Take Home Midterm
Anthony Samaha
Cscd 434 network security
Midterm
1. Infamous hacker Andrew Auernheimer, aka "Weev", was convicted of conspiracy to access a protected computer without authorization, a violation of the Computer Fraud and Abuse Act (CFAA), as well as fraud in connection with personal information, in United States Third Circuit Court today (Nov. 20). All he did was exploit the weaknesses that AT&T ipads had its own cellular ID number, or integrated circuit card (ICC) ID, in the URL, or Web address, that it used to access the AT&T website. He then found that subtly altering the cellular ID numbers in the URL would generate different email addresses on the AT&T site.
Another hacker wrongfully accused was named Jonathan James, or c0mrade. He was convicted and sent to prison for hacking in the United States–all while he was still a minor. At only fifteen years of age, he managed to hack into a number of networks, including those belonging to Bell South, Miami-Dade, the U.S. Department of Defense, and NASA.
James hacked into NASA’s network and downloaded enough source code to learn how the International Space Station worked. The total value of the downloaded assets equaled $1.7 million. To add insult to injury, NASA had to shut down their network for three whole weeks while they investigated the breach, which cost them $41,000. In 2007, a number of high profile companies fell victim to a massive wave of malicious network attacks. Even though James denied any involvement, he was suspected and investigated. In 2008, James committed suicide, believing he would be convicted of crimes that he did not commit. His scenario is pretty similar to that of Aaron Schwartz.
I may not know exactly how to fix these unfair laws, I think instead of putting these hackers away for years, why not use their skills to benefit society? Maybe a certain amount of hours required for them to teach a class at a community college or high school on how to program, hack, and
Cscd 434 network security
Midterm
1. Infamous hacker Andrew Auernheimer, aka "Weev", was convicted of conspiracy to access a protected computer without authorization, a violation of the Computer Fraud and Abuse Act (CFAA), as well as fraud in connection with personal information, in United States Third Circuit Court today (Nov. 20). All he did was exploit the weaknesses that AT&T ipads had its own cellular ID number, or integrated circuit card (ICC) ID, in the URL, or Web address, that it used to access the AT&T website. He then found that subtly altering the cellular ID numbers in the URL would generate different email addresses on the AT&T site.
Another hacker wrongfully accused was named Jonathan James, or c0mrade. He was convicted and sent to prison for hacking in the United States–all while he was still a minor. At only fifteen years of age, he managed to hack into a number of networks, including those belonging to Bell South, Miami-Dade, the U.S. Department of Defense, and NASA.
James hacked into NASA’s network and downloaded enough source code to learn how the International Space Station worked. The total value of the downloaded assets equaled $1.7 million. To add insult to injury, NASA had to shut down their network for three whole weeks while they investigated the breach, which cost them $41,000. In 2007, a number of high profile companies fell victim to a massive wave of malicious network attacks. Even though James denied any involvement, he was suspected and investigated. In 2008, James committed suicide, believing he would be convicted of crimes that he did not commit. His scenario is pretty similar to that of Aaron Schwartz.
I may not know exactly how to fix these unfair laws, I think instead of putting these hackers away for years, why not use their skills to benefit society? Maybe a certain amount of hours required for them to teach a class at a community college or high school on how to program, hack, and