Man suspected of cracking Twitter accounts: 'I'm a nice hacker'

I'm not surprised that someone managed to hack into twitter... but I really don't see the point in doing that. Is it really worth 2 years in jail?

The Internet as a whole has seen it's fair share of so-called "white hat" hackers, those who do not carry any malicious intent, but break into systems to prove that they are in fact vulnerable. This hacker could have easily deleted these accounts, or posted rogue tweets to the millions of followers both accounts have; however, he did not. He merely made a point. A point that goes under the radar because of our opinions and views on "hacking" as something people only do for personal gain or with malicious intent. Penetration testing as it is called is used widely, and while this was not condoned by Twitter, it has allowed them to patch an otherwise unknown intrusion point.

Although I don't aprove invading someone's privacy I, sometimes, am grateful as I learn from their experience. Anyway, he could have contacted Twitter instead of making him famous over Mr. Obama or Britney's names.

Both Chinese News Network and Cable News Network censoring Blogs ?
Will this question be in Moderation Purgatory forever ?

Watch; Google CEO Eric Schmidt on privacy
“If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place”

Will CNN censor the above ??

[...] including that of Britney Spears and the official Twitter feed for President Barack Obama. In a recent interview with French press, he said, "I'm not a hacker, or rather, I'm a nice [...]

This kind of person is frequently referred to as a Penentration Tester (or pen tester, for short). They are, in essence, ethical, licensed "hackers" who attempt to simulate malicious attacks to uncover vulnerabilities which need to be addressed.

http://www.google.com/search?q=pen+testers

High tech companies hire "nice" hackers all the time for internet security positions. If you want to know how to make something secure, hire a thief to tell you.

"Is there anything laudable about breaking into a system to uncover its faults? Can a person actually be a "good hacker?""

Are you even serious about this question? You report on technology and you are not aware of "white hats"?

Learn the correct definition of hacker

@ Peter, True, but Ethical Hackers also have permission first do do this. This isn't white hat/ethical hacking, it is more like grey hat hacking. Permission is what gets you out of jail.

Just so we get the facts straight here he didn't hack anything. He went into the lost password area of twitter and guessed the secret questions. Anyone could do this and most people have reset at least one password this way. If he would have done this to some no name people nothing would have happened but he choose the president who for some reason is thought to be better then everyone else. Now I'm not saying what he did was right but I do find it funny that they are making such a big deal out of it because of who's account he "hacked" into. Get over it the president is no better then you and I.

Big anti virus companies actually have contests to see if their systems can be hacked. There are ethical hackers who try to expose the vulnerabilities of a system. I believe that "good" hackers exist.

A "white hat" hacker. No hardly, though I do think the punishment is ridiculous.

He took the stolen data and exposed it to the public. Proff enough of hte misdeed right there.

Even he had been trying to hack to prove it was vulnerable, then he should have done so, then contacted Twitter and discussed the methods he used so they could patch their systems. I've had friends do exactly that.

Information warfare is the next battlefield, and we'll need people with these skills, so don't label all hackers as evil just because of what they do. The guy's behavior with those skills, however, does not make him a "good guy".

Yes a person CAN be a good hacker. I go to school for Network Security and we are taught to hack so that one is able to stop, prevent, or investigate such cases. There is a difference between a black hat hacker and a white hat hacker. Some "hackers" are out there to find security flaws and inform the public about them.

What a weird question.... Obviously yes there are good hackers... does the word "White Hat" hacker mean anything? How about the "Certified Ethical Hacker" certifications that security admins are going after these days?

I despise hackers, but I find it very interesting how a worldwide search is engaged when it happens to a public figure; however, if someone hacks my account I would be lucky to even get to talk to a human about it. This is nothing more than elitists’ abusing their power once again. Our government is supposed to be “public servants, which means they should apply the same rules for themselves as they would for us.

Why is this news? Nobody is niave enough to post something confidential on any social networking site. The sites should be focused on improving security, not prosecuting hackers.

If Twitter had hired him to hack their database, then Yes. But to hack in and then say I did it to show you – that's Breaking and Entering (B&E)
What if the government could just break into your privacy and then say – I thought you were doing something wrong.......Oh wait, they do that now

What was the Intent, Motive and Benefit? That should determine the punishment. Should he be let go? I do not think so. Having said that however, I would say that 2 years is cruel punishment considering, and if proven true, that his intentions was to prove Twitter is vulnerable to attacks.

He will probably end up working for the government if he is really good

Actually, he's a grey hat, not a white hat.

"Good hackers" made sence back when companies declared their systems were 100% safe. If you manage the hack them, then the company were proven wrong. Today its known than any system can be penetrated, but its also clearly illigal. Therefore "good hacking" is no longer longer possible.
Speeding or murder or other criminal offences are also possible, but anyone who engaged in such activities would surly not be considered "good criminals" either, even if they just did it to prove that its still possible.
Of course if some day all cars were installed with a system that made speeding impossible, and someone managed to drive too fast even with the system installed despite statements that it was 100% impossible, then maybe such a driver could be called a white driver too.
Point is. Hacking is possible but illigal so you are not proving anything by hacking other than you are able to break the law.

@carl, good point. You're right white hats need permission first. I am a white hat. However, I would never have been able to become a white hat if I had not broken into somethings first while I was new to "hacking" and learning. I never did anything malicious, if I had been caught should I be in jail?

The only thing this guy did that was malicious was blast Twitter's name.

His intentions need to be taken into account in court.

Yes there is such a thing as a good hacker or what's known as an ethical hacker. That's exactly what our firm does, is provide ethical hacking services to organizations. However, someone doing what he did would not be considered a good hacker in our circles.

I would say that as a user of twitter or any other site on the Internet that you should be able to do "due diligence" on a site to test basic security measures and decide on your own whether you want to trust them. An ethical hacker would only notice the faults, bring it to the attention of the site owners and then do nothing malicious.

But honestly there's no protection we receive by doing this, so technically a company could claim malicious intent. Thus, most of us say nothing when we find the vulnerabilities.

Why is this any different than breaking into someone's house to show that the locks aren't very good?
I don't think anyone would be defending that action, especially if it was their house that was broken into.

@TJP. I hate feeling as though I shouldn't report to a company about its flaws because I have to be worried about them coming after me legally. All you want to do is help, but you can get in trouble.

He would be a "good" hacker if he let them know what he was doing ahead of time and got their permission. They never asked for his help in testing the security of their system...

A hacker is a hacker is a hacker.

Meaning: Unless you are hired by the corporation to test their security, you are violating other property.

Period.

@Dustin – That depends on your definition of "hacking". The original definition is to use something for a purpose it was not originally intended. For example, MacGuyver, it could be said, was a hacker. So if we are following that definition, the little exploit of guessing someones "secret question" could, in fact, be considered a hack. A lot of people say that something is not a hack because it wasn't overly complex when, in fact, the best hacks aren't even complex at all. It just took a long time for someone clever enough to come along and realize that the "hack" was simple to begin with. Just because it didn't exploit a buffer overflow or crack a password doesn't mean it not a hack.

Let us imagine that you left your door unlocked and when you came home from work, a guy was sitting in your living room watching your TV. He says, "Hey, I'm a good guy. I want to prove that some people leave their doors unlocked. I'm only doing this as a community service."

I would say, put him in jail for a year or two.

hey nice hacker dude. Don't mess with crap that does not matter. You want to impress me, then take down the great Chinese firewall.

Jeff,
People don't try to break into your house everyday all day long like they do on websites. Major websites receive break in attacks around the clock.

It's more comparable to testing the security of a military base in the middle of an active conflict zone than a house in the USA.

I say fine him then some of these companies should hire him on.
Seems like a logical way to fight malicious hackers, send in other hackers to defend the systems.

Unless someone tries to infiltrate a system, how do we know its safe. Don't be fooled our government has people on its payroll attempting to do just this with our security systems.

Why mess with a mainline biz, why not hack people who need it. Defacing a terrorist's website comes to mind.

Although Twitter is supposed to protect privacy (to an extent), anything that one posts on it is, in essence, public. So anything that Obama posted on his Twitter should have been well thought out beforehand (ie: not sensitive material) as the internet is NOT a secure place. People should know that they are posting on to a public domain; and that if information leaks out, it's partially your fault for putting it there in the first place.

lol rob a bank and see how far you get with the loot. Then when (if) caught you say "Hey, I just wanted to show you the flaw in your secuity procedures and systems. I actually managed to get this far with the money before you caught me. The good news is you can hire me a as special security consultant now"

This is just freakin ridiculous what idiot would do that

Should it be illegal if I enter someone's home, look around, leave a message that I was there, and then leave without taking anything? To the dungeon with him!

You can call yourself a white hat hacker til you're blue in the face, don't do the crime if you're not prepared to do the time. And Twitter would definitely be a company he could have approached and said "hey, I see a hole in security – pay me and I'll show you the exploit and how to fix it".

@zzmook – actually twitter isn't a company that you could approach like that. You would think you could, but it's not the case.

True hacking is accepted and encouraged for the purpose of learning to defend. But Frenchie is just a brute force hacker using the Twitter hack app. Its free and anyone can download it. Maybe the authorities should give the programmer 2 years. He's the guy they should be after.

Twitter is for the illiterate. Who cares about this really?

The answer to the question " can a person actually be a "Good Hacker" ?"
is yes. There are typically three designation of hackers.
Black Hat – Typically the guys we all think about when someone says they were hacked. These individuals may or may not be out for a malicious purpose, but are usually at least out for them selves.

White Hat – These are the individuals that are either formally trained as hackers or have the experience to back themselves up, and are hired as security and exploitation subject matter experts by companies and the govt. in order to test the security of a network infrastructure or its internal security systems.

Grey Hat – Plays both sides. Can be malicious or benevolent, and isn't necessarily out to burn the world.

Hackers generally utilize allot of the same system utilities that systems and network administrators do. They just utilize the information gained in a different intention.

Typically though, White Hat and Grey Hat do their work with certain ethics. White Hats wouldn't simply crack a system to prove a point. Not without permission first. So while intentions may or may not have been the best. He still is not considered to be among what society is coming to know as "Ethical Hackers"

If you're a white hat hacker and employed by a company to test it's security that's one thing. If you call yourself and ethical hacker and you go around attempting to penetrate networks without permission, then that's flat out a crime. Would a person be let go by police if he walked around testing doors to see if someone left a building or a house unlocked? No. He would be arrested. Why should an activity on the Internet be any different? Especially one such as this where the person committed a malicious act after breaking into.

Yes, there is a such thing as an ethical hacker but this guy was totally un-ethical. He broke laws and is now giving legitimate ethical hackers a bad name.

I agree with the people who said he should have contacted Twitter and made arrangements with them to test theirsecurity and point out loopholes. Going public to attract attention and say "i'm nice" just because he didnt do anything malicious THIS time doesnt cut it. As someone pointed out, you cant break into someone's house and say you were testing their house security

If he was so concerned, he should've told twitter that he was going to break in and then send the private information to their Head of IT security. Instead he sent it to a blog publisher. Sure, he should be praised for pointing out a flaw but there are limits to what you can do and still claim the mantle of Hero, otherwise your just a different kind of Villian.

For those of you who actually think there is such a thing as a "good hacker"...I'll be breaking into your houses later just to look around and show where you're vulnerable. Don't worry at all!

While he may not work for twitter, I will offer this byte to chew on.

When we drive our vehicles, we do so knowing that they have been intentionally demolished, crashed, wrecked, destroyed, and otherwise "tested" of their qualities.

If he caused no harm, merely pointed out an exploit, isn't he doing the same thing that auto manufacturers and underwriters labs do to verify the quality of product?

Think of it as a security side airbag crash test.

Fix the holes and move on.

If the suspect in question did not cause any actual harm or attempt to defame any of the people he "hacked" I personally think he should not be thrown into jail for two years. Instead, I think it be more prudent for the FBI or some intelligence agency to let this guy off the hook and recruit him.

The Pentagon and other government databases are hacked millions of times a day. It be smarter, in my opinion, to give this fellow the option of abandoning his life of crime to help his country out. After all, we could throw this guy into prison, he would then get out, and then have a hard time finding a job, which means he will suck on the government money that we really can't spare at the moment. Instead we could turn him into a protector of our national security and give him a job that turns him into a tax generator. This would not only redeem a valuable human life, but also help our economy and our national security.

This guy obviously has skills, put him to work against China.

I say hire him. We need people who can do that to test our security to make sure it isn't vulnerable.

OK, we get it, penetration testing can be legit. But this was not.

Analog: imagine a certified, licensed security guard for some company decides that the mall seems vulnerable. He decides that for the good of the mall and public safety, he will break in. He doesn't steal anything, just brags about it.

Do you think the police will decline to file burglary charges because his intentions were (allegedly) pure?

he probably didn't think he was going to get arrested for it, but either way, that should be in the back of your mind at the bare minimum when you're hacking into the account of the President of the United States. Either way, still not worth the jail time, but the publicity will help him land a high-paying security consulting job I'm sure, so kudos.

There is no "nice hacker" in the world of the Internet. Every hacker in the world ought to be punished as if they were Terrorists. Not only sentenced to life in prison, but having their fingers glued shut completely and permanently so that they can't hack on a computer ever again! PUNISH ALL HACKERS IN PRISON!

He is a criminal. Stealing property, information- anything that does not belong to you is a crime. There is nothing admirable about having criminal skills. Period.

HEY – If there is a friendly hacker, why not break into your own bank and transfer all your money to my account. That would be a nice gesture.

So called "Nice Hackers" are sometimes necessary in pointing out the flaws in a system. With this man coming forward to point out these vulnerabilities, it brings an important security flaw to the attention of these companies and they can address them before a "Not-So-Nice Hacker" exploits those vulnerabilities for their own personal gain. Knowing the laws, coming forward with this information and putting his neck on the line to do so has given the users a little more protection. This exposure has forced the companies to address those flaws immediately in order to protect our accounts. Just my 2 cents.

i think we need people like this, if he can do it then someone else with bad intentions can do it

Reading Obama's twitter account must have been entertaining....

Not all hackers are criminals. If you are hired to probe and expose weaknesses by an organization, then this type of activity is OK because it is almost always very specific and defined in the engagement contract.

It does not matter that this guy thinks he is "a nice hacker". Computer and tort law are pretty clear – he accessed data that he had no authority to access – end of story, see you in the hooscow.

Want would you think about someone trying to break into your house, just to see if they can do it? Wouldn't like it would you? You would want that person in Jall. That is exactly where Hacker Croll belongs and for more than 2 years.

I think the US Govt will hire him, they have a big hacker security program where they are looking for people like him. He should get a automatic job instead.

Bull. Can you imagine someone breaking into your house and trying to tell you he's a good burglar; that he was just doing it to show you your house could be broken into, and that your security system was faulty? Imagine that same scenario with a bank. Give me a break. I'm sick and tired of people committing crimes and trying to justify them by pretending to be altruistic.

Leaving my door unlocked does not make it OK to enter my home, even if you do not steal my TV. There is no value in "proving poor security". It isn't your job.

So find him guilty, sentence him to probation and give him a government job in cybersecurity. Case closed.

I heard he's going to get a reduced sentence because his sentencing paperwork was longer than 140 characters.

Yes, the guy deserves jail time! He was not paid to do what he did. He intruded on private info and must be heavily fined and locked up. "I'm a nice hacker!" Baloney! Sick of people that talk like that. Sick of people that support these so-called ethical hackers. He broke the law – tme go to jail. Throw away the key while you're at it.

If someone broke into your home because they thought your front door lock was insufficient in their estimation and took pictures of your personal belongings to prove he was there and then sent them to you to "help" you determine a security issue do you think you'd thank him or get really creeped out and call the cops?

White hat hacking or pen testing is completely illegal and unethical unless it's commissioned or requested by the target.

/story

Yes there are good hackers. I'm a CEH (Certified Ethical Hacker), there are many of us CEH's working for corporations and governments around the world. We use our talents and skills to find security holes in systems. What this french twit did is was wrong and he will pay the price. What he could of done was contact Twitter and notify them that he beleives he has found a poosible security hole. Had he done that he would be free and maybe working for Twittwer as a security expert. Now he is just a twit in a french jail.

For you ethical lovey-dovey types: Does this make sense??

1. I am a nice hacker and am now looking into your entire personal info and I promise that I'm just looking without looking.

2. I'm an ethical pervert and I broke into your house and opened up your spouse's underwear drawer and trust me, I never looked or even sniffed the contents.

Ethical?? Nice?? Bull!

Whether or not he had good intentions, he did not have permission. If he truly wanted to help Twitter, why not talk to them about it first? White hat or black hat, nobody's going to thank you for breaking into their house, then pointing out how insecure it is.

Anyone who above mentioned companies hiring hackers for info security is absolutely right. I work for a fortune 500 company and I can tell you we have between 30-40 individuals work for us that I would say have genuine "hacking" abilities in various domains.

Of course, just as mentioned above, these individuals are all considered "white hat" hackers. That means they do not use their extensive knowledge of networking, servers, databases, etc., for malicious purposes. Rather, they use their knowledge and abilities to protect their employer. This is very common practice.

However – it is a widely known aspect of hacking protocol that you never conduct penetration tests or vulnerability scans of anybody unannounced. You must notify the host that you will be performing such actions; otherwise, it is, by default, "black hat" (or malicious) in nature.

Take this as a learning experience and hire the man to find further weak links. It was not really so bad due to the fact he did nothing malice to the accounts. However, what if it was some one else, with cruel intent. what if it was an account that contained personal banking info or S.S.I. numbers. We need to learn how to protect our selves a little better in the future. And the one thing that was said that I agree with was, Do not publish or put out any information that you do not want others to know. Always keep in mind some one is watching and listening at all times. Let alone some one is reading all they can on you. If you believe it is personal, keep it that way.......... Then there will be no worries on who may hack into something and get your personal information.

"NSA access system is built into every version of the Windows operating system" - Trust the government, but not the neighborhood hacker ?

I don't really see how a major crime (such as a felony) can be committed without malicious action or intent to an individual/party. If it is proven that he intended any of these, then I feel a crime has been committed. Acquiring information is not a crime. Using it for personal gain is not a crime. Using it for extortion, now that might be.

A twitter account should not be considered a secure data base, and should be treated as essentially open information. Anything put on the internet should be suspect. I use internet for all sorts of things, but I am always aware that someone may be watching. If Pres Obama or Britteney Spears want privacy, they should not use the internet! Or, at least should be very discreet in their communications. Hacking is an invasion, but public figures should be very careful nevertheless. Prosecute the hacker? Don't authorities have better things to do?

I really don't think there's such a thing as a "good" hacker, though someone can indeed hack with good intentions, like this guy did. I think it's great that he hacked President Obama, because he's one of the most powerful people in the world, and something really needs to be done about the fragility of the Internet. Nothing is safe on the Internet or on your computer, NOTHING. I've learned this the hard way. I've been using the Internet every day for probably 8 years, and I never got hacked until recently. It was horrible. The person was malicious and evil, threw some very serious and scary threats at me, and basically tried to ruin my life. They harassed me for days and deleted or took control of almost every account I used at that time. They had my address, and other very personal information. And I had no idea who they were! I wish so much that they would get some jail time for what they did to me, and what they've probably done to countless other innocent people. Instead of putting this guy in jail, they should be dealing with real hackers who actually try to cause harm to people. It would be really nice if Obama would pass some kind of law that protects people from getting hacked. It's sad that hackers only get in trouble when they hack a famous person. What about the average Internet user? I really believe it's about time we get some protection, too.

Your comment is awaiting moderation.
Food is Good

Really, Tech has to be safer. This guy has a point.

Well I dont think he was a good smaritan to trying to help twitter with security but more likey he did it because he could he has the hacker mentality but aparenty he is one of the stupid hackers because he got caught lol now he deserves what he gets he new the law and broke it.

The next TWEET night b from the CIA ? - Watch uTube;
NWO Mafia arm CIA invests in firm that monitors Internet Blogs Twitter Amazon Youtube etc

Hacking is a good thing if it is done under certain conditions:

1. The place you are hacking knows you are trying to do it
2. You do not abuse or damage the data if you succeed
3. You tell them how and that you hacked it if you succeed

This is actually a job position that some places hire people for. There is no better way to improve something than by finding what's wrong with it, and if you already knew what was wrong with it, you probably would have fixed it already. Have people try to figure out how to hack into a security system is no different than test driving a car (other than the fact that nobody can run you over while testing the security system).

Lets take an objective opinion here.

After reading every comment, I see flaws in both sides of these arguments.

Twitter provides a free service, similar to that of a neighborhood swimming pool. During pool hours, you can go swimming for free.

I'm surprised people are comparing public domain to private property.

People can and do make money off of this stuff ligitimately.

-A curious person would have tested without permission, but not told anyone.
-A good person would have obtained permission before testing.
-A good "hacker" may have tested without permission. But, a "truly good" hacker would have fixed the problem on his own, gone undetected, and left. Kind of like when your apartment complex changes your locks for free and gives you new keys because the old locks weren't very good.
-A naive kid surprised by what he thinks is a newfound talent might brag to one of his friends - ultimately what this clown did.

Ultimately, he did the wrong thing by not having permission. Again, he did the wrong thing by taking copies of and distributing the information. Typically, electronic crimes are punished with sentences exceeding two years.

But, because he's likely just a naive youngster, and not actually out to cause harm, because he did have the power for a moment to make much more of that data public, I agree with the give him probation and get him a job. Monitor his electronic activities.

All of you who say death and prison to all hackers in the world should think about the fact that without them there wouldn't be any computer security. McAffee's "Hacker Safe" is a service that scans a web site for security holes and reports them - much the same way a hacker would. You should be happy about that each time you submit your credit card information to one of those sites.

"Your comment is awaiting moderation."
CNN needs to publish why comments are rejected.

A preview function, for real time feedback,
detailing why a comment is rejected.

[...] Man suspected of cracking Twitter accounts: 'I'm a nice hacker' | CNN [...]

[...] Man suspected of cracking Twitter accounts: 'I'm a nice hacker' | CNN [...]

you can if you dont steal or mess with anything but showing them whats wrong with the system is good so they can fix it

Personally speaking, right or wrong, hacking is hacking. There are those who would do it for business, pleasure, thrills or nefarious reasons. There are those who are genuinely curious of their own set of skills or curious as to the amount of metal there is surrounding a certain infrastructure. Hacking is a skill, a learned trait and like other skills in life, they can be used by the will of the person using those skills for whatever reason. Yes, I believe there are "good hackers" or "white hats" as they've been referred to in the past. There are those who intrude, traipse and then egress from a system without ever being detected and don't tell a soul. This man got caught. He "broke" certain "laws" that were set by "governments" and "agencies". Thus, he will face a judgment and repercussions. That's the long and short of it.

A nice hacker doesn't steal the data and post on websites. A nice hacker, gets permissions from the owner of the information system and then after permission is given, he/she does the security penetration tests. After the tests are complete, the nice hacker, gives what he/she found to the owner of the information system only. This is the code of ethics for hacking.

By the way, hacker is not a negative term. White hat, grey hat and black hat hackers is just like saying ethical politican, politician and then corrupt official in the same order. Certified Ethical Hacker is a certification course from EC Council that many security professionals take so they can start to learn to hack ethically to protect companies and private citizans from the black hat hackers. Of course that course is just the beginning but it's a start on a skill tract to ethically do you job.

There are "good" hackers out there but this guy was not one of them. You don't hack a system then divulge the information of passwords and names of employee candidates to a popular tech blogging sight. That was invasion and theft of data.

I love hackers, make keep lazy people somewhat awake. If it weren't for these hackers, people wouldn't improve the system and the likelihood of a complete cyberspace meltdown much more real

You shouldn't be trusting the internet security it was never meant to be used for emailing, banking,or any personal information it was meant for information that evryone could see and use and that man should not be locked up she should be left alone and maybe even hired but should keep personal infomation to your self thats the risk everyone takes whether it be celebrtiy, president or just a regular person.

I think you can be a 'Good Hacker'. It would be very helpful to have someone like that to be able to hack websites, like Twitter, to show some flaws

white hat hacker...

well renown. He didn't do anything malicious, but he could have handled it privately.

"Your comment is awaiting moderation."

With CNN calling censorship moderation
The network is being trivialized to serve corporate interests

There is no such thing as a "nice" hacker. Yes, he did do something wrong. It's like saying G__ Damn in the same sentence, the two words don't go together. Thousands of Americans are being illegally surveilled and electronically assaulted by mentally disturbed hackers who been allowed to operate like domestic terrorist thugs. Law enforcement at all levels knows of these situations but continues to ignore. Most Americans are living in a "dream state" and are not aware of the havoc caused by these people that start out as so-called "nice" hackers. Go to the website of Freedom from Covert Harrassment and Surveillance. Believe me this is real and continues to affect thousands of individuals worldwide, every minute of every day. I'm one of the targeted individuals.

Yes. There are what you can call "nice hackers". This guy is not one of them. He stole personal information and gave it to someone else. Those of us that are out to find vulnerabilities in security would only bring our findings to a proper authority as the idea is to "fix" said security holes, not exploit them and once caught try and say you are the good guy.

If you hack a site without permission then your a "black hat" no matter what your intentions are. The punishment is a bit stupid IMHO but some type of punishment should still be deemed appropriate.

However I also feel that a tech company that does not employ it's own in house "white hats" to uncover possible vulnerability is setting itself up to just this kind of penetration whether malicious or not.

Penetration Testing or Ethical Hacking is a licensed or legal form of hacking. The problem is, he probably did NOT having a legal contract with twiiter to hack or evaluate their security flaws either from a black hat, white hat or grey hat perspective. Every Pen Test is to evaluate and test their security flaws. Without a legal contract to perform such "ethical hacks" then it is ILLEGAL without consent or permission of the OWNER of the system. If he hacked is OWN system or had a written legal contract stating on which vulnerabilities he could hack and assess vulnerabilities for twitter then he would have no trouble with the law, but sounds like even if he did then he got caught touching systems he shouldnt of been touching. The legal contract for pen testing systems are very strict and specific. If the pen tester goes out side of these specific terms of the contract and gets caught then he can get busted for any number of criminial offenses.

Whether just doing it for fun or to help twitter improve their security, the fact is that he did not have a legal contract to hack twitter which means he will be treated like a criminial until proven guilty or not guilty in court.

The ethical hacking/pen testing legal contracts are basically what rescues you when things go either right or wrong.

Hi,
Waoh great comments. I'm doing a research on the Power dynamics of hacking, basically research on the hacking culture. why they do what they do, if they have any ethics, how they identify themselves, even though they are mostly seen as bad people, and how they relate among each other. I need to do some interviews. I need to interview hackers and people knowledgeable in the whole hacking issue. Is there any one who knows someone interested?
Thanks

[...] Source:http://scitech.blogs.cnn.com/2010/03/26/man-suspected-of-cracking-twitter-accounts-im-a-nice-hacker/... [...]

this hacker helps me alot. i would recommend him. his email is superhackerx@gmail. com

superhackerx@gmail.com is a scam.................................you have been warnes he takes 50% then no proff then demand the rest... pure scam but know worries hackman2 is on him lol...

Wonderful work! This is the kind of information that are supposed to be shared around the net. Disgrace on Google for no longer positioning this put up higher! Come on over and discuss with my web site . Thank you =)