Man guilty of accessing tsunami site

A computer consultant has been convicted of gaining unauthorized access to a Web site collecting donations for victims of last year's Asian tsunami, even though the judge hearing the case accepted that he meant no harm.

Daniel Cuthbert of London was found guilty Thursday afternoon of breaching the Computer Misuse Act of 1990. The incident occurred on Dec. 31, 2004.

Cuthbert, who at the time of his arrest had been employed by global banking group ABN Amro to carry out security testing, had pleaded not guilty to the charge. He was fined about $700 (400 pounds) plus about $1,050 for costs.

The district judge who heard the case told Cuthbert it was "with deep regret that he was finding him guilty" given his record of good behavior. But the judge also said that Cuthbert had changed his defense, between his police interview at the beginning of the year and his appearance in court this week.

The judge said that Cuthbert was "deliberately trying to throw the police off the trail" by saying one thing and then another.

Earlier this year it was reported that Cuthbert had donated money to tsunami victims using the text-only Lynx browser, which can appear to behave differently to other browsers from the server's point of view.

But in court Wednesday, Cuthbert said he had made a donation of about $50 to the site after clicking on a banner ad. When he received no final thank-you or confirmation page he suspected he might have fallen victim to a phishing scam, so he carried out two tests to check the security of the site.

Cuthbert's defense team argued that he had merely "knocked on the door" of the site, pointing out that he had the skills to break into it if he wanted.

The Computer Misuse Act states that it is an offense to make "unauthorized access to computer material." There is no burden on the prosecution to prove that the accused had intended to cause damage.

The judge accepted that Cuthbert had not intended to cause damage and also pointed out there is almost no case law in this area.

Colin Barker and Graeme Wearden of ZDNet UK reported from London.

???

The is question why did he do it?

<a class="jive-link-external" href="http://www.therockerscabin.com/" target="_newWindow">http://www.therockerscabin.com/</a>

[Marcus Westrup]

Simple answer

People who work in security Want to catch the bad guys. Cuthbert thought he had stumbled onto a scam, and it was his duty (if not his job) to check it out. Unfortunately the law tends to protect the bad guys over the good, so by strict interpretation he was guilty.
But what really got Cuthbert into trouble was not coming clean to police early on. Its a human mistake he is paying for.

And honestly, I would have investigated any site I thought was running a scam.

???

The is question why did he do it?

<a class="jive-link-external" href="http://www.therockerscabin.com/" target="_newWindow">http://www.therockerscabin.com/</a>

[Marcus Westrup]

Simple answer

People who work in security Want to catch the bad guys. Cuthbert thought he had stumbled onto a scam, and it was his duty (if not his job) to check it out. Unfortunately the law tends to protect the bad guys over the good, so by strict interpretation he was guilty.
But what really got Cuthbert into trouble was not coming clean to police early on. Its a human mistake he is paying for.

And honestly, I would have investigated any site I thought was running a scam.