- Email: [email protected]
UK convicts first computer hacker
Computer
August
Fraud & Security Bulletin
in Australia, few police skilled in the detection and prosecution of computer-related crime. “Accordingly, all but the most flagrant crimes will sorely test the resources of law enforcement authorities. The answer lies not only in training more personnel, but also inducing them to remain in the job. It has become commonplace for the public sector to be used as a training ground for private sector aspirants.” Australia cannot afford to be complacent about combating computer crime merely bacause some legislation has been enacted, he added, legislation amounted to no more than paying lip service to the problem. Frank Rees
UK convicts first computer
hacker
Nicholas Whiteley, aged 21, has been convicted on four charges of criminal damage and has been sentenced to a year in jail. All but four months of the sentence have been suspended. The part-time computer consultant is estimated to have caused some f25 000 of damage by adding and deleting data to computers at Bath, Hull and London Universities. During sentencing, Judge Geoffrey Rivlin commented, “Taking into account the serious circumstances of this case, there is no doubt in my mind that the only appropriate sentence is one of imprisonment.” He added that Whiteley had derived “considerable pleasure at the time, both in participation and in carrying out these matters, and it led to considerable boasting.” Whiteley was found guilty of two charges of criminal damage to computer disks at Queen Mary College, London, and of one each at Bath and Hull Universities. He was cleared of three other charges of criminal damage, and six further charges have been dropped. During the trial, thecourt heard how Whiteley had pursued a six month feud with system security managers during 1988. Calling himself ‘The Mad Hacker’, Whiteley worked from a PC in
1990
his bedroom at home. The judge refused requests from the prosecution for the confiscation of Whiteley’s home computer, and for the recovery of f28 000 of legal costs.
Quantum security Charles Bennet of IBM’s Yorktown Heiahts. -= --. and Gilles Brassard of Montreal University have announced the first communication system to depend on the uncertainty principle to ensure its security. The device uses photons to carry messages, each photon having a certain linear polarization and a certain circular polarization. According to the uncertainty principle, measuring one disrupts the other, so both polarizations cannot be measured at once. A sender can use the polarizations of photons to send a sequence of signals to the receiver, randomly choosing whether to encode the information as a specific linear or circular polarization. For each photon detected, the receiver chooses randomly which type of polarization to measure. About half the measurements would match the values the sender transmitted. By finding which photons were correctly measured, the sender and receiver can derive a private encryption key. Because of its slow speed and because it can only be used for communicating random bits, the system is best suited for exchanging cryptographic keys. Once the keys have been established two participants can use these to exchange messages using faster, more conventional, encryption methods. The attraction of the system is the fact that an eavesdropper cannot intercept the message without permenantly scrambling the message and alerting the participants. If the receiver and sender compare notes, they can work out what results a certain number of measurements should have produced. Any statisticai deviation indicates the presence of surveillance. After working on the idea for a number of years, the current device was constructed by
01990
Elsevier Science Publishers Ltd
August
Fraud & Security Bulletin
in Australia, few police skilled in the detection and prosecution of computer-related crime. “Accordingly, all but the most flagrant crimes will sorely test the resources of law enforcement authorities. The answer lies not only in training more personnel, but also inducing them to remain in the job. It has become commonplace for the public sector to be used as a training ground for private sector aspirants.” Australia cannot afford to be complacent about combating computer crime merely bacause some legislation has been enacted, he added, legislation amounted to no more than paying lip service to the problem. Frank Rees
UK convicts first computer
hacker
Nicholas Whiteley, aged 21, has been convicted on four charges of criminal damage and has been sentenced to a year in jail. All but four months of the sentence have been suspended. The part-time computer consultant is estimated to have caused some f25 000 of damage by adding and deleting data to computers at Bath, Hull and London Universities. During sentencing, Judge Geoffrey Rivlin commented, “Taking into account the serious circumstances of this case, there is no doubt in my mind that the only appropriate sentence is one of imprisonment.” He added that Whiteley had derived “considerable pleasure at the time, both in participation and in carrying out these matters, and it led to considerable boasting.” Whiteley was found guilty of two charges of criminal damage to computer disks at Queen Mary College, London, and of one each at Bath and Hull Universities. He was cleared of three other charges of criminal damage, and six further charges have been dropped. During the trial, thecourt heard how Whiteley had pursued a six month feud with system security managers during 1988. Calling himself ‘The Mad Hacker’, Whiteley worked from a PC in
1990
his bedroom at home. The judge refused requests from the prosecution for the confiscation of Whiteley’s home computer, and for the recovery of f28 000 of legal costs.
Quantum security Charles Bennet of IBM’s Yorktown Heiahts. -= --. and Gilles Brassard of Montreal University have announced the first communication system to depend on the uncertainty principle to ensure its security. The device uses photons to carry messages, each photon having a certain linear polarization and a certain circular polarization. According to the uncertainty principle, measuring one disrupts the other, so both polarizations cannot be measured at once. A sender can use the polarizations of photons to send a sequence of signals to the receiver, randomly choosing whether to encode the information as a specific linear or circular polarization. For each photon detected, the receiver chooses randomly which type of polarization to measure. About half the measurements would match the values the sender transmitted. By finding which photons were correctly measured, the sender and receiver can derive a private encryption key. Because of its slow speed and because it can only be used for communicating random bits, the system is best suited for exchanging cryptographic keys. Once the keys have been established two participants can use these to exchange messages using faster, more conventional, encryption methods. The attraction of the system is the fact that an eavesdropper cannot intercept the message without permenantly scrambling the message and alerting the participants. If the receiver and sender compare notes, they can work out what results a certain number of measurements should have produced. Any statisticai deviation indicates the presence of surveillance. After working on the idea for a number of years, the current device was constructed by
01990
Elsevier Science Publishers Ltd