The man at the centre of New Zealand's first real hacker trial has been found guilty on five counts but the jury couldn't reach a verdict on the remaining five.
Andrew Garrett has been found guilty of four counts of reproducing a document with intent to defraud and one count of threatening to damage property. Garrett used Back Orifice to take passwords from ISP users. The jury couldn't decide if his intention was to then use those passwords to "steal" access to ISPs or not. The judge has called for a retrial on those charges and the crown prosecutor is deciding whether or not to proceed. Basically this is good for New Zealand users - it means there is a precedent set for future hacking offences. If your site gets hacked or attacked or if your account access is stolen you could have a solid case in court. More complex crimes, however, are still untested, according to lawyer Averill Parkinson. She says we will still need the Crimes Amendment Bill to shore up our anti-hacking legislation; however, that is bogged down in select committee following the government's decision to tack on the paper that allows police and security services to legally break into your PC.
Garrett used a program called Back Orifice, which is designed to take advantage of a flaw in Microsoft software. BO allows the hacker to monitor everything done on the victim's PC - from entering passwords to credit card numbers to that screenplay you've written. It's nasty and for new users it comes as a shock to find they've been infected like this. Now it's also illegal.
Hacker case creates precedent - IDGNet
Jury finds half of hacking counts proven - NZHerald
Hacker awaits verdict in 'Back Orifice' case - NZHerald
Mouse pointer ad: wild success or annoying failure?
It was like an annoying guest at a party, overstaying its welcome, hanging around where it wasn't wanted, generally annoying people by drinking their wine and talking in a loud voice.
Well, perhaps not quite, but the mouse pointer ad for TelstraSaturn that ran on NZ Herald, Stuff and Nzoom home pages certainly made itself well known.
The ad was a single line of text - "We like one number" - that followed the mouse pointer around the home page. It came with a banner ad that explained what "one number" was all about - although the first day it appeared on the Herald's site the banner was missing, which left users with a slightly uneasy suspicion that perhaps their PC had been hacked.
And may we just point out that IDGNet chose not to run the pointer ad - we ran a skyscraper instead - because it just plain got in the way too much. Still, it's interesting. Online advertising is a troubled child and between pop-up ads, skyscrapers, banners that flash and annoy and ads that are just plain boring, it's good to see some creativity being applied. Interactive ads, mouse pointers, ads that entertain rather than dazzle - perhaps this is the way forward for the industry.
TelstraSaturn mouse pointer ad ends - IDGNet
Mouse Pointer Ads: Too Cute? - Nzoom
Too Smart? - Aardvark
A can of worms
As the Fryup goes to press there are two worms doing the rounds - one by the name of SirCam, which isn't too troublesome, but the other, Code Red, is a nasty wee exploit that attacks Microsoft Internet Information Server (IIS) systems. This won't affect your email but will attack servers hosting websites and that kind of thing. Once it's dumped its payload on you it then involves you in a distributed denial of service attack (DDOS) on the Whitehouse website, www.whitehouse.gov, between 8pm and midnight tonight. Stand by to watch the lights dim at the country's ISPs and telcos as the traffic goes berserk.
Rather like a virus that emails itself on to the addresses in your Outlook address book, Code Red does something similar for IP addresses - basically, the address book of internet sites. It searches for sites with the same IIS vulnerability and then attacks it.
The worm will check the infected system's date, and if it finds the date is between the 20th and 27th of the month, the infected system will send 100KB of traffic to port 80 (the server address for HTTP, hypertext transfer protocol, traffic) to the www.whitehouse.gov website. From the 1st to the 19th, the worm spreads itself, and from the 28th to the end of the month, it lays dormant.
Time to batten down the hatches again. Check back at IDGNet later in the day for an update on how local ISPs and telcos are coping.
SirCam Worm warning issued - IDGNet