Feeds

Hackers slam McKinnon extradition ruling

Pentagon systems are 'wide open'

SANS - Survey on application security programs

The prosecution of alleged Pentagon uber-hacker Gary McKinnon shows that the US is failing to take even basic precautions to protect its military systems, according to a reformed computer hacker accused of similar crimes 10 years ago.

Mathew Bevan, whose hacker handle is Kuji, was accused of breaking into US military computer systems but escaped without punishment when a 1997 case at Woolwich Crown Court was dropped after a long-running legal battle.

After the case, Bevan became an ethical hacker and security consultant with Tiger Computer Security, and later on a freelance basis with his firm the Kuji Media Corporation.

"The internet was just starting out and in its infancy at the time of my alleged crimes. The prosecution against McKinnon, and what he says he was able to do, show that US military security has not changed. The authorities have not woken up," Bevan told El Reg.

Earlier on Wednesday, a judge gave the go-ahead to the extradition of McKinnon (AKA Solo). If Home Secretary John Reid confirms the decision, which may become the subject of appeal, McKinnon faces the possibility of trial by a military tribunal and the prospect of decades in jail. McKinnon is accused of causing damage to US military and NASA systems that he allegedly conducted in search of evidence the US government was suppressing alien technology salvaged from wrecked UFOs.

Bevan, like McKinnon, has an interest in free energy and evidence of UFOs. "You might say Gary was following in my footsteps and doing the same thing, albeit using different techniques. McKinnon has admitted hacking into systems in interviews. He's unfortunate because what he's done is a few years too late and in a different political climate," Bevan said.

Bevan said the military systems McKinnon is accused of hacking were an open resource that were likely used by numerous hackers, some with hostile intent.

"McKinnon was just snooping and what he did was not motivated by personal gain. There is no reason for his extradition. He ought to be tried in the UK. The US has labeled him as a cyberterrorist and the 'biggest military hacker ever', but this just looks like an attempt to drum up publicity for the case," he added.

Daniel Cuthbert, a London-based security consultant tried over allegations that he illegally accessed the Tsunami appeal website, and subsequently convicted on what many in the security industry reckon was questionable grounds, also feels McKinnon has been harshly treated.

"I do feel he is being made an example of. He screwed up and shouldn't have been in the systems at all, but at the same time the punishment he is facing just doesn't match the crime. For the amount of years he is looking at, it would have been better in the eyes of the law to be a rapist or some other type of violent criminal," Cuthbert told El Reg.

"It's another example of the CPS [Crown Prosecution Service] and legal system not being able to cope with the movement of technology. They are still 10 years behind and using the CMA [Computer Misuse Act] as the backbone for all technology related cases," he added. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.