Re: Hathershaw School Server Hacked...Yeah Right
sroc...@cix.compulink.co.uk
> http://www.youtube.com/watch?v=AS79mURnIR8 , they was no 'hacking', it
> didn't even prompt for a password.
That video doesn't appear to be available and I've no idea what it's
intended to show but you probably need to know a bit more about criminal
law before you go much further.
If I leave my front door open with the chocolate Hob Nobs in clear view
then it's still called theft if you come in and help yourself to them.
Yes, I'd be very stupid to do that and I can't imagine getting much
sympathy from anyone but you'd be the one in the wrong. The same is true
of accessing a computer system - you need to assume that you have no
right of access to it unless you've been told otherwise. The same is
true of (eg) a standard filing cabinet you might have found in school -
you're not allowed to go browsing through that.
> On the pages that did
> require a password, it was simply 'password'. At the time of writing,
> the pages are still unprotected.
> http://www.hathershaw.org.uk/index.phtml?d=15799
Again, this is a bit like the situation where I lock my front door but
leave my front door key under the doormat. You're not entitled to enter
my house, even though you have the key and in the same way, you're not
entitled to use the password you used - it's not your password.
(Just in case you were thinking of it, there are no chocolate Hob Nobs
available and I don't leave my key under the mat ...)
--
Steve Rochford
IT Support Manager, The College of North West London
Darren
Paul Vigay wrote:
> Sure that's a bit like the BBC suddenly claiming that visitors to their
> website are doing so illegally and trying to get them done for hacking. Or
> a bus stopped at a bus stop with the doors open and then accusing people of
> breaking in if anyone attempted to board it.
>
> Surely, the school should make some attempt at making their private pages
> unavailable on a publc server.
I'm with Paul on this one. A school cannot publish files on the www
with open access and then accuse people of obtaining them illegally.
He said some areas needed a password. Using a password, however obvious
it may be, to get to them would be illegal under the computer misuse
act. You could also argue the school is in breach of the DPA by using a
really obvious password as they have not taken sensible precautions to
secure the data.
Publishing on youtube and making the link available is probably not as
good as contacting the school and telling them of their mistake.
--
Darren
Geoff King
> It's worrying that anyone can access the student details but rather
> than admit they fucked up, they invent this hacker story.
>
> I fail to see how accessing a publicly accessible page that was indexed
> by google could be considered hacking.
You can probably be gotten with the Computer Misuse. However, you can
hit them over the head with a counter legal action revolving around Data
Protection. The implications for them are far more tragic and they might
be persuaded to drop the whole thing.
--
Civilization is the limitless multiplication of unnecessary necessities.
-- Mark Twain
deKay
14:57:40 -0700, sefini jorgo geanyet des mani yeof do uk.education.schools-it,
yawatina tan reek esk strawberry...@yahoo.com fornis do marikano es
bono tan el:
>Hathershaw School Server Hacked...Yeah Right
The only thing you seem to be right about is not being a hacker. I wish the
press would stop using the term for this kind of thing.
Well, I suppose you *might* be a hacker, but you didn't seem to do any
hacking.
Thomas
> Soni tempori elseu romani yeof helsforo nisson ol sefini ill des 8
> Aug 2006 14:57:40 -0700, sefini jorgo geanyet des mani yeof do
> uk.education.schools-it, yawatina tan reek esk
> strawberry...@yahoo.com fornis do marikano es bono tan el:
>
>> Hathershaw School Server Hacked...Yeah Right
>
> The only thing you seem to be right about is not being a hacker. I
> wish the press would stop using the term for this kind of thing.
What else is he not "right" about.
Why be so condescending? He's highlighting quite a disturbing fact about
both computer security and the behaviour of the police.
Tom
Thomas
of a "hacker". Clicking on student data, it seems they have still made no
effort to actually make it inaccesible! It appears you can still download
student's medical history without any username or password. Unbelievable!
I've not downloaded it myself though - I might be branded a hacker and
arrested after all!
Instead of the police seizing some school-kid's (presumably) computer
equipment, wouldn't their time be better employed advising the school on the
inadequacy of its website security? I know they wouldn't do that...that's
not the real world....but it just goes to show how ridiculous "crime
prevention" can be. What's next, people leaving £50 pound notes in the
street and then contacting the police to arrest anyone who picks them up?
Tom
GrumbleDook
Bloody script kiddies ... I hate the attitude of "hey, they have a
broken server. Let's go an tell the world!" What ever happened to being
nice people and telling the school that the security is b0rken and that
they should fix it? Surely that is the responsible attitude we should
be promoting, despite what criminal charges (and subsequent counter
suits) may occur?
I am disappointed in the school involvd, the student and the fact that
the discussion here is centred around the legality instead of the
morality of what has happened. I am no grey hat, but giving adequate
warning before going public is common practice isn't it? And then to go
and publish it on YouTube and here is downright stupid ... that is just
asking for trouble.
Having been caught up in a school accusing (falsely) a student of
hacking I hate to see it getting to this stage. A few words from the
student could save so much hassle ... and instead we end up with a
school doing something stupid, the student making things worse ... and
us winding each other up.
I'm off to bed.
Tony
deKay
2006 22:42:22 GMT, sefini jorgo geanyet des mani yeof do
uk.education.schools-it, yawatina tan reek esk "Thomas" <no...@nowhere.not>
fornis do marikano es bono tan el:
>>> Hathershaw School Server Hacked...Yeah Right
>>
>> The only thing you seem to be right about is not being a hacker. I
>> wish the press would stop using the term for this kind of thing.
>
>What else is he not "right" about.
>
>Why be so condescending? He's highlighting quite a disturbing fact about
>both computer security and the behaviour of the police.
That's true, but what he did was still wrong.
Geoff King
>>Why be so condescending? He's highlighting quite a disturbing fact about
>>both computer security and the behaviour of the police.
>
> That's true, but what he did was still wrong.
What the school did is worse. Firstly, they expose sensitive pupil data
to the entire planet by allowing Google to index it. Secondly they pursued
legal action against someone who is simply following standard IT security
practise's of full disclosure when he lets them know.
There's a couple of obvious and sad outcomes from this. Firstly the school
can be sued by it's pupils into oblivion under the Data Protection Act.
Secondly, no ones going to tell them if there's any other problems for
fear of litigation.
--
"Not Hercules could have knock'd out his brains, for he had none."
-- Shakespeare
GrumbleDook
Geoff King wrote:
> On Thu, 10 Aug 2006 07:45:45 +0100, deKay wrote:
>
> >>Why be so condescending? He's highlighting quite a disturbing fact about
> >>both computer security and the behaviour of the police.
> >
> > That's true, but what he did was still wrong.
>
> What the school did is worse. Firstly, they expose sensitive pupil data
> to the entire planet by allowing Google to index it. Secondly they pursued
> legal action against someone who is simply following standard IT security
> practise's of full disclosure when he lets them know.
But it is not standard practice ... standard practice is to warn the
company that they have a security hole and they should fix it, then if
they fail to fix it you publish how the hole works publically ... and
if they still fail to fix it you then publish it as an example of a
broken site.
If he had followed this then things would be a whole heap better for
everyone.
>
> There's a couple of obvious and sad outcomes from this. Firstly the school
> can be sued by it's pupils into oblivion under the Data Protection Act.
> Secondly, no ones going to tell them if there's any other problems for
> fear of litigation.
That's the saddest part for me.
Tony
Thomas
> But it is not standard practice ... standard practice is to warn the
> company that they have a security hole and they should fix it, then if
> they fail to fix it you publish how the hole works publically ... and
> if they still fail to fix it you then publish it as an example of a
> broken site.
> If he had followed this then things would be a whole heap better for
> everyone.
Quite possibly yes, but I get the impression he's just a school kid. Did
you always make the right decisions at that age - did you have an
all-encompassing knowledge of "standard practice"? At least he wasn't
overtly malicious and didn't make the data available himself. The real
blame lies with the school for leaving such a gaping security hole and, even
now they know about it, still leaving it open!
Tom
Robert Moir
>
> Quite possibly yes, but I get the impression he's just a school kid. Did
> you always make the right decisions at that age - did you have an
> all-encompassing knowledge of "standard practice"? At least he wasn't
> overtly malicious and didn't make the data available himself.
Posting here and admitting his guilt doesn't help his case does it? And as
far as I understand the various acts he was indeed "malicious" the moment
he gained unauthorised access to data by using a password that he was not
supposed to use (never mind how obvious it was).
> The
> real blame lies with the school for leaving such a gaping security
> hole
Actually the blame lies with both. The school seem to be negligent, but as
Tony points out, I can choose to leave my car unlocked with the keys in
the ignition if I want. A poor choice to be sure, but the person who
drives off without my explicit permission is still stealing my car.
> and, even now they know about it, still leaving it open!
That much is totally inexcusable. Of course, one might ask what their side
of the story is before rushing in too far to condemn them. I always find
that knowing both positions greatly contributes to being able to make an
informed judgment about a situation.
Geoff King
>> >>Why be so condescending? He's highlighting quite a disturbing fact about
>> >>both computer security and the behaviour of the police.
>> >
>> > That's true, but what he did was still wrong.
>>
>> What the school did is worse. Firstly, they expose sensitive pupil data
>> to the entire planet by allowing Google to index it. Secondly they pursued
>> legal action against someone who is simply following standard IT security
>> practise's of full disclosure when he lets them know.
>
> But it is not standard practice ... standard practice is to warn the
> company that they have a security hole and they should fix it, then if
> they fail to fix it you publish how the hole works publically ... and
> if they still fail to fix it you then publish it as an example of a
> broken site.
Well if you believe what the OP said, this seems to be exactly what
happens. If you don't, well we're back to full disclosure. Either way, in
security analyst circles, there wasn't any fault in his conduct. Although
it's certainly polite to let people know before you publish a security
vulnerability to the world it's not required if your following accepted
full disclosure methods.
--
Habit is habit, and not to be flung out of the window by any man, but coaxed
down-stairs a step at a time.
-- Mark Twain, "Pudd'nhead Wilson's Calendar
Thomas
> Thomas wrote:
> Actually the blame lies with both. The school seem to be negligent,
> but as Tony points out, I can choose to leave my car unlocked with
> the keys in the ignition if I want. A poor choice to be sure, but the
> person who drives off without my explicit permission is still
> stealing my car.
I think a more accurate analogy would be that someone took your car, drove
it round for a few minutes, got a friend to record them doing it, then
posted the video on the internet as a warning about car security, along with
the name of the town that the car resides in. Then they returned your car
in perfect condition and got arrested.
In terms of them both being to blame, one individual doesn't really compare
to the total IT ignorance of the school or the IT company that made the
website for them. Based on the information I've seen, it seems to be a
ridiculously heavy-handed attack from the police on one solitary individual
whilst the school plays "innocent victim". I await further information to
change my mind
Tom
Darren
Robert Moir wrote:
> Thomas wrote:
> > Quite possibly yes, but I get the impression he's just a school kid.
His youtube account has him down as 27 whatever that's worth.
> Actually the blame lies with both. The school seem to be negligent, but as
> Tony points out, I can choose to leave my car unlocked with the keys in
> the ignition if I want. A poor choice to be sure, but the person who
> drives off without my explicit permission is still stealing my car.
I agree the blame lies with both but your comparison would be better if
you parked you car with it's keys amongst other cars with their keys in
a car park with a big sign that says "Free Cars: Take What You Want"
and the car park had been operating that way for 15 years :-)
Anyway, has anybody here contacted the school? There is an email addy
on their homepage. I can do it tomorrow sometime if nobody else wants
to.
--
Darren
GrumbleDook
Darren wrote:
> Robert Moir wrote:
> > Thomas wrote:
>
> > > Quite possibly yes, but I get the impression he's just a school kid.
>
> His youtube account has him down as 27 whatever that's worth.
>
> > Actually the blame lies with both. The school seem to be negligent, but as
> > Tony points out, I can choose to leave my car unlocked with the keys in
> > the ignition if I want. A poor choice to be sure, but the person who
> > drives off without my explicit permission is still stealing my car.
>
> I agree the blame lies with both but your comparison would be better if
> you parked you car with it's keys amongst other cars with their keys in
> a car park with a big sign that says "Free Cars: Take What You Want"
> and the car park had been operating that way for 15 years :-)
>From information that the OP has given, and from the info on the school
site, it started off with gaining access by using a staff password or
by viewing a page previously viewed using a staff account that has
allowed others to access the information without any further
requirement for authentication. This information was then shared with
others.
THe best analogy I can come with (along the car lines) is that they
discovered a truck that has faulty locks and ignition and will allow
anyone to get in and drive it around. Instead of telling the owner (who
they knew) they decided to see how far they could go, and posted in
several public places about. The fact that the truck in question
contained hazardous materials that should have been looked after is, by
and large, a seperate issue. The owners of the truck, on finding that
someone had been messing about with it, should have locked it in the
garage until it had been fully serviced.
>
> Anyway, has anybody here contacted the school? There is an email addy
> on their homepage. I can do it tomorrow sometime if nobody else wants
> to.
Filled in the web form (no response yet), tried phoning but got no
human answer ... a friend lives not to far away and has said he will
pop round if I haven't heard anything by tomorrow lunchtime.
Tony
Robert Moir
> Robert Moir wrote:
>> Thomas wrote:
>
>> Actually the blame lies with both. The school seem to be negligent,
>> but as Tony points out, I can choose to leave my car unlocked with
>> the keys in the ignition if I want. A poor choice to be sure, but the
>> person who drives off without my explicit permission is still
>> stealing my car.
>
> I think a more accurate analogy would be that someone took your car,
> drove it round for a few minutes, got a friend to record them doing
> it, then posted the video on the internet as a warning about car
> security, along with the name of the town that the car resides in. Then
> they returned your car in perfect condition and got arrested.
I would hope so. They stole my car.
> In terms of them both being to blame, one individual doesn't really
> compare to the total IT ignorance of the school or the IT company
> that made the website for them.
He lost any right to that defence the moment he encountered and defeated
password protection (yes I know the password protection was very poor,
that isn't the point).
> Based on the information I've seen,
> it seems to be a ridiculously heavy-handed attack from the police on
> one solitary individual whilst the school plays "innocent victim". I
> await further information to change my mind
While the "victim" is apparently negligent, that does not make it OK to
break the law. Or are you saying it is OK for me to mug people if I
determine that they are 'negligent' in being less proficient in martial
arts than I am?
Ian
Here is a question from a test for the L1 Certificate in Open Systems and
Office applications aka Silver INGOT.
A student borrows another student's password and leaves themselves logged
in so a third student gets into the system and deletes some important
files. Who should expect to be banned from the network for unacceptable
use?
A) The student that deleted the work
B) The student that gave away their password C) The student that left the
system open D) All three of them
Since the school above is supposed to be a specialist technology college,
I'd be inclined to revoke their grants for bringing UK technology
education into disrepute ;-)
As for the "hacker" being without his computer for a month and the
inconvenience plus a warning that if he does anything like that again he
might go to prison is probably punishment enough.
BTW, the expected answer is D. One thing we are trying to encourage is
responsibility and being irresponsible is being irresponsible no matter
who else is more irresponsible.
--
Ian Lynch
www.theINGOTs.org
www.opendocumentfellowship.org
www.schoolforge.org.uk
Darren
GrumbleDook wrote:
> From information that the OP has given, and from the info on the school
> site, it started off with gaining access by using a staff password or
> by viewing a page previously viewed using a staff account that has
> allowed others to access the information without any further
> requirement for authentication. This information was then shared with
> others.
Ahhh I see. No you don't need a password at all. Well, some areas may
but I never dug around that much to be honest (I'm not just saying
that!). It's just a case of following the links on the main page to be
presented with all of the documents.
{snippy}
> Filled in the web form (no response yet), tried phoning but got no
> human answer ... a friend lives not to far away and has said he will
> pop round if I haven't heard anything by tomorrow lunchtime.
Good on you - didn't notice the form. I did email the OP right back at
the begining with a more detailed response and advice about what he
should have done and what he should do next but haven't heard anything
back (could be difficult if the police have your kit). The school was
my next job if the docs remained in the PD but you seem to be on the
ball.
--
Darren
GrumbleDook
I have lost any sympathy I may have had for the OP now ... it is one
thing to be unfairly targetted by the school, but it is another to then
register a similar domain to the school's principle domain and
advertise the problem.
This is just stupid and immature. I am not sure whether the OP is even
bothering to follow this thread but if you are then you really are
taking things a step too far. If you have been incorrectly arrested and
charged then there is due process to follow to sort things out.
Do your parents know that you are doing things like this? Do they know
that this could be damaging your case irregardless of how bad the
security on the school site is / was?
Give it a rest ... even if you do get off with any charges against you,
you have to remember that the internet does not forget and things like
this will come back to haunt you.
Tony
Thomas
> Thomas wrote:
>> Robert Moir wrote:
>>> Thomas wrote:
>>
>>
>> I think a more accurate analogy would be that someone took your car,
>> drove it round for a few minutes, got a friend to record them doing
>> it, then posted the video on the internet as a warning about car
>> security, along with the name of the town that the car resides in.
>> Then they returned your car in perfect condition and got arrested.
>
> I would hope so. They stole my car.
Yes, I would hope so too, but I was trying to point out that you were using
a pretty senseless analogy.
> While the "victim" is apparently negligent, that does not make it OK
> to break the law. Or are you saying it is OK for me to mug people if I
> determine that they are 'negligent' in being less proficient in
> martial arts than I am?
No, more senseless analogies....
Thomas
> Anyway, has anybody here contacted the school? There is an email addy
> on their homepage. I can do it tomorrow sometime if nobody else wants
> to.
I'd love to contact the school, but would fear the police knocking on my
door and taking all my computer equipment! Could do it anonymously I
guess..
Tom
Robert Moir
> Robert Moir wrote:
>> Thomas wrote:
>>> Robert Moir wrote:
>>>> Thomas wrote:
>>>
>>>
>>> I think a more accurate analogy would be that someone took your car,
>>> drove it round for a few minutes, got a friend to record them doing
>>> it, then posted the video on the internet as a warning about car
>>> security, along with the name of the town that the car resides in.
>>> Then they returned your car in perfect condition and got arrested.
>>
>> I would hope so. They stole my car.
>
> Yes, I would hope so too, but I was trying to point out that you were
> using a pretty senseless analogy.
With respect, you seem to understand the point I'm trying to make, so
carrying on about something being "senseless" when you seem to have made
sense of it just fine looks like avoiding the issue.
>> While the "victim" is apparently negligent, that does not make it OK
>> to break the law. Or are you saying it is OK for me to mug people if
>> I determine that they are 'negligent' in being less proficient in
>> martial arts than I am?
>
> No, more senseless analogies....
No, just a question.
I'm a little disturbed by the comment here: "one individual doesn't really
compare to the total IT ignorance of the school or the IT company that
made the website for them". This implies that the actions of the attacker
should be excused because the victim was "ignorant". Dare I say that you
seem to imply that they were "asking for it"?
GrumbleDook
Just spoken on the phone to one of the techies.
The issue is with Frogteacher and how it holds authenticated sessions
open. That section of their site is being locked down again as we speak
and Frogteacher are working with them on this. Sensitive information is
removed for the time being. The school is also in regular contact with
the police about the ongoing investigation (including the new website
the OP has setup).
The school could only give limited information about the issue for
legal reasons but I can honestly say that it appears that the school
has put sensitive information on a secure area of their website in good
faith that it is secure and that the issue is with how Frogteacher
holds sessions open. That is being worked on. They are aware of issues
with DPA (hence why sesnitive information is removed until it is secure
again).
The *former* student continues to post information about this security
breach (in a bragging manner) in spite of being asked not to ... and
the ongoing police investigation means that no more can be done other
than that.
If you do use Frogteacher at your school please contact them about this
flaw and check whether your site is vunerable. If you do hold sensitive
information on there, they may advise you to remove it until you can be
sure your information is secure. The basis of this flaw is
authentication based and appears to require access to a staff password
or be on a machine recently used by a staff account that still holds
information in its history.
HTH
HAND
Tony Sheppard
strawberry...@yahoo.com
The 'new website' is not new, the whois clearly shows it was registered
in October 2004.
I put up the page showing how I accessed it on the 5th August, 2 days
after I had been arrested. I tried to tell the police at the time that
the staff site was public but they wouldn't let me show them.
The school have never contacted me asking me not to talk about it and I
have not been braggin about it.
The password was only required to access the staff names/address/wages
etc not for the student details.
The page was found by google and although I have no proof of that,
their June accesslog will show google as the referrer.
deKay
04:28:37 -0700, sefini jorgo geanyet des mani yeof do uk.education.schools-it,
yawatina tan reek esk strawberry...@yahoo.com fornis do marikano es
bono tan el:
>I am 21, I have now changed the DOB on youtube.
>
>The 'new website' is not new, the whois clearly shows it was registered
>in October 2004.
The "whois" will show when the *domain* was registered, not when the site was
created.
>The school have never contacted me asking me not to talk about it and I
>have not been braggin about it.
Your post here says otherwise.
Robert Moir
My advice to you would be to shut up, and immediately get legal
representation. And tell them everything, including what you've done
*since* your arrest and bail. They'll probably confirm my advice to shut
the hell up at this point.
If you've already got legal representation they've probably told you to
stop pulling this crap talking about it in public; listen to them.
If you've got legal representation and they haven't warned you to keep
your mouth shut, you need new legal representatives.
Thomas
No - I'm not implying that they were "asking for it". My point is just that
the School deserves to be condemned just as much as the so called "hacker" -
whose treatment by the police seems to have been slightly ridiculous. The
school has a duty under the data protection act and numerous highly paid
people to ensure that it doesn't make these kinds of glaring oversights.
The other party is probably just some bloke in his bedroom with no
"professional duty" and who's ultimately caused very little damage.
Tom
GrumbleDook
strawberry...@yahoo.com wrote:
> I am 21, I have now changed the DOB on youtube.
>
> The 'new website' is not new, the whois clearly shows it was registered
> in October 2004.
Site registration and creation can be 2 different things ... having
gone throught the site it looks like it has been around for a bit,
however it has suddenly become the number one hit on google searches
... which is very strange.
>
> I put up the page showing how I accessed it on the 5th August, 2 days
> after I had been arrested. I tried to tell the police at the time that
> the staff site was public but they wouldn't let me show them.
Even if they would not let you show them immediately they may have
asked for it to be shown at a later date. In the meantime you could
have demonstrated it to your legal counsel and an appointed witness /
expert. Try not to presume that you would not have had a chance to show
your evidence.
>
> The school have never contacted me asking me not to talk about it and I
> have not been braggin about it.
Freedom of speech is a wonderful thing, however, if you are being
investigated for a criminal offence then you are advised by both the
police and legal counsel not to continue any activities which may be
related to the offence. This is standard procedure. By posting on this
news group, by adding sections to your website and by sticking the
video on YouTube you are continueing to disclose information that you
have been warned about ... this is not a good idea.
>
> The password was only required to access the staff names/address/wages
> etc not for the student details.
>
> The page was found by google and although I have no proof of that,
> their June accesslog will show google as the referrer.
However the page was accessed you should not have continue to propogate
the location.
I appreciate that you have responded to this thread and various people
have given you sensible advice about legal counsel.
Having now spoken to the school and to FrogTrade (who produce
FrogTeach) I would advise you to be careful. This is part of an
ongoing police investigation ... to make further comment on a public
forum by any party involved truly is not sensible ...
FrogTrade will be emailing me suggestions and comments about security
for me to sanitise and put on here and other forums to let people know
what to lock out to further lock things down. They are presently also
emailing all theis customers with this advice and, where possible,
checking security on all systems they manage.
They have reacted to this thread in a positive manner and wish to
ensure all their customers are following guidelines that they have
previously issued.
FrogTeach is not based soley on session based authentication for all
pages, but allows for menus and link to be hidden behind passworded
pages. If these subsequent pages are not secured then they may be
accessible if you have previously had access to them.
Further instructions will be posted over the weekend.
I would think that it would be a good idea if conversation on this
thread moved away from the actual incident and went over to a general
discussion on DPA and security rather than specific comments about a
particular school and its use of a particular system.
Tony Sheppard
Robert Moir
> In article <Wd1Dg.9264$Cp....@newsfe2-win.ntli.net>,
> Thomas <no...@nowhere.not> wrote:
> [Snip]
>
>> No - I'm not implying that they were "asking for it". My point is
>> just that the School deserves to be condemned just as much as the so
>> called "hacker" - whose treatment by the police seems to have been
>> slightly ridiculous. The school has a duty under the data
>> protection act and numerous highly paid people to ensure that it
>> doesn't make these kinds of glaring oversights. The other party is
>> probably just some bloke in his bedroom with no "professional duty"
>> and who's ultimately caused very little damage.
>
> 'story' to The Register, as they might be interested in investigating
> this further, especially as the police appear to be over-reacting.
I'm curious that you'd suggest talking to the register instead of taking
legal advice and only talking to the register, etc, should the legal
advice be agreeable. Personally, if I had possibly broken the law, I'd
keep my mouth shut instead of screaming from the rooftops, but that is
just me.
Robert Moir
> In article <%V2Dg.556$s4....@newsfe3-win.ntli.net>,
> Robert Moir <robspamtr...@gmail.com> wrote:
>
>> I'm curious that you'd suggest talking to the register instead of
>> taking legal advice and only talking to the register, etc, should
>> the legal advice be agreeable.
>
> Register have experience of stories such as this, and may be able to
> offer additional information as well as publicise the story if there
> is any evidence of over-reacting somewhere.
So far the only actual evidence of any kind of reaction let alone
"over-reacting" has been from the OP themselves.
Personally, in his position, having got everyone wondering if I'm really
that stupid I would choose to keep my mouth shut rather than keep opening
it and removing any doubts!
GrumbleDook
Paul Vigay wrote:
> In article <%V2Dg.556$s4....@newsfe3-win.ntli.net>,
> Robert Moir <robspamtr...@gmail.com> wrote:
>
> > legal advice and only talking to the register, etc, should the legal
> > advice be agreeable.
>
> have experience of stories such as this, and may be able to offer
> additional information as well as publicise the story if there is any
> evidence of over-reacting somewhere.
Paul ... seriously ... think about it ... I am trying to be as polite
as I can about it being an ONGOING police investigation. The Register
are likely only to get one side of the story (the OPs) since the school
are not saying anything because it is an ONGOING investigation.
At that point anythng that is published is not a fair and true
representation of what has gone on.
Leave it alone.
If you have an issue with this then please email me.
That's it folks ... move right along ... nothing to see.
Tony
strawberry...@yahoo.com
Screenshots
http://i109.photobucket.com/albums/n75/strawberrygashesuk/news67-2.jpg
http://i109.photobucket.com/albums/n75/strawberrygashesuk/news67-3.jpg
http://i109.photobucket.com/albums/n75/strawberrygashesuk/news67-4.jpg
More info
On Saturday 19th August, I called Bruce Summers who was listed as
Network Manager on the school site. During the
conversation, he said he was no longer Network Manager and that I
should talk to Colin Myott or Mike Healey at the
school.
On Monday 21st August, I called the school twice asking for either
Colin Myott or Mike Healey, both times they were not
available.
Later that day, the police came, broke the door as I didnt answer right
away and seized my new computer as well as some
videos, they claim that I hacked into the school again because of the
video I put on youtube showing the site was public (no
password was needed). The police also said that if I call the school
again or goto the school, I would be arrested.
spi...@freenet.co.uk
Quite frankly, he deserves everything they can throw at him.
He's been told how many times NOT to post things about it.
Cos everything he posts will only harm his case.
AND HE'S STILL DOING IT.
(Can anyone really be so dim?)
--
______________________________________________________________________________
| spi...@freenet.co.uk | |
|Andrew Halliwell BSc(hons)| "The day Microsoft makes something that doesn't |
| in | suck is probably the day they start making |
| Computer science | vacuum cleaners" - Ernst Jan Plugge |
------------------------------------------------------------------------------
GrumbleDook
> Later that day, the police came, broke the door as I didnt answer right
> away and seized my new computer as well as some
> videos, they claim that I hacked into the school again because of the
> video I put on youtube showing the site was public (no
> password was needed). The police also said that if I call the school
> again or goto the school, I would be arrested.
Most people on here have been polite. They have given good advice on
how to protect yourself and how to best defend yourself against
incorrect charges of hacking (ok ... breaches of The Computer Misuse
Act) and drawn the line for your so that you do not get into further
trouble.
This is public group ... conversations on here will continue about this
and people will probably be happy to wait until it goes to court to
find out the outcome.
Me? I am sick and tired of your whining and whinging. If you are that
sure that you are being unfairly treated then go to the bloody
newspapers! Have you not gone because there are other things you want
to hide? I have had a good look at your personal website and find a
number of things disturbing. You are obviously a former student who
left a few years ago ... you have written and published some disturbing
poetry that would make me uncomfortable if I had ever had anything to
do with you at my school.
You have an unhealthy obsession with this school and probably some
people that work there or used to work there, I am not sure which ...
and do you know something? I don't care why ... I don't want to know
from you or anyone else ... I just want you to take it elsewhere.
The fact that you are calling the (former?) network manager ... I am
not surprised he doesn't want to speak with you ... and neither does
the school.
Give it a rest. Go and speak to your legal advisor ... if you don't
want one then that is your choice, but dredging this up again ... and
again ... is not doing you or the school (which you quite obviously
have certain emotions for) any good.
spi...@freenet.co.uk
> This is my last post until legal advice says different.
When he is moron going to get a clue?
How many times have people told him to shut the hell up, at this point?
--
______________________________________________________________________________
| spi...@freenet.co.uk | |
|Andrew Halliwell BSc(hons)| "ARSE! GERLS!! DRINK! DRINK! DRINK!!!" |
| in | "THAT WOULD BE AN ECUMENICAL MATTER!...FECK!!!! |
| Computer Science | - Father Jack in "Father Ted" |
------------------------------------------------------------------------------
spi...@freenet.co.uk
> strawberry...@yahoo.com did eloquently scribble:
>> This is my last post until legal advice says different.
> When he is moron going to get a clue?
god I hate it when I do that... I'd just about woken up...
"When is this moron going to get a clue?"