8 May 2006
The UK's hacking community has strongly criticised how fellow hacker
Gary McKinnon has been treated.
Accused of hacking into US military computer networks, Mr McKinnon
this week is expected to find out if he is to be extradited for trial
in the US.
British hackers say he is being made an example of to serve political
ends rather than improve computer security.
The punishment he faces, up to 70 years in jail, was also too harsh a
sentence for the crimes he has confessed to.
The US government alleges that between February 2001 and March 2002,
Mr McKinnon repeatedly hacked into dozens of computers used by the US
Army, Navy, Air Force, and Department of Defense.
While Mr McKinnon has admitted that he spent years wandering round
military computer networks, he denies that his hacking was ever
motivated by anything other than curiosity.
Despite this, the US government is attempting to extradite him to
stand trial for what one American prosecutor called "the biggest
military computer hack of all time".
If extradited, tried and found guilty he could face decades in jail
and millions of dollars in fines.
But hackers, gathered at the regular London meetings of the UK's
hacking community, have decried the treatment meted out to their
Mark, one of the regular attendees of the meeting, said there was
little doubt that Mr McKinnon was being made a scapegoat because some
of his hacking took place after 9/11 in America.
What needed to be addressed by the US military, he said, was the
freedom Mr McKinnon had to wander around supposedly secure computer
"Hackers are not just skilled," said Mark, "they are lucky people and
they are persistent people. It's a combination of all three.
"He was not caught for nearly two years," said Mark. "The big error
was that they did not detect it in two years."
Even then the only reason Mr McKinnon, aka Solo, was caught was
because of mistakes he made.
"It got so routine and blase that he got sloppy," said Mark. "If he
had done it for two weeks they would never have caught him."
Mark also questioned why he was only indicted by the US government in
2005 despite being arrested by the UK's National Hi-Tech Crime Unit in
Mark, and another attendee Rat, suggested that Mr McKinnon was being
treated harshly to send a message to the rest of the hacking community
to clean up its act.
"But," they said, "the idea of clamping down on some unlucky guy and
threatening him with 70 years in jail will not make the blindest bit
"All [hackers] think they will not get caught," said Mark.
Rat said that almost every message received by the blogs set up to
document Mr McKinnon's treatment and the progress of the court case
had been supportive.
Dr K, another UK hacker interviewed by the BBC News website,
questioned why Mr McKinnon had to be extradited to be tried for the
crimes for which he has already confessed.
"We have laws in this country to deal with this kind of trans-national
data crime," he said, "Gary McKinnon should be tried here under UK
"Gary McKinnon should not be extradited - he's just a hacker - not a
terrorist - and the UK should resist any attempts to hype up his
activities by the US government in order to pillory and crucify him in
public in America," he added.
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.