uga indicted the GT 'hacker'

[Diseqc]

um, yea on the proxy. that's what i don't get...how he got caught. there is too much free stuff out there that does a great job.

My guess is he didn't consider what he was doing hacking and didn't think he needed to cover his tracks. Or he didn't know how.

 

[potatohead]

My guess is he didn't consider what he was doing hacking and didn't think he needed to cover his tracks. Or he didn't know how.

well, its most definitely hacking. he should have known better. no matter how stupid and idiotic someone is regarding their security, it's still illegal to exploit them. i can't enter your home without your permission and move your furniture around even if your door is open.

that being said, in most software circles this incident would be pretty embarrassing for the recipient, they'd quietly tighten things up, and probably thank the person that pointed it out. all pretty harmless. the fact that this was public, I'm sure the DA pushed this case. The guys at uga probably chuckled, tightened it up and moved on. Leave it to some asshole lawyer and a justice system that has ZERO understanding of how this all works to make a big deal of it. i 100% believe had we lost, nothing would've come of it.

my favorite hack of all time is right here, CRAZY simple:
http://www.businessinsider.com/a-ma...hought-it-was-part-of-a-job-interview-2012-10

in closing, i have a feeling someone is going to wreck their öööö when this case closes.

 

[beej67]

Are you guys seriously arguing over the legal definition of "arch?"

Man, offseason engage.

 

[Diseqc]

well, its most definitely hacking.

Stopped reading right here.

 

[potatohead]

Stopped reading right here.

k

 

[gtzulu]

If all he did was submit that public form, I don't see how it could be a crime. Otherwise submitting any public form on the Internet (including this one I am submitting to make my post) could be considered a crime.

Statute:

(b) Computer Trespass. Any person who uses a computer or computer network with knowledge that such use is without authority and with the intention of:
(1) Deleting or in any way removing, either temporarily or permanently, any computer program or data from a computer or computer network;
(2) Obstructing, interrupting, or in any way interfering with the use of a computer program or data; or
(3) Altering, damaging, or in any way causing the malfunction of a computer, computer network, or computer program, regardless of how long the alteration, damage, or malfunction persists
shall be guilty of the crime of computer trespass.

Vague language but it still seems like it would be a very weak argument to say that submitting a public form is a crime under that statute.

 

[potatohead]

If all he did was submit that public form, I don't see how it could be a crime. Otherwise submitting any public form on the Internet (including this one I am submitting to make my post) could be considered a crime.

Statute:
Vague language but it still seems like it would be a very weak argument to say that submitting a public form is a crime under that statute.

lets say i've got your username, "gtzulu" and speculate your password is "12345" because you're closet dawg fan and an idiot, then login and it works, proceed to post stupid öööö, then I'd venture to guess you may have a criminal something or other, right? I don't know, i hate lawyers and law, but it if you wanted to press charges, and the DA was stupid, and I was stupid and was found, then I imagine you may have some criminal complaint. Then lets add that this board, while public, belongs to a government entity then i imagine it gets more hairy.

i'm speculating of course. its stupid and embarrassing that they're pursuing this and it'll make it worse for them in the long run.

edited to add: i mentioned it in a prior post, but the justice system and legislation is so FAR behind technology its embarrassing...that's why they use such vague language.

 

[gtzulu]

lets say i've got your username, "gtzulu" and speculate your password is "12345" because you're closet dawg fan and an idiot, then login and it works, proceed to post stupid öööö, then I'd venture to guess you may have a criminal something or other, right?

Honestly I don't see how that would be a crime under the statute either. You'd have clearly used my account without authority, but none of the three "with the intention of" criteria would be clearly met.

 

[Diseqc]

lets say i've got your username, "gtzulu" and speculate your password is "12345" because you're closet dawg fan and an idiot, then login and it works, proceed to post stupid öööö, then I'd venture to guess you may have a criminal something or other, right? I don't know, i hate lawyers and law, but it if you wanted to press charges, and the DA was stupid, and I was stupid and was found, then I imagine you may have some criminal complaint. Then lets add that this board, while public, belongs to a government entity then i imagine it gets more hairy.

i'm speculating of course. its stupid and embarrassing that they're pursuing this and it'll make it worse for them in the long run.

edited to add: i mentioned it in a prior post, but the justice system and legislation is so FAR behind technology its embarrassing...that's why they use such vague language.

Guessing passwords is not how you previously described your idea of the "hack".

Filling out a submission form with false data isn't hacking. If all be truly did was say his email was idiot.administrator@ugay.edu then that's not hacking.

If he exploited some sql injection issue or ran some password guessing utility, then that's where things start to get more gray.

 

[DressCheeseSideSeaboard]

Guessing passwords is not how you previously described your idea of the "hack".

Filling out a submission form with false data isn't hacking. If all be truly did was say his email was idiot.administrator@ugay.edu then that's not hacking.

If he exploited some sql injection issue or ran some password guessing utility, then that's where things start to get more gray.

clownfart@ugay.edu

 

[potatohead]

Guessing passwords is not how you previously described your idea of the "hack".

Filling out a submission form with false data isn't hacking. If all be truly did was say his email was idiot.administrator@ugay.edu then that's not hacking.

If he exploited some sql injection issue or ran some password guessing utility, then that's where things start to get more gray.

um, no. is ryan's email address the administrator's? in my case the email address passed is considered credentials, as stupid as that is. yes, filling out false data on a public form to gain permission to alter information on a site that you do not have permission to do so would be considered a hack. a password guessing utility? so he has to use an application or does his brain count as a password guessing utility?

a "hack" at its most basic is gaining access to something that you are unauthorized to have. its really dumb to argue this, maybe you should discuss the arch thing.

 

[Diseqc]

um, no. is ryan's email address the administrator's? in my case the email address passed is considered credentials, as stupid as that is. yes, filling out false data on a public form to gain permission to alter information on a site that you do not have permission to do so would be considered a hack. a password guessing utility? so he has to use an application or does his brain count as a password guessing utility?



a "hack" at its most basic is gaining access to something that you are unauthorized to have. its really dumb to argue this, maybe you should discuss the arch thing.

Plus I like dudes

I just accessed ST without your authorization and made it seem like you like dudes. Am I an elite haxor now?

 

[gtzulu]

a "hack" at its most basic is gaining access to something that you are unauthorized to have.

That would not be considered computer trespassing under Georgia law. Pickren was charged with computer trespassing. Your personal definition of the word "hacking" is irrelevant.

 

[potatohead]

That would not be considered computer trespassing under Georgia law. Pickren was charged with computer trespassing. Your personal definition of the word "hacking" is irrelevant.

1) I clearly wasn't talking to you, nor was I referencing whether or not it was illegal. I was talking to another poster about what "hacking" is...and coincidentally my own personal definition of hacking coincides with the actual one.

2) I made it clear that I don't know law, nor am i interested in debating the finer points of something that appears to be very broad. öööö the crowd-funding, we should tell him to put you on the defense team since you seem to arm chair the hell out of it.

I just accessed ST without your authorization and made it seem like you like dudes. Am I an elite haxor now?

No, you're not an elite hacker (that's such a gay term) but you are an idiot. That was clear when you referred to sql injection as a "gray area", sql injection is textbook "hacking". When i say textbook, I literally mean you'll find it in text books and security reports. If you don't know anything about something, why talk about it? Also, yes if you logged in as me then you've "hacked" me, whether or not that is criminal...i don't know nor do I care. Your success in hacking me could've been attributed to something clever on your part or exceedingly stupid on mine, but it doesn't matter...my account had been hacked. How is this hard to understand?

 

[ramblinwise1]

1) If you don't know anything about something, why talk about it?

Hell, if that was the case then Stingtalk would be silent.

 

[Diseqc]

No, you're not an elite hacker (that's such a gay term) but you are an idiot. That was clear when you referred to sql injection as a "gray area", sql injection is textbook "hacking". When i say textbook, I literally mean you'll find it in text books and security reports. If you don't know anything about something, why talk about it? Also, yes if you logged in as me then you've "hacked" me, whether or not that is criminal...i don't know nor do I care. Your success in hacking me could've been attributed to something clever on your part or exceedingly stupid on mine, but it doesn't matter...my account had been hacked. How is this hard to understand?

 

[JJacket]

Good lord. We are GT folks. Guessing a password to gain access to a calendar isn't "hacking" to us. Maybe to dumbasses and old people it is, but not us.

 

[GTCrew4b]

I don't understand why you're assuming he used a fake or assumed email. It only asks for a contact email. The person in charge COULDVE just rubber stamped it without looking at it in depth.

He could've just submitted the event and then it got approved.

The approver doesn't want to look bad so he claims it was hacked.

UGA goes crazy and runs with it.

Is that still a hack?

Is it a hack if I submitted a resume to UGA when they were looking for a defensive coordinator?

 

[potatohead]

I don't understand why you're assuming he used a fake or assumed email. It only asks for a contact email. The person in charge COULDVE just rubber stamped it without looking at it in depth.

He could've just submitted the event and then it got approved.

The approver doesn't want to look bad so he claims it was hacked.

UGA goes crazy and runs with it.

Is that still a hack?

Is it a hack if I submitted a resume to UGA when they were looking for a defensive coordinator?

I COMPLETELY agree. All I did was blurt out something that was feasible, but retarded which made me laugh at stupid web guys at uga.

Its relevant because in my line of business i work for a software company that, internally, has similar functionality that exposes one component to the web. incidentally, we also hired some white hat guys that went to town on our work.

lots of folks on here have watched too many movies about hackers and hacking. i'm shocked that so many tech people think that "guessing" a password isn't "real" hacking...or that "real hacking" is something that requires some bad ass skills...its odd.

Security has improved however as some controls on websites obfuscate attempts to displays your password, like when i type mine it posts like this ********

 

[potatohead]