Support NeoGAF

[SalvaPot]

Lol. Now that is nostalgic.

 

[m_dorian]

Yes but it teaches them a lesson and show others actions have consequences. What should be done instead in this instance if not something to this degree given the scale of the damage caused as highlighted in the OP?

I do not think any "Get screwed" stuff teaches them anything. Both to the people that express it or the people receiving it. One more year should enhance the learning experience better, as i wrote.

When I was 16 I was sneaking beers and taking P Plates when I was roaming the streets with mates, I didn't make a DDoS program making over £386,000 in US dollars and more in bitcoins and sell that to criminals...biiiig difference.

Yes, it is. A big stupidity versus a small one, but stupidity nevertheless. And he was sentenced for being a big stupid at 16 an on.

 

[texasairhead101]

That last quoted paragraph is great. wannabe hackers can't even learn how to do basic stuff it looks like.

 

[aBarreras]

The thing is, he created the tool but he wasn't the one responsible for the DDOS attacks on those servers they mention, it's like jailing the guy responsible that made a gun that was used by another person that commited the crime. Kinda weird, and 2 years in prison for this at this age, kinda excessive, there are perfect legal uses for this kinda of software.

yeah, it seems that nobody is reading the OP,

 

[SmoothRunningGun]

His parents should get some too.

 

[SmoothRunningGun]

The thing is, he created the tool but he wasn't the one responsible for the DDOS attacks on those servers they mention, it's like jailing the guy responsible that made a gun that was used by another person that commited the crime. Kinda weird, and 2 years in prison for this at this age, kinda excessive, there are perfect legal uses for this kinda of software.

He knew what it was being used for. No issue with him being held responsible.

 

[BHK3]

2 years is absolutely nothing, finding a job for him is going to be piss easy since he created the technology to bring the gaming giants to their knees. This work of his forced a lot of companies to reassess their digital security and cost them millions of dollars.

 

[Killthee]

The thing is, he created the tool but he wasn't the one responsible for the DDOS attacks on those servers they mention, it's like jailing the guy responsible that made a gun that was used by another person that commited the crime. Kinda weird, and 2 years in prison for this at this age, kinda excessive, there are perfect legal uses for this kinda of software.

Cmon now, he didn't make it for legal purposes and he knew perfectly well what his clients were gonna use it for. He himself even used it on his school just cause he was pissed off at them.

He admitted to security breaches against his college while he was studying computer science. The attacks on West Herts College crashed the network, cost about £2,000 to investigate and caused “incalculable” damage to productivity, the court heard.

On one occasion in 2014, the college hacking affected 70 other schools and colleges, including Cambridge, Essex and East Anglia universities as well as local councils.

Mudd’s explanation for one of the attacks was that he had reported being mugged to the college, but claimed no action was taken.

 

[Nialrot]

Odd coincidence that both 'hackers' have Aspergers.

They honestly can't pin it on a medical issue right? I don't know very much about that syndrome but it shouldn't affect someone's judgement to DDoS someone/something to that extent...

Anyone with more knowledge can enlighten me?

 

[Wonder Peter]

Still, he was not the main responsible for the DDOS that happened to Microsoft or Sony.

 

[malfcn]

Hope he learns. Two years seems easy.

Get fucked

Well, it's inevitable given where he's going.

That didn't take long. Every time there is a rape joke.

 

[Pacotez]

Why is him the one getting sentenced and not whoever used his tools? Wouldn't that be pretty much like firearms?

 

[Weltall Zero]

The thing is, he created the tool but he wasn't the one responsible for the DDOS attacks on those servers they mention, it's like jailing the guy responsible that made a gun that was used by another person that commited the crime. Kinda weird, and 2 years in prison for this at this age, kinda excessive, there are perfect legal uses for this kinda of software.

What are the perfectly legal uses for DDoS software? Besides the obvious one of testing a server against DDoS attacks.

 

[Septimus Prime]

2 years is absolutely nothing, finding a job for him is going to be piss easy since he created the technology to bring the gaming giants to their knees. This work of his forced a lot of companies to reassess their digital security and cost them millions of dollars.

Yeah, he's going to have a lucrative career as a cyber security consultant after he gets out, most likely. Overall, that will be good, though, as his talent won't go to waste and will instead be used to make things better.

Or maybe some government agency will bring him on for espionage.

 

[Killthee]

Still, he was not the main responsible for the DDOS that happened to Microsoft or Sony.

I'll agree that he's not the only one responsible for the attacks and his clients also bare some responsibility, but to absolve him completely of it is ludicrous when he rented out the botnet as a service to his clients, marketed it to gamers, was aware of what it was being used for, and by his own admission did not care how his clients used it.

He went on to rent the use of the malware to anyone who cared to pay for it. His prices, according to court reporters from the Central News Agency, ranged between $3 for up to 100 seconds per month to 30,000 seconds over five years for £309.99, echoing popular as-a-service cloud pricing models.

Mudd had even offered free 60-second DDoS attacks in a “try before you buy” scheme.

.......

Mudd initially claimed that he had created Titanium Stressor for stress testing Minecraft servers and that it had got out of hand. He later admitted its true purpose. Ben Cooper, his defence barrister, blamed his behaviour on the relentless bullying he had suffered at school as a result of his Asperger’s Syndrome.

“He was looking to form friendships in the community which he couldn’t do in real life, but he was very successful in doing it in the online community,” Cooper told the Old Bailey on Mudd’s behalf.

https://www.theregister.co.uk/2017/04/25/british_malware_author_2_years_jail_titanium_stresser/

'On one occasion, the defendant falsely arranged for a legitimate website to be linked to the TitaniumStresser so PayPal would wrongly refuse to accept payments from them.'

Investigators looked at Mudd's Skype chats, which showed he knew his programme was being used for the attacks, the prosecutor said.

After one user complained someone was using it for attacks, he replied 'I don't care', Mr Polnay said.

http://www.*****************/news/article-4432646/Teenage-hacker-16-makes-400-000-faces-jail.html

 

[ProfessorLobo]

The thing is, he created the tool but he wasn't the one responsible for the DDOS attacks on those servers they mention, it's like jailing the guy responsible that made a gun that was used by another person that commited the crime. Kinda weird, and 2 years in prison for this at this age, kinda excessive, there are perfect legal uses for this kinda of software.

I'm inclined to agree with this.

 

[Famassu]

Lol @ father making him unlock his PC. Good parent (at least in this regard).

 

[Killthee]

Why is him the one getting sentenced and not whoever used his tools? Wouldn't that be pretty much like firearms?

I assume, but might be wrong, it was cause he rented out the botnet and sold access to it as a service. I'd like to think that if a firearm store offered hired guns for crime they would be prosecuted.

 

[Zakalwe]

The thing is, he created the tool but he wasn't the one responsible for the DDOS attacks on those servers they mention, it's like jailing the guy responsible that made a gun that was used by another person that commited the crime. Kinda weird, and 2 years in prison for this at this age, kinda excessive, there are perfect legal uses for this kinda of software.

The software is crafted, tooled, marketed, and sold as a specific type of use service.

People buying this thing are not going to use it legally.

Why is him the one getting sentenced and not whoever used his tools? Wouldn't that be pretty much like firearms?

No, because a gun isn't sold with one illegal action as its intended sole purpose.

This software is sold specifically to DDOS.

 

[Armaros]

The software is crafted, tooled, marketed, and sold as a specific type of use service.

People buying this thing are not going to use it legally.



No, because a gun isn't sold with one illegal action as it's intended sole purpose.

This software is sold specifically to DDOS.

He also rented out the software as a service, so he actually did personally do DDoSing.

 

[Justinh]

I think the headline for that article is maybe what's causing some confusion. It doesn't appear to me that he's being jailed specifically for the attacks on Microsoft and Sony, but that he made and rented out his software for the use of carrying out the attacks.

Mudd, from Kings Langley in Hertfordshire, pleaded guilty to one count of committing unauthorised acts with intent to impair the operation of computers; one count of making, supplying or offering to supply an article for use in an offence contrary to the Computer Misuse Act; and one count of concealing criminal property.

 

[Mandoric]

2 years seems lenient for causing tens of millions of dollars in damage to organizations ranging from schools to ISPs. On the other hand, the States would probably take it too far in the other direction. OH WELL.

Hacking damage estimates are notoriously "your honor, after he superglued the lock we had no choice but to build a new store and fill it with new product - and we're reasonably sure that the tanned man who walked by and watched us fiddle with our key for a moment was actually a Saudi prince interested in buying all the gold bullion he could carry, such a pity that he must have been flying home at lunchtime."

Certainly doesn't mean that he caused no damage, but yeah. Compare the Runescape revenue loss to expenditures on connection upgrades, even before noting that the hourly or daily revenue immediately after the downtime that you're of course basing your estimate on is going to include large numbers of people who simply put their purchase off.

 

[Syril]

Hard to get excited about 2 years. He'll walk out of jail directly into a 6-figure consulting job.

I mean wouldn't helping people with those skills be a good thing?

 

[PtM]

nm.

 

[Wonder Peter]

These types of tools can be used for legally, to stress test a server, you could literally configure a server that you wish to target (you can see in the pic that was posted here). I don't think he deserves 2 years for doing that at his age and even more so if he suffers from undiagnosed asperger syndrome. He's not innocent of course but 2 years in prison...

Most of the first comments were like, justice has been made, not really, the guys that targetted those servers weren't caught sadly.

It's kinda curious how such big companies like Microsoft and Sony can't handle these types of attack, Steam has also been targetted and usually deals with it a lot better and isn't a monthly paid service either. It's quite weird.

 

[BlackClouds]

2 years was too light of a sentence.

 

[PuppetMaster]

Good news everybody!

 

[Jotaka]

He should be in jail for much longer in my opnion.

 

[Herr Schwarz]

2 years is absolutely nothing, finding a job for him is going to be piss easy since he created the technology to bring the gaming giants to their knees. This work of his forced a lot of companies to reassess their digital security and cost them millions of dollars.

As long as it didn't directly cause physical harm to people then 2 years is fucking ridiculous.

2 years of getting ass raped? Fucking no way.

If he's doing shit like swatting or ddos attacking hospitals then sure.

If it's just being an online shit stain, then fuck that shit.

 

[TheVampire]

How do these hackers get caught?

 

[TimeEffect]

£386,000 (who knows how much in damages) and 2 years jail.

Crime pays.

Wait. He keeps the money? Once he gets out he is probably gauranteed to make more money no? Dude seems like he's quite smart.

 

[Herr Schwarz]

Wait. He keeps the money? Once he gets out he is probably gauranteed to make more money no? Dude seems like he's quite smart.

300 grand for getting pounded in the asshole daily for two years non stop.
Would you do it?

 

[Miletius]

300 grand for getting pounded in the asshole daily for two years non stop.
Would you do it?

I know that this is a common stereotype about prison, but stop. Prison does not equal 2 years of anal rape. It's brain dead and quite a bit homophobic to even suggest that this is the case.

 

[Aytumious]

His parents should get some too.

This is an insane idea.

 

[Apoleptica]

Well, it's inevitable given where he's going.

He's going to a youth detention center. I don't think that sort of thing occurs there.

 

[Herr Schwarz]

I know that this is a common stereotype about prison, but stop. Prison does not equal 2 years of anal rape. It's brain dead and quite a bit homophobic to even suggest that this is the case.

No you're absolutely right it doesn't just include rape. It also includes physical violence, extortion, drug addiction and god knows what else.


It's really not brain dead, go and watch that Miami Mega Jail documentary by Louis Theroux. You have to go rounds with people in your cell.

And I assume this guy is a bit of a nerd. People like that get used as currency in prison.

 

[tengiants]

The thing is, he created the tool but he wasn't the one responsible for the DDOS attacks on those servers they mention, it's like jailing the guy responsible that made a gun that was used by another person that commited the crime. Kinda weird, and 2 years in prison for this at this age, kinda excessive, there are perfect legal uses for this kinda of software.

Yes. Reading the article it seems this could set a scary precedent for anyone writing security related software.

Edit: finished the article and he attacked his school with it and some other targets. This is not a scary precedent.

 

[Krammy]

As long as it didn't directly cause physical harm to people then 2 years is fucking ridiculous.

2 years of getting ass raped? Fucking no way.

If he's doing shit like swatting or ddos attacking hospitals then sure.

If it's just being an online shit stain, then fuck that shit.

If more people think like this, then that's good, the sentence worked as an intended deterrent.

 

[Armaros]

Yes. Reading the article it seems this could set a scary precedent for anyone writing security related software.

Are these stress test security programmers also renting out the software as a DDoS service?

 

[liezryou]

Well deserved. Kids who do shit like this need to be taught a lesson. Same goes for the swatting bullshit that happens on twitch. Really happy when these kids get to face consequences for their actions. Everyone makes mistakes when they are young, but when those mistakes affect other people that are innocent? Yeah you deserve everything that's coming your way.

As far as his mental health issues are concerned. That is on the parents and nobody else. I really hope he gets the help he needs for his issues but in no way should his undiagnosed mental issues be a shield for his actions.

 

[tenchir]

I don't think he gets to keep the money. He had to have hired a lawyer to defend him. There's also potential civil lawsuits from companies that were affected because of his software.

Once the government have proven that he was responsible for the lost of millions of dollars from the victoms, it be easy to sue him to recoup.

 

[The Dude]

Should of been least 5 years.

 

[dani_dc]

No you're absolutely right it doesn't just include rape. It also includes physical violence, extortion, drug addiction and god knows what else.


It's really not brain dead, go and watch that Miami Mega Jail documentary by Louis Theroux. You have to go rounds with people in your cell.

And I assume this guy is a bit of a nerd. People like that get used as currency in prison.

He was sentenced in the UK, I don't quite think a documentary about US jail system is relevant for the case being discussed on this thread.

 

[TimeEffect]

300 grand for getting pounded in the asshole daily for two years non stop.
Would you do it?

Well I assume he will lead a fairly boring prison sentence

Eat, sleep, work out, stay out of trouble, read.

 

[Herr Schwarz]

He was sentenced in the UK, I don't quite think a documentary about US jail system is relevant for the case being discussed on this thread.

Oh thats a bit better then, I must of glossed over that part.

If it was an American prison then yeah, gg.

I just get uncomfortable people going to prison because they attacked a machine that creates money.

Prison in my eyes should be for those that cause direct and physical harm to others. Violent types, rapists, true criminals.

Something like this, I just don't like the precedent. I understand the why I just don't like it.

 

[liezryou]

Oh thats a bit better then, I must of glossed over that part.

If it was an American prison then yeah, gg.

I just get uncomfortable people going to prison because they attacked a machine that creates money.

Prison in my eyes should be for those that cause direct and physical harm to others. Violent types, rapists, true criminals.

Something like this, I just don't like the precedent. I understand the why I just don't like it.

There are different types of prisons... Someone correct me if i am wrong but don't white collar criminals end up in different prisons then those so called "true criminals"?

 

[Usobuko]

Shame he isn't fined heavily as well.

2 years is considerably lenient.

 

[Dolobill]

HisNameIsMudd.jpeg

 

[Death Penalty]

Honestly I'd be more for punitive measures that inflict monetary harm than jail time, but the sentence seems pretty reasonable.

 

[Pacotez]

I assume, but might be wrong, it was cause he rented out the botnet and sold access to it as a service. I'd like to think that if a firearm store offered hired guns for crime they would be prosecuted.

Fair enough, altho I'm kinda against the decision here anyways

No, because a gun isn't sold with one illegal action as its intended sole purpose.

This software is sold specifically to DDOS.

Is DDOS inherently illegal? Isn't it used in stress tests?