ACK! -- CONTINUED

[Zscoundrel]

Bradley Miller wrote:

> At 08:20 AM 4/20/2003 -0500, you wrote:
>
>> They didn't steal anything from you.  At most, they found a back door 
>> unlocked,
>> came in and jimmied the lock so they could get in whenever they 
>> wanted.  They
>> didn't even make a mess or spray grafitti on the walls.  As a 
>> physical crime,
>> it would probably get even less interest from the police than you got.
>
Don't try this at my house.  The penalties are much more painfull. 
 Terminally so.  (grin)

By the way, this is called breaking and entering.  In some parts of the 
city, this is may not be a big deal.  Probably a reflection of the 
upbringing of the people living in those parts of the city - or a 
reflection of the quality of education.  Here in Johnson County, B&E 
will get you an extended stay in room with steel doors - IF - you 
survive the capture.

>
> That's not exactly accurate.  They came in, changed how the entire 
> operating system works, and then left a "backdoor" for them to come 
> back anytime they want.  They also left a program so that computer 
> could be used to attack other computers.  How is that not a crime?   
> If I yanked out the ATM from the local bank and put in my own ATM, 
> that functioned the same but instead put everyone's ATM passcode into 
> my own account . . . wouldn't that be stealing also?
>
> It's interesting that behind the anonymous nature of a PC, people will 
> do the most bold and brazen things, but in real life, they wouldn't 
> have the gozongas to throw litter from their car window.
>
> As to a monetary value, between the cost of the box itself which no 
> longer operates in the manner it was intended to, at probably $2500 
> initial cost or so,  plus my time, plus the time of anyone else 
> involved, plus down time to my customers . . . yes it could be a case 
> that the FBI or someone should be investigating with whole hearted 
> interest.  Otherwise morons like this keep doing it and progressing on 
> to other bigger and better things.  The percentage of people that 
> pursuit "little breakins" like this is what causes people to become 
> more brazen about what they do.   "Well, I didn't get caught doing 
> this, so what if I do something else . . . "
>
> -- Bradley Miller
>
Correct, although you may be underestimating the costs a bit.  There are 
a lot of very valuable intangibles involved too!  Things like BUSINESS 
REPUTATION, and CUSTOMER GOOD WILL that most people overlook when 
calculating the costs of an event like this.  These are recognized 
business issues and should be considered.  Even the cost of presenting 
your case to the Feds should be considered.  The FBI teaches their 
agents to be fastidious and the details are important to them.

Another reason to report this is they may have been using your system to 
launch DoS attacks against other systems.  If the business  - or worse a 
governement entity - tracks things back to your system you stand a 
better chance of convincing someone that you were a unwitting victim and 
not the source of the attack.  

If you don't think that the government can come down hard on someone for 
something that they are not aware of, talk to Steve Jackson Games. The 
secret service came down on them like a 100 screaming banshees and it 
almost cost them their whole business.