Let that be a lesson to all black/white hatters. Don't go the the USA. If you want to speak do it via Skype (other video conferencing software is available, your mileage may vary and IANAL
British snoops at GCHQ knew FBI was going to arrest Marcus Hutchins
Secretive electronic spy agency GCHQ was aware that accused malware author Marcus Hutchins, aka MalwareTechBlog, was due to be arrested by US authorities when he travelled to United States for the DEF CON hacker conference, according to reports. The Sunday Times – the newspaper where the Brit government of the day usually …
COMMENTS
-
-
Monday 21st August 2017 14:17 GMT Sir Runcible Spoon
"Let that be a lesson to all black/white hatters. Don't go the the USA."
Also: Don't trust the spooks.
Even if Hutchins is as guilty as sin, why would there be any need to extradite him? Why couldn't he be arrested and tried here in the UK - his home.
Unless there isn't enough evidence for the UK courts and the spooks knew the CPS would just chuck the case out the door the moment it was presented.
Talk about betrayal. Now the US doesn't even need to present flimsy evidence to secure a Brit for trial. Shady fucking bastards.
-
Monday 21st August 2017 17:19 GMT streaky
To be fair there was plenty of evidence in the McKinnon case and the brit police were incapable of prosecution. Entire thing was made worse by the fact they wouldn't extradite him because he had AS (people with AS do understand the difference between right and wrong and that law is a thing or they'd all be in secure mental units like Rampton when they commit crimes).
In this specific case I don't really know, I'd like to believe that they have the wrong guy but all the best white hats learn their craft by having been black hats - it's entirely plausible that he is their guy. Until the trial starts and evidence arrives it's impossible to say.
-
Monday 21st August 2017 21:09 GMT The_Idiot
@streaky
"I'd like to believe that they have the wrong guy..."
And a small principle generally referred to as 'innocent until proven guilty' would suggest, to me at least, that that belief should be a starting point - but what do I know.
"... but all the best white hats learn their craft by having been black hats..."
If I may, a citation? Or were all the best police officers once criminals, by the same logic? Were all the best bodyguards once international hit-people?
"... - it's entirely plausible that he is their guy."
If you say so. It's not for me to comment, positively or negatively, on where you set your bar for 'plausibility'. But the fact that something is 'entirely possible' is hardly grounds for arrest, at least, so I would suggest. Or if it is, then the next time there is an apparent impulse burglary in your neighborhood, you should not be surprised if everyone within a given radius, including yourself, is arrested. After all, it's 'entirely possible' _anyone_ did it... no?
-
Tuesday 22nd August 2017 00:50 GMT Ian Michael Gumby
@The idiot... you really don't get it...
Reply Icon
@streaky
"I'd like to believe that they have the wrong guy..."
And a small principle generally referred to as 'innocent until proven guilty' would suggest, to me at least, that that belief should be a starting point - but what do I know.
Sorry mate, you really don't understand the meaning of the phrase innocent until proven guilty. So here's a quick lesson.
The expression is meant to show that at trial, the burden of proof is for the DA to show guild beyond a reasonable doubt. So you're presumed innocent until they have shown enough evidence so that either a judge or the jury find you guilty.
It has nothing to do with the court of public opinion.
The real question is why does the FBI think this is their guy?
-
Tuesday 22nd August 2017 05:21 GMT The_Idiot
Re: @The idiot... you really don't get it...
@Ian Michael Gumby
"you really don't get it"
Sir, there are indeed many things in life I 'don't get'. And some I hope never to 'get' (medical science permitting (blush)). However, the point I was attempting to make, no doubt badly, was that a presumption of innocence, as opposed to a presumption of guilt, may be worth considering as a personal tenet as much as it is a legal one (in some jurisdictions). However, it was and is only a suggestion, as any decision regarding such a tenet is, of course, purely personal. Though I would rather live in a society where others hold that tenet than one in which nobody else does. Of course, I'm an Idiot... :-)
-
Thursday 24th August 2017 01:52 GMT Ian Michael Gumby
@The idiot Re: @The idiot... you really don't get it...
You still missed the point.
There is no presumption of innocence in terms that you think you understand.
The issue is one of the burden of proof.
Does the defendant bear the burden to show his innocence or does the prosecution bear the burden to show that the person is guilty.
Meaning if you can't prove you are innocent, you are therefore guilty,
Or if the Prosecution can't prove that you guilty then you are therefore innocent.
The concept of 'innocent until proven guilty' means that the prosecution must beyond a reasonable doubt prove that you are guilty.
This has nothing to do with the state treating you like you are guilty and placing you in jail until the trial or you make bail. Even under bail, your freedoms are restricted.
Here's an example....
Your next door neighbor is found dead. His head was pounded in with a hammer that happens to have your finger prints all over it. You were questioned and you claimed to be asleep in your own bed at the time of the murder but you have no witnesses.
You are charged with the crime.
The prosecution will supply evidence that you could have done it.
Your defense will try to discredit the prosecution. For example, your finger prints are at your neighbors house because you are friends and you hang out there. Your finger prints are on the hammer because its your hammer that he borrowed...
At the end of the day, If the prosecution doesn't meet the burden, you should be found innocent.
(Meaning you can raise doubt to the assertions made by the prosecution.)
Now if they left out evidence... like security cam footage of a car driving up and then away while you claimed to be home and they didn't use it or tell your lawyer it existed, then you would be able to sue them for leaving out exculpatory evidence. It would be prosecutorial misconduct.
Sorry for tossing that last bit in there.
The point is that 'innocent until proven guilty' is misunderstood.
Look at OJ. Do you really think he was innocent even though the prosecution failed to make their case?
-
-
Tuesday 22nd August 2017 06:13 GMT Scorchio!!
Re: @The idiot... you really don't get it...
Yes, correct, and you have more patience than me. As for the posts complaining that he should have been held and tried here, nonsense; he went to the US and the US is where he's a suspect. It is nothing to do with being sneaky. Had they not known would it have made any difference?
-
Thursday 24th August 2017 01:56 GMT Ian Michael Gumby
@Scorchioli Re: @The idiot... you really don't get it...
Hey Mate, long time no see.
Yeah, I don't worry about the down votes. Most of the time its out of ignorance of the law and wishing things to be true that aren't. (Of course I do make mistakes so I can't complain there. )
This guy got nabbed. Why?
The FBI can be clueless at times, but not this clueless.
Something isn't right.
I mean what if he is innocent but the guys who did it used some code he wrote long ago?
Or he did do it?
I don't know and I'm not going to assume innocence or guilt, but that the Feds have to have something that ties him to the crime.
-
-
Tuesday 22nd August 2017 08:27 GMT Wayland
Re: @The idiot... you really don't get it...
"The real question is why does the FBI think this is their guy?"
I expect they are annoyed he stopped the WannaCry and don't want hackers messing up their worms in future. Betraying him sends a message to hackers not to be white hackers. Easy to catch a white hat hacker when he's helping GCHQ. Not so easy to catch a black hat hacker.
-
-
Wednesday 23rd August 2017 07:17 GMT Sir Runcible Spoon
Re: @The idiot... you really don't get it...
"Stopped wannacry, or told the world he stopped his own out of control experiment before it caused even more chaos..."
Whilst that has obviously cross some people's minds, there isn't any hint that this is the case. Nothing in the US case mentioned Wannacry - it's all about Kronos.
-
Thursday 24th August 2017 02:09 GMT Ian Michael Gumby
@AC ... Re: @The idiot... you really don't get it...
There was this guy named Morris who worked for the US Government. PhD in Computer Science.
He had a son who was getting his graduate degree in CS. He wrote a worm... maybe you heard about it? Maybe you were alive at the time?
He helped to stop his worm that he accidentally set free.
In this case, I don't know Hutchins or his innocence or guilt. I'm not judging.
I am being objective and I'm asking why would the Feds go after him without evidence?
I don't know the answer, or even pretend to know the answer. But I am going to give the Feds some benefit of the doubt.
Again, if they messed up, it could mean a payday for Hutchins and his lawyers.
-
-
Tuesday 22nd August 2017 10:06 GMT Doctor Syntax
Re: @The idiot... you really don't get it...
"The real question is why does the FBI think this is their guy?"
They need a guy so anyone will do?
Oh, look, here's a bit of code he posted publicly that he then says was incorporated in Kronos. That'll do.
Incidentally the author of this analysis https://blog.malwarebytes.com/cybercrime/2017/08/inside-kronos-malware/ suggests that the actual code has a longer pedigree than Hutchins publication and that the implementation is more sophisticated concluding "The level of precision lead us to the hypothesis, that Kronos is the work of a mature developer, rather than an experimenting youngster."
-
Thursday 24th August 2017 02:04 GMT Ian Michael Gumby
@Dr. Syntax ... Re: @The idiot... you really don't get it...
Suppose you are right that there's a piece of code that ties him to Kronos.
That's not enough for an arrest warrant because he can explain that the code was posted and it was openly available.
If that's the only piece of evidence, they wouldn't have arrested him. They would have hauled him in for questioning, but not enough for an arrest.
That's why I am confused. Could there be more or is the FBI that clueless? I tend to give the FBI a bit more credit that that.
Again, if he's truly innocent, IMHO he should fight it. Taking a plea deal would admit to a felony and that he was guilty of something he didn't do.
-
-
-
Tuesday 22nd August 2017 12:22 GMT Stevie
After all, it's 'entirely possible' _anyone_ did it... no?
No. It's possible that someone else with the necessary skills did, which isn'tbthe same thing. There is enough evidence to start looking a him though, crummy take-down ploy situation notwithstanding.
No skin in the game. No fish to fry on either side until the case is underway.
-
-
-
Monday 21st August 2017 21:19 GMT Unai Aznar
Even if Hutchins is as guilty as sin, why would there be any need to extradite him? Why couldn't he be arrested and tried here in the UK - his home.
Unless there isn't enough evidence for the UK courts and the spooks knew the CPS would just chuck the case out the door the moment it was presented.
Talk about betrayal. Now the US doesn't even need to present flimsy evidence to secure a Brit for trial. Shady fucking bastards.
Exactly THAT. This guy has been betrayed by his government. Even when he was HELPING them. Not that I think THAT is needed. It's just an extra.
And it doesn't mind where are you from. If this statement is real, and I find it hard to think it's not: "Government sources told The Sunday Times that Hutchins' arrest in the US had freed the British government from the 'headache of an extradition battle' with the Americans."
It makes me sick.
Should this have happened in my country, I'd be very, VERY pissed. And showing it. Calmly, yes for I think it's better, and frightens them more. But firmly.
And fuck it with the anonymous post or handles this time. That up there is my name.
And this is my opinion.
-
Wednesday 30th August 2017 13:50 GMT truloxmyth
It’s a lot easier for the UK government to wash their hands of the entire thing until they find him innocent! I mean come on, how stupid do they think the cyber security community is?! It's already full of secretive, paranoid conspiracy theorists as it is. So, when something as flimsy as this case is presented, are we not going to call BULL SHIT on the entire thing?
It’s an absolute JOKE how they think detaining someone for 48 hours, with relentless questioning is going to get the truth out of anyone. Watch how to make a murderer and the shit they put Avery’s nephew through. This has to be 100% indisputable evidence, of the lack of protection anyone has from these corrupted government officials if it treats a national, a child of low mental acuity like that. Then to add to it all Marcus isn’t a citizen of the US, how the hell is he to know the laws when you’re being questioned by the FBI for Christ’s sake!! That’s not something that just happens every day, is it?!
I’m sorry to say it but America is NOT a nice place to be at this moment in time. Especially for non-white folks. When the supposed ‘leader of the free world’ is as unhinged as the dictators your country has demonised over the last 100 years. Then you have serious internal issues. So, when you have someone who is: 1) clever enough to stop and code malware, 2) is British and may sound like a bad guy, 3) they’re brown… Fuck me you’ve hit the trifecta there!! Shit, if he was a brown skinned Mexican Transgender coder then they wouldn’t have even bothered going to trial! Would have just disappeared off the face of the planet like Jimmy sodding Hoffa!!
Maybe look at sorting things like this out before arresting someone who did the world a MASSIVE FAVOUR in stopping something that could have crippled ½ of the worlds Microsoft systems. If the NSA had either provided the information about the SMBv1 vulnerability to the public, so that we were aware of the issue and could force Microsoft to release the update. Or, just go to Microsoft with their findings and tell them they need to release the update for global security reasons. Then none of the WannaCry malware spread would have happened. It’s called the National Security Agency for fucks sake. And they didn’t think that SMBv1 was a big enough security threat to the Nation of America?
-
-
Monday 21st August 2017 21:37 GMT Trigonoceps occipitalis
"Why couldn't he be arrested and tried here in the UK - his home."
In the UK there is an element of plea bargaining, for instance the prosecution may accept a guilty plea to manslaughter to avoid a lengthy murder trial that may just result in the same verdict. We also have a system of fixed penalties for minor criminal offences such as speeding (but not too fast).
What we don't have is a way to offer a very low level punishment for a guilty plea against the possibility of 50-150 years imprisonment for an unsuccessful not guilty plea. The nominal discount for an early guilty plea is one third off the sentence. This case will be difficult to explain to a jury, the judge may not understand and the jury may just want to set him free because he "saved the NHS." The trial will take a long time and may not result in a conviction. However the US court system seems to think that, in order to get around this awkward situation, it is acceptable in a mature, liberal democracy to make on offer you can't refuse.
-
Tuesday 22nd August 2017 00:54 GMT Ian Michael Gumby
@ Trigonoceps occipitalis Re: "Why couldn't he be arrested and tried here in the UK - his home."
In the US there is also such a thing as plea bargaining.
I believe there was an offer on the table that would have been a slap on the wrist, yet it would have meant he couldn't use a computer (including a smart phone) again.
IMHO, that's either because someone in CGHQ called in some favors, or because they have a really weak case.
Again, we don't know enough to really assess innocence or guilt.
So what does the FBI know and why did they charge him?
If he's really innocent, he won't take any plea deals.
-
Tuesday 22nd August 2017 11:26 GMT Trigonoceps occipitalis
Re: @ Trigonoceps occipitalis "Why couldn't he be arrested and tried here in the UK - his home."
"In the US there is also such a thing as plea bargaining.
I believe there was an offer on the table that would have been a slap on the wrist, yet it would have meant he couldn't use a computer (including a smart phone) again."
1. I didn't say there was a plea bargaining system in the US courts.
2. An offer was made, even if the alternative was a pat on the back and an upgrade on the flight home, that quacks like a plea bargain.
-
-
-
Tuesday 22nd August 2017 06:55 GMT Diskcrash
The reason to avoid trying him in the UK is that the penalties are lesser than in the US and the fact that the crime was committed in the US (allegedly). Also the fact that all British hackers seem to develop Asperger's with their mothers crying on the news that their baby will die if they go to the US makes it hard to take the UK judicial system as anything other than extremely lenient.
The US judicial system is much more adversarial in nature not to mention expensive with harsher penalties and less likely mitigation of sentencing than then UK system but it does have some checks and balances and frequently the innocent do go free. But not always but then prisons are every where only have innocent people in them if you talk to the prisoners.
-
Tuesday 22nd August 2017 10:15 GMT Doctor Syntax
"the fact that the crime was committed in the US (allegedly)."
Only in the sense of the US's extraterritorial extension of its criminal justice system. If he lived and worked in the UK it's likely that if he wrote Kronos (& see my response to Gumby) then he would have done so in the UK. However, the CPS would have required something like a proper prima facie case that they could present to a committal hearing. So far we've heard of nothing like that in this instance other than that he wrote an explanation of a technique which wasn't original, posted the code on Github and then, maybe naively, suggested that it had been the source of similar code in Kronos.
TL;DR In the UK it'd have been laughed out of court had it got there.
-
-
Tuesday 22nd August 2017 08:52 GMT Anonymous Coward
"Talk about betrayal. Now the US doesn't even need to present flimsy evidence to secure a Brit for trial. Shady fucking bastards."
What betrayal? This isn't school where you don't snitch on your classmates to teacher, this is the adult world where if someone has potentially committed a crime they need to be investigated. The guy is on bail , not in prison. If there is evidence he did this then he'll do time, if not then he'll come home.
-
-
Tuesday 22nd August 2017 14:08 GMT IsJustabloke
How do you know it wasn't?
"There's still the question of why, if there was a case to be investigated, it wasn't investigated in the UK where it would appear that the alleged act would have been committed."
See title...
if the government really does feel it saved them a headache they may have well decided it also saved them a headache in not prosecuting him themselves.
-
-
Tuesday 22nd August 2017 11:11 GMT Sir Runcible Spoon
"What betrayal? This isn't school where you don't snitch on your classmates to teacher, this is the adult world where if someone has potentially committed a crime they need to be investigated. The guy is on bail , not in prison. If there is evidence he did this then he'll do time, if not then he'll come home."
Since he is a British subject, and GCHQ work for Her Majesty (via HM Government), then selling him out to the Americans is a betrayal (whatever justification they feel they might have) of one of the Queen's subjects, by one of her appointed agents, to a foreign government.
If the crime turns out to be based on code written on a server hosted in the US then perhaps I could understand, but there is no mention of that. If anything, any *actual* evidence would be located on his systems at home, HERE IN THE UK.
Tell me again about how this 'evidence' is to be found by the US investigators?
-
-
-
Tuesday 22nd August 2017 00:40 GMT Ian Michael Gumby
@Ochib
Sorry, but this is a bit of a weird one.
Why would the FBI suspect him of committing the crime?
Here's the rub.
Yes, they can go to a Grand Jury and present their evidence. Its taken under the assumption to be true thus if true, is there enough evidence to show that he committed the crime?
They had to do that.
But what happens if the evidence they proffer isn't correct and they know that the evidence is wrong, or that there's exculpatory evidence he didn't do it? (Meaning that while the facts presented may be true, there's another piece of evidence which show's his innocence was intentionally left out and ignored. )
There's more, but if these guys did something underhanded, meaning he's completely innocent of the charges... they could be sued themselves for prosecutorial misconduct. On a Federal charge, that could mean a lot of money.
The interesting thing... they piled on a threat because he went to a gun range in Vegas. All you Brits who hate owning guns end up going to the range to rent and fire a machine gun... IMHO that was a weak bit of evidence thrown in as a way to ask for tighter bail and restrictions. (Even the judge will see through that one.)
But you still have to ask... why him?
-
-
-
Monday 21st August 2017 16:57 GMT Anonymous Coward
"Be interesting to see if he trusts GCHQ ever again."
Not only he. Those agencies may have the need to ask for help from those people, because what they pay, and the way they work, may not appeal to many people highly capable in this field, and they won't accept a job inside those organizations. Still, they may need those people, thus, helping to convict them but with big and sure evidences they committed a crime, may mean no one will trust them.
In other countries it's much simpler, states close both eyes over criminal activities of their hacking group, and in exchange they ensure they will help state-lead activities when needed.
Of course, democratic countries can't do that - but scaring security people with arrests made this way may create a division that will just make our security worse, not better.
-
-
Tuesday 22nd August 2017 09:40 GMT staggers
Re: "Be interesting to see if he trusts GCHQ ever again."
Quite.
Given how important Turing had been, surely a string or two could have been pulled. I doubt if the public would have cared, not that they'd have known. But no, they let him sink.
It's also hypocritical, given that there were standing orders never to arrest John Gielgud when he was caught at it.
You truly never can trust the bastards.
-
-
Tuesday 22nd August 2017 08:34 GMT Wayland
Re: "Be interesting to see if he trusts GCHQ ever again."
"but scaring security people with arrests made this way may create a division that will just make our security worse" - if you believe the security services are smart people then scaring the white hat hackers is someone's intention.
-
-
Monday 21st August 2017 21:26 GMT Oh Homer
Re: "low standards of proof"
That would be exactly zero, as the
Sinister"Special" Relationship between ourtyrannical rulerscountries has produced an extradition treaty that requires absolutely no prima facie evidence whatsoever.As in none.
At all.
But only when the
kidnap victimsuspect is flying east to west, not in the other direction, for some mysterious reason...-
Tuesday 22nd August 2017 00:49 GMT Anonymous Coward
Re: "low standards of proof"
"That would be exactly zero, as the Sinister "Special" Relationship between our tyrannical rulers countries has produced an extradition treaty that requires absolutely no prima facie evidence whatsoever."
That treaty was used to extradite the NatWest Three, despite the fact that the US hadn't ratified it yet
the NatWest three were extradited to the US under the US-UK Extradition Treaty 2003, even though that treaty had not been ratified in the US.
-
-
Tuesday 22nd August 2017 00:56 GMT Ian Michael Gumby
Re: Or maybe they still couldn't make a case against him even with Blairs extradition law
And it's ridiculously low standards of proof from the US side.
And its not really that low.
Seriously there's something wrong here.
Either he was involved somehow...
Or the FBI really screwed up and doubled down on it.
No way of telling until there's a trial.
-
Tuesday 22nd August 2017 07:21 GMT Anonymous Coward
Re: Or maybe they still couldn't make a case against him even with Blairs extradition law
FBI have a history of inventing cases when they can't find enough real cases to justify the expanded budgets in certain areas. In this case it appears they need more funding for their cyber crime unit.
-
Thursday 24th August 2017 02:12 GMT Ian Michael Gumby
@AC Re: Or maybe they still couldn't make a case against him even with Blairs extradition law
No.
The stakes are high here.
You're accusing a foreign national of a crime where he could potentially provide exculpatory evidence.
Unless they have enough evidence to make a case beyond a prima facie case, they wouldn't do it.
Too much is at stake.
-
-
Tuesday 22nd August 2017 09:16 GMT Anonymous Coward
Re: Or maybe they still couldn't make a case against him even with Blairs extradition law
"Be interesting to see if he trusts GCHQ ever again."
I doubt they care. From what I've read the guy seems a fairly talentless plank anyway who just got lucky when he stopped wannacry. I wonder if he registered that web site in order to try and use the worm himself perhaps thinking it was a C&C address. No, wait, what am I thinking, he's a geek hero who was valiantly battling the evil forces of Black Hats and The Man.
-
Tuesday 22nd August 2017 09:39 GMT phuzz
Re: Or maybe they still couldn't make a case against him even with Blairs extradition law
I imagine there's some folks inside GCHQ who are a bit ticked off with the FBI right now, as well as their own higher-ups for giving Hutchins to the FBI.
Not only is he never going to trust them again, but other potential collaborators will think twice before offering to help out as well.
The whole point of civilian contractors is that they can do things that the civil service aren't allowed to do, but now they're being thrown to the wolves.
-
Monday 21st August 2017 14:23 GMT iron
Rules
Rule #1: Never go to the USA.
Rule #2: Never work for GCHQ, NCSC or any other branch of the UK government.
Rule #3: Never do anything to prevent or curtail a malware outbreak, let the users burn.
Nice set of rules you're teaching there guys, I guess you didn't want the help of white-hat security experts.
-
Monday 21st August 2017 14:45 GMT theOtherJT
Re: Rules
They're terrible rules. And they're exactly the rules I'd impose on myself if I worked in security and not the mundane world of devops. Of course it's messed up that people feel these are appropriate constraints for security researchers to place on themselves, but the reason it's messed up is that they actually ARE appropriate constraints in the current climate.
-
Monday 21st August 2017 17:18 GMT Anonymous Coward
Re: Rules
Rule #1: Never go to the USA.
Rule #2: Never work for GCHQ, NCSC or any other branch of the UK government.
Rule #3: Never do anything to prevent or curtail a malware outbreak, let the users burn.
Rule #4: Do not trust anyone. For many (edit: make that "most") named in item #2, the days of honour are over and without it they have frankly f*ck all to offer.
From that also follows #5: Don't trust anyone to actually do their job. That too got buried a long time ago in the thick layer of BS that seems to cover anything associated with politics. If the person you're dealing with talks more than types in their daily job, disengage.
-
-
Monday 21st August 2017 21:02 GMT Anonymous Coward
Re: Rules
Everyone who upvoted: Your on The List now ..
.. of people who still cannot tell "you're" from "your". Grrr.
-
Tuesday 22nd August 2017 08:43 GMT Wayland
Re: Rules
".. of people who still cannot tell "you're" from "your". Grrr."
He did that to annoy GCHQ who have to read all this bollox.
GCHQ hardly ever do anything though, watch this.
I'm going to blow up GCHQ with my mini-nuke which I made with plans off the dark web.
See, no black helicopters, they don't have the bottle, useless bunch of nosy parkers.
-
-
-
-
Tuesday 22nd August 2017 08:30 GMT Anonymous Coward
Re: Rules
Rule 4#: Don't write malware. And if you do and fly to the USA then don't be surprised when you get arrested
I think that better starts as "don't write and publicly release proof of concepts" - the bad guys aren't stupid either and for law enforcement it's a quick win if they can get you into a country with a legal system about as honest as your average banana republic.
-
Tuesday 22nd August 2017 09:32 GMT Alan Brown
Re: Rules
"Either the evidence stands up in court or it doesn't."
The way the US system works, they charges are trumped up to the max and you have to spend a fortune (which you don't have) defending yourself or take the plea bargain.
Court-appointed lawyers will tell you to take the plea bargain because they aren't paid enough to run a competent defense.
The vast majority of bankruptcies in the USA are due to a medical event (eg, innocent bystanders in various shootings ending up hundreds of thousands of dollars in debt) but a large number of people end up in the financial shitter after sucessfully defending a criminal or civil case too (and if you have no money to start with, expect to be railroaded)
-
-
Monday 21st August 2017 14:26 GMT Haku
It looks like they were quite desparate to pin something on him, judging by the last paragraph:
"Previously, FBI agents had tried claiming Hutchins might try obtaining firearms to commit crimes, based solely on his having tweeted about visiting a shooting range in Las Vegas – a common tourist pastime in Sin City."
Talk about clutching at straws!
Hey if he tweets "Free this week, for quick gossip/prep before I go and destroy America.", will he get kicked out instead? You know, like those boneheads at Homeland Security did to some Brits a few years back - https://www.theregister.co.uk/2012/01/30/tweet_deportation/
-
-
-
Monday 21st August 2017 15:54 GMT Andy Nugent
Re: It looks like they were quite desparate to pin something on him, judging by the last paragraph:
@kain preacher: So I tried Google and couldn't find an answer. What happens in the US if someone who legally owns one or more guns in charged with a crime and released on bail? Do they have to hand over their gun(s) to the police?
-
Monday 21st August 2017 16:08 GMT Anonymous Coward
Re: It looks like they were quite desparate to pin something on him, judging by the last paragraph:
They are not allowed to carry firearms, or have firearms at their residence. Presumably, they can hire someone to put them into storage for them, until their sentence has been served, and they petition for rights restoration.
-
Tuesday 22nd August 2017 00:51 GMT Allan George Dyer
Re: It looks like they were quite desparate to pin something on him, judging by the last paragraph:
"They are not allowed to carry firearms, or have firearms at their residence"
So do criminals wanting to do burglaries and home invasions look down the lists of recently-bailed people to identify safe targets? If firearms are so effective at home defence and deterring those crimes, then it should be the criminals' natural response.
-
-
-
Monday 21st August 2017 20:57 GMT Rich 11
Re: It looks like they were quite desparate to pin something on him, judging by the last paragraph:
When you are out on bail you are not allowed access to guns
It's America. In most states they have piss-easy access to guns, thanks to the sterling work of the wonderful NRA. If someone on bail decided to vanish, do you really think they couldn't also find a gun if they wanted to and had $250 spare?
-
-
Monday 21st August 2017 16:29 GMT W4YBO
Re: It looks like they were quite desparate to pin something on him, judging by the last paragraph:
"I wonder how many white collar criminals in the US are released on bail back to their house that already contains an entire gun cabinet?"
It depends upon the state, but generally there are no restrictions, since they've only been arrested and not convicted (presumption of innocence). The above does not apply to domestic violence cases. An arrest for domestic violence gets your guns seized in every state, AFAIK.
-
Monday 21st August 2017 21:54 GMT kain preacher
Re: It looks like they were quite desparate to pin something on him, judging by the last paragraph:
"but generally there are no restrictions, since they've only been arrested and not convicted"
wrong when on bail they can impose all kinds of restrictions Such as no weapons, booze or access to the net.
-
-
-
-
Monday 21st August 2017 15:36 GMT Anonymous Coward
Special Relationship
So this is what the 'special relationship' amounts to, is it?
Many British people imagine there is Special Relationship between the UK and the US. It didn't originally mean that at all, it was a phrase from a speech by Winston Churchill accepting an honorary degree from an American college, where he talked about "a special relationship between the British Commonwealth and Empire and the United States", i.e. not just the UK, but the self-governing dominions of Canada, Australia, etc along with what was the Empire - India, Nigeria etc. But when the British talk about the Special Relationship they just mean with the UK. However, the US don't view that bit of misremembered history in quite the same way - to them the UK is just another client state.
-
Monday 21st August 2017 18:38 GMT John Smith 19
"So this is what the 'special relationship' amounts to, is it?"
Yes, actually, that's exactly what it amounts too.
WWII left the UK virtually bankrupt so they sent a team of academics to ask the USG for a bail out.
Instead they got a $5Bn loan payable over about 50 years and a level of arrogance from the
dept of prep school AholesState Dept that sent the Foreign Secretary an enthusiastic supporter of the plan to build a UK A bomb :-(But the clusterf**k that turned the UK into America's permanent b**ch was something often forgotten today. The Suez Crisis of 1956.
That said the UK has managed to barter some access into the US Intelligence and defense communities by virtually handing over it's specialist knowledge whenever they've requested it, including improving reentry warhead design and materials ("Gaslight"), helping them work out how the passive microwave bug found in the US Embassy in Moscow worked ("The Thing"), making speech channels work at 2400 bps with 1950's technology (in the 1950's) and a GCHQ researcher developing Public Key Cryptography before it was published in the open literature.
History. If you don't know it, you'll probably repeat it, over and over again.
-
Monday 21st August 2017 21:17 GMT Anonymous Coward
So this is what the 'special relationship' amounts to, is it?
Actually yes. For once the UK is getting what it wants.
UK: Hello cousin I need you to stitch up a chap.
US: How long?
UK: as long as you. Oh by they way you need you to fabricate the evidence it that going to be a problem ?
US: LMAO. Have you seen our track record ?
If you don't think this was setup agreed to by the US for the UK you need your head examined
-
-
Monday 21st August 2017 14:52 GMT Valdearg
"One person familiar with the matter told the paper: "Our US partners aren't impressed that some people who they believe to have cases against [them] for computer-related offences have managed to avoid extradition.""
Gee, I wonder why. Maybe because the US has a nice habit of making up evidence against our IT people.
-
Monday 21st August 2017 15:14 GMT Dan 55
Where do we start?
- Spineless government.
- Crappy extradition treaty.
- Guy contributed to stopping the entire NHS going up in smoke and acted in time before the US woke up, which is GCHQ's job, so it made them look bad too.
I'm not asking him to be let off the hook, but is being tried on UK soil with a minimum case to answer for so he's not wasting years of his life fighting this case in the US or thrown in jail over there for something he possibly didn't do so much to ask for?
-
-
Monday 21st August 2017 15:31 GMT Gordon 10
Which prior cases are you suggesting where the UK Govt was challenged to prevent an extradition without being forced into it by the Extraditee?
Its the Govt's job - agreed by shite treaty - to process US extradition requests in as timely manner as possible. The only time it shouldn't is if the US has failed to meet the requirements laid down by that Treaty (note not UK or EU law) unless the defendant can show (usually by multiple appeals) that they won't be treated in accordance with UK/EU law in the US.
-
-
-
Monday 21st August 2017 22:19 GMT Dan 55
Seems May wanted to block it to avoid flak from Labour and the Lib Dems, but could only block it on medical grounds, which she did.
Teflon Theresa May defies expectations over McKinnon
She then gave the courts the power to block extradition requests outside the EU in the interests of justice, washing her hands of future controversies like this.
Gary McKinnon saved from extradition to US on hacking charges
Now it seems the US isn't too happy about that.
-
-
-
-
-
Tuesday 22nd August 2017 00:01 GMT Teiwaz
U.s of Pimp
Of course it was different when we wanted to extradite IRA terrorists from the USA. Somehow their courts always found something wrong with the paperwork.
Of course, the U.S is like a pimp, where every 'world citizen' is a free access resource to exploit by fair means or foul, but U.S citizens are their bitches, no one touches them but the U.S.
-
-
-
Monday 21st August 2017 15:13 GMT kain preacher
Ok lets set aside any dislike you might of had for the US. Some things that popped up in my head. A. ) He did it and was passed his usefulness. B.)The real person works for the GCHQ and far to valuable and the GCHQ set his ass up.This just does not smell right from the UK end. It could just be that he really really pissed the wrong person of or the GCHQ believes he did some thing far worse and don't want the egg on their face for using him.
-
Monday 21st August 2017 15:44 GMT Eugene Crosser
Coercion?
Well, this may sound like tinfoil hat talk, but it actually starts to look like one of two things:
- Spooks (US or British) need to coerce him to do some job for them, or
- They want to teach him (and maybe others) a lesson after he'd refused to do some job for them.
It looks like all they have against him is the old blog post, some code from which was found in Kronos (which is no surprise), his tongue-in-the-cheek remark that "selling it would be illegal", and his visit to the shooting range. And as in the US this nonsense can get you in jail for many years, so it had to be on the US soil to be a convincing threat. Easy bail conditions that he got speak for the first option.
-
Monday 21st August 2017 18:47 GMT Anonymous Coward
"This just does not smell right from the UK end"
Actually, wheras the US government will go out of its way to protect its citizens from foreign courts, even when they're looking as guilty as sin, the UK government are a pathetic bunch of third rate patsies, who'd always give in to the slightest pressure, regardless how dodgy the charges against a British citizen are. There's a series of cases where the UK government has happily extradited people to The Land Formerly Known As The Land of the Free, for things that either weren't an offence where they were allegedly committed, or where there were adequate statutes to allow prosecution in the UK for a UK offence.
Sadly it won't happen, but if the US authorities are getting narked that we're not cooperating enough with them, I'd turn off all cooperation for a week or two, and tell them to stop being dicks, or the non-cooperation becomes permanent. In a further recent example of the contemptible arrogance the US authorities have for British cooperation, when our people shared confidential police photographs of a recent terrorist atrocity, they appeared in the New York Times the next day. At least the US TLA's now have the commander in chief they deserve!
-
-
Monday 21st August 2017 16:05 GMT EveryTime
For me, the first tip-off that the case was weak was the inclusion of the shooting range visit in the bail opposition.
It's pretty common that European visitors like to visit a shooting range. My experience might be a little biased by because I mostly know tech workers visiting for a conference or a brief work visit, but that's exactly the situation here. It doesn't mean that they are planning on becoming a serial killer, it's just an activity that is easier to do in the U.S. Pretty much like watching a cricket match when visiting England. You can see one in the U.S., but it's not convenient.
-
Monday 21st August 2017 16:14 GMT amanfromMars 1
Wannabe Air Guitar Heroes
British snoops at GCHQ knew FBI was going to arrest Marcus Hutchins
When you is second fiddle in the orchestra you don’t get to conduct anything nor perform anything of outstanding note. Aint that right, boys and girls of an ailing and failing second class state.
-
Monday 21st August 2017 16:57 GMT Anonymous Coward
Marcus is correct about Google maps sending you walking down California freeways
I was on a bicycle, but it happened to me just last week. Google said there was a "freeway hike and bike trail" beside the freeway. There was no freeway hike and bike trail. There was just freeway. And me, hiking my bike over the tumbleweeds to try to get away from the freeway onramp that Google had sent me down.
-
-
Tuesday 22nd August 2017 00:15 GMT Teiwaz
America the Shooting Range
"Previously, FBI agents had tried claiming Hutchins might try obtaining firearms to commit crimes, based solely on his having tweeted about visiting a shooting range in Las Vegas"
Fuck you, Feds. Seriously. Fuck. You.
Pretty standard straight line thinking from 'law enforcement' these days - It seems for certain charges* levelled they are prepared to assume the accused was planning anything and everything from eating babies and preparing to initiate World War III - Well, anything they think the public will buy into.
But seriously, isn't going on a gun-toting rampage in the U.S not just considered 'teen angst' these days??
-
-
Monday 21st August 2017 20:06 GMT ITnoob
This will be used in years to come as the text-book example of stitching up like a kipper.
If he ever returns to UK soil I would love to hear his opinions of the current UK Government.
Genuine question - In his line of work is he likely to have anything incriminating he could use as leverage?
-
Monday 21st August 2017 22:01 GMT Anonymous Coward
Oh wait a second...
There seriously seems to be people on all sides with a lot of money invested in both protecting and ensuring malware got onto systems (of varying sizes and companies/public firms). So any one, or more, of them could have framed or outed.
Even though no bit coins were withdrawn, someone somewhere got egg on their face, and want this guy to "pay".
-
Monday 21st August 2017 22:45 GMT M7S
Is Machiavelli dead?
"First look to your defences"
A bit difficult if any citizen with the talent to help defend fellow citizens is left to the mercies of a foreign power.
I'm not judging his guilt in this allegation, and don't understand the boundaries of Infosec research in any sense (legal, technical or practical) but he is a Brit, even if the only approach was a "Lord Vetinari" like 'quiet word' before he left these shores (or maybe not, after such a word) that would surely be in our national interest.
I'm not sure how others will be encouraged, but I fear not in the best way for our long term well being.
-
Monday 21st August 2017 22:49 GMT Anonymous Coward
I seem to remember that USA kidnapping a Russian gentleman from the Seychelles on similar charges, and he was thrown in gaol on the flimsiest of evidence. There was no objection from the government of the Seychelles that foreign nationals were being kidnapped, which is rather shocking.
So, be very very careful...
-
Tuesday 22nd August 2017 08:16 GMT mark l 2
I am assuming the only reason he wasn't arrested in the UK and extradited was because the evidence was very thin on the ground and the authorities doubted they would win the case. I find it difficult to think you could successfully win a case where some sort of computer crime had occurred without doing a search of his residence for computer equipment and taking that as evidence.
If i were him I would head directly to the US border with either Mexico or Canada and get out of that $hit hole to never return.
-
Wednesday 23rd August 2017 12:41 GMT Dan 10
So, my understanding is that Marcus posted his PoC code showing some form of malware API hooks publicly, then a month later and much to Hutchins public surprise, it turns up in Kronos, heavily adapted to weaponize it and turn it into something useful. According to the Kronos analysis on malwarebytes:
1. The API hooks had been shown previously, suggesting that both Hutchins and the Russian-speaking Kronos author had lifted the concept from elsewhere
2. The other common factor was use of a particular lock instruction
3. Kronos is quite different from Hutchins code, involving an extra layer of difficulty in using shellcode instead of a pe file, combined with some counter-surveillance and anti-detection techniques
So, the FBI appear to be gambling a couple of decades of gradually-fostered goodwill between white-hats and the authorities on the use of a single command, to try and show intent of financial gain by a guy who donated his $10k wannacry bounty to charity. Uh yeah, good luck with that.
Regardless of what happens, why would Hutchins collaborate with the NCSC again?
Weirdly, malwarebytes goes so far as to patronise Hutchins by declaring that Kronos is the work of a 'mature malware author', rather than an 'experimenting youngster'. Sort of a backhanded exoneration, if you will.
-
This post has been deleted by its author