Good Samaritan Hacker To Be Arrested
from the cracking-down dept
Adrian Lamo, the well-known good Samaritan hacker - who finds vulnerabilities in corporate computer systems, and then helps the companies fix the problem - is being sought by the FBI, who have an arrest warrant for him. It's believed to be the end result of the famed NYTimes.com hacking from nearly two years ago. At that time, he broke into the NYTimes.com computers and found quite a lot of private info. While some companies have been happy about Lamo helping them fix their vulnerabilities, the NY Times was anything but and have been threatening to have him charged for ages. After all this time, some had thought that it was to be forgotten. Apparently, that's not true. I don't deny that he probably went a bit to far in poking around the NY Times computers, but hacker prosecutions always seem to go too far. He did no actual harm, but will (undoubtedly) be charged with causing many millions of dollars worth of damage. Hopefully he can get himself a good lawyer - but with the public fear of hacking and new legal threats to put hackers in jail for life, he may not be free for some time. This just means that vulnerable systems he might normally be helping to patch will now remain open for hackers who really do have malicious purposes.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
No Subject Given
[ link to this | view in thread ]
Re: No Subject Given
[ link to this | view in thread ]
Re: No Subject Given
[ link to this | view in thread ]
No Subject Given
However, the "millions of dollars damage" stuff has some basis in reality. Just because a white-hat cracker says he did no harm doesn't mean the IS department can just trust that. No, they have to rebuild and scan a lot of data, at the expense of that time and labor and lost opportunity. Maybe not "millions" but surely a much larger cost than a pat on the back and a handshake to the refrain, 'aw, that's okay, no harm done.'
Also, the newspaper numbers regarding damages comes from the insurance claims. If your company is hit, you take a claim on your data integrity insurance to the tune of the worst case cleanup costs. You then find out the real costs during a real cleanup over the coming days and weeks. You then realize that your data integrity insurance premiums will be higher for the next N years. These are real costs to the company, costs that would not have been true if the cracker hadn't poked around on systems that don't belong to him.
[ link to this | view in thread ]