Some of the stuff he did would be considered 'grey hat,' but stuff like posting to Reddit is just plain stupid if he was trying to mitigate the trouble that he could get into.
I don't think that they needed to trace it back through the VPN. They started asking questions at his workplace (for whatever reason), and a co-worker turned over a chat log in which he was describing what he was doing. They could have just been questioning The Canton Group through 'good old fashioned police work.' It's not like The Canton Group was unconnected to the University.
Someone tell me how posting someones social security number online is considered whitehat? Also the manner in which he communicated was very harsh.
It seemed as though he was taking his frustrations on his employer out on his employers client.
Or perhaps all of this was his goal: hoping to get arrested, make a name for himself as a "brilliant young hacker" to build up his own security consulting firm.
8 comments
[ 3.1 ms ] story [ 28.6 ms ] threadIsn't exactly "white hat"
This guy got what was coming to him.
The other thing I noticed is that either the FBI has gotten really good dealing with proxies/VPNs or the guy really didn't know what he was doing.
It seemed as though he was taking his frustrations on his employer out on his employers client.
Or perhaps all of this was his goal: hoping to get arrested, make a name for himself as a "brilliant young hacker" to build up his own security consulting firm.