Why stop here?
If the Feds are correct, Pingan was the malware writer who made the OPM attack possible, ...
They should also arrest the miscreants who wrote the compilers used to make the malware binaries, and the evil-does supplying the generators producing the electricity for the computers doing it. Oh, and don't forget anybody who might have at some point shown the guy how to write code - they are really at the root of the problem, not those who left a critical piece of national security infrastructure with no viable defences.
Re: Why stop here?
Let me explain this at the 9 year old level so you can understand it...
He wrote the malware with the intent of causing harm. This malware has no use, other than to cause harm to others. Furthermore, he knew once he turned it over to someone else what it was going to be used for. This means he's an accomplice in every sense of the word.
Now, go back to your slinky.
Improperly patched browser malware infecting people
Come off it, out with it, go on say it, the malware only works on Internet Explorer running on top of Microsoft Windows.
Re: Improperly patched browser malware infecting people
Just because it's easier to find holes in MS doesn't mean they don't exist in Unix. How often has Unix been hacked, do we really know? How much malware is written by Unix fans, on that basis should we ban Unix? Complaining about MS is a bit like complaining about cars, we all know they're not perfect so let's try to improve them till something better comes along.
He's not the only one that needs jailing
Whoever was in charge of OPM security ought to join this chap in jail. Leaving a list out in the open with details who exactly to blackmail or coerce to gain access to government secrets ought to be a criminal offence with mandatory jail time, and that goes up the chain to whoever is in charge of decisions and budget because they *seriously* dropped the ball. IMHO that's criminal negligence.
At a minimum these people should have lost their clearance because they obviously do not treat sensitive material with the care it demands.
Re: He's not the only one that needs jailing
I agree. However, the Obama administration never held anyone accountable for poor management. Especially if they are the ones who appointed the person to sit in the position.
First Hutchins and now this one.
Anyone else think some cyber security and programming conferences are going to skip American locations in the future?
If you're guilty of a computer crime then by all means you shouldn't come to the USA.
If you skip it just because you're ignorant and don't have the intelligence to really figure out the whole story.. it's okay too.
These conferences are already crowded enough.
I remember James Clapper talking about this hack: “You have to kind of salute the Chinese for what they did”
Salutations or not, what special kind of moron hacks a US government agency and then sets foot on US soil a few years later to attend a conference?
Yu Pingan is gonna be wishing he stayed in China and attended via Skype.
A good hacker wouldn't be identified. It still begs the question how could the government allow this to happen? Do they ever catch the professional hackers?
The lesson ought to be that you need to be really good before you try hacking government websites because they will come after you.
Please don't comment again. You're obviously off your meds.