Hacker fined with $183,000 for just one-Minute of DDoS attack!!!!

tprice5

antielvis wrote: »

To the guy who said something about Tim McViegh. C'mon man, that guy was a terrorist. This guy was a vandal, and to some a protester.

Right? A downed server causing $5,000.00 in losses doesn't come anywhere close to the 168 death toll of the Oklahoma City bombing. They're not even on the same spectrum. Make that comparison to the family of a victim and you would quickly be educated on how inappropriate the comparison is.

It's a good thing I'm not a Mod, otherwise, I'm not sure what would happen to people's accounts who posts stuff like that. I suppose a -1 will have to do.

dave330i

tprice5 wrote: »

Right? A downed server causing $5,000.00 in losses doesn't come anywhere close to the 168 death toll of the Oklahoma City bombing. They're not even on the same spectrum. Make that comparison to the family of a victim and you would quickly be educated on how inappropriate the comparison is.

It's a good thing I'm not a Mod, otherwise, I'm not sure what would happen to people's accounts who posts stuff like that. I suppose a -1 will have to do.

You guys crack me up. I'll make this easy:

The "hacker" mentioned in the article - protester or cyber criminal?
OWS - protesters or criminals damaging/destroying public/private properties?
abortion clinic bombers - protesters or arsonists?
Gunman who shot up Family research Council carrying Chick-fil-a sandwiches - protester or attempted murderer?
Gunman who shot up LAX - protester or murderer?
McVeigh - protester or terrorist who blew up a federal bldg and killed hundreds of people?

Where do you draw the line? How do you draw the line?

I have a pretty simple view of the world, so in my book they're all criminals. OWS started as a protest, but degenerated into criminal activities quickly.

tprice5

dave330i wrote: »

I'll make this easy:

I like how you say ^ this then immediately juxtapose protest and crime.

Thanks for clearing that up for everyone, chief.

antielvis

@dave330i

I'm puzzled where you come up with the "Gunman who shot up Family research Council carrying Chick-fil-a sandwiches - protester or attempted murderer?" I don't think anyone is going to argue that when you shoot up anything you're an attempted murderer.

But attempted murder or even physical violence is a far cry from some hacker shouting "tango down" for 15 minutes on a website. The claim it cost $183K to repair the damage is also BS. That's probably their yearly bill for IT security consulting which is a requirement regardless. And that consulting is a necessity because any security practitioner knows that the real threats to major firms comes from foreign governments or military (like the Chinese APT1 or hey even the NSA).

pert

dave330i wrote: »

You guys crack me up. I'll make this easy:

The "hacker" mentioned in the article - protester or cyber criminal?
OWS - protesters or criminals damaging/destroying public/private properties?
abortion clinic bombers - protesters or arsonists?
Gunman who shot up Family research Council carrying Chick-fil-a sandwiches - protester or attempted murderer?
Gunman who shot up LAX - protester or murderer?
McVeigh - protester or terrorist who blew up a federal bldg and killed hundreds of people?

Where do you draw the line? How do you draw the line?

I have a pretty simple view of the world, so in my book they're all criminals. OWS started as a protest, but degenerated into criminal activities quickly.

I draw the line the same way I do everything else, reason and logic. Your arguments are ultimate straw man. Kid who steals pack of gun same thing as terrorist who has killed hundreds, both criminals, right? Is there some sort of peace of mind that comes with not having to make any moral distinctions or think uncomfortable thoughts that trumps any sense of justice? Honestly curious.

FloOz

I can't even imagine the chaos that would follow if 15 minutes of downtime occurred in my current environment. Potentially millions of dollars lost. The man got what was coming to him.

antielvis

@Flo0z

I did some research and the site in question was Koch Industries, Inc.. The site in question is mostly informational, has a careers link, newsroom..all the usual stuff you'd expect on a website. I fail to see how this site being offline could affect the company any more than a typical internet outage or minor DNS error. This firm pays so much attention to the site it's copyrighted from 2000-2012. Guess no one submited a ticket to change that. So I doubt it cost Koch millions by being offline.

Remember that if this can happen over petty internet vandalism, what's next? It legal penalty doesn't remain reasonable it could be something minor that you or someone you know does. Then again I'm not an American and I admit I find the legal system in America baffling. It will arrest someone for smoking cannabis and potentially put them in prison yet do little to punish corporations which break the law. I think this is an example of that extremism.

xenodamus

Do you guys honestly view DDOS as a form of protest? You can say that with a straight face as IT professionals?

The original conversation was centered around the $ figure attached to his conviction. I agree that's a little ridiculous. But in the end, this guy was party to a malicious attack against a business. How can you stand behind that in principle?

phoeneous

tprice5 wrote: »

A criminal ruined his life, and for what?

Fixed..

colemic

It does appear to be just an informational site... however, the fact is that they have had reputational damage due to being a victim of the DDoS, which has a monetary value attached to it.

About7Narwhal

I fail to see what time has to do with this. What difference does it make how long this person performed illegal actions? What difference does it make if a vandal takes 10 seconds or 10 minutes to damage property? Also, some of you are saying that he didn't understand what he was doing or that he didn't understand the gravity of the situation. Last I checked, ignorance of the law does not excuse it. Lastly, You guys might want to look at 18 USC 1030(a)(5)(a).

I agree that he is being over-charged, but it isn't like he was falsely charged. This strikes me as very similar to music piracy where the company lost the sales of the music but charge thousands of times more in fines.

These are just my opinions though, which mean nothing in the long run.

**EDIT**

I would also like to respond to this:

tprice5 wrote: »

Right? A downed server causing $5,000.00 in losses doesn't come anywhere close to the 168 death toll of the Oklahoma City bombing. They're not even on the same spectrum. Make that comparison to the family of a victim and you would quickly be educated on how inappropriate the comparison is.

In this specific case, I agree 100% that this is an extreme comparison. At the same time though, I look at this situation and think: What if this was an attack on my work place? I work at the data center of a rather large healthcare provider within Tennessee. While we could operate should my location disappear, the time taken to transition from computers to manual procedures, the amount of data lost while waiting on recovery procedures, etc could directly or indirectly affect human lives.

The same could be said about government servers, police/fire, aviation, etc. Extreme comparison or not, there could be an instance where similar actions might result in physical human loss. Just a thought.

tprice5

About7Narwhal wrote: »

I work at the data center of a rather large healthcare provider within Tennessee.

Ahoy from a fellow Tennessean.

olaHalo

dave330i wrote: »

You guys crack me up. I'll make this easy:

The "hacker" mentioned in the article - protester or cyber criminal?
OWS - protesters or criminals damaging/destroying public/private properties?
abortion clinic bombers - protesters or arsonists?
Gunman who shot up Family research Council carrying Chick-fil-a sandwiches - protester or attempted murderer?
Gunman who shot up LAX - protester or murderer?
McVeigh - protester or terrorist who blew up a federal bldg and killed hundreds of people?

Where do you draw the line? How do you draw the line?

I have a pretty simple view of the world, so in my book they're all criminals. OWS started as a protest, but degenerated into criminal activities quickly.

Aunt Sally/Straw Man

Interesting point of view though.

EDIT
Ah I see some already called this fallacy

stryder144

Very interesting thread. Here are a few points of observation that I would like to share:

1. Charging one person for the entire amount of the security contractor fees is excessive. This is much more an inditement of our judicial system, with rampently excessive award fees being given, even in trivial crimes.

2. This person, whether he knew it or not, or if he fully understood what he was doing, is a criminal and deserves to pay restitution for his crime. I just don't think making him liable for so much is right, nor is it just.

3. Due to the problems with our judicial system allowing frivolous lawsuits and excessive awards, I honestly believe that this particular gentleman will end up filing for bankruptcy...which essentially negates justice.

4. Even though he is a criminal, comparing him to a terrorist is odd, to me. While he has been slapped with a monetary fine as a "hacker-criminal", a terrorist would be handed the death sentence. Each crime is different and warrents different solutions, different outcomes. A civilized nation does not execute a thief, they execute a murderer. So, ultimately, I wouldn't compare them. Too apple to orange-like for me of a comparison.

Again, interesting thread. I appreciate the differences of opinion expressed here. It makes the 22 years that I spent defending the Constitution worth it to me. I love it when people excercise their First Amendment rights! Keep it up, folks, keep it up!

colemic

ter·ror·ism

/ˈtɛrəˌrɪzəm/ Show Spelled noun 1. the use of violence and threats to intimidate or coerce, especially for political purposes. **still can't make new paragraphs.** I would argue that this indeed was terrorism, albeit mild compared to others. Koch Bros. website was not randomly attacked, and the intent was to protest/disrupt their political actions. Agree this has been an interesting thread, lot of good points put forth.

About7Narwhal

tprice5 wrote: »

Ahoy from a fellow Tennessean.

Likewise!

stryder144 wrote: »

Very interesting thread. Here are a few points of observation that I would like to share:

1. Charging one person for the entire amount of the security contractor fees is excessive. This is much more an inditement of our judicial system, with rampently excessive award fees being given, even in trivial crimes.

2. This person, whether he knew it or not, or if he fully understood what he was doing, is a criminal and deserves to pay restitution for his crime. I just don't think making him liable for so much is right, nor is it just.

3. Due to the problems with our judicial system allowing frivolous lawsuits and excessive awards, I honestly believe that this particular gentleman will end up filing for bankruptcy...which essentially negates justice.

I believe these points bring up a rather pertinent topic. I feel that a lot of laws are made based on decisions from people who don't understand the technology. Follow it up with Judges and Juries who don't fully understand the technology and you have a disaster of epic proportions. All they might have seen was the destruction of personal property and associated costs of investigation and repair.

DDoS: $183,000.00 + two years imprisonment
CamRips (Bootlegging): Up to $250,000 + up 5 years imprisonment
Music Piracy: Joel Tenenbaum was convicted and found to owe $675,000 for downloading 31 songs (that is $21,774 per song btw)

Meanwhile, you could easily serve less time and pay less money for killing someone with your car... Totally fair.