iPhone...DENIED
had his iPhone confiscated
A fate worse than a fate worse than death
The 17-year-old lad who confessed to hacking crimes against UK ISP TalkTalk was today slapped with a 12-month rehabilitation order and had his iPhone confiscated. The teen received the sentence, of sorts, at Norwich Youth Court, in east England, where chairman of the bench Jean Bonnick reportedly told the unnamed individual …
This happened in Norfolk. Nothing good comes out of that County.
I believe there's a medical acronym that local doctors put on patients' case notes - NFN, meaning "Normal, for Norfolk".
Still, Sussex is stranger, as anyone who's read "Cold Comfort Farm" will attest. I saw something nasty in the woodshed, Robert Poste's child!
was he hacking from an iphone?
I suspect this is just out of touch judges having less clue than a 2 year old and thinking it says it has the internet so thats that.
Anyway, if he was half sensible he already had the hard drive backed up somewhere suitable, borrowed a computer form his friend and shared the whole good news around.
Frankly a stupid prosecution from a stupid law. The real criminal in this is talk talk for not protecting their systems and data... they are the ones that should be on trial NOT the guy that proved they were incompetent. Same for those who hack into the US military systems, it is NOT the hacker who needs prosecuting. And if someone hacks into my computer because MS has fouled up their security I should be able to sue MS for any loss or inconvenience caused, not my fault (beyond buying their product of course) and frankly not the hackers fault.
When are they going to start en masse prosecution of the companies who actively try hacking in order to show vulnerabilities and ensure they are fixed?
Absurd, ill thought through, typical idiot law making
"Now, this gentleman from the government would like to speak to regarding your future career."
Which department? Given that he's just a skiddie he has very little skill to offer. On second thoughts he sounds just right for GDS, Universal Credit and quite a few other projects.
I am fed up with this.
You cause extreme financial pain on thousands of people, some of whom might die out of stress related illneses when their identites are usurped and he gets a slap.
But hey, if he had dope, then off to jail, right? or "extreme porn" or whatever.... but not if you attack somebody, etc.
This post has been deleted by its author
Was it the hacker? Or the hackers who used this information afterwards?
The real damage was caused by the hackers who used the information afterwards. However, as the original hacker made the information available (and had no legitimate reason to do so) then I reckon that a good legal eagle could make a case for aiding and abetting.
"However, as the original hacker made the information available (and had no legitimate reason to do so) then I reckon that a good legal eagle could make a case for aiding and abetting."
To use an analogy, this is a bit like someone leaving a house key in a flowerpot by the door.
Anyone who goes looking will find the way in pretty easily.
IANAL but any unauthorised person who uses that key to gain entry won't be doing the "breaking" bit of "breaking and entering". The victim will probably get all or part of an insurance claim denied (if the insurance company finds out).
What the young laddie did here was the equivalent of announcing the location of the key in the pub.
Applying this analogy to the "homeowner", well it's not a home here, but a business, and TalkTalk not only left the key in the flowerpot but left personal details of customers in unlocked filing cabinets.
It was the hacker.
if I have a frontdoor made of cardboard (not the case) and somebody kicks it and nicks my stuff, it is the burglar who is responsible. Not the victim.
Yes, they were negligent and ignored security, but the criminal is a criminal, or is it only a crime if it is really really difficult? Murdering people requires people to defend themselves properly and put up a nice fight to be a crime?
"if I have a frontdoor made of cardboard (not the case) and somebody kicks it and nicks my stuff, it is the burglar who is responsible. Not the victim."
How about the builder who installed said cardboard door, which was then signed off by the project manager both of them telling you, the customer, "its cheap so you save money but its as safe as houses"? Or you happily accepting the cardboard door without further questioning?
Yes the hacker deserves a slap on the wrist but its TalkTalk who really are responsible for for not putting proper security in place.
@Aitor 1
"if I have a frontdoor made of cardboard (not the case) and somebody kicks it and nicks my stuff, it is the burglar who is responsible. Not the victim."
True, the police would charge the burglar. Even if the door was accidentally left open the crime is the same. (but good luck getting your insurance company to pay up)
Personally throwing the book at him would have been too harsh, but this was too little. Some community service or something a little more severe is warranted. The current young generation is far too used to getting things handed to them and not being held accountable for their actions. They have a sense of entitlement from getting things without earning them (no chores, no job) and mommy and daddy rescuing them when they misbehave. Once upon a time parents would ground take ownership of the punishment (grounding, deprive them of privileges), but unfortunately now the courts need to step it up a bit as the parents no longer want to parent.
This post has been deleted by its author
"if I have a frontdoor made of cardboard (not the case) and somebody kicks it and nicks my stuff, it is the burglar who is responsible. Not the victim." --- Aitor
Allow me to fix your analogy:
You have offered to look after other people's stuff for them. You have a cardboard front door. Somebody says, hey, look, Aitor's got a cardboard front door. Somebody kicks it in and nicks not YOUR stuff but the stuff that other people have trusted you to store for them.
Any clearer? I would say that the person who said "Hey, Aitor's got a cardboard door" is probably less guilty not just than the person who kicked it in, but also than you yourself.
if I have a frontdoor made of cardboard (not the case)
As far as I know nearly all jurisdictions make a difference between using no tools at all, using basic tools and using professional tools.
So the law actually makes a difference between you having a cardboard door, basic Yale POS Euro single barrel lock and a proper door with a proper lock.
So yes, a criminal is a criminal, but the LAW provides different penalty for walking in through a piece of cardboard, pushing and shoving the door a bit and using a proper bumping tool or a crowbar. Crowbar by the way is considered a professional burglary tool in all jurisdictions.
"
if I have a frontdoor made of cardboard (not the case) and somebody kicks it and nicks my stuff, it is the burglar who is responsible. Not the victim.
"
However, if you have a Ming vase on a low table, and a 2 year-old deliberately picks it up and drops it, who is to blame? How about a 3 year-old? 4? 5? The law in England and Wales says the magic age is 10. It's a different age in Scotland and other countries.
But criminal responsibility is not something that magically appears at the age of 10. It develops over time. Sure, a teenager should know that hacking is wrong - but how seriously wrong? Could he have foreseen that the consequences would be quite so serious? Driving at 45MPH in a 40MPH zone is also criminal, but is only seen as serious if it results in someone being killed or seriously injured. Should we lock up everyone who drives 5MPH over the speed limit?
>Driving at 45MPH in a 40MPH zone is also criminal, but is only seen as serious if it results in someone being killed or seriously injured. Should we lock up everyone who drives 5MPH over the speed limit?
It's actually 10% + 2MPH according to APCO guidelines, so that's 46mph.
http://www.cps.gov.uk/legal/p_to_r/road_traffic_offences_guidance_on_fixed_penalty_notices/
Fail.
I actually agree.
He should have been hit with a slap as it is the adequate means of punishing him.
The real criminals - the ones who are running an ISP without investing into securing its infrastructure are walking away as victims. It is after all the same ISP which is supplying router zombies to botnets at present so this is not one off - it is systemic. Rather not surprising too, when Harding was interviewed in their "innovation center" there was a Windows 98 (yes 98, not even XP or 2000) and a VCR behind her. Says everything you need to know about Talk Talk innovation.
I think it's a remarkably appropriate sentence. He only used a security scanner on a website and published the result. In itself not a very nice conduct, but if someone is to blame for loss of life because of stress (seriously?), it would mostly be the ISP's (lack of) security.
This post has been deleted by its author
>Ridiculous
Agreed, just because you have weak locks doesn't make burglary any less of a crime, should have been gaol time. We all don't mind the odd bit of prank sticking it to the man but this is sticking it to the thousands of innocent people out there who suffered financial loss and harassment. Just think, one of those could have been your vulnerable elderly grandparents.
This is a punishment only slightly more severe than having to sit on the naughty step for five minutes, justice has failed.
Oh and by the way folks this adds to Gov ammo as justification for spying on you, so be pissed at this type for disrupting your porn and pirating habits.
He has taken more of a penalty than anyone we know of in TT.
Sure they got a "big fine", but that cost was just passed back down to the consumer.
There's another topic going on at the moment about a Netgear exploit that is going around where users can issue admin commands through a simple URL request. I know of a WAN side exploit where you can gain admin/root login on Netgear routers (late 11n, early 11ac) circa2014 routers. If I published that info now then you rekon I am a criminal... But I spoke to netgear about it in June 2014 and TO THIS DAY the majority of units that can be exploited are still able to be exploited, patching May or May not fix it. So Me talking about this info in detail would make me a criminal..
But I am not overly good at modern coding and such (Assembly4Life) so I can be sure that others out there have found and exploited this bug... But hold on... Netgear still don't care to fix it... So perhaps I would release the info to force NG's hand into issuing a fix?. Criminal now, or something else?
TalkTalk has - lets be honest - probably invested little more than what they were told they legally had to invest at a minimum when it comes to data security, storage, and management. Their own staff could see and copy out whole chunks of the user database without it ever raising a flag. Their routers were hacked just a week or so ago, the passwords and other details were released allowing Wi-Fi connection AND admin console. Would someone directly target Wi-Fi connections?.. I bet they wold. Heck, the police even helped with this when they made the NMPR database harvestable... You can be sure that that database is still floating around in some high-tech circles. TT's advice for having the router admin and wifi password stolen - Just leave it alone, your data is not compromised!. In essence what they are saying is that THEY are not liable for the loss so they really don't give a shit.
Something like 4 major hacks in less than two years, and that's only what we know about. The way that their security system keeps getting reset internally tells me that there must still be a ton of turmoil. You can be sure that within 6 months any extra security details outside of the stock name/address/birthday/birthplace will be deleted and reset to be back to only those values again.
If this "kid" caused TT to get kicked in the nuts then I say Good.
If this "kid" cause Users to view a provider a "Unsecure", "Unreliable", and "Untrustworthy" then that's good too. It is time Consumers learn that the people on the other side are a weak link.
Oh bull, stress related deaths... rot, why do people not have any sense of proportion any more?
Are you one of those who complained that the idea of using old tin cans to make music might cause some kid to cut their finger... Frankly it is well beyond time that people were left able to make up their own minds about risk and danger and take appropriate action.
The people that caused the problem are those in talk talk, if there is a financial problem created by their inability to protect data then they should be forced to compensate.
So, at 17, he is employable. It sounds like he will have a fruitful career in penetration testing,
Get him on an ethical hacking course and mentor him a bit. He might even be "lucky enough" to get a call from the people that live in the doughnut up north..
Alternately, perhaps Talk Talk's systems are just like the rest of their systems and he has absolutely no technical skills.