A British student has been jailed for eight months for hacking the Facebook website despite claiming that he intended to help the social media network improve its security.
Glenn Mangham, 26, hacked Facebook last year from his parent’s basement, The Guardian reported.
Prosecutor Sandip Patel said Mangham stole “invaluable” intellectual property after hacking the account of a Facebook employee who was on holiday.
Mangham, a software development student, said he intended to demonstrate the hack to Facebook to help it improve security.
“It was to identify vulnerabilities in the system so I could compile a report that I could then bundle over to Facebook and show them what was wrong with their system," Mangham told the court.
Between April and May last year, the court heard Mangham hacked a Facebook puzzle server used by programmers, and a mailman server used to handle email distribution lists.
Prosecutors said he also crafted and offered to distribute a script used to hack the Phabricator server which housed application development tools.
Patel said Mangham downloaded internal Facebook data to an external hard drive.
Scotland Yard raided Mangham's home on June 2 last year in what was described as a "concerted, time-consuming and costly investigation".
Mangham first appeared in court in August 2011.
Patel said Mangham “acted with determination and undoubted ingenuity”, describing the hack as “sophisticated” and “calculating”.
“This represents the most extensive and grave incident of social media hacking to be brought before the British courts," he said.
Mangham’s defence said he was an ethical hacker who saw the hack as a “challenge”.
"It was common currency within the community of computer nerds or geeks, if I may refer to him as that, where there was this interesting relationship between companies and people who ethically point out vulnerabilities," defence lawyers argued.
Facebook operates a bug bounty program in which it pays ethical hackers up to $US500 ($A467) for quietly disclosing vulnerabilities.
The Guardian reported Mangham had previously shown Yahoo how to improve the security of its search engine.
Judge McCreath said he considered that Mangham had not previously been in trouble and his "psychological and personal make-up".
"But this was not just a bit of harmless experimentation," McCreath said.
"You accessed the very heart of the system of an international business of massive size, so this was not just fiddling about in the business records of some tiny business of no great importance."
Copyright © SC Magazine, Australia
Issue: 315 | May 2013
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.