and
re-issuing new cards could cost the credit card industry $3m. 

At Swansea Crown Court last June, Gray admitted six charges of unlawfully
gaining entry to corporate websites and four of dishonestly obtaining
services. 

Colin Nicholls QC, defending, said: "He was obsessed by his crusade - he is
a highly-strung man going through an abnormal period in his life." 

Gray's infamous case was the toast of the hacker fraternity. In a vote
posted on his website, 56% of respondents believed his actions were carried
out in the name of a good cause. 

 

David Alexander M.INSTIS
Global Client-Server, Communications & Infrastructure Manager
Bookham Technology plc

DDI:     01235 837823
Mobile: 0779 988 1284
David.Alexander@Bookham.com


=======================================================================
This e-mail is intended for the person it is addressed to only. The
information contained in it may be confidential and/or protected by
law. If you are not the intended recipient of this message, you must
not make any use of this information, or copy or show it to any
person. Please contact us immediately to tell us that you have
received this e-mail, and return the original to us. Any use,
forwarding, printing or copying of this message is strictly prohibited.

No part of this message can be considered a request for goods or
services.
=======================================================================
Any questions about Bookham's E-Mail service should be directed to postmaster@bookham.com.

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:36 PDT