Two students charged with hacking into system, changing grades
Is 20 years in prison really worth the risk?
29-year-old John Escalera and 28-year-old Gustavo Razo were indicted on October 25 for hacking their way into the California State University, Fresno computer system and changing their grades.
According to the charges, Escalara worked in CSUF’s information technology department and was able to slip into the grading database fairly easily. He allegedly used the password of his supervisor to gain access to some of the university’s most sensitive data banks.
Charges included in the indictment include unauthorized computer access, wire fraud, conspiracy, and identity theft. If convicted they could each serve as much as 20 years in prison, with fines totaling $250,000.
The indictment also specifies that the students’ grades were changed several times between January and June 2004. Razo allegedly paid cash to Escalera to bump up his grades, while Escalera also increased his own scores.
The IT staff became aware of the problem during a routine audit.
Source -TGD
Comments(58)
Its not the First time-Also at Diablo Valley Collage-Concord California!
Idiots!
20 years just for a some good grades…LOL
Its called studying…
Now they’ll have plenty of time for that…haha
That’s a stiff penalty…
“He allegedly used the password of his supervisor to gain access to some of the university’s most sensitive data banks.”
Do they realy consider this hacking?
War games makes it look so easy
sucks for them… that is what happens when you become too smart for your own good…
This highlights what is wrong with this world…
“20 years for what, breaking these laws that’s so corrupt.”
What about killers, rapists, pedophiles…no worries fill the prisons with kids trying to change grades. Give me a break. The people who belong in prison are the hypocritical judgmental politicians who do this crap. Give the kids what they really deserve a fine and the original grades.
stealing someones password hardly makes them hacker masterminds – i hope the clown who made his password easily available is also charged with being reckless and endangering the integrity of the entire system
I live in Fresno working as a Sysadmin. I don’t know if they still do, but 2 years ago they gave students shell access to a unix server as part of their ISP service.
The other Sysadmin I work with (A student at the time) noticed that you could read the /history of root, the passwd file, and a few other things that made it easy to hack SU.
We have a buddy that works in IT at CSUF and we let him know and EVEN showed him how to fix it, so if they let a a hole like that slide, I am not surprised by this article.
If what Tom says is true, then it is just as much the IT department and supervisor’s fault…
“The indictment also specifies that the students’ grades were changed several times between January and June 2004.” But… “The IT staff became aware of the problem during a routine audit.” 3 years later for a routine audit? Nice!
while at the same time,some nice good looking girl get a passing
mark,the good old way
These type of crimes happen due to security complacency. Also, gaining passwords either through hacking database for passwords, brute-force attack, dictionary attacks, etc or, most likely in this case, social engineering.
“WarGames” lives on!!!!!!!!!!!
ruh-ruh-ruh-ruh-ruh-ruh-ruh.
@Alfred
I have low morals? Why because I am not childishly judgmental?
I bet you make plenty of mistakes in life…maybe if you were put in prison for 20 years for a mistake that caused no physical harm to anyone you would change your tune. It is angry and unforgiving people like yourself who degrade society. The people who believe they are actually better than other people and don’t actually take an honest look in the mirror. But then again trying to talk to people like that is pointless.
@Alfred
Also notice the part where I said “Give them there original grades” So in fact people could count on the system.
I agree with 7. b.s
what the hell is the world coming to when a student changing his grades would get the same amount of jail time as a murderer or rapist… what a sad sad world.
@Alfred… what the hell are you smoking. If the “system” didn’t have soo many flaws in it, they would have never gotten into it.
iDiOtS
Just go into politics you can be an actual criminal and a public hero all at once. If you do break the law and get caught you may have to resign (beats the hell out of prison). You can make stupid laws that profit big companies and the rich…and put the poor and hungry in prison for trying to live. And a bunch of mindless idiots will stick up for you because CNN tells them they should.
off with his head! give me the ax, I’ll do it!
@ Alfred
You’v aready been PWND, your “arguement” holds as much moral and ethic water as a burst condom.. go home..
B.S.. Spot on!
I wonder what classes they changed their grades for… Computer Security 101 and Ethics 102 maybe?
heheh The first thing would have been to change more than just your OWN grades… then you could at least propose it was a system fault, not your own “hacking” (and in this case, as others have said, this barely counts as hacking).
i would be impressed if they used a buffer overflow. social engineering is still hacking although it doesn’t command respect, it still achieves the goal. and we all know the end result is what matters
They started to use online grading back in my high school (I graduated now), and I knew the passwords of 2 of my teachers. I could’ve changed them easily.
I knew the consequences, but it isn’t worth the risk, specially when I was so close to graduating.
After I graduated, I told my favorite teacher I knew the password. She didn’t care, cus she trusted me. [I've done competitions for her]
Alfred is a clown shoe
@Gotbannedcosofname
That makes no sense, fool.
@Alfred
Agree 100%. I’ll bet it wasn’t a smart kid who was already an A student changing their grade. This is just two morons who are trying to cheat the system and got caught. Let them rot in jail, they probably cheated on other grades of theirs just to get into college anyway.
They’ll be fine, we always need people to sweep the streets.
“Whhhhaaaaa!! I got caught changing my own grade.”
“Please don’t punish me, I promise I won’t do it again. You can trust me this time!”
lol just fail them in the course they were doing and give them A+ in IT XD
They should be punished according to “The Learning Curve”.
Hahaha!
They can just change their jail sentences in the prison system computers, and get themselves out early!
Remember, they are very good at hacking.
He should have modified all students grades and only once.
whereis the_doctor, to lecture us these guys are crackers???
lol these lazy people can’t even study for themselves..
people these days
I think 3-5 years of prison is enough for him.
not worth it
I dont know wat some of ya ding dong been smoking lately but I see more bums and nuthead in the street then all those “cheater” like above put together … now tell me, should we put all those guy to work or lock them up ??? ^^ .
, haha .
Or maybe that’s why there are still killer running around after they done serving their time, is that why some of u like to put less servere case compare to more servere case .
Like @37 said, 3-5 yrs is enough, still kinda too much, unless they selling ppl ID or something o_O .
^^ And then just let the death penalty to those corrupted offical who been brainwash those ding dong (know who u are ^^) above
It doesn’t really matter but…CSUF is for California State University, Fullerton. For California State University, Fresno, they just call it Fresno State University or Fresno State for short.
Wow its good to know that according to the us government molesting a child is only as bad as cheating your grades in school. bunch of freakin idiots
Chuck Norris
November 6th, 2007 | 06:45
“what the hell is the world coming to when a student changing his grades would get the same amount of jail time as a murderer or rapist… what a sad sad world.”
It doesn’t say they got 20 years. It says that is the maximum penalty they could be given. In what kind of world can’t you figure out that a maximum penalty for a crime is there so more serious crimes can attract higher sentences.
What do you think the penalty should have been if they hacked into the utilities of a hospital and crashed a system that powered 10 life support machines?
That would strike me a little more serious than rape. If they only did it the once should a lower maximum penalty apply?
Hehe this can only be in the US.
“Boys will be boys”? Can’t put them 20 years in jail, just for being smarter than the average. But then again, that way the US keep the dumb as politicians, and the smarts in jail.
“He allegedly used the password of his supervisor to gain access to some of the university’s most sensitive data banks.”
lol @ “stealing password” = “hacking”
@ Alfred & goodtimes,
I can see you both at your Christian Rightwing meetings with your prolife badges. Nutters.
Just because someone has acted dishonestly, doesn’t make them public enemy no.1. By your reckoning, every kid who has written answers on the back of their hand before a test should be sent to the big house for a minimum of 5 years.
Also, by your reckoning everyone on this site is doing highly dishonest and untrustworthy things, therefore we should all expect the death squads to make us ‘disappear’, including you two fuds.
That’s just cr4p!
At least let them be expelled!
Thats how students in most civilized countries are dealt with in such cases!
What other damages did they do to deserve 20 FUC|KING years in jail!?!?!?!? and an exaggerated fine on top of that!?
If they didn’t do any other damages, than that Univ. must be one sh!tty place full of depressed and mentally challenged ppl!
No dumpydooby, stealing passwords means lousy qualities as a administrator for not being able to secure even his own workplace, not to mention the servers which are for PUBLIC use! How the fuc|k did he get to be supervisor in the first place eludes me!
Only in the US of A…
@ Hibby,
you’ve got it right there.. Most of these people will follow what the news tells them. They probably only first heard of this case here and since they don’t really know how to think for themselves, they follow the piped-piper all the way to the cliff.
@ Emm,
There is a max of 20 years of jail time, its harsh i know…
Their sentence should be a smack on the head and an expulsion from their uni. An expulsion would hinder their chances of obtaining work and/or enrolling into another uni. Jail time is not even necessary. But if they had done something to where the outcome was extremely negative (Kang, post no.42), then jail time would be inevitable, depending on the damage caused (If a life was lost or other serious criminal act occurred). Its the only logical sentence, well to me it is.
-LD
20 years in jail + the fine is the MAXIMUM, for organzied people that provide a kind of grade-changing-service for money!
No judge would probably ever sentence even the head of an organized institution that provids a grade-changing-service for 20 years – and the boys will surely not be sentenced to such a long jail time… just a big media-hype at the moment -.-
to my own point of view, it’s not entirely hacking cause the boys used a password from a supervisor. for me it’s an inside job. the information of how they got the password was not even posted in the thread.
Pff, why didn’t they just do it in the school? I’m guessing they traced it back to his ip address? Otherwise just because there’s evidence john doe’s grade was changed, doesn’t prove john doe had anything to do with it. My counselor always left his office door open, and there was hardly anyone ever around. It made it pretty easy since he showed me himself that he had the ability to change my grades, when I was discussing my grades with him. Funny guy with an easy to remember password. =b
Also, I’m not condoning what they did, I’m just curious as to why they did it from their home? At least I think that’s where they did it from.
Back in the days of paper grade books, this would have never happened. I remember changing several grades through highschool and elementary, because why not? If the teacher is stupid eneough to leave her grades to me manipulated, who am I to say no?
Anyhow, it was a crime which didn’t matter really. Fail me from English which I was already acing without my stupid grade change on a certain test, or kick my friends out of high school photo… probably not.
They just want to make an example out of these two. Just expel them, that will do enough.
should have just cheated…
lol i live in fresno and this is just hella funny
wow their is a big difference between hacing and simply finding a password and using it…hacking would have to fall under the category of he waited 2 weeks with his computer on using a brute force method or..he bypassed to system by engineering a program to change his grade..even creating a complex algorithm that cracked the pass word for him
i say these idiots deserve their 20 yrs. seriously how the hell do you get caught for ‘hacking’ a system? i mean did they just change ONLY their own grades by logging on with their AOL account or what? lol
They should be careful not to let these guys near a phone whilst in prison. They might whistle tones down it to gain access to all the nukes in the US!
These hackers are a menace, I tell you!!!
@Bob, talking out of experience?
Calling him a hacker just aint right. If he was really any good at his job he wouldn’t have got caught….amateurs