ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Security

Security threats Toolkit

Nasa hacker: Whistleblower or menace?

Tags:
Hacker

Colin Barker ZDNet.co.uk

Published: 12 May 2006 12:35 BST

As Britain's Gary McKinnon waits to see if Home Secretary John Reid will grant the US's request for his extradition over cybercrime charges, he may have time to read what people think of his case. If he does, the "NASA hacker" will find a wide diversity of opinions.

McKinnon is getting "a possible 70 years in prison, for what exactly?" asked Mathew Bevan in a statement to ZDNet UK. Bevan was himself charged with hacking in 1997, but avoided imprisonment and has now set himself up as an "ethical hacker".

According to Bevan, McKinnon's case shows that "in a decade, the USA military has not learned, or at worst, has blatantly ignored the security threats around them, when it is they who tell us every day that we should be afraid".

Many ZDNet UK readers were occupied with the question of whether the US authorities were right to pursue McKinnon as a danger to the public, or should be criticised for incompetence. McKinnon himself has said he found it extremely easy to get into US systems, although he denies causing damage.

"The US military have egg all over their faces," wrote one reader. "Who knows how many undiscovered hackers — real terrorists — were able to slice into the US' military systems with the ease of a hot knife into butter?"

In an interview last year, McKinnon said he found thousands of machines with system-level administrator passwords left blank.

A reader who works at the Ministry of Defence was also surprised by the alleged ease with which McKinnon was able to get into US defence systems.

"In order to claim overtime, I am required to provide a login name and password for two sites," he wrote. "Hardly top secret stuff, but it would seem to be a damn sight more secure than the US military."

"Perhaps our government needs to increase its CCIPS (Computer Crime and Intellectual Property Section) funding a bit?" asked US reader Nan Schwarz. "We can add our government to the long list of security breach statistics that cost our economy billions every year."

But many readers weren't impressed by the argument that McKinnon shouldn't be condemned for showing up faults in a system.

"Hackers should be prosecuted to the full extent of the law," wrote one. "[McKinnon] broke into government and NASA computers. He will get a fair trial in the US, but this is a federal crime, so he should face a federal court."

And a common theme, as more than one reader put it, was, "If you can't do the time, don't do the crime."

But for some UK citizens, the whole affair raised another, wider question. "Who runs this country? Our elected government or the US?"