Theft, sale of Microsoft exams leads to prison
Posted by Arnaudt on 04 February 2003 - 21:45 · 8 comments & 753 views
About the Author
Full name: Unknown
Forum name: Arnaudt
Contact: via forum PM
Submissions: Normal · Headline
Full name: Unknown
Forum name: Arnaudt
Contact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
#1 Posted by paulhaskew on 04 Feb 2003 - 23:57
- heh, this moron is from my hometown... vancouver, wa
-
(1 reply)
#2 Posted by Jason on 05 Feb 2003 - 00:13
- I want to see all people that sell any type of exam prosecuted, it is very annoying for the hard working people who pass exams properly.
-
#2.1 Posted by Eric Ferleman on 05 Feb 2003 - 01:25
- Very true.
-
(3 replies)
#3 Posted by TheDeputy on 05 Feb 2003 - 02:12
- It also wrecks the chance of us who are trying to be MCSE's. It makes the industry less credible to all those Paper MCSE's out there who just read a book and do the exam.
-
#3.1 Posted by Eric Ferleman on 05 Feb 2003 - 03:16
- Huh
What's wrong with reading the MS Press book for each exam and doing the labs in it? What other way is there?
People who just buy the test questions from someone like the guy in this article and then take the test and pass it, are the ones who degrade the qualification. -
#3.2 Posted by TheDeputy on 05 Feb 2003 - 16:05
- All I'm saying is there are people that don't have any experience in the IT industry who read these books and do the exams and think they are MCSE qualified. You need the experience that goes with the MCSE. You can't just be MCSE qualified without any experience and expect to be hired. They will just say you are a "Paper MCSE". If you do get the job, then good for you and good luck. The book just shows the Microsoft way, and a lot of IT companies don't do EVERYTHING the MS Way. Sometimes it's hard for people who have been in the industry for awhile learning on their own network and then they go to do the exam and they fail. Not realizing they have to study the MS way, not the way they know.
-
#3.3 Posted by Eric Ferleman on 05 Feb 2003 - 18:44
- Perhaps. But it's hard to get a job to get the experience needed to prove that you have the MCSE skills without actually having a MCSE.
-
#4 Posted by CarbonKnight on 05 Feb 2003 - 04:25
- I hope he didn't have to spend a year in a Federal Pound me in the ass prison.
A former Vancouver, Wash., man was sentenced last week to a year and a day in prison, followed by three years' probation, for stealing and selling exams and answers needed to become a certified Microsoft Corp. software engineer. Robert Keppel was also ordered to forfeit his interest in two cars and to pay $500,000 in restitution. He had made at least $765,600 from the illicit sales, buying a 2001 Lexus RX300 and a 1997 Ferrari 355 Spider with the proceeds.
He could have been fined up to $250,000 and been sentenced to 10 years in prison.
In 1999, Keppel began selling Microsoft Certified System Engineer and Microsoft Certified Solution Developer exams, along with the answers to them, over Web sites, said the Seattle U.S. Attorney's Office and the FBI. The tests are complex, difficult and large, and passing them makes an individual "highly marketable, usually rais(ing) salaries substantially," government prosecutors said.
Keppel bought some of the exams from an unidentified person in Pakistan, who had photographed or videotaped them at a test site there, the statement said. Among the buyers were some residents of Seattle and the surrounding area, officials said.
Symantec found that, on average, companies experienced 30 attacks a week in the second half of 2002, compared with 32 in the first six months of the year, a 6 percent reduction. Symantec defined attacks as "individual signs of malicious activity."
In addition, the rate of severe events declined, with 21 percent of the companies that made up the sample suffering a severe event during the past six months, compared to 23 percent of companies in the six months before that and 43 percent of companies in the second half of 2001.
Severe events were defined by Symantec as "sequences of attack activity that have either caused a security breach on a company's network or present an immediate danger of a security breach if intervention is not taken."
While lower than the preceding six months, the average number of attacks per company in the final six months of 2002 was still 21 percent higher than for the same period in 2001.
Those numbers may get worse before they get better. Symantec documented more than 2,500 new vulnerabilities in 2002, an 81 percent increase from the number found in 2001. The number of moderate and high-severity vulnerabilities was almost 85 percent greater than in 2001.
While the increase in the number of software vulnerabilities may reflect increased media attention on the problem and the creation of more responsible disclosure policies in companies, new strategies for exploiting previously unrecognized weaknesses in software code may also be responsible.
The number and severity of the discovered vulnerabilities are fertile ground for new "blended threats" that leverage two or more different security flaws to execute an attack, Symantec said.