back to article US military advisor calls for McKinnon pardon, recruitment of "master hackers"

A leading US military strategist has urged the Obama administration to soften its stance if it wants to attract the kind of “master hackers” that would enable it to compete in cyber space with China, starting with the symbolic gesture of pardoning Gary McKinnon. John Arquilla, a US Naval Postgraduate School professor and …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    "Pardoning" Gary McKinnon could save US gov some face and naïvely be hoped to help US gov repair its "world's policeman" propaganda.

    There, fixed that for him.

    Oh, and how, exactly, do you "pardon" a foreign national into whom your rotten lynching legal system never even managed to sink its claws? Apologise to... certainly... long overdue... but pardon?

    1. This post has been deleted by its author

      1. NomNomNom

        yea except that the Chinese are already well aware of the UFOs. John Mcafee knows too.

        1. Alan Brown Silver badge

          Given most UFOs are powered by JP-5, I'm sure the USA is aware of them too.

          1. Anonymous Coward
            Anonymous Coward

            I thought most UFOs were powered by cannabis?

  2. mIRCat
    Coat

    Can the United States government make the right choice? Someone buy Obama a copy of Hackers and maybe Angelia can convince him to support the effort.

    Mines the one with the directors cut of Hackers.

    1. Great Bu

      Joshua

      Surely they should start by changing WOPR's backdoor password from 'Joshua' ?

  3. Khaptain Silver badge
    WTF?

    Master Hacker ?

    >"attract the kind of “master hackers”

    Regardless of being innocent or guilty, Gary McKinnon was not a master hacker. At best he could be known as a script kiddie.

    Master Hackers are definitely not the kind of people that spend their time looking for applications that are still using default passwords.

    Also please refrain from using "Hacker" only in the negative sense.....

    These two "Master Hackers" have identified a weakness in TLS encryption by studying reponse times. They are definitely not in the same category as GM.

    1. Raumkraut

      Re: Master Hacker ?

      I don't think he was referring to McKinnon himself as one of the "master hackers", rather as an example of the US government/legal system's general attitude toward the technologically curious.

      Firing your shotgun toward someone who was just playing in your garden without permission, is likely going to make the elite players think twice about coming to visit.

      1. C 18

        Re: Master Hacker ?

        >Firing your shotgun toward someone who was just playing in your garden without permission, is likely going to make the elite players think twice about coming to visit.

        Unless of course, 'you're trying to tell me I can dodge bullets.'

    2. dogged

      Re: Master Hacker ?

      I was expecting it to be Matt Bryant who called McKinnon a "script kiddie".

      This story's going to make poor old Matt's head explode.

      1. Anonymous Coward
        Anonymous Coward

        Re: Master Hacker ?

        No... Matt Bryant will be the one shouting:

        HE SHOULD HAVE BEEN DEPORTED

        HE'S A CRIMINAL

        IT'S LIKE THE DAILY FAIL 'ROUND HERE

        HE'S A CRIMINAL

        DEPORT HIM

        ...then the poor sod's head'll assplode.

        Just nipping off for the popcorn.

        1. Elmer Phud

          Re: Master Hacker ?

          Hackers are what have been frequenting several US military databases for a while according to the press.

          Doubt if the ones not found yet will be leaving anytime soon.

          1. Alan Brown Silver badge

            Re: Master Hacker ?

            There's a lot not being reported. Like the script kiddies who installed a IRC bot server on NASA's original mars rover controller.back in the 90s. Much of it is simply quietly removed in the hope that superiors don't find out.

  4. Local G
    Trollface

    Master Hackers get $10,000 an hour

    McKinnon better get an agent.

    1. This post has been deleted by its author

    2. Androgynous Crackwhore
      Facepalm

      Re: Master Hackers get $10,000 an hour

      IT'S A TRAP!

      Issue him a "pardon"... tempt him over to the dark side (of the pond) with offers of SQUEEEEEEEELIONS of dollars and a cool sounding job... then... as he steps off the plane... pronounce him a terrorist who was buried at sea on the way over and disappear him of to some obscure CIA Military harmless charity outpost in Romania to answer a few enhanced questions.

      Nice try Yankee types but I doubt even McKinnon is that stupid.

      1. GitMeMyShootinIrons

        Re: Master Hackers get $10,000 an hour

        " tempt him over to the dark side (of the pond) with offers of SQUEEEEEEEELIONS of dollars"

        That's what the villain in Die Hard 4 did. Worked out well for those 'hackers' too....

        1. Local G
          Pirate

          Re: Die Meisterhackers von Washington

          Their Guildhall is Der Pentagon

  5. Tim Roberts 1

    McKinnon .....

    Basically the US got what they deserved. If one man searching for evidence of UFO's can infiltrate a "high security" network, then the fault lies with the network administrators. Geez, even I know how to strengthen my passwords and access to my home wifi. McKinnon was not a criminal in any sense of the word. The fault lies with some idiot "administrator" trying to cover their own pathetic arse because he left the default password to "password" or "fido" or some such crap.

  6. wowfood

    It's a bit like

    In cartoons where the bad guy gets his ass kicked and then goes "I'll let you off easy this time" before running with their tail between their legs.

    Effectively admitting defeat without admitting defeat.

  7. NomNomNom

    McKinnon is a false flag operation designed to simultaneously convince the world the US military have poor security networks and secondly that the US military has no evidence of UFOs entering the atmosphere on a daily basis.

    "build trust between hackers and the government"

    A master hacker would trust no-one

  8. robin48gx
    Meh

    And sack Carmen Ortiz....

    1. duncan campbell
      FAIL

      They could put her head on a stake

      And it would make no difference;

      it's not the well they've poisoned,

      it's the water table.

      Dhu

  9. amanfromMars 1 Silver badge

    The £88,888,888 question .......

    Aside from persuading IT professionals to sign-up and “click for their country”, or using artificial intelligence, the best way to build out capacity in this area is to recruit more hackers, he argued.

    However, by failing to act quickly it runs the risk of losing out on recruiting the small number of world-class “master hackers” who can “walk right through firewalls”.

    Hmmm? A question for John Arquilla, a US Naval Postgraduate School professor and advisor to former defence secretary Donald Rumsfeld …… Is there any significant measurable difference between Master Pilot Controllers and the few missing recruits who be world-class “master hackers” who can “walk right through firewalls”?

  10. Thomas 4

    I forget who it was that said something this

    No-one knows who the world's greatest hackers are, because you've never heard of them. They leave no abusive messages on the system, they mess with as little as possible and above all they keep their mouths shut.

    Hiring someone from Anonymous or Lulzsec will be as much use to you as a chocolate kettle and considerably more noisy.

    1. Michael Wojcik Silver badge

      Re: I forget who it was that said something this

      No-one knows who the world's greatest hackers are, because you've never heard of them.

      Of course, "the world's greatest hackers" is obviously a meaningless term, like "the world's greatest writers" - either it's so inclusive that it's an enormous category with a huge range of talents, or it's based on completely arbitrary criteria.

      But even the pretty good hackers, in the "breaking security" sense, are rarely heard from. What we do see sometimes is evidence of their passage, as in the hack of the Internet Auditing Project (search for "they're heeeere") back in 2001. One of their locked-down systems was broken in by an intruder who gained access to the network using credentials stolen from a different compromised machine. The attacker got into the BASS system, rooted it with a zero-day exploit, and installed a backdoor and rootkit. All over an ssh connection (files uploaded via the shell, uuencoded), and all in 8 seconds - proving this was an automated attack. The IAP folks only knew about it because they had a kernel hack in place that logged all activity through any tty/pty descriptors.

      That kind of sophisticated malware is produced by teams of clever, knowledgeable folks, with lots of resources at their disposal. It's not McGee and Abby furiously typing on the same keyboard.

      Hiring someone from Anonymous or Lulzsec will be as much use to you as a chocolate kettle and considerably more noisy.

      And not as tasty.

  11. jake Silver badge

    ::rolls eyes::

    Earth to John Arquilla: This is not the movies. Hope this helps. Have a nice day.

  12. NomNomNom

    The US government need to find people who can walk through firewalls but are also capable of putting a logic bomb through the backdoor

    1. Anonymous Coward
      Anonymous Coward

      I once had a logic bomb put through my backdoor. At least that's what I think she said it was. Didn't much go for it.

  13. David 45

    Pardon me

    How can he be "pardoned" if he has not been convicted of a crime?

    1. Elmer Phud

      Re: Pardon me

      Because he's obviously guilty.

      It's how the legal system works -- no jury of peers, no hard evidence, lots of FUD, and the correct meaning of 'prejudice'

      Oh, plus he's a Brit and in Hollywood they are usually either the bad guys or a complete fop.

      As McKinnon has not got the laydeez swooning I can only assume he's been picked to play the part of villain.

    2. sisk

      Re: Pardon me

      A pardon 'forgives' (for lack of a better term) him of any crimes he may or may not have committed. Under US law no conviction is necessary for a pardon. You can stop prosecution cold with one before the trial even starts.

      1. steward
        Boffin

        Re: Pardon me

        The most famous example of a US pardon without any prosecution is the pardon of Richard Nixon by Gerald R. Ford. It can be seen at http://www.youtube.com/watch?v=_qC2b6ibOK0 .

    3. Al Jones

      Re: Pardon me

      He hasn't been convicted because the Home Secretary didn't extradite him. If he ever falls under US jurisdiction, he could still be prosecuted (and would presumably be convicted, because he has admitted responsibility for the intrusion, and the law is an ass). A pardon would put an end to that.

      1. Anonymous Coward
        Anonymous Coward

        Re: Pardon me

        "Statute of limitations"?

  14. sisk
    Joke

    I'm suddenly reminded of an episode of CSI where a dude breaks into the FBI database in an effort to get a job then gets hired by the NSA instead of going to jail. Are we going ta ask the 'master hackers' to write a GUI in Visual Basic to trace an IP to?

    1. Michael Wojcik Silver badge

      Yes, but only if it includes many message boxes with flashing red text, accompanied by some sort of annoying sound effect.

  15. koolholio
    Alien

    Which shade?

    Black, Grey or White...

    Surely which shade is based, purely upon intent? But then... if ones intent could be derived from a note somebody else wrote, as in the recent case of Casburn... hmm the worlds just a tad hypocritical and messed up!

  16. Keep Refrigerated
    Holmes

    So someone's smelling the winds of change then?

    It seems like slowly US government officials are discovering that their aggressive policy towards hackers (in the traditional sense), the technologically curious and activists for the free-flow of information is starting to cause a bit of stink... so much that it's causing even mainstream tech community to hold the US government in contempt.

    This in turn makes recruitment harder if you're raising a generation that is not only technologically superior to you, but actually considers you a road-block to freedom. They won't want to work for the government because they mistrust the government, in turn the government starts to lose IQ points in it's collective mind-share as the old guard retire and die off.

    Can the US government restore it's reputation? Possibly - does it have the tenacity to? Not with the current majority of politicians stuck with heads up their collective arses. It will take a major shift in how it interacts with the tech community, might be too little, too late by then.

    1. jake Silver badge

      Re: So someone's smelling the winds of change then?

      "you're raising a generation that is not only technologically superior to you"

      Post proof of this, or retract the concept as pure conjecture. Frankly, as a sometime lecturer at Berkeley & Stanford these last 30 years, I find quite the opposite to be true.

      1. Michael Wojcik Silver badge

        Re: So someone's smelling the winds of change then?

        Frankly, as a sometime lecturer at Berkeley & Stanford these last 30 years, I find quite the opposite to be true.

        Going by, say, the past few decades of ACM publications or similar, I think what we're really seeing is just dilution. There are good young people working in CS and other tech fields, just as there were in previous decades; but as those fields have grown, the number of mediocre people working in them has increased faster, so the good ones are harder to spot in the crowd.

        In the last grad CS class I took, a couple of years ago, there were some clever folks: one two-student team developed an algorithm for - lemme see, predictive modeling of gene methylation, maybe? - that outperformed the best one in the literature to date. That's real research. But most of the students, to be honest, were just picking up enough knowledge to add a couple words to their CVs.

        I'll certainly agree with Jake that this idea that the current generation (however defined) is "technologically superior" is rather dubious. I might also note that methodologically-sound studies of "digital natives" and like have shown those concepts (the sort of stuff promoted by Wired writers and similar clowns) to be completely unfounded.

  17. Michael Thibault
    Alert

    And the Chinese, for example, will respond with... ?

    A double-take?

    "Oooooo-Kaaaaay! You asked for it!"?

    Actual squeeeeeelions of dollars in a bidding war (on the off-chance that they can't already tap the top-tier talent with a flick of their collective elbow)?

    Just askin'.

  18. Anonymous Coward
    Anonymous Coward

    If McKinnon snubs the pardon...

    maybe Obama should award him the Distinguished Hacking Ribbon.

  19. Anonymous Coward
    Anonymous Coward

    Yeah, right that will work

    I hope this strategists isn't actually getting paid for having his head up his arse and being clueless.

  20. MacGyver
    Meh

    The answer has always been easy, roll your own. They need to hire programmers in-house and custom make their own security software. Hell I have been wondering for ages why the government continues to buy Microsoft products and doesn't do like the Chinese have done, and roll their own version of Linux.

    For that matter creating odd hardware (48-bit processors?) and running specially compiled software versions on that hardware would go a long way to stopping the onslaught of script-kiddies (I bet its hard to drop in an exploit through a buffer-overflow when you can't compile the proper exploit because it needs to run on some crazy out of spec hardware that no one has a compiler for).

    1. Michael Wojcik Silver badge

      Hell I have been wondering for ages why the government continues to buy Microsoft products and doesn't do like the Chinese have done, and roll their own version of Linux.

      They did, sort of: the NSA created what became SELinux.

      It's politically impossible to get even the executive branch of the US Federal government to agree on, and implement, any sort of major IT change like moving to a single OS. You're talking about thousands of fiefdoms controlled by unelected bureaucrats who can argue until heat death against any encroachment on their power. Add to that Microsoft's not-inconsiderable lobbying power, and the difficulty of proving any value in moving away from the Windows/Office hegemon, and good luck getting any traction for that plan.

      For that matter creating odd hardware (48-bit processors?) and running specially compiled software versions on that hardware would go a long way to stopping the onslaught of script-kiddies

      Script-kiddies are not the problem; or, rather, they're a part of the attack tree that's easily pruned using known techniques (firewalls, vulnerability scanning, penalties for violating internal standards so security is no longer an externality for individual offices). Serious attackers won't be bothered by your arcane hardware, so all you'll do is push your procurement and development costs into the stratosphere.

This topic is closed for new posts.

Other stories you might like