Carleton U hacker faces 10 years
He’s charged under the Criminal Code with mischief to data and unauthorized use of a computer, says the Ottawa Citizen, pointing out both charges carry jail sentences of up to 10 years.
A second-year math student, he also faces a disciplinary hearing at the university, says the CBC, going on:
“A student who called himself ‘Kasper Holmberg’ gained access to the data by installing software that he wrote on a terminal in a computer lab that was attached to a card reader. The software recorded keystrokes made on the computer and included magnetic stripe card reader software, police said.
“Holmberg sent a document to the university and the victims disclosing how he did it. In a 16-page report, he concluded that the cards were not secure and should not be used.”
Detective Michel Villeneuve said Moufid, “has not been co-operating with police”, says the CBC, adding Villeneuve said the hacker had been warned by the university for other computer-related incidents.
Moufid is to appear in court on October 15.
=================
UPDATE – September 15
Now check out Carleton University Cypherpunk Posse’ report
Ottawa Citizen – Carleton student charged in computer hack, September 12, 2008
CBC – Alleged Carleton hacker faces criminal charges, September 11, 2008
Use free p2pnet newsfeeds for your site. It’s really easy!Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
September 13th, 2008 at 11:54 am
Carleton, like usual, demonstrates their patheticness knows no bounds!
September 13th, 2008 at 12:37 pm
“Holmberg sent a document to the university and the victims disclosing how he did it. In a 16-page report, he concluded that the cards were not secure and should not be used.”
For that he is being called a criminal?
September 13th, 2008 at 12:40 pm
What a joke… Leave the kid alone.
September 13th, 2008 at 2:28 pm
Maybe the next one to hack the system isn’t so caring about the colleges’ security. They should be thanking their lucky stars this kid was honest. He gets rewarded for his efforts to do the right thing by facing criminal charges? Nice way to set an example on what not to ever do again.
I hope next time the results by someone else is to remove the total capacity for networking at this college and leave them high and dry without. It would be just deserts for their kneejerk reaction.
September 13th, 2008 at 2:31 pm
Sounds more like he was doing them a favour by exposing their lack of network security! This is a problem on campuses across the country… most people are far too careless with their personal information.
Wouldn’t be surprised if a major bank comes calling Moufid in the not too distant future. Lucrative business, stopping this sort of thing.
10 years in prison and he didn’t (allegedly anyway) use any of the information for profit. Laughable.
September 13th, 2008 at 2:39 pm
Serves him right. The justice system needs to send a strong message of deterrence to other hackers out there. Whether he thought he was doing people a favour or not, he was stealing people’s information. It wasn’t for him to have.
Don’t worry, this stupid kid isn’t going to get a 10-year prison sentence. He’ll likely get a suspended sentence or a very short jail term.
September 13th, 2008 at 3:12 pm
He should be charged, hackers and people who send viruses cause nothing but grief for millions of computer users worldwide. But, do not worry much, Canadian courts do not send people to jail, probably a small fine.
September 13th, 2008 at 3:24 pm
He set out to expose a major vulnerability that will now be fixed as he intends.
Jail is for criminals, not whistle blowers.
September 13th, 2008 at 5:49 pm
He should be hailed a hero and given a government computer job.
Put in jail because he was honest and tried to fix vulnerabilities in the network??
That’s more than stupid……….but criminal in itself to put him in jail.
September 13th, 2008 at 10:20 pm
So this was done as a proof of concept, yes?
He didn’t do anything else with the data did he?
If he didn’t and it was a p.o.c. to show the university then there is no reason at all to incarcerate him.
Instead, as a result the university will probably not fix the problem, and end up screwed when a truly malicious person come around. And this time the heads won’t know because the guy won’t tell them. The university might deserve it, but not the students. There should be an uproar there.
September 14th, 2008 at 3:06 am
What’s missing from the story is that the report included the personal information of students and was published under a fake name. Sure, it sounds like the student had academic intend and this shouldn’t call for a criminal record; but all of this could have been demonstrated in a more responsible manner.
September 15th, 2008 at 4:07 pm
Whatever his motives were, what he did was wrong. if you want to think of it in a physical sense, it would be akin to someone taking a brick and smashing a store window to let the owners know the window wasnt shatter proof. if he truly wanted to raise concerns, he should have gone the legal route, even if it would have taken longer. who knows, perhaps they would have comissioned him to do something. prob not, but we will never know. that added to the fact that he apparently had other computer related incedents in the past does not paint the picture of some cyber vigilanty hero, rather someone with too much time on their hands and the potential for harm
September 15th, 2008 at 5:24 pm
If this kid broke into your house but didn’t take anything, would you be ok with it? If he published your alarm system code just to prove how insecure it was, would you be ok with that? If he took your car out for a joyride, and left money for the gas he used, would you be ok with that?
The fact is he broke the law and should be punished. Conviction should not be based on intentions. However, intentions do often factor into sentencing. I suspect will get a light sentence.
September 15th, 2008 at 6:55 pm
Mansour Moufid is not helping with the investigation. This is a good thing. Those who do not help with the investigation against them are routinely given up to two thirds longer sentences and it is a good thing to have such as this fellow locked up. His name says everything. I wonder what he would be hacking when he becomes adult. Our security centers perchance…
September 15th, 2008 at 8:12 pm
10 years for hacking, oh my! And people who do violent crimes get off with much less, where’s the sense in that?
September 15th, 2008 at 9:05 pm
Gustav I suspect you’re not the brightest crayon in the box or at least not well informed. The law is certainly not a subject you have a functional understanding of.. I would suggest avoiding comments on the subject.
Convictions ARE based on intent (google the difference between mens rae / actus reus for a full understanding). There seems to be little doubt the kid hacked the cards but it remains to be seen whether he intended to damage or harm the people or system he hacked into. Crossing my fingers the kid gets off. Hope a smart consulting firm sees the kids creativity and offers him a job.
September 15th, 2008 at 9:15 pm
this is how canadian government so fuck up.. they just try to make some big shit to the public “10 years jail for hacking”..
don’t they have better thing to do with out tax money.. .. there are so many problem out there..suck as killing, violence, gun…..
they should put OUT TAX MONEY to those thing, ….. ….
they just waste out tax money on putting kids in jail because they download couple mp3 songs with p2p software….
September 15th, 2008 at 9:39 pm
that is just ridiculous. he was whistle blowing a security risk students face, and he is punished?! The university should be punished for putting in place such a weak crippled system! how dare the government try prosecuting this person for doing the right thing!? flaws should be exploited and corrected! ANYONE who works with computers enough knows this, and are happy to fix these flaws.
wow. i honestly hate the system today. once again, i plead, the institutions involved to pull their head out of that place…
the rcmp and carleton should be ashamed.
September 15th, 2008 at 9:57 pm
Stupid. Ignore this school. Do not go there. It prefers to keep insecure computing environment and being ignorant. The guy demonstrated flws with their system and punished for this. Police is even worse. They are supposed to know better how to use better judgment. Just another step in which they are discrediting themselves.
September 15th, 2008 at 10:44 pm
10 years for reporting the process of hacking and telling students that their cards are not safe is ridiculous. The kid is obviously a smart one and should only be punished light for his negligence. Aside from that, there is nothing more.
September 16th, 2008 at 1:38 am
It’s very obvious that the police and the school have absolutely no idea what they’re talking about.
let’s see.. here I found a video of how to use your ipod to bypass magnetic card reader locks:
http://www.hackszine.com/blog/archive/2008/08/magnetic_stripe_card_spoofer.html
I guess I’m going to jail for life.
September 16th, 2008 at 1:50 am
Well done buddy! Keep up the good work, I want to see more students like this.
Why is he getting time for this? In a school environment, this ought to be praised.
September 16th, 2008 at 2:17 am
Derek, you’re just a pathetic racist. You think just because he’s muslim he should be locked in for 10 yrs. Sad, is that how Canadians are becoming?
September 16th, 2008 at 2:47 am
Yes Artic, that is how they are becoming. The more the moderate muslims stay quiet, and even agree with those of extremist varieties, the more we must be careful of the as even the moderates are then dangerous. Either they speak up or they will be taken as identical to their extremist ilk. Racist? No, I hate all muslim extremists and if the moderate ones stay quiet about the extremist ones, then they are also extremist.
There are so few of the moderate ones willing to speak up. I could care less for any of them. They prove that Trudeau’s vision of multiculturalism is unworkable. This is about radical Islam and how even the moderate and non radical are every bit as dangerous by their silence as their radical brethren.
September 16th, 2008 at 2:48 am
This one broke laws easily and should be taken to task harshly before he begins to take other laws in the same way and work to kill our way of life.
September 16th, 2008 at 2:49 am
Not been cooperating says it all.
September 16th, 2008 at 4:57 am
Obvioulsy, this is a serious matter and the appropriate response to Moufid’s actions is a subject for valid debate. Personally, I think the response is a bit overboard and would seem to be the result of embarrased (and frightened) IT folks are Carleton trying to deflect blame from thier own sloppy security as well as scare others from repeating the offence. In the end, I think it will only backfire on the school.
More importantly, the tone of the conversation is worrisome. I think some of the comments regarding this man’s background are racist and inappropriate. We know nothing about him (except his name) and especially about his beliefs and ethnic background. Even if he does prove to be a muslim, so what? Nothing in the article suggests that religion or political views had any relevance to the equation. The danger is that such racist intolerant comments will only further to alienate decent Canadians with islamic backgrounds and make it more likely that, once marginalized, they will lash out against an opressive bigoted society. This is not the model of tolerance and respect we deserve from one another. Let’s keep our opinions on such matters to ourselves until the facts are in Also, think for one minute. If this guy was a so called radical with ill intent, would he have reported his deeds in a 16 page report to school authorities? I think not. People, let’s have some civility and respect and wait till the facts are fully reported before we engage in uncalled for and irresponsible speculation.