lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 3 Oct 2011 22:28:21 +1100
From: xD 0x41 <secn3t@...il.com>
To: Darren Martyn <d.martyn.fulldisclosure@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: VPN providers and any providers in general...

Ok.. my final posts on this matter i think... and opinons,

(No, seriously, I wonder what your opinions are on rehabilitative rather
than punitative measures to be taken against criminal hackers, assuming
fraud was *not* involved, and what benefit they can be to the community and
whether it outweighs the negative effects of not making examples of them).

It does outweigh, for, each time a perso is jailed it costs you, me, and
anyone wh works, money.
We can re3duce the harm, by education and counselling. Especially forced
hours per-week basis, of counselling with a qualified psych, possibly before
release even better.
I think the IQ level is higher, therfore, there is a 'smarter' chance of it
happening, asmuch as theyre hacking, theyre also gaining tremendus knoledge,
many do go into IT sec, we just cannot see those cases really..and when we
do, theyre usually yrs after the thing has happened, but, i could think of a
few EU based guys who are hapily workin for huge co's, making massive cash,
evven maker of Morphine, HolyFather, admittedly went into Av, and made
rootkits for years.
So, for sure, why put them in jail, it is just going to 'harden' , like
anyone will when ones back is up against the wall, as it will be in jail
ofc.
I think rehab, rather than retalliate.

Bedtme here for me :)
I enjoy your posts, and i think the whole topic has much merit in these
lists, other than just about a cpl of websites, pople forget that it is
still about, the freedom to even, do a simple pentest , really thats the
crux of it.

So, i think,some method used by psychology, could very easily work,
especially because, these guys are usually VERY smart, and, the can still be
'saved' unlike some hardened armed-robber/burglar...
The chance of rehab, is specially high because of the intellectual platform
it takes  just to be at a simple or mediate level of the scale, in terms of
'hacking' in hgeneral.
cheers,
xd



On 3 October 2011 22:17, Darren Martyn <d.martyn.fulldisclosure@...il.com>wrote:

> Thanks for the input, I will be putting this as a debate soon for thew Law
> Society in the Uni I attend, to see what the legal guys think.
>
> The issue in the example is not fraud, but damage done to the servers (lets
> assume root/deface) and perhaps leaking of stolen data - the case I am using
> as an example would be, for example, the "LulzSec" breaches. How hard would
> they get f*cked on an international scale if arrested? How many countries
> will try extradite them?
>
> In my opinion, they should be simply charged, tried and convicted in their
> country of residence and be done with it - there is no benefit to society as
> a whole to be gained from hanging them three or four times a piece, as I
> reckon given a good shock and such, they come out with a newfound respect
> for authority and may even be of some benefit to the security community and
> the community as a whole. Locking them up merely turns them further toward
> criminal lives - and remember, all hackers *have* potential to do good as
> well as evil, it is just a matter of their choice. Given a *shove* toward
> the right decision is more beneficial in the end.
>
> "Discuss"...
>
> (No, seriously, I wonder what your opinions are on rehabilitative rather
> than punitative measures to be taken against criminal hackers, assuming
> fraud was *not* involved, and what benefit they can be to the community and
> whether it outweighs the negative effects of not making examples of them).
>
> On Mon, Oct 3, 2011 at 9:34 AM, xD 0x41 <secn3t@...il.com> wrote:
>
>> Could just lok at the recent david cecil case here in .au.
>> It does say alot, because he did breach some bigger networks.. and he was
>> committing 'smaller' scale fraud but, still fraud, however, his main problem
>> was what he did to a governemnt site, wich was deface it for personal gain,
>> not profit.
>> It is the latest case wich would be valid of this.
>> still.. intresting infos... good stuff.
>> xd
>>
>>
>> On 3 October 2011 19:16, Darren Martyn <d.martyn.fulldisclosure@...il.com
>> > wrote:
>>
>>> Going back to my own example, say all three are first world countries,
>>> and A and C are in the EU whilst B is the US. All nations involved have good
>>> diplomatic relations and preexisting extradition treaties, and to add
>>> interest to it, lets say the LEO in B and C helped the investigation. The
>>> criomes would be non-financial, but say, large scale hacks and such. I will
>>> use Jake Davis's case as a "canary case" for this though...
>>>
>>> On Sun, Oct 2, 2011 at 12:31 AM, xD 0x41 <secn3t@...il.com> wrote:
>>>
>>>> Ah, the legend of the mailing-list himself, has spoken.
>>>> not knowing you, for all i have seen, your a pathetic sack of rubbish,
>>>> and really, what we are discussing, if you had ANY clue, wich obv dont, is
>>>> simply how far our own freedom is going.
>>>> You are an idiot.
>>>> Have a nice day.
>>>> xd
>>>>
>>>>
>>>>
>>>> On 2 October 2011 08:45, andrew.wallace <andrew.wallace@...ketmail.com>wrote:
>>>>
>>>>> On Sat, Oct 1, 2011 at 5:50 AM,  <Valdis.Kletnieks@...edu> wrote:
>>>>> > On Sat, 01 Oct 2011 09:16:11 +1000, xD 0x41 said:
>>>>> >
>>>>> >> As you also said, murder is a no brainer in any place...well, maybe
>>>>> not iraq
>>>>> >> or afghanistan just yet :P lol..
>>>>> >
>>>>> > Iraq, for all its problems, is still a place with a somewhat
>>>>> functional
>>>>> > judicial system. The court system may be broken, but you in general
>>>>> *will* at
>>>>> > least appear in a courtroom with a judge and be pronounced guilty
>>>>> before you're
>>>>> > punished.
>>>>> >
>>>>> > I was actually thinking more along the lines of  totally failed
>>>>> states such as
>>>>> > Somalia, Sudan, or the contested parts of Afghanistan, where you
>>>>> can't be tried
>>>>> > for murder because there isn't a court to try you *in*.
>>>>> >
>>>>>
>>>>> Have you not grown old of talking to children on mailing lists?
>>>>>
>>>>> ---
>>>>>
>>>>> Andrew Wallace
>>>>>
>>>>> Independent consultant
>>>>>
>>>>> www.n3td3v.org.uk
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>
>>>
>>>
>>
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ