theregister.co.uk — This poor guy has actually been convicted of hacking a site he was just checking out because he suspected it of being a phishing site. All he did was type ../../../ into the url.. what is the word coming to?
Oct 11, 2005 View in Crawl 4
canudiggitOct 12, 2005
"He also lectured at Westminster and Royal Holloway universities - ironically he taught some members of the Computer Crime Unit."
Closed AccountOct 12, 2005
Folks of America: This is *EXACTLY* why jury nullification exists.If a lawyer that never served as a judge can make it to the supreme court, jury nullification is not only a legal right guaranteed by the constitution, but a moral imperative that sitting juror should be able to exercise at a last "check and balance".
doddilusOct 12, 2005
im so glad this evil dangerous man is behind bars and off the streets away from our children...
kickarseOct 12, 2005
This is such a freaking twist of the legal system. Just looking for a reason to get money and put people in precarious positions. He lost his job. How cruel is that!?
quakefiendOct 12, 2005
im gonna make a run of ../../../ shirts now
shade_jinxOct 12, 2005
This is probably good. What so called "Security Consultant" would get caught? Good Security Consultants are morbidly paranoid, know the law pertaining to what their doing, and take meticulous care to avoid it. Any Security Consultant that gets caught "hacking" someone who isn't a client isn't worth the ink on his business card.
matt2kOct 12, 2005
He wasn't "Hacking" the site and wasn't trying to cover his tracks. If he was trying to hide himself, he wouldn't have made a f**king donation to the site. Pay attention.As a security professional myself, I often play around with other websites to see if I can spot any obvious holes. It's so rediculously common to find a SQL injection or XSS attack that it just staggers the mind. Often I find vulnerabilities within a few seconds of visiting a website. I'm talking about big profile sites here.Usually I notify the webmaster and they either fix it or they don't. I really don't care and I don't bother going back to check.Since nothing actually HAPPENED when he attempted these tricks, there was clearly no need to notify the webmaster.While I don't live in the UK, this kind of stuff does happen and not everyone wants to know that their back door to the alleyway is sitting wide open, swinging in the wind. I really doubt this is something I will pursue in the future.