Cosmo caught and going to jail.

oh that old 'he'll get a good job' statement.

No he won't. Really, not.

Look at past cases of infamous hackers and how many of them got 'good jobs' after it all ended? Most companies couldn't even care less about Kevin Mitnick or whoever else. Do you really think the people in charge of sorting out a security system will look for the uber-elite-hax0r to fortify their network? Nope, they'll just contract the job to some security advisor with a flashy powerpoint presentation and cheap quote.

Besides, for any employers, kids like that are always a liability. They always have the aura that they cannot be controlled or trusted as they come from culture that is perceived to be anti-establishment and anti-corporate. At the end of the day, you can't really trust them so you won't bother.

Besides, if you will employ a hacker to do your security you want the really good ones, you know..the ones that _don't_ get caught. :D
 
Good link, Cheers for posting. :cool:

Little ****** has been well busy hasn't he. :p I do feel Sorry for kids that **** there lives up when teenagers though as I did it myself, Yes we all know what we are doing at 15 but we don't really understand how it will effect us later in life.
 
majnu said:
I'm not on social networks so idk.
Click to expand...

And the hacking didn't occur through social networks... Whilst ultimately they just wanted to get his twitter, to do so, they wiped his Google, MacBook, iPad, iPhone, got into his Amazon, AppleID and gmail....

kgi said:
Look at past cases of infamous hackers and how many of them got 'good jobs' after it all ended? Most companies couldn't even care less about Kevin Mitnick or whoever else. Do you really think the people in charge of sorting out a security system will look for the uber-elite-hax0r to fortify their network? Nope, they'll just contract the job to some security advisor with a flashy powerpoint presentation and cheap quote.
Click to expand...

Where do you think the security advisor comes from?

Same way a reasonable amount of home security advisors are reformed burglars.

kd
 
Seems like companies are totally inept at keeping our data safe.

Makes me rethink how many docs I want kept 'in the cloud'

He was harmless really but what about those wanting to steal all your cash...
 
This has made me think, Im setting up another email account for all my spam/not important stuff, worrying how much info is there.
 
King Damager said:
Where do you think the security advisor comes from?
Click to expand...

An IT or software engineering/science grad who spent a few years working on security systems.

King Damager said:
Same way a reasonable amount of home security advisors are reformed burglars.

kd
Click to expand...

Somewhat unlikely I would think, perhaps a few outliers but that would be the same as saying "oh they caught a burglar, well, he's going to get a good job at a home security company once he gets outs of jail.". It just doesn't happen.

People don't hire burglars for security staff do they? it's the whole mentality of not having trust to the person in the first place.

I'm not disputing they have the skills and potential, it just doesn't work that way in businesses that they recruit all these young incarcerated hackers etc.
 
Small update: http://www.wired.com/gadgetlab/2012/11/hacker-cosmo-the-god-sentenced-by-california-court/

His sentence:
However, according to Cosmo, the terms of the plea place him on probation until his 21st birthday. During that time, he cannot use the internet without prior consent from his parole officer. Nor will he be allowed to use the Internet in an unsupervised manner, or for any purposes other than education-related ones. He is required to hand over all of his account logins and passwords. He must disclose in writing any devices that he has access to that have the capability to connect to a network. He is prohibited from having contact with any members or associates of UG Nazi or Anonymous, along with a specified list of other individuals. He had to forfeit all the computers and other items seized in the raid on his home. Also, according to Cosmo, violating any of these terms will result in a three-year prison term.
Click to expand...

Part that caught my attention:
“Ostensibly they could have locked him up for three years straight and then released him on juvenile parole,” Jay Leiderman, a Los Angeles attorney who has represented alleged members of Anonymous and LulzSec, told Wired. “But to keep someone off the Internet for six years — that one term seems unduly harsh. You’re talking about a really bright, gifted kid in terms of all things Internet. And at some point after getting on the right path he could do some really good things. I feel that monitored Internet access for six years is a bit on the hefty side. It could sideline his whole life–his career path, his art, his skills. At some level it’s like taking away Mozart’s piano.”
Click to expand...

What do you think?

Personally, I feel that he does deserve some sort of punishment, because you can't go round stealing people's PayPal accounts, but I agree with the paragraph I posted. I feel that his sentence will change his future. Fair enough he was the one who ****** it all up, but still. He is 15/16, I bet he didn't know much about anything. He was obviously a promising computer guy, and he had his 'skill' taken away from him.

I don't know what I would chose.
 
ntg said:
An IT or software engineering/science grad who spent a few years working on security systems.



Somewhat unlikely I would think, perhaps a few outliers but that would be the same as saying "oh they caught a burglar, well, he's going to get a good job at a home security company once he gets outs of jail.". It just doesn't happen.

People don't hire burglars for security staff do they? it's the whole mentality of not having trust to the person in the first place.

I'm not disputing they have the skills and potential, it just doesn't work that way in businesses that they recruit all these young incarcerated hackers etc.
Click to expand...

It's true, not in every case but it happens a lot more than you think.

A security company my old company really relied upon was ran by a bloke who had done time for burglary.

Really obvious one Frank Abignalli the chap who ran all the scam cheques now works in counter fraud.

When people grow up or realise crime will generally end up wrong way it's easy enough to "switch sides"
 
Spenty said:
Pretty scary to think a 15 year old kid can socially engineer his way through some major companies security. No doubt he'll get a good job after his prison stint.
Click to expand...

just realised your banned but social engineering is hardly worthy of a good job when even a common garden slug can do it.
 
I wouldn't say the social engineering itself is worthy of a job role but the knowledge and ability to spot these glaring loop holes is certainly a skill that would be wanted by many large on-line security firms.

As mentioned before, Frank Abignalli's ability to steal money through fraudulent cheques wasn't the skill they wanted, it was because of his knowledge on how to do it and what to look for.
 
Thread fails to deliver... I came here expecting this...

varV7.png


:D
 
Fantastic. The guy wasn't even techie or a hacker in strict sense, he didn't spend weeks probing, bruteforcing or farming traffic to find holes in firewalls and networks. He used the long forgotten grifter like "analogue" techniques. He would call. He would speak to operators. In person. With millions going into cyber security, everyone forgets those simple things - your online presence. If they can find your full name, though the forum nickname you share via Steam account, and then look you up on facebook, find your mothers maiden name though her friendsreunited following contacts on your social networks, then find the name of your first school, then find your full address and phone number via 192.com, and the time at your current address via historic property sale price sites or any of the voters register lookup places, and so on, so forth, you are only as vulnerable as what you, yourself bragged about online in the first place.

What's amazing, is that all of the above wouldn't be possible if it wasn't for our need to be attention "cocottes" online. You meet directors of major companies holding details of hundreds of thousands of people that are completely oblivious to their own security, let alone their customer security, all for a chance to participate in this whole nouveaux online trend of self exposing your entire life, with pictures and videos and every tiny detail, for not much more than just to see what your "friends" had for breakfast on some social networking site.
 
Spenty said:
Pretty scary to think a 15 year old kid can socially engineer his way through some major companies security. No doubt he'll get a good job after his prison stint.
Click to expand...

What he did is actually very easy to do, its impressive he had to confidence to do it, but the technique isn't so impressive.


He won't be employed, not in any major organisation anyway.
There have been a number of cases where companies have hired these el1te hax0r5 only to have them fix their security holes, whilst installing back doors of their own.

Trust is key in cyber security, and you simply can't trust someone who has committed such crimes.
 
You must log in or register to reply here.
Back
Top Bottom