PDA

View Full Version : Extradition of hacker Lauri Love to USA


rusty sparrow
16th Sep 2016, 19:44
Cyberterrorism is a global threat to utilities with the UK National Grid just one body taking security actions. Hackers tend to be somewhere on the autism scale - they are wired differently from the 'neurotypicals' i.e. those with conventional ways of thinking. These are the types that crack codes, solve problems that stump others - and hack computers. It's an intellectual challenge and satisfaction to do things that others can't. It's driven by curiosity, not malice. And these are the types of people that nations need to regard as assets to be valued and developed.

Now the (autistic) hacker Lauri Love is facing extradition to the USA after District Judge Nina Tempia has ruled in favour of this

Lauri Love should be tried in the UK and employed by as a security consultant. The knowledge and approach that people like him have is rare and should used for good.

The UK voted Brexit to step away from Brussels interference, why do we tolerate USA interference? There's no 'special relationship' or benefit that I can see.

More info at https://freelauri.com/category/news/

What do you think? Poll here https://goo.gl/AWyQdi

Sue VÍtements
16th Sep 2016, 20:01
I think the UK didn't actually vote, but rather held a non-binding referendum to step away from Europe

::zzz:

ORAC
16th Sep 2016, 20:11
He is a criminal, we have an extradition treaty - "pour encourage les autres".

Amazing how they are normal members of society when it suits them - and mentally ill victims when it avails them.

They are not psychopaths, they know the difference between right and wrong, and the law. Which new facet of the law, apart from sympathy, do you see the court applying?

Cazalet33
16th Sep 2016, 20:40
They are not psychopaths, they know the difference between right and wrong, and the law. Which new facet of the law, apart from sympathy, do you see the court applying?

I'm sure many were saying the same thing about another autistic hacker when he was sentenced to castration for his crimes against humanity.

You've just passed the Turing Test, Orac.

racedo
16th Sep 2016, 20:42
Disabled kids screws up US Top security establishments.................................... wonder did they get a credit note for the Security they paid for and didn't get and did someone get fired.

ORAC
16th Sep 2016, 22:50
Equating being gay with deliberate hacking of the security systems of a nuclear superpower Cazalet?

vapilot2004
16th Sep 2016, 22:58
He is a criminal, we have an extradition treaty - "pour encourage les autres".

Amazing how they are normal members of society when it suits them - and mentally ill victims when it avails them.

They are not psychopaths, they know the difference between right and wrong, and the law. Which new facet of the law, apart from sympathy, do you see the court applying?

100% wholeheartedly agree. :ok:

rusty sparrow
16th Sep 2016, 23:05
Better that an hacker in a suburban bedroom gets in and exposes problems than one from a terrorist group or hostile nation gets in and does harm. It's well known that ISIS have a hacking group (see How the ISIS Hacking Division operates - Tech Insider (http://www.techinsider.io/isis-hacking-division-operates-2016-6)). Anonymous are already in a cyber war against ISIS - it needs a hacker mind to beat another hacker.

White Hat hackers are regularly employed to test the cyber security of various establishments. Someone like Lauri Love could be doing that for the benefit of the UK.

Tankertrashnav
16th Sep 2016, 23:08
This guy should be in line for a big payout from the US government for explaining to them how he could hack their sophisticated "security" systems working alone from the bedroom of his parents' house.

ORAC and VaPilot - perhaps you could outline how you understand autism. Having watched "Rain Man" will not be acceptable as an answer!

ORAC
16th Sep 2016, 23:11
So If someone robs a bank and gets caught, they can plead for foregiveness and release because it was better they did it than a terrorist?

Sallyann1234
16th Sep 2016, 23:19
This guy was hardly a serious hacker.
He fumbled around some websites and fell in through gaping holes that shouldn't have been there. As far as we can understand it he neither intended nor actually did any permanent damage.
In any case, the alleged offences were committed in the UK so he should be tried in the UK.
This is a clear case of shooting the messenger.
[/bleeding heart liberal]

ORAC
16th Sep 2016, 23:19
I believe in this case we are discussing Aspergers, not autism? Those with Aspergers being of normal or higher intelligence and totally cognisant of the difference between right and wrong and the law.

I also note again how they assert their equality and need for equal rights - unless it suits them to do otherwise.

National Autistic Society launches campaign to give people with Asperger's Syndrome equal rights at work (http://www.hrmagazine.co.uk/article-details/national-autistic-society-launches-campaign-to-give-people-with-aspergers-syndrome-equal-rights-at-work)

I ask again, apart from the claim to sympathy and mitigation, on what point of law would the committal of an accepted crime justify a judge varying the verdict?

Sallyann1234
16th Sep 2016, 23:22
So If someone robs a bank and gets caught

A more accurate analogy would be that he found the bank had been left unlocked so he went in and looked around.

ORAC
16th Sep 2016, 23:36
The judge, in full possession of the facts held a different opinion.

".....An autistic man accused of hacking into US government computers can be extradited to the US from Britain to stand trial, a judge has ruled......

Judge Tempia said Mr Love's rights under article eight of the European Convention on Human Rights - the right to a private and family life - were "clearly engaged". But she said: "In balancing the factors for and against extradition I am satisfied that the very strong counter-balancing factors required to find extradition would be disproportionate, are not found in this case." She said Mr Love faced "extremely serious charges for offences of computer hacking".

It is alleged that between October 2012 and October 2013, Mr Love placed hidden "shells" or "backdoors" within the networks he compromised, allowing them to return and steal confidential data. He is accused of causing "millions of dollars" worth of damage.

Judge Tempia acknowledged Mr Love's physical and mental health issues, but said she was "satisfied" his needs would be met by US authorities. She added: "I am satisfied Mr Love's extradition would be compatible with his convention rights, and I send this case to the Secretary of State for her decision as to whether or not Mr Love should be extradited.".......

If Mrs Rudd orders extradition, Mr Love will be able to seek permission to appeal both the district judge's and the Home Secretary's decision from the High Court......

The case was considered to be the first substantive test of the "forum bar", which was introduced in October 2013 by former home secretary Theresa May, allowing courts to block extradition if it is in the interests of justice to have a person tried in Britain.

But Judge Tempia ruled the case should be tried in the United States, where victims were said to have been targeted by Mr Love. "It appears he targeted the United States departments and companies as part of his 'hactivisim' and political activity," she said......."

Tankertrashnav
16th Sep 2016, 23:56
So whats the betting that under the arcane US legal system he will be offered a plea bargain to cop for lesser charges with a few years jail time, or else risk delay of years before he even comes to trial and the possibility of a very lengthy sentence.

Using SallyAnn's analogy - has anyone been disciplined for leaving the back door open? They are the real criminals here. I suspect the culprits will be some IT security company which charged the US taxpayer millions to secure its secrets, and did such a bad job that this guy was able to circumvent their measures with ease.

G0ULI
17th Sep 2016, 00:11
If a firearm was legally discharged in the United States but the projectile crossed the border into Canada or Mexico, killing or injuring someone, where should the prosecution of the offender be carried out?

In the US no offence other than a negligent discharge has taken place, but injury or damage has been caused in another country where possession of firearms or injuries caused by firearms are treated much more seriously (in the case of Canada at least).

The hacking offences carry a relatively light maximum penalty of a couple of years imprisonment in the UK. In the US, where the damage occured, a prison sentence of 99 years could be imposed for the same offence.

it is an unfortunate fact that despite globalisation, different countries still have vastly different views on what constitutes acceptable behaviour and the punishment of offenders who transgress those boundaries.

The fact that we can all readily access computer systems around the world legitimately or otherwise seems to have blinded many to the fact that their bedroom activities can and do have repercussions in the real world. It is up to the computer user to censor their own activities or be prepared to pay the price if they chose to move beyond the bounds of acceptable use by hacking into computer systems they have no right to be viewing.

The fact that the computer systems were unsecured or poorly protected against unlawful access is to some extent irrelevant. Even British law under the Computer Misuse Act recognises the difference between people who are entitled to have access to a computer system and those who don't, whether the system is protected or not.

Mr. Love should be extradited and face charges in the US. If his actions were demonstrably harmless, then a trial should see him acquitted and sent home. If it is proved that substantial damage or the release of confidential information to unauthorised third parties occured, then he should face the consequences.

While it is tempting to suggest that this case is only being pursued because the US Government has been embarrassed, that isn't the way the law works. When national governments are genuinely embarrassed, the matter is usually swept quietly under the carpet and never makes the press. Someone, somewhere is hoping to make a lot of money out of publicising this case.

Sue VÍtements
17th Sep 2016, 04:40
If a firearm was legally discharged in the United States but the projectile crossed the border into Canada or Mexico, killing or injuring someone, where should the prosecution of the offender be carried out?Apparently in the US (http://www.latimes.com/nation/immigration/la-na-ff-border-patrol-shooting-20150710-story.html)

Krystal n chips
17th Sep 2016, 07:04
" The fact that the computer systems were unsecured or poorly protected against unlawful access is to some extent irrelevant. Even British law under the Computer Misuse Act recognises the difference between people who are entitled to have access to a computer system and those who don't, whether the system is protected or not.

Mr. Love should be extradited and face charges in the US. If his actions were demonstrably harmless, then a trial should see him acquitted and sent home. If it is proved that substantial damage or the release of confidential information to unauthorised third parties occured, then he should face the consequences

A sound grasp of reality there then......given most people would be inclined to say unsecured or poorly protected IT systems have a very distinct relevance to the allegations.

Then there's the no so little matter of your blind faith in the US legal processes.....he has one advantage here, he's white, but thereafter having allegedly committed these offences against the State, then he would be "guilty until proven innocent " in the eyes and minds of many.

I would agree there seems to be much more to this, and the background, than we currently know, or at least is in the public domain. Don't forget the last time extradition proceedings were brought against a gentleman called Gary McKinnon, all did not go according to the State Dept's plan....and the cousins have a long memory when their allegations are thwarted.

The real question however, which obviously can't and won't be answered is, if some bedroom amateur hacker can find holes in the supposedly super secure firewalls of US Gov't Dept's, how many times have the professional and foreign states supported hackers breached these systems.

By all means try him in the UK......community ( paid ) service at a little place near Cheltn'um, as the locals say, would be more than apt.

However, the UK's "finest" also appear to have a few questions of their own to answer....

https://www.theguardian.com/law/2016/sep/16/computer-activist-lauri-love-loses-appeal-against-us-extradition

Flypro
17th Sep 2016, 07:25
Surely, the point is that America does not deport it's citizens to be tried in other countries, so why should we ?

izod tester
17th Sep 2016, 08:18
Several posters have stated that the hacker is guilty. However, all that has happened so far is that it has been determined that there is a case to be answered and that he should stand trial in the US. Until he is found guilty there he should be assumed to be innocent.

Such a widespread assumption of guilt could very well make a case for there being no chance of finding an unbiased jury in the US.

Sallyann1234
17th Sep 2016, 09:22
The magistrate said

He is accused of causing "millions of dollars" worth of damage.

Which is of course rubbish. The money spent was to fix the gaping holes in the websites, and should have been spent years before to make them secure.

No doubt the professional hackers in Russia, China etc were really upset when their own open doors to the US were finally closed due to this amateur's exploration.

In the absence of anyone else to blame for the fiasco of the insecure websites, this guy has been used to soak up the official embarrassment. They want to give him a salutary sentence as a warning to others.

Planemike
17th Sep 2016, 09:30
Do not hand him over to the americans............ever !!!!

Sallyann1234
17th Sep 2016, 09:30
The US government (and others) might want to follow the example of Google.

Google have invited hackers to look for security holes in their Android operating system, and have offered awards of up to $30,000 for finding them so they can be fixed. That's the right way to improve security.

rusty sparrow
17th Sep 2016, 09:53
Great example from Google - I'd be encouraged to know that the utilities companies and infrastructure management in the UK were taking a similar approach (article about the threat here Critical infrastructure in Europe exposed to hackers - SC Magazine UK (http://www.scmagazineuk.com/critical-infrastructure-in-europe-exposed-to-hackers/article/510017/)). Cyber terrorism needs a different way of thinking to counter. Knowing how to implement and maintain IT security doesn't come from a college course.

Guys (and there are few girl hackers) like Lauri Love who can find holes in systems that others haven't spotted need to be kept by the UK.

racedo
17th Sep 2016, 10:13
In the absence of anyone else to blame for the fiasco of the insecure websites, this guy has been used to soak up the official embarrassment. They want to give him a salutary sentence as a warning to others.

The reason the website are insecure is the security companies need these backdoors so they can claim it is insecure and charge more and more money.

fitliker
17th Sep 2016, 13:45
The Government should recruit him before an enemy does and he disappears into the grey abyss .

Sue VÍtements
17th Sep 2016, 13:48
I don't watch the news so have only the vaguest idea what we're talking about here, but it seems like someone has sat in their bedroom and found a way in to a US government computer and maybe changed some data.

They tracked him/her (Lauri?) down by following breadcrumbs, except ...

... it's all computers, so who's to say those breadcrumbs were real?


Maybe they were left by a hacker :confused:

ORAC
17th Sep 2016, 13:53
Some people seem to want it both ways.

Either he is an autistic amateur who fumbled his way through open firewalls and needs help and sympathy - in which case why would he have any skills a company or agency want?

Or he is a highly skilled hacker wizz kid at university who has such exceptional hacking skills he should be snapped up - in which case why should he not be considered dangerous and prosecuted?

fitliker
17th Sep 2016, 13:55
How far down the rabbit hole do you want to go ?


How far have you been ?

Geordie_Expat
17th Sep 2016, 14:17
If the situation was reversed, ie someone in the US broke some UK law, people would be screaming from the rooftops if the US refused extradition.

Tankertrashnav
17th Sep 2016, 15:17
I am old enough to remember the disgraceful attitude of the US back in the 70s and 80s in refusing to extradite known IRA terrorists who were wanted on murder charges in the UK,because their crimes were deemed as "political".

This whole lashup of course is a result of the notorious one sided extradition agreement made by Tony Blair at a time when he was determined to do anything to ingratiate himself with Bush. Not quite as big a crime as involving this country in two useless wars, but reprehensible nevertheless.

VP959
17th Sep 2016, 16:34
Doesn't a lot of the fuss in this thread, and the media here, just come down to a bit of xenophobia and a lack of trust in another countries legal system?

The assumption here seems to be that the US legal system is somehow less "fair" than the UK legal system, yet little or no evidence has been given to show that is true.

The legal systems of both the UK or the US start with an assumption of innocence and place the burden of proof on the prosecution. If he is found guilty of an offence, or offences, committed on equipment and systems in the USA, then the only difference between being tried in the US or the UK would be the sentence.

If he's innocent, then the outcome is the same, whichever country tries him.

If he's guilty, but gives evidence of mitigation then I'd guess that both the US and UK courts would take that into account when sentencing.

The case highlights the apparent unfairness of current UK/US extradition agreements, but that's neither here nor there as far as the guilt or innocence of this individual is concerned, and is, perhaps, something for our respective governments need to look at urgently.

KelvinD
17th Sep 2016, 16:50
Hacker Lauri Love"? Shouldn't that read "Alleged Hacker.."? Or has he been tried and found guilty already? Maybe I missed that.
I think the UK should abandon this treaty unless and until it is seen to be operating fairly. Apparently no US citizens have been extradited to the UK for alleged crimes committed while they were living in the US. On the other hand, the UK seems a bit eager to extradite UK citizens, having agreed to extradite over 30 to the US for crimes allegedly committed while based in the UK.
Re the refusal by the US to extradite IRA terrorists from the US; one has to remember where the funding for the IRA was coming from for many years. USA.

Turbine D
17th Sep 2016, 18:50
KevinD,
Apparently no US citizens have been extradited to the UK for alleged crimes committed while they were living in the US.
Err, not according to your UK Government data:

Between 26 April 2007 and 31 May 2014, the US requested the extradition of 41 British citizens. As a result of those requests, 28 were extradited in that period.

Between 26 April 2007 and 31 May 2014, the US requested the extradition of 21 American citizens. As a result of those requests, 12 were extradited in that period.

Between 26 April 2007 and 31 May 2014, the UK requested the extradition of 25 British citizens and as a result of those requests, 20 were extradited in that period.

Between 26 April 2007 and 31 May 2014, the UK requested the extradition of 8 American citizens and as a result of those requests, 5 were extradited in that period.

I think people that think the 2003 treaty is unfair aren't looking at the total picture. It is the extradition requests made, not just the extraditions. BTW, the facts, looking at the big picture is, it is harder to extradite from Britain than from the U.S. Since 2003, no U.S. court has rejected a British extradition request. By comparison, Britain courts have turned down at least nine U.S. requests. Repeating that: the U.S. has rejected no British extradition requests, but the U.K has rejected American ones.

There were changes made to the 2003 Treaty and Act. These changes were initiated solely by Britain to amend and update all its extradition arrangements with all countries for all offenses, not just terrorism.

sitigeltfel
17th Sep 2016, 19:56
The extradition treaty, as it stands, was drawn up in 2003 and ratified in 2007.

Maybe the Lefties who are squealing about this can remind us who was in power and was responsible for the legislation?

Sallyann1234
17th Sep 2016, 22:20
Either he is an autistic amateur who fumbled his way through open firewalls and needs help and sympathy - in which case why would he have any skills a company or agency want?
His mental condition is irrelevant. He is an amateur who found open defects in the websites, as anyone with his interests and enthusiasm could have done, autistic or not. Whether that would look good on his CV is anyone's guess.

Or he is a highly skilled hacker wizz kid at university who has such exceptional hacking skills he should be snapped up - in which case why should he not be considered dangerous and prosecuted?
As above, he doesn't seem to be an exceptional talent. Professional hackers will certainly have been there before him but of course were better at covering their tracks.

The offence that he should really be charged with is "Making US government website administrators look :mad: fools". But strangely enough that isn't in the statute books.

G0ULI
18th Sep 2016, 01:16
Computers are just machines although the internal workings are invisible to the naked eye, the whole gubbins could, in theory, be constructed out of mechanical parts. The Science Museum in Kensington, London has several examples of early mechanical calculating machines, the forerunners of modern electronic computers.

Hacking a computer is the equivalent of using a worn key or lock pick to break into an old car and borrowing it for a bit. No real damage caused, but the owner is inconvenienced and there is the potential for something much more serious to happen.

The supercomputers, the big boys toys with all the security are like modern luxury saloons, far more difficult to break into. But like all security devices there are weaknesses built into the system because sooner or later, someone is going to lose their key and they want to get back in.

With the possible exception of quantum computing, every current computer can be considered to have a mechanical analogue and is vulnerable to the same sorts of attacks that can be made against any mechanical lock, picking, using a master key, social engineering (stealing or copying a key), or brute force attacks such as using an angle grinder to cut through the lock (deliberately causing a fault in some physical part of the computer to gain access).

Nothing clever about hacking at all. It is merely a criminal activity that can be carried out from the comfort of your own home, with minimal risk of getting caught, if you know what you are doing. Hackers are not geniuses although they may be skilled at certain types of problem solving. Like learning to pick a lock with a paperclip, anyone can become a hacker given a modicum of knowledge and a bit of manual skill.

Fairdealfrank
18th Sep 2016, 02:02
Surely, the point is that America does not deport it's citizens to be tried in other countries, so why should we ?

Nor does France or the Russian Federation and the UK should not either.

KelvinD
18th Sep 2016, 06:21
Turbine D: Re the sentence of mine quoted by you. Re-read it and pay attention to the second half of it "alleged crimes committed while they were living in the US". My argument stands.

ORAC
18th Sep 2016, 07:12
It is far less onerous, or abused, than the European Arrest Warrant.....

sitigeltfel
18th Sep 2016, 07:50
Maybe he should just pack his toothbrush and head for the Ecuadorian Embassy.

cattletruck
18th Sep 2016, 12:47
Are flares and bell bottoms still popular in government IT departments?

Sure is challenging to get Government agencies to comply with the latest security practices, only to see it change it again. Doesn't work well in a bureaucratic environment.

Then there is the government outsourcer who got the gig because they were both the subject matter expert and cheapest bidder but just happened to miss a few important details when the proverbial hit the fan.

Then there is the shear complexity of IT systems alone and the inability for government to hire the right talent to look after it.

IT is as dysfunctional as a Dilbert comic strip. So if someone wants to be a smart-alec and attack government systems, or anyone else's system for that matter, then I reckon the judge should not be lenient in throwing the book at them.

onetrack
18th Sep 2016, 14:14
Love is an activist, isn't he? - or "hacktavist" as they love to call themselves when they have carried out a successful hack?
Sounds like waterboarding will be on the cards for him soon. He'll be sorry he ever touched a computer, once the Americans have hold of him. :E

cavortingcheetah
18th Sep 2016, 14:27
It is insulting to those who have Asperger Syndrom that the condition is used as a defence for activities which are illegal, amoral or immoral.
The spectrum of AS may be wide but the condition has been used far too often of late as an excuse for behaviour and activity that is known to be inappropriate even within the context of the syndrome.

Sallyann1234
18th Sep 2016, 14:33
Yes, as I said above the AS is irrelevant to the charge/s against him.

It only comes into account if he receives a custodial sentence, to ensure that he is treated appropriately.

cavortingcheetah
18th Sep 2016, 14:41
Mr Junker of the EU wants a European Defence Force, Army, Air Force, Navy and no doubt, a Secret Service. In the Europe of the future, were Mr McKinnon and Mr Love to have done what they did, it's amusingly relevant to speculate that they would simply be guillotined for crimes against the security of the European Union.

Sallyann1234
18th Sep 2016, 16:00
it's amusingly relevant to speculate that they would simply be guillotined for crimes against the security of the European Union.

"The EU considers the death penalty as a cruel, inhuman and irreversible punishment which fails to act as a deterrent to criminal behaviour. The abolition of the death penalty is essential for the enhancement of human dignity and for the progressive development of human rights."

One of the EU's more sensible rules.
After Brexit of course the UK's more reactionary citizens might campaign to restore it.