A British hacker who infiltrated the world’s most popular social network has been jailed for eight months. Which seems a little harsh.
The argument here isn’t whether Glenn Mangham did hack into Facebook or not. He admits he did so. Instead the argument is about his reasons for doing so, and whether or not he was going to inform Facebook of the security vulnerabilities he had exposed by taking advantage of them.
Between April and May of 2011 Mangham gained illegal access to Facebook’s system. Mangham also gained access to the account of a Facebook employee (Stefan Parker) who was on vacation at the time. After failing to cover his tracks well enough, Mangham’s intrusion was discovered by a routine security review. The FBI then got involved.
According to The Telegraph newspaper, the prosecution claimed Mangham “unlawfully accessed and hacked into the social media website Facebook and its computers in April to May last year from his bedroom in Yorkshire,” stealing “invaluable” intellectual property, which he then downloaded on to an external hard drive. For what reasons we don’t quite know.
In his defense Mangham claimed the reasons were “to identify vulnerabilities in the system so I could compile a report that I could then bundle over to Facebook and show them what was wrong with their system. I had performed the same routine with Yahoo.” The last sentence refers to an earlier incident which saw Mangham rewarded rather than imprisoned for exposing security flaws.
Eight months seems a long sentence for a crime that was essentially victimless. If Mangham had sold the data he collected from the site then Facebook and its users may well have become victims. But that means Mangham was convicted because of what could have happened rather than what did happen. His past record would suggest he was a white hat hacker as he maintained throughout.