

Hacker Sentenced to 20 Years for Breach of Credit Card Processor - j_baker
http://www.wired.com/threatlevel/2010/03/heartland-sentencing/

======
tptacek
Before somebody says it:

The minimum Federal sentence for murder appears to be ~20 years (the
sentencing range is ~20-25 years, for second degree murder, for someone with
no criminal history). The minimum Federal sentence for first degree murder is
life.

Yes, you can rape someone and spend less than 20 years in prison. Personally,
the problem I see there is with the rape sentence, not with the sentence for
selling 100 million people's credit cards to the Russian Mafia.

~~~
rms
20 years in prison for most crimes short of murder seems ridiculous to me. It
is only relatively recently in human history that long prison terms as
punishment have become normal.

<http://en.wikipedia.org/wiki/Prison_abolition_movement>

~~~
tptacek
That's an interesting article about a movement that appears to conflate
everything that is wrong about criminal justice, and everything that is
reasonable about criminal justice into a single issue.

10 years for aggravated rape? Aggravated rape: throw away the keys.

------
petercooper
I can't say he didn't deserve the sentence, but the name "Gonzalez" had no
bearing on the sentence given? No siree bob..

Max Ray Vision, the "carders market" guy, got 13 years recently, and that was
the longest hacking related jailtime sentence ever given till now. Other big
cases didn't yield significant jailtime: 5 years for Mitnick on a second
offence. 8 months for "MafiaBoy". David L. Smith (Melissa virus) 20 months.
Sven Jaschan, 3 years probation. Kim "Kimble" Schmitz, 2 years for Internet
credit card fraud.

~~~
tptacek
I don't know the stories on most of these cases, but I know the Mitnick case
wasn't anything nearly as bad as the TJX case. Mitnick didn't set up a
business selling the results of his exploits to organized crime.

When you exploit security flaws to help the mafia, or, worse, profit from
helping the mafia, you become part of the mafia. A tip for people considering
a life of crime: don't become part of the mafia.

------
moe
So and how long did the companies get that stored "130 million credit cards"
in systems vulnerable to SQL injection attacks?

