Free Gary McKinnon

FREE GARY. YOU DON"T DESERVE THIS MAN. I SUPPORT YOU.

" Incidents create a whirlwind of panic and activity, and of there is one big mistake, it is the failure to document adequately. Incident responseis a tedious, methodical process that redquires documentation. Technical prowess combined with a failure to document is not helpful during an incident. The failure to document may lead to faulty conclusions and an inadequate response. "

Incident Response, Investigating Computer Crime
by Kevin Mandiaand Chris Prosise
pp.31

Note that in my experience, just like many other staff, IT Personnel quite often are friends or family members and are not necessarily hired on their actual merits. Given this, they make critical mistakes when securing the company network or resources - but sound professional to the untrained eye. Therefore it is doubly important to have a complete copy of the 'original state of security' on a system prior to an incident to prove or disprove in a court of law the facts. Was an intrusion a result of a configuration mistake or was it really an unauthorized access?

Elle

the person who decided that Gary should be sent to the USA is the biggest criminal *cough EXPENSES, splutter*

We cannot trust our politicians.

Responding to a Brute Force SSH Attack
http://www.securityfocus.com/infocus/1903/1

"We had a false sense of security about Linux machines on our site. None have ever been compromised due to security vulnerabilities within the software, but several have as a result of misconfiguration on the part of the administrators."

Living proof...half of all security breaches are the result of misconfigured systems.

Elle

For a talented hacker in this terrorist-aware day and age, one hacker that genuinely did not mean any harm to the public (having a mere obsession with UFOs and aliens) we should NOT be exporting him to be punished. It is all completely ridiculous. The government should be using his skills to their own advantage, not locking him up in america as a last resort, especially as now he has also been diagnosed as having Asperger's Syndrome.

http://en.wikipedia.org/wiki/Asperger_syndrome

As for his obsession with UFOs, I cant say I really blame him, news on their possible existence do crop up from time to time, eg new aircraft being worked upon by other governments. I just clicked on google news, yahoo news, AND BBC news TODAY, and their first articles mention sightings of unusual aircraft over brazil!
Check it out here now from the bbc news, and decide for yourself - whos crazy now?

http://news.bbc.co.uk/1/hi/world/americas/8066061.stm

Fg: Changed date on the website?

"Deadline to sign up by: 15 June 2009 – ..."
http://petitions.number10.gov.uk/mckinnon09

Jacqui Smith is the biggest criminal of the lot! Claiming expenses from taxpayers money to supplement a cosy lifestyle.

UK politicians have no right to grant this extradtion considering their own lack of morals. Double standards indeed.

http://it.slashdot.org/submission/1005685/FBI-and-US-Marshalls-Hit-By-Virus?art_pos=13

"Law enforcement computers were struck by a mystery computer virus Thursday, forcing the FBI and the U.S. Marshals to shut down part of their networks as a precaution.

Apparently the case files are kept on an isolated system and critical data was not impacted. Though it did force them to shut down their email and internet connections for a short time."

Here we go again - whats up with the US cyber security anyways? They too cheap to hire real techies for the job?

Elle

Gary should be congratulated, not punished by the US authorities for highlighting weaknesses in their security systems. He should not have to pay for their embarassment. Our government has a poor track record in supporting people like Gary and will not want to offend our US friends. The proposed punishment is way over the top, especially for someone with Aspergers. I have tried to sign the Downing Street petition without success.

I watched President Obama's recent speech announcing the new Cyber Security Czar. The U.S. government (not the people - though explaining the difference is impossible) will pander to the voters by being politically correct and continuing to waste money demanding Gary's extradition.

The good thing is that Gary is not behind bars awaiting the outcome of this long show trial.

Another good thing is that the extradition attempt has dragged on for so long that actually putting Gary on trial, let alone sending him to America, has reached its expiration date. It can't possibly happen.

By the way, "Unsolved Mysteries," hosted by Dennis Farina, has been taken off the air or at least Spike TV (Channel 39), after I posted here about the motion picture frame of a U.F.O. containing the number 4 (Zeta Reticulum Four). The Men in Black or if you prefer, the Military Industrial Complex, does NOT fool around. They or it are after Gary for having tried to download that mother ship. Gary's persecution is not about computer security in my opinion.

Garry i wish you the best of luck with all this mate.
Extradion treaty is aload of ass and makes are country even more like americas bitch.
The fact this can be done without evidence is what deeply disturbs me and if you are sent to the US you face more than you would for murder in the UK.
Absoloute disgrace that they are even considering this.

I think though that this is no longer about computers. The fact they are trying so hard may not be to make a public example, but fear for what you may have seen on these computers.

Best of luck.

Jacqui Smith has gone. The bitch couldnt do her job anyway.

@ Matt T - not yet she hasn't - she is still in office as Secretary of State for Home Affairs (Home Secretary) at the moment.

Next week, perhaps...

FBI e-mail clobbered after virus

"The FBI did not provide details on the security incident, but it looks as though hackers may have used maliciously encoded file attachments to hack into the network.
Microsoft warned Thursday that attackers are sending malicious QuickTime media files to victims, exploiting an unpatched flaw in Apple's media format, in order to install malicious software on Windows systems."

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9133678&source=CWNLE_nlt_virusv_2009-06-04

Ahaa! And so - Gary - being a good man - did not indulge in such activities - like planting viruses - like bAdd hackers do!!! FREE GARY!!!

Elle

If Gary is extradited, what are our plans for supporting him? We can discuss this publicly.

Right now, Gary and the Americans seem to be playing a game of who blinks first as far as a plea agreement is concerned. I think Gary knows that the U.S. will blink first and accept a deal and the U.S. is playing the game as long as possible before admitting defeat.

Gary took a stand on principle concerning the signature to the first plea agreement. It was also bloody smart as far as avoiding an adjustment of the agreement by the Americans after Gary was in their hands. Jimmy's right about Gary knowing more than he's told us.

why should gary afto go to the usa for hacking nasa computers, what about other hackers like the ones in china why dont the usa go after them to, FREE GARRY

Gary could be given a job as a consultant by the US and UK Governments to help them improve cyber security?

Any new system could be tested by him to see how hacker proof it is before large amounts of cash are spent implementing it and sensitive data loaded onto it.

We need to get up to speed with cyber security by employing the best. It will be a terrible shame & waste of life if Terrorists hack our systems and the only man who could have stopped them is locked up in the USA for 70 years. I thought prison was supposed to be about reform, how does a 70 year sentance allow reform? Aside from that the guys got Autism which science does not fully understand, he needs medical help not Nazi style justice.

LOCK THE TOSSER UP. HE IS NO MORE THAN A CYBER TERRORIST

@ Steve - this case is as much about British sovereignty and US political and bureaucratic embarrassment and proportionate justice, as it is about any actual damage or harm which Gary might have done.

Did Gary break the UK Computer Misuse Act 1990 -> Yes
Should Gary thus answer to United Kingdom justice -> Yes
Did Gary know he was breaking UK and US law -> Yes
So shouldn't Gary face charges in the United Kingdom... errrr ->YES!!!

Is gary a human being who just believed he was on a moral crusade? : YES

Should people with such a high moral code be respected? : YES!

SMEs routinely breach the Data Protection Act

http://www.securitypark.co.uk/security_article263145.html

"According to a survey of over 500 small and medium businesses conducted by BSI, almost ne in five businesses has unwittingly breached the Data Protection Act (DPA) at least once. Of these, nearly half said they had breached the Act on several occasions and an additional 18% said they were not sure whether they had or not. A breach could refer to the illegal
transfer of information to a third party, failure to hold information securely or neglect of other legal obligations."

Indeed, it is a FACT that MOST operations - be they government administered or business administered are placing the safety and security of every citizen in question. How? By simply not administering their networks or servers properly. The worst possible case of access to private systems is one involving a default administrator password that is left unchecked - like the exclusive access point to the US military systems that Gary McKinnon and many other international hackers have discovered.

Who should be laid to blame for this and the nearly 50% of all business owners who have your personal information on their unsecured systems? The lynch mob attitude of some of the people who post here making unkind comments towards Gary are non the less idiots as the backyard administrators are.

Solution :: Hire people on your team that are really in the know - and stop cutting back on your IT Staff to save money.

Elle

what gary did was very wrong and yes he needs to go to prison, but lets not blow the whole thing out of proportion let him serve his sentence in the UK and then make him help make cyber security better in both the US and the UK.
i think the people in the US who are pushing so hard for this are nothing more then a bunch of school yard bullies pickin on someone cause they can. lets go after the real hackers
SHAME ON US !!!!!!

LOL thank you gary for showing us we are to cheap lazy and self-righteous to defend ourselves online.

regards
Ashley~Cary NC USA

basically the decision made tomorrow with determine if gary had another normall happy day in his life again which i think is wrong, how could somebody decide this!1.
they are just blowing the whole thing out of proportion and wasting lots of money when they could be working together

Why should he be tried in Britain when his crime was against the United States? This guy knew what he was doing, he admitted guilt. He's all over YouTube basically boasting about what he claims he found.
This Aspergers stuff is nothing more but a cop out. He's going to have to drop the Asperger, vegetarian, softy musician stuff pretty quick when he's bunked up with his new cellmate.
You do the crime, you do the time Gary. Maybe you'll get lucky and the Air Force will let some Greys examine you.

higher moral code? seriously? looking up UFOs has NOTHING to do with a moral code. hacking into government databases for one's personal gain is the complete opposite of having a moral code. he broke the law, he should face the consequences. if he was such a good hacker, how come he got caught?

in all actuality, regardless of what kind of "stress" he'll endure being extradited to the US, he should not have done the crime if he doesn't want to face the possibility of time. the BBC article says:

"Mr McKinnon told the BBC that he recognises that he committed a crime and said: 'I am sorry for that.'"

basically, if i commit a crime, i don't have to face trial because i could hide behind a syndrome that wasn't even recognized until recently and a half-assed apology?

if he is smart enough to cause all this damage, he knows well enough that he can go to the US and face his fate.

MORAL CODES... HAHA!

@ Kevin Jersey - do try to read up on the background of this complicated case, before embarrassing yourself here, and in future search engine queries.

"hacking into government databases for one's personal gain" - the US prosecutors specifically said that there was no evidence of that, and he is not charged with any such offences, so you are simply wrong.

"he broke the law, he should face the consequences" - agreed - but he broke the law here in the United Kingdom, which is where he was physically located, and arrested. He should face the consequences here in the United Kingdom.

"if he was such a good hacker, how come he got caught?" - he did not have to be a brilliant technical hacker, although he was obsessed and persistent, since the systems were left totally unprotected (no systems administrator password, no internet firewall) for several years.

The incompetent, corrupt or treasonous senior US Military officers, civilian contractors and Department of Defense officials and politicians, who let this happen, for years on end, should be personally cross examined under oath at any proper trial, and then, hopefully, they will be punished.

@ Elle - "americans have got to be the most uneducated, uncultured, unpleasant, unreasonable, uncompassionate and unwarrented." - there are a minority of such people in every country, but it is true that, over the years, several of them have, to their shame, embarrassed their fellow Americans, many of whom do support Gary.

I agree with Elle Hart:

"Again, attutude, and threats. Americans really offend me...of all the countries and cultures and races of people on this planet - americans have got to be the most uneducated..."

fg, I know, I live here. America is a democracy -the will of the majority.

For one thing, when the rest of the Western world had banned slavery - America continued to enslave human beings based upon their race. Why was slavery ended in America? Because it was no longer profitable for the ruling elite.

It's all about money. Not to single out any particular religion, but, America is a religious country. Just go to any house of worship on their holy day and their leaders will talk about anything and everything in the books after the five or the books before the five, but they won't talk about what the most important figure is quoted to have said in the five, about the new message of love.

Because if they did, then they would have to share the wealth instead of not caring about starving, sick, and criminally under-educated children in their own country who haven't even had a chance to compete and lose in the Great society.

When you go to worship you hear that we're all losers who're going to hell and there's nothing we can do about it, it's only by the grace of you-know-who who can send us to everlasting consumerism. So, stop thinking, overlook the inexcusible flaws our leaders, and just do what they tell us.

That applies to Gary being handed over to the world's leader, just stop thinking, just ask the majority of Americans. Holding onto their wealth by mentally crippling the majority is nothing new for the leaders of empire.

I love my country and it does suck for sure.

Es un capo!!! mas que juzgarlo, tendrian que darle laburo en el pentagono mentes tan brillante no hay dando vuelta por estas tierras

Elle Hart Wrote

And yes - you are right - the elite hackers do not get caught;). But before you judge Gary again, consider that he voluntarily left a note alerting the admins of their security problem. And that this note is most likely posessing the only ip identifying his connection. And given that he 'is in the know ', this was not a mistake, but a humanitarian act.

Oh, I get it Elle, you consider your self some kind of elite hacker now...right? Well a failed computer consultant has to manufacture some sense of self worth.

So, tell me, do you truly believe that a note left on a computer contains an IP address? You are as phony as they come. What was it that one guy called you??? Oh yeah..."Canadian Crackpot"

I am positive that deleting operating system files and leaving a note saying " I am Solo and I will continue to disrupt at the highest level" was totally intended to be a "humanitarian act"

You can label Americans anything you want, but you definitely earned the label of Gullible.

@FG:

@ Kevin Jersey - do try to read up on the background of this complicated case, before embarrassing yourself here, and in future search engine queries.

Just because people see facts differently does not mean that they are ignorant of those facts. While you feel this case is very complicated, to many people it is not complicated at all.

"hacking into government databases for one's personal gain" - the US prosecutors specifically said that there was no evidence of that, and he is not charged with any such offences, so you are simply wrong.

Well, no, actually he is probably right and you are probably wrong. "Personal gain" does not necessarily mean pecuniary gain. McKinnon has claimed that he broke into US government computers in order to find evidence of extraterrestrials (he says UFOs, but I will give him the benefit of the doubt that he understands the difference between the two). He also claims that he found such information, including the infamous "non-terrestrial officers" and pre-wiped pictures of spacecraft. Therefore, he gained/took valuable information. Thus he personally gained, as was his intention.

"he broke the law, he should face the consequences" - agreed - but he broke the law here in the United Kingdom, which is where he was physically located, and arrested. He should face the consequences here in the United Kingdom.

No. He broke the law in both the US and the UK. He broke the law while he was physically in the UK, but that does not change the fact that he also broke the law in the US. There is such a thing as concurrent jurisdiction in which multiple sovereigns have jurisdiction over an act. In this case the UK has jurisdiction through Nationality and Territoriality and the US has jurisdiction through the Effects Principle and the Protective Principle. Generally, the sovereign with either the stronger interest (e.g. victims) or the one in whose territory the defendant is found, will prosecute first. McKinnon can be prosecuted in both, it is simply that the UK has declined (repeatedly) to prosecute, which only really leaves the US. It is amusing that people on this site are incapable of grasping this with respect to McKinnon, and then rail against the US for not turning over people to UK courts . . . people who are not UK citizens and whose crimes were not committed on UK soil.

"if he was such a good hacker, how come he got caught?" - he did not have to be a brilliant technical hacker, although he was obsessed and persistent, since the systems were left totally unprotected (no systems administrator password, no internet firewall) for several years.

I believe (although Kevin can correct me) that this comment was in reference to the ungoing and wholly unrealistic assertions that the US should have hired McKinnon as a security expert rather than seeking to prosecute him. The point being that he has no real skills to provide. As an aside, how do you know that there were no firewalls? One of the purposes of his attack method was to circumvent firewalls, use trust relationships to get through them, install remotely anywhere to disguise his intrusions as web traffic. And the facts only say that he was able to gain access to a local administrator account without a password, meaning that potentialy all of the other administrator accounts did have proper passwords.

The incompetent, corrupt or treasonous senior US Military officers, civilian contractors and Department of Defense officials and politicians, who let this happen, for years on end, should be personally cross examined under oath at any proper trial, and then, hopefully, they will be punished.

First, how do you know that those responsible were not disciplined, fired, or charged? Second, if you think that people who made a simple mistake or misconfiguration should be charged with a Capital offense, then surely you would support a far harsher sentence for someone who intentionally breached security on almost one hundred computers, installed a trojan, deleted log files, and allegedly downloaded information and deleted thousands of user IDs. Right? Hello? Still there? I am not sure how you would support charging someone for treason for not properly securing an unclassified computer, but then there are lots of bizarre theories floating around here.

@ David:

Funny you should decry the actions of the US at about the same time allegations came to light concerning half a dozen officers from Scotland Yard waterboarding drug suspects. Not to mention the ongoing probe into UK soldiers torturing people in Iraq. You just keep trying to stay on top of that fast-eroding high ground.

@ Elle

And that this note is most likely posessing the only ip identifying his connection.

Where do you come up with this stuff? Why don't you pop over to England and marry him if you are so besotted? I don't think the facts support any theory in which his goal was to help make systems stronger . . . after all, if they were stronger, he would not be able to get in and of course, by installing a trojan on the systems changing the admin password would not improve security much. Humanitarian? Yeah, right. I am also pretty sure that his capture had nothing to do with any such note. Feel free to keep dreaming your happy dreams though.

And "risk his whole life and reputation?" What are you talking about? He isn't the second coming, he's just a guy. Perhaps remarkable in some aspects and perhaps subpar in others. Everything isn't black and white or good and evil. Usually people outgrow those concepts when they are about 10.

And exactly why is it that you assume that everyone who does not support McKinnon must be from the US? Certainly there are people from countries other than the UK who support him, so why is it impossible that only people from the US do not?

- Han

@ Han - your arguments are not very convincing.

As an aside, how do you know that there were no firewalls? One of the purposes of his attack method was to circumvent firewalls, use trust relationships to get through them, install remotely anywhere to disguise his intrusions as web traffic.

Nonsense.

In order to install Remotely Anywhere remotely via the internet, there must have either been no firewall at all, or the default Windows File Sharing ports 135, 139 and 445 (used from Windows 2000 onwards), must have been allowed, something which even most home computers connected to the internet, do not allow by default these days.

Remotely Anywhere is one of several genuine Remote Desktop / Remote Server administration tools which were popular on Windows NT systems, which, unlike *nix based systems, are impossible to administer fully, without remote Windows / Icon / Mouse support.

Such software is less popular with later Microsoft operating systems, which now come come with Windows Remote Desktop support by default.

You cannot install Remotely Anywhere, or similar programs, without already having full Systems Administrator access to the system.

They are not the equivalent of modern Botnet Trojan Horse software, which attempts to hide its presence somewhat.

And the facts only say that he was able to gain access to a local administrator account without a password, meaning that potentialy all of the other administrator accounts did have proper passwords.

Very probably all of them had a privileged NT Domain administrator Account and Password set, used by the legitimate systems administrators.

However that was irrelevant, since the default Local Administrator account, also giving full access to the system, was not renamed or disabled and still had the default "null" password i.e. "just hit the Enter key when asked for the password", still set.

Such steps to secure the default Local Administrator account are clearly written in the Microsoft documentation, explained on Microsoft Systems Administrator training courses, written into the standard Security Operating Procedures, and the instructions for creating "locked down" workstation and server software builds, and are regularly checked and audited with security vulnerability scanning software by auditors and penetration testers. New or amended versions of standard software configuration builds are tested for such basic configuration errors before being deployed to thousands of production systems.

At least they were, even circa 2000 - 2002, in most large organisations, except, it seems, for the US military.

First, how do you know that those responsible were not disciplined, fired, or charged?

Name one such person then !

Given the number of espionage scandals revealed since Gary's arrest back in 2002, with alleged Russian, Chinese, Cuban and Israeli etc. spies working within US military contractors and the Washington bureaucracy, one way for the US Government to save face might be to blame "ordinary" incompetence or corruption, on Foreign Spies.

Either there were no basic computer security vulnerability audits at all, or more likely there were plenty of them, but the embarrassing results were kept secret, and no action was taken by senior managers.

This was not just for a week or a month, but for several years on end, both before and after the supposed maximum alert state of readiness after September 11th 2001, when, presumably, some of these senior managers must have been ignorant or were lying about the security of the systems which they were paid to take responsibility for.

If Gary had been tried in the UK back in 2002, the UK legal authorities would undoubtedly have held part of the trial in secret, on the grounds of "national security" citing the relationship with the US military and intelligence community, and no word of either the vulnerability which was exploited, or any mention of the individual senior managers responsible, would have been reported.

Gary did not make any of this information public until the extradition proceedings started against him over 3 years after his arrest.

GARY IS NOT A TERRORIST.

He may be a person guilty of computer missuse, but he is NOT a terrorist and should not be tried as one.

http://en.wikipedia.org/wiki/Definition_of_terrorism
----------SNIP---------
Definition of terrorism

The word "terrorism" is politically and emotionally charged,[1] and this greatly compounds the difficulty of providing a precise definition. A 2003 study by Jeffrey Record for the US Army quoted a source (Schmid and Jongman 1988) that counted 109 definitions of terrorism that covered a total of 22 different definitional elements.[2] Record continues "Terrorism expert Walter Laqueur also has counted over 100 definitions and concludes that the 'only general characteristic generally agreed upon is that terrorism involves violence and the threat of violence.' Yet terrorism is hardly the only enterprise involving violence and the threat of violence. So does war, coercive diplomacy, and bar room brawls."[3] Angus Martyn in a briefing paper for the Australian Parliament states that "The international community has never succeeded in developing an accepted comprehensive definition of terrorism. During the 1970s and 1980s, the United Nations attempts to define the term foundered mainly due to differences of opinion between various members about the use of violence in the context of conflicts over national liberation and self-determination."[4] For this and for political reasons, many news sources (such as Reuters) avoid using this term, opting instead for less accusatory words like "bombers," "militants," etc.

----------SNIP---------
Reasons for controversy

The modern definition of terrorism is inherently controversial. The use of violence for the achievement of political ends is common to state and non-state groups. The difficulty is in agreeing on a basis for determining when the use of violence (directed at whom, by whom, for what ends) is legitimate. The majority of definitions in use have been written by agencies directly associated with a government, and are systematically biased to exclude governments from the definition. Some such definitions are so broad, like the Terrorism Act 2000, as to include the disruption of a computer system wherein no violence is intended or results.
----------SNIP---------

The computer missuse that Gary is guilty of did not involve any form or threat of violence. My theory is that the US networks were so unprotected that a terrorist hacker did get in and accessed data that was then used in 911 - and the US never caught the real hacker(s) so they formed a lynch mob against Gary. Sound right?

Elle

The computer missuse that Gary is guilty of did not involve any form or threat of violence. My theory is that the US networks were so unprotected that a terrorist hacker did get in and accessed data that was then used in 911 - and the US never caught the real hacker(s) so they formed a lynch mob against Gary. Sound right?

Elle

Nice Elle. I am sure your theory is based on all kinds of facts.

I noticed that a statement from the Alison Saunders, head of the CPS organized crime division was greatly ignored by your readers. Allow me to point something out.

Alison Saunders, head of the CPS organised crime division, said: "We identified nine occasions where Mr McKinnon has admitted to activity which would amount to an offence under section 2 of the Computer Misuse Act (unauthorised access with intent). Although there is sufficient evidence to prosecute Mr McKinnon for these offences, the evidence we have does not come near to reflecting the criminality that is alleged by the American authorities."

She said McKinnon's hacking activities "were not random experiments in computer hacking, but a deliberate effort to breach US defence systems at a critical time which caused well-documented damage. They may have been conducted from Mr McKinnon's home computer - and in that sense there is a UK link - but the target and the damage were transatlantic."

And the Computer Misuse Act Section 2 states...

2 Unauthorised access with intent to commit or facilitate commission of further offences

(1) A person is guilty of an offence under this section if he commits an offence under section 1 above (“the unauthorised access offence”) with intent—

(a) to commit an offence to which this section applies; or

(b) to facilitate the commission of such an offence (whether by himself or by any other person);

and the offence he intends to commit or facilitate is referred to below in this section as the further offence.

(2) This section applies to offences—

(a) for which the sentence is fixed by law; or

(b) for which a person of twenty-one years of age or over (not previously convicted) may be sentenced to imprisonment for a term of five years (or, in England and Wales, might be so sentenced but for the restrictions imposed by section 33 of the [1980 c. 43.] Magistrates' Courts Act 1980).

(3) It is immaterial for the purposes of this section whether the further offence is to be committed on the same occasion as the unauthorised access offence or on any future occasion.

(4) A person may be guilty of an offence under this section even though the facts are such that the commission of the further offence is impossible.

(5) A person guilty of an offence under this section shall be liable—

(a) on summary conviction, to imprisonment for a term not exceeding six months or to a fine not exceeding the statutory maximum or to both; and

(b) on conviction on indictment, to imprisonment for a term not exceeding five years or to a fine or to both.

So let's see...using your logic that he faces 70 years in the US when you only consider the maximum punishment. He would be facing 45 years in the UK. What is the difference to someone over 40?

So nine incidents of well documented damage, tells me that Alison has seen the evidence. You guys really need to quite making excuses and creating personal theories that are not based on evidence or fact.

Anyway, I guess it all rests on the judicial review. Should be interesting to see what legal maneuver, syndrome or other act of desperation we can witness next.

- The US claimed 'to care good' of Gary..

Is ONE of the lies.

Giving him '70 years' IS NOT A GOOD CARE, thus a clear lie, plus torture (worser than torture) is (still) going on in Guantanamo and elsewhere if you didn't know.

Since they changed the law that there is no proove of damage needed is another proove of it been a lie. They do not stand on their words/actions...

This sums it up: lies, no human rights, illegal activities and no care.

Nothing less than government sponsored evil/criminal activities, is what i call this.

Tell her that she's violating human rights,etc

Alison Saunders
020 7796 8363
alison.saunders@cps.gsi.gov.uk

Nice!!

A government official gives an honest assessment of the facts and you want to harass her with phone calls and emails to make her shut up.

Absolutely pathetic!!

Evil is the only thing to shut off.
Nothing bad meant here.

Gary is not a terrorist.

Sending him to a US prison is the worst and evil choice that exists.

The world is full of lies and propaganda material, it could only be sponsored by the Govt itself.

So thanks for your kind of oppinion.

Fact is ::Eyes4Lies::

You forgot to specify how -

"which caused well-documented damage"

results in 'violence and the threat of violence'

and if you are unable to prove this point

then you agree by ommission that

Gary McKinnon is NOT A TERRORIST

Elle;)

Sorry Elle,

You first. You must concede that Gary intentionally caused malicious damage which he knew would result in a denial of service to the networks he attacked.

If you concede that I will consider conceding that he did not intend violence.

@ Eyes4Lies - Your "thesis" research "skillz" seem to have let you down again - you are barking up the wrong tree:

It is the Computer Misuse Act 1990 Section 3 Unauthorised modification of computer material which is the one which deals with modification or deletion of computer files i.e. "damage", NOT

Section 2 Unauthorised access with intent to commit or facilitate commission of further offences

which you either maliciously, or stupidly, misinterpret from the Crown Prosecution Service document quotation.

You also fail to quote the reason given by the CPS for not prosecuting Gary, namely that they felt that there was a less than 50% chance of obtaining a conviction.

The Computer Misuse Act 1990 has been amended by the Police and Justice Act 2006. These amendments only came into force on 1st October 2008, e.g.

• An increased criminal penalty for Section 1 Unauthorised access to computer material. offence, which might allow the UK Government to ask for the extradition of computer criminals based in the USA or other foreign countries for Section 1 offences.

• An amended Section 3 - now Section 3 Unauthorised acts with intent to impair, or with recklessness as to impairing, operation of computer, etc.
• A new Section 3A Making, supplying or obtaining articles for use in offence under section 1 or 3 i.e. the stupid criminalisation of the creation or distribution etc. so called "dual use" software tools like scripting languages and API libraries or standard network software tools.
  

However, none of these new, as yet untested. amendments should apply retrospectively to Gary's case.

LOL @fg!!

I am really touched by this websites concern over my thesis. You would really be surprised at the grade I received.

I do find it comforting to see that the UK government recognized the inadequacy of their computer crime laws and the enactment of the 2006 amendment will definitely help. I am not surprised that your legal system still only stands a %50 chance of conviction with a confession and multiple public statement and interviews to support those confessions.

But then again...it doesn't really matter now does it. They will not go through an expensive trial when they are not the victim. So let us focus on the law that was violated. 18 USC 1030.

I personally do believe that proving sections 1, 3 and 5A i thru iii is going to be no problem.

§ 1030. Fraud and related activity in connection with computers
How Current is This?
(a) Whoever—
(1) having knowingly accessed a computer without authorization or exceeding authorized access, and by means of such conduct having obtained information that has been determined by the United States Government pursuant to an Executive order or statute to require protection against unauthorized disclosure for reasons of national defense or foreign relations, or any restricted data, as defined in paragraph y. of section 11 of the Atomic Energy Act of 1954, with reason to believe that such information so obtained could be used to the injury of the United States, or to the advantage of any foreign nation willfully communicates, delivers, transmits, or causes to be communicated, delivered, or transmitted, or attempts to communicate, deliver, transmit or cause to be communicated, delivered, or transmitted the same to any person not entitled to receive it, or willfully retains the same and fails to deliver it to the officer or employee of the United States entitled to receive it;
(2) intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains—
(A) information contained in a financial record of a financial institution, or of a card issuer as defined in section 1602 (n) of title 15, or contained in a file of a consumer reporting agency on a consumer, as such terms are defined in the Fair Credit Reporting Act (15 U.S.C. 1681 et seq.);
(B) information from any department or agency of the United States; or
(C) information from any protected computer if the conduct involved an interstate or foreign communication;
(3) intentionally, without authorization to access any nonpublic computer of a department or agency of the United States, accesses such a computer of that department or agency that is exclusively for the use of the Government of the United States or, in the case of a computer not exclusively for such use, is used by or for the Government of the United States and such conduct affects that use by or for the Government of the United States;
(4) knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period;
(5)
(A)
(i) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
(ii) intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage; or
(iii) intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage; and

"...I will continue to disrupt at the highest level."

You are right, it is very difficult to prove intent. Luckily, Gary was "intelligent" enough to provide his intention in the note he left behind.

Instead of publishing my thesis, you guys can wait for the book. Gary's story is but a mildly interesting chapter that obviously is still being written.

UFO/aliens is another false flag, just like 9/11 (Nano Thermite is one of the prooves), Hitler,etc

[Its the world/moneypower leaders plan, to bring in a 'one world government', also called the N.W.O.].

See the video and also read the text on there:
www.vloggingtheapocalypse.com/viewVideo.php?video_id=551&title=FAKE_ALIEN_UFO_ATTACK_FALSE_FLAG_PLAN___IMPORTANT

Decide for yourselve.
Thanks

Petition date changed

"Deadline to sign up by: 22 June 2009 – ..."
http://petitions.number10.gov.uk/mckinnon09

Han
"p.s. Hey Elle, the only person who has ever said that McKinnon was a terrorist is McKinnon. If the U.S. government thought that he was a terrorist he would have been charged as one. Instead, he is charged with computer fraud."

No - that is an assumption - like heresay. I never made such a statement - I am refering to the Extradition Treaty and the original unratified version designed for dealing with terrorists.

http://www.law-ref.org/RECRUITMENT/kw-legal_basis_for_extradition.html

legal basis for extradition [Global Index]

ARTICLE-15
... 2. If a State Party which makes extradition conditional on the existence of a treaty receives a request for extradition from another State Party with which it has no extradition treaty, it may at its option consider the present Convention as the legal basis for extradition in respect of those offences. Extradition shall be subject to the other conditions provided by the law of the requested State. ...

http://www.law-ref.org/EU/articleI-43.html
ARTICLE I-43: Solidarity clause
1.
The Union and its Member States shall act jointly in a spirit of solidarity if a Member State is the object of a terrorist attack or the victim of a natural or man-made disaster. The Union shall mobilise all the instruments at its disposal, including the military resources made available by the Member States, to:
(a)

* prevent the terrorist threat in the territory of the Member States;
* protect democratic institutions and the civilian population from any terrorist attack;
* assist a Member State in its territory, at the request of its political authorities, in the event of a terrorist attack;

(b) assist a Member State in its territory, at the request of its political authorities, in the event of a natural or man-made disaster.
2. The detailed arrangements for implementing this Article are set out in Article III-329.
***
Eyes4Lies
"You first. You must concede that Gary intentionally caused malicious damage which he knew would result in a denial of service to the networks he attacked.

If you concede that I will consider conceding that he did not intend violence"

And so - what you meant to say is - causing a DOS is an act of violence - if so then applying that logic - my ISP is a terrorist !!!

Elle

@ Han - I would not employ you to secure my computer networks !

" Where I worked we tested network passwords monthly, and that took a fair amount of effort. I don’t know what the military does/did, but we certainly never checked local machine passwords."

By not checking for the default Admin account "null" password, something which only takes a few seconds to check, you would have failed any competent security vulnerability audit.

"And of course, as usual, you have not answered any of my question. Not a big surprise I guess."

Who cares ? That is the moan of a typical internet troll.

List of convicted computer criminals
http://en.wikipedia.org/wiki/List_of_convicted_computer_criminals

"In the infancy of the hacker subculture, the computer underground,[3] criminal convictions were rare because there was an informal code of ethics.[4] Proponents of hacking claim to be motivated by artistic and political ends, but are often unconcerned about the use of criminal means to achieve them.[5] White hat hackers break past computer security for non-malicious reasons and do no damage, akin to breaking into a house and looking around.[6] They enjoy learning and working with computer systems, and by this experience gain a deeper understanding of electronic security.[6] As the computer industry matured, individuals with malicious intentions (black hats) would emerge to exploit computer systems for their own personal profit.[6]"

There is a big difference between good and bad hackers, just like there is a huge difference between good and bad politics. Its called 'ethics'. And that is something that should be a manditory course in high school, as the word often caauses a blank stare.

The sentence that is being impossed on Gary McKinnon is completely absurd. 70 years and the threat of Guantanamo and sexual abuse. Never have I ever heard of a case like this. Perhaps that is why I feel so passionate about this case. Gary McKinnon is being treated unfairly. He does not deserve 70- years. In fact, the longest sentense on record is only five( 5 ) years.

"Convictions of computer crimes, or hacking, began as early as 1983 with the case of The 414s from the 414 area code in Milwaukee. In that case, six teenagers broke into a number of high-profile computer systems, including Los Alamos National Laboratory, Sloan-Kettering Cancer Center and Security Pacific Bank. On May 1, 1983, one of the 414s, Gerald Wondra, was sentenced to two years of probation.[7] As of 2009[update], the longest prison term for computer crimes was handed down to Jeanson James Ancheta, who created hundreds of zombie computers to do his bidding via giant botnets.[8]"

Elle

@Han :

"... the only person who has ever said that McKinnon was a terrorist is McKinnon. If the U.S. government thought that he was a terrorist he would have been charged as one. Instead, he is charged with computer fraud."

Well Han, again your research is faulty, as the US Army would seem to disagree with you, as they included McKinnon in an official manual entitled Military Guide to Terrorism in the Twenty-First Century (US Army TRADOC, TRADOC G2Handbook No. 1.01), supplement 2, Cyber Operations and Cyber Terrorism) :

http://www.au.af.mil/au/awc/awcgate/army/guidterr/sup2.pdf

@Eyes4Lies

McKinnon's family are currently in communication with the CPS press office regarding Alison Saunders' statement in which she said "which caused well documented damage" in order to have the statement revised.

For God's (F.G.) Sake, what's happening concerning Gary's hearing that occured on Tuesday 9 June 2009 concerning his medical malady? I went to Janis Sharp's Twitter page and looked over your home page and have found nothing. I certainly don't want to get involved with Her Majesty's government by contacting the Washington embassy to find out. After reading the anti Jacque Smith posts on this site and watching Brown's troubles concerning his ministers' misuse of government money, I think that the individuals concerned are flawed, not the system.

By the way, I heard that Tony Brown is a Right Honourable. Maybe the above paragraph is wrong.

Feds admit error in hacking conviction

http://news.zdnet.com/2100-1009_22-132259.html

"This prosecution rode on the government's contention that McDanel was a 'hacker' with a criminal mind and a bone to pick against his former employer," Granick stated. "That bone was Tornado's refusal to fix identified security problems, and McDanel dealt with it by telling customers so that they could help themselves. This is not a crime."

"Rather than a criminal hacker bent on revenge, McDanel was an employee who voluntarily left Tornado to join another company, partially because the now-defunct company wouldn't deal with a security problem that he had flagged, Granick argued in the appeals-court filing. More than half a year after he left the company, McDanel used his valid account on the system to send a mass mailing to the company's customers, warning them of the flaw, she argued."

Ahhaaha Oh this is so ammusing - so perfectly insane. So paranoid about security that they are turning the very people who can save their precious security into criminals !!! I hope ALL in the know never - ever - ever - step forward again - and all the security of the planet can go straight to hell.
It would be wonderful...

Elle

Just recieved an update curtesy ::Sun W::

Posted on 9 June 2009 12:54
Http://www.theregister.co.uk/2009/06/09/mckinnon_legal_fight_latest

Posted on 16 June 2009 17:47
http://www.zdnet.co.uk/misc/print/0,1000000169,39664238-39001093c,00.htm

Thanks Sun

Elle

Things to do before vulnerability disclosure
http://www.securityfocus.com/archive/101/504338/30/0/threaded

Hahahhaaha - You gotta see this...

"Print out the note to them from a library, pick up note using gloves, put note in self sealing envelope (minus return address), put on self adhesive stamp, then mail note from a public box in another town. Or you could email them and find out the hard way how much of a sense of humor their corporate security department has (read: lawsuit).

Sent from my iPhone"

This is a classic example of the seriousness of sighting those in the know as criminals. Some are so apprehensive to come forward as to just leave the critical security issues unreported and unpatched. But the downside is as soon as the vulnerability is discovered by an evil hacker game over.

Elle

Why are sooo many people defending a cyber terrorist whose actions compromised the security of a nation? If he is sooo ill, why did he leave countless notes taunting the authorities in the US?
Please please extradite this scumbag, he is nothing but an embarrassment to the UK and to himself, hiding behind psychoanalytic bull in order to save his butt.

@ James Taylforth - you have no evidence of "cyber terrorism", have you ?

The US Federal Prosecutors , back in 2002, reassured the public that there was no breach of national security, no terrorism and no organised crime involvement in the Gary McKinnon case.

If they had any evidence of this, they would surely have pursued the matter much more quickly and with appropriate charges, but they obviously did not.

Gary is not being prosecuted for any alleged "threats", which are rather milder than than many which can be seen on tshirts worn by many people in the USA.

He did not even "deface" a public .mil website (as so many others, including US citizens have done), spreading his alleged message to thousands of people.

The language you have just used in your comment is far more threatening and potentially libelous than that in any of the reported alleged "notes".

This man should NOT face extradition to the US.
He should face a trial in this country, HIS country.
I am so saddened that our country is always playing "patsy" to the United States. We do not vote-in governments in order to jump through hoops every time that nation decrees.
Let,s develop again, a backbone!

This uk goverment have done nothing in favour for garry ! Again the spoilt corrupt american goverment get what they want This is a civilised country This uk goverment needs to stand its ground and take action on stopping garrys extradition other country are getting harsher this country is getting to soft!!!!!

the US left their systems open for the purpose of enticing people inside in order to track them back, the system could have been secure but deliberately wasn't. If you leave your keys in the ignition when you park up the insurance won't pay. anyone who believes damage was done to the US systems is probably a little naive. the people say NO EXTRADITION FOR GARY McKINNON .. It would be wise to listen to the people.