back to article Web hacker 'Alfabeto Virtual' thrown in the clink for 3 months by US judge who wanted to 'send a message'

A US judge this week sentenced website hacker Billy Anderson to three months behind bars, refusing his lawyer's request not to put him in jail, in order to "send a message" to others. Anderson, 42, of Torrance, California, targeted thousands of websites under the hacker name AlfabetoVirtual, and boasted about his efforts on a …

  1. JustWondering
    Meh

    Three months in jail?

    I think 12 months of dial-up would be more suitable.

    1. Mark 85

      Re: Three months in jail?

      Even a year is just a slap on the wrist.

      1. Suricou Raven

        Re: Three months in jail?

        Three months is just long enough to cost someone their job. Twelve months would likely cost them their house and family, and render them effectively unable to find employment. A troublesome hacker goes in, and an angry hacker with a grudge against the government, a new set of criminal connections and nothing left to lose comes out. Sometimes long prison terms can be counterproductive.

        1. Anonymous Coward
          Anonymous Coward

          Re: Three months in jail?

          Twelve months would likely cost them their house and family,

          No, their stupidity and hacking is what would cost them that. The jail sentence is just another consequence.

    2. jake Silver badge

      Re: Three months in jail?

      I think his mommy spanking him and sending him to bed without any supper 30 years ago would have been the proper way of handling it. Gotta catch them skiddies early ...

  2. Flocke Kroes Silver badge

    "these kinds of intrusions undermine confidence in government"

    By all means lock him up, but not for that reason - at least not until government repeatedly demonstrates minimal competence and there is someone on the planet with confidence that will continue.

  3. tiggity Silver badge

    Depends

    If the hacks were just web defacements, exploiting known old* bugs, then a minor slap on the wrist is fine (also IMHO "hacker" should not be charged for "costs" of patching etc - any hack that works due to an old* vulnerability is a sign of bad patch management / security of that web site, those patches should have been applied. A bit like my insurance will not repay me for burglary losses if burglary happens because I went out and left the house unoccupied with the door open.

    A bit of defacement using old* vulns is, in many ways, a helpful wake up call to the site owner to get their act together. Irritating but no data lost / stolen, just a bit of lost pride.

    Someone using zero day exploits is a different matter as there is not much can be done to stop them and so I would regard that as far more malicious

    *old - more than a couple of weeks - be generous exclude anything ultra recent as legit to have a bit of a patch deploy lag as do need to test if patch breaks anything as they sometimes do.

    1. FlamingDeath Silver badge
      Facepalm

      Re: Depends

      "test if patch breaks anything as they sometimes do."

      Sometimes?

      Don't forget, the patch usually comes from the same people / company who created the thing that needed patching, I wouldn't have high expectations. Then expect the patch to fix the patch

      The new rolling software model where everything is in a constant state of beta, we do get a helpful feedback button, but no bandage for the injured head after banging it against the desk or financial recompense for lost productivity

  4. Zippy´s Sausage Factory
    Facepalm

    Three months?

    Sounds like the message is "yeah, hack away, it's not like we really care..."

  5. Anonymous Coward
    Anonymous Coward

    Vrublevsky

    Vrublevsky is a very powerful evil criminal.

  6. Dwarf

    Kinda missing the point a bit

    Anderson was ordered to pay a total of $12,804 to cover the costs of getting the two government websites patched and back online.

    Er, isn't half the problem that their sysadmins should have been doing that patching anyhow and that's part of the reason they had a problem in the first place !!

    Doesn't this send the wrong message to lazy companies that they can still bill for doing a rubbish job in the first place.

    1. Mark 85

      Re: Kinda missing the point a bit

      Actually two messages... if you're a "hacker"* you get off light. If you're a company, someone else will pay for patching. In reality, the company should be fined for failing to do due diligence. As an example, I doubt a jewelry store could get compensation from the theft of jewelry because the lock on the door was broken.

      *I use the term "hacker" here very loosely as the term implies certain skill sets beyond a scrip kiddie.

    2. the Jim bloke
      Terminator

      Re: Kinda missing the point a bit

      Mr Anderson was lucky he didnt get his mouth welded shut, and a prawn injected into his navel...

  7. Fungus Bob

    "these kinds of intrusions undermine confidence in government"

    Actually, government undermines confidence in government...

    1. VikiAi
      Boffin

      Re: "these kinds of intrusions undermine confidence in government"

      The fact that entry points for these kinds of intrusions are left wide open for any semi-skilled skiddie to exploit undermines confidence in the government.

  8. holmegm

    Hmm, which tack to take?

    Decades in old chokey seems a bit harsh for mere "shenanigans". Awful US and its prison fetish and all that.

    But then, it's Russia, so ... perhaps nothing can be too harsh.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like