(Newer headline, and useful for indexing the names)
> The judge ultimately handed Kurtaj a sentence that his lawyers have called out of proportion with the crimes he stood accused of. The family declined to be interviewed.
Doesn't actually mention what the sentence was until the end of the article:
> The judge gave Kurtaj an indefinite hospital order—a sentence confining him to a secure mental-health ward until doctors and U.K. officials decide he is no longer a danger to the public. He was 18 years old. [. . .] People in Kurtaj’s situation can apply for a review of their detention once a year. Otherwise, their detention is subject to government review once every three years, according to the Ministry of Justice.
> Kurtaj’s lawyers and some experts on autism have said a potential lifetime of incarceration isn’t appropriate for a teenager like Kurtaj.
Thing is, there's basically a zero percent likelihood that it's actually a lifetime of incarceration. I haven't seen the statistics on this, but I'd bet that the average person incarcerated under such an order is out in a couple of years, and the vast majority are out within ten.
What's more, it's not a prison.
> It’s up to his doctors whether Kurtaj can access the internet. He was sent to a medium-security hospital ward, where in the common areas shared with other patients, he was surrounded by tablets, phones and computers.
Come on, now. That sentence is neither as harsh (in terms of conditions) nor as draconian (in terms of duration) as the article wants us to feel. In the US, he be tried as an adult and he'd have it much worse...
The punishment rarely fits the crime, but I think that the system did okay with this one.
And based on the following:
> The number of admissions has fluctuated between 1,500 and 1,700 since 2008.
And
> The number of discharges and disposals has fluctuated between 1,350 and 1,550 since 2011
One can extrapolate that up to a couple hundred new admissions each year are staying in essentially indefinitely, as the discharge rate is generally always lower than the admissions rate.
I was a member of many video game communities as a kid and DDOS attacks to disrupt game play, RATs and other tools to steal and sell virtual currencies, happened frequent and often.
I think the volume of destructive activities outweighs the constructive ones, even if many such perpetrators went on to become Software Engineers and Pen Testers for Meta, Google, and other companies. Like others I don't think they should be arrested for the less harmful examples - but there are lines that cause significant societal harm that should end in proportional punishments.
> I was a member of many video game communities as a kid and DDOS attacks
I agree here that this is a destructive activity with no benefit. Securing games against DDOS attacks seems like a wasted effort.
The entire history of hacking shows that kids will, do, and always have hacked corporate systems. They'll absolutely hack each other while they're at it, but much of that time will also involve hacking corporate systems. Even kids who hack video games are very often hacking corporate systems because it's corporations who control the game servers.
I would much rather have corporations and the countless third party companies/hardware/services they depend on all patching and hardening their stuff for fear of pesky children cheating in video games than let all those corporations become complacent. As it stands today corporations do only the bare minimum when it comes to security as repeatedly evidenced by the endless leaks and data breaches which rarely involve complex vulnerability chain attacks full of zero days and most often could have easily been avoided by protecting against threats that are very well known and for which solutions already exist.
The harm caused by trolls and cyberbullies is dwarfed by the harms these corporations would cause society if they had any less pressure to take even the most basic steps to protect our accounts and our data.
Improvements are expenses. The only unknown here seems to be whether nation-state attackers would recruit these gifted and experienced kids at a rate larger than corporations would be able to improve their security.
Which ignores the point
Did it not occur to this legend that concealing ones identity when breaking the law is an important step?
Indeed. So why is it that these billion-valued-companies can so easily be hacked by teenagers? Who would win: a trillion dollar industry of cyber security, or a bunch of bored outcast teenagers?
Just a reminder: the autism spectrum is wide, and two autistic people are likely to be more different from each other than a neurotypical person.
Teenagers are also biologically predisposed to occasionally making bad decisions. The kid in this article had a brain whose prefrontal cortex wouldn't finish developing for nearly another decade. I suspect that had a lot more to do with posting links to a penis in Uber's internal chats than autism did.
Take some responsibility for your actions!
I loathe that you can apparently get away by telling reporters that it must have been a nation state actor. Oh it was just one kid in a hotel room? Well then he must have autism! Hey have you seen Rain Man? Yeah, must have been that kind of super power autism!
It's revolting. Get your act together and stop blaming kids. If a kid can unlock your door by entering the Konami code on your door bell, that's on you.