His report for a client that turned out to have been rife with SQL injection at the time was largely movie plot physical security stuff. Not wrong exactly, but not the center mass of the threat model they needed either.
He seemed to lack systems thinking, producing a report that focused on calling out specific employees as dumb or incompetent. Counterproductive at best. It seemed like his PR exceeded his utility by a great deal.
That trend continues beyond the grave, maybe.
He did cost people their jobs though, so I guess he's a good person.
They left out convicted criminal.
Absolutely better at PR than any actual work, pay careful attention and none of his early stuff was particularly novel, from a technical perspective.
But for whatever reason, we venerate him just because he was victimized by the state. The world is not a dichotomy -- sometimes bad things happen to bad people.
Wait ... no fists involved. My mistake.
Interesting fact about Shimomura, he was a student of Feynman's
If he had been treated fairly by the justice system he wouldn't have gotten nearly as much attention.
He was also autistic, a lot of the behavior can be explained through that lens.
That was uncalled for on the part of DOJ.
>He was also autistic, a lot of the behavior can be explained through that lens.
I'm autistic. Maybe I should go commit a bunch of felonies to increase my chances of a good job and stature in the hacker community, since things like publishing code, publishing peer reviewed papers, and mentoring newbies have not been productive ways of finding gainful employment nor respect of my peers.
I have friends who did things like take a gap year to travel the world or met their spouses on nights I stayed in to study, and some evenings when browsing HN I feel very sad that I wasted my 20s on a society that does not care about me.
Anyways, sorry to wall of text, but what you said really struck a nerve with me -- there are hierarchies in any community, and one thing I've noticed with the hacker scene is one group of people can mess up over and over using the same sets of facts or diagnoses, but others can expect to have worse outcomes with better behavior for reasons that elude me to this day.
I understand he probably just lent his name to the company (though he did show up in some of the videos), but still...
Whole thing was so dumb. A floor full of smart monitors that they could have put a keylogger on. A plethora of physical network access and I get called out for leaving my laptop on the lock screen and going downstairs for food.
And they got found out because I ran little snitch I paid for myself and it caught their hijacked chrome making all sorts of weird network calls. But I don't remember being given credit for that.
(Sips mojito)
kkaske•5h ago
This helps to fill in some of the details. It's a really nice story showing the humanity that can be found in situations when you look close.
kstrauser•1h ago
sudo_cowsay•1h ago
kstrauser•1h ago
sudo_cowsay•53m ago
firefax•1h ago
A generation of hackers (specifically, the vBulletin generation) stayed as far away from the CFAA as possible after that fiasco, which I suspect is exactly the chilling effect that the DOJ intended.
mindcrime•26m ago
https://fogbeam.com/free-kevin.jpg