A 21-year-old Georgia Tech student named Ryan Gregory Pickren allegedly pulled a football-rivalry prank that could wind up marking him as a felon for the rest of his life.
Georgia Tech and the University of Georgia – two universities in the US – are the arch-rivals. On 29 November 2014, they had a big game coming up.
Two days before the game, Pickren, a computer engineering student at Georgia Tech, allegedly trespassed into the University of Georgia’s computer network to post a message on its online calendar.
The message:
Sat., November 29, 2014/ 12:00 pm/ Get Ass Kicked by GT.
Tom Jackson, UGA’s vice president for public affairs, told the Athens Banner-Herald that the entry was discovered shortly after it was posted on Thanksgiving and taken down about an hour after it popped up.
Local police launched an investigation but didn’t arrest Pickren.
However, a prosecutor submitted evidence to a grand jury, which indicted Pickren on 16 December.
He’s now out after posting a $5,000 bond (£3,307).
Under Georgia state law, a person is guilty of computer trespass when they alter, damage or in any way cause a computer, computer network or computer program to malfunction, regardless of how long the disruption lasts.
It’s a felony offense that’s punishable by a maximum of 15 years in prison and a $50,000 fine.
Does this young man really stand to serve 15 years in jail for tinkering with an online calendar as a sports-related prank?
It’s highly unlikely, given that this is his first offense and judges rarely hand out maximum sentences.
When we mention maximum sentences, a large part of the rationale is to get across worst-possible case scenarios, as well as to give an idea of how seriously a given state treats a given crime.
After all, in the US maximum sentences can vary widely from state to state, and from judge to judge.
One thing that’s made clear by the 15 year maximum punishment in Georgia is that the state, like many others, doesn’t take computer trespassing lightly.
That’s a hell of a deep stain to leave on a young man’s record, all for the sake of a prank, all meant as a big raspberry over a football game.
Trespassing into networks can have catastrophic and expensive repercussions.
As a computer engineering student with a minor in computer science, he should have known better.
This kind of prank just isn’t worth the lulz.
Image of calendar courtesy of Shutterstock.
teejayuu
“As a computer engineering student with a minor in computer science, he should have known better.”
He knew the consequences. Life is about the choices you make and the repercussions thereof.
givemeanavatar
The punishment should fit the crime. The crime was a harmless prank. There should be no prosecution. The embarrassment of getting caught should be more than enough. They should stop wasting tax payers dollars and go on to real crimes that cause actual damage.
Boom
I agree. The judge should give him a choice, jail and fines or community service working for the University of Georgia (UG) cleaning up trash, helping closing any security vulnerabilities, or whatever the admins of UG want him to do. This will humble him a bit and keep his record clean from a stupid mistake that I doubt he would do again.
Do the professors at UG computer science teach ethics and/or what happens when caught for unlawful hacking, even for pranks?
Anonymous
I say prosecute, not the full 15 years – but something harsh enough. The prank itself might be harmless but the hacking itself was not. He’s a computer engineering student and damn well should have known that what he did constituted hacking (computer version of breaking and entering). if he can’t figure that out, then he needs a new major.
Who
Who knows what he could have really messed with on their systems, or leaked student data, etc but choose to only add a harmless message on their calendar. This and the fact that he was a 21 year old student which we know very little about – Is he easily peer pressured for example? These are no excuses and he should face a judge to scare him a bit but hopefully he won’t get anything on his record.
jonathanpdx
Oh, absolutely. A swift beheading in a public place should send a clear message. {/sarcasm}
Why are so many so swift to seek punishment up to and including the essential destruction of someone’s life when using the event as a true teaching tool would be far more beneficial?
Justice should always be tempered with compassion and common sense. Young people often do stupid things (as do many older folk), and more often than not just need a well-placed swift kick to the proverbial backside to get them thinking clearly again.
As it’s his first offense, what he needs is an *education* to open his eyes to what waits in store for him if he should be stupid enough to repeat his actions.
Fortunately, this was a victimless crime, and if handled correctly should prove educational for both the purpetrator and the University of Georgia, which might want to review its information security protocols.
timspec
Maybe they should give him a pat on the back for finding a vulnerable system harmlessly :D or fire those that cannot even protect a calendar and higher him!
Anonymous
I’m sure that many of us who study Internet security could hack sites. The difference between us and those who do is that we know it’s a crime. Twenty years ago I was curious about how difficult it would be to hack a site, of course then it was much easier than it is today, or at least we hope it is (though I have my doubts). As a disclaimer I notified the sites owners and told them that they had a security problem that should be fixed, and I did not steal any data or deface the sites. The interesting part is that they appreciated finding out they needed to secure their sites.
Anonymous
Just to throw it out there, “As a disclaimer I notified the sites owners and told them that they had a security problem that should be fixed, and I did not steal any data or deface the sites.” That is still illegal. It’s considered Gray Hat and finding vulnerabilities without prior consent is indeed illegal. As for this kid, he’s the dumb one who got caught. A computer engineer who get’s caught messing with a calendar? He must be a freshmen. Slap him on the wrist, case closed.
Anonymous
I know it’s a crime, now. 20 years ago, it was a curiosity and I’m not sure I knew it was a crime. I was surprised to find out how easy it was, and my reasoning was that maybe the admins for the two (2) sites might not be aware of how vulnerable their sites were. 20 years ago I had a friend who had taught himself Cisco IOS and regularly called the local cable company that had just begun to provide Internet access to tell them that they had left their routers unprotected, and they thanked him!
Anonymous
According to that statute, “in any way cause a computer, computer network or computer program to malfunction”, Apple and Microsoft, you be arrested in Georgia for producing and distributing their software. Seriously, as long as this is an isolated incident and not the tip of the iceberg, the young man should get 200 hours of community service to help seniors, lawyers, or traders with their Internet access and printers.
Bill T
The real question is what is Georgia Tech going to do to instill some better morals on their computer science students. The student should have been warned about hacking other peoples’ systems/networks. GaTech should also take some action against their student.
BC Cure
The real question should be: Who at the Univ of Ga is getting their butt kicked for allowing such an inexperienced hack get into their network! Where is the accountability on the part of the cyber professionals here? And if a student can get in, what other databases and systems have been compromised by the more experienced hacckers out there?
Randy
Maybe the judge will make him wear a University of Georgia sweatshirt for a week. The punishment should fit the crime.