What The Fucking Fucking Fuck?

[denny]

http://www.theregister.co.uk/2005/10/11/tsunami_hacker_followup/

Excuse me? He's a convicted criminal for typing ../../../ in a URL bar? Have the CPS gone completely fucking insane?

Comments

[nisaba.livejournal.com]

This guy's actually the ex-colleague and friend of a guy at my work. It's completely fucked up, and although they didn't give him jail time the poor guy's career is utterly screwed.

[wechsler.livejournal.com]

If I ever need a security consultant, I'll be putting him at the *top* of my list.

[wechsler.livejournal.com]

Yes. Yes, they have.

[burritob.livejournal.com]

Yep. How long til URL fields are banned in the UK and all web browsing performed through a government-approved portal?

[naath.livejournal.com]

He 'Attempted to access' blah blah blah. Well, *maybe*, but not very hard he didn't. What *moron* would leave their computer that insecure anyway? What moron would expect that no random person would ever try that just to see what happened or even simply by mistake?

Idiocy.

[dmh.livejournal.com]

It's very scary, and certainly gives the impression they're very ignorant.

bad reporting.

[zetetyc.livejournal.com]

i'm too lazy to google the details... but i'm slightly incredulous that just typing ../../../ into the address bar does *anything*

certainly doesn't on my computer. as much as whatever he did was probably innocuous and his punishment clearly excessive, i remain curious as to what *actually* happened.

Re: bad reporting.

[dennyd.livejournal.com]

It's a way to exploit a known weakness on some types of Windows-hosted website. The guy was a security consultant, he knew exactly what problem he was checking for, and when it didn't show up, he stopped poking.

[kelemvor.livejournal.com]

I suspect some sort of command from On High:
"We need convictions - I don't care WHO and I don't care HOW!"