RCMP Arrest Canadian Teen For Heartbleed Exploit 104
According to PC Mag, a "19-year-old Canadian was
arrested on Tuesday for his alleged role in the breach of the Canada Revenue Agency (CRA) website, the first known arrest for exploiting the Heartbleed bug. Stephen Arthuro Solis-Reyes (pictured) of London, Ontario faces one count of Unauthorized Use of Computer and one count of Mischief in Relation to Data." That exploit led to a deadline extension for some Canadian taxpayers in getting in their returns this year. The Register has the story as well. The Montreal Gazette has some pointed questions about how much the Canadian tax authorities knew about the breach, and when.
Good. (Score:5, Insightful)
I for one welcome arresting people who seem to think it is a good idea to enter someones home just because they didn't get to update all their locks on their home.
Sure it is easy to update your PC, but if you have a mission critical application running, you need to make sure you take all the right steps even with the security vulnerability to make sure it doesn't go down.
Script Kiddy (Score:4, Insightful)
Ah the brilliance of youth -
"I have a script for an exploit"
"I can try it against the tax man"
"I won't get caught"
"I'm not going to use the results so no-bad"
"Hey what's with the cuffs!"
Story important for pacifying headlines (Score:3, Insightful)
Here in USA it's being reported this way:
"Heartbleed hacker caught in Canada"
Translation:
Media sheep, go back to sleep. We caught THE hacker responsible for Heartbleed, thus it can fall into the memory hole. Any concerns you may have about your fellow citizens, their business interests or governments monitoring you, or perhaps about the general competence of software development (!!!) can also go back to sleep.
Sleep, sleep my lovelies. Tomorrow there is obedience at school/job, and then shopping and sexy videos on the internet. Sleep, sleep.
Re:And how about the CRA? (Score:2, Insightful)
faces one count of Unauthorized Use of Computer and one count of Mischief in Relation to Data.
Stuff like this makes me happy to be Canadian.
He is being charged with what he did, and will probably be given a sentence in line with the severity of his crime. If this happened in the US he'd probably be branded a terrorist and be on his way to gitmo right now.
Re:Good. (Score:5, Insightful)
>I for one welcome arresting people who seem to think it is a good idea to enter someones home just because they didn't get to update all their locks on their home.
I think your example is a bit too gentle.
This is more like someone kicking your locked front door down and pointing out that your door isn't strong enough to prevent someone from kicking it down.
The system was "locked" for all intents and purposes, as best the system administrators knew how to lock it. It wasn't because they were lazy or forgot, they just didn't know the door had any weaknesses.
Re:Good. (Score:2, Insightful)
Guys, a "system" is not a physical door, there is no material damage, you can load it back right up. also piracy isn't stealing, it's copying. get a grip on the metaphors, i'm sick of hearing ppl like you all the time. You are the reason you can go to jail for decades over using a keyboard.