The news.com.au site has reported that a 13-yr old is being charged with fraudulently earning £250,000.

In brief, he continually de-frauded people by abusing trust in business deals — he cheated.

It does not seem that exciting or unusual, except for the fact that he was able to get away with it for so long. The article does not mention that he tried to hide his identity. The opposite, actually:

The boy was first arrested in October 2004, but bailed and went on to reoffend – a pattern that repeated itself four times in two years.

Thus it is most remarkable that the controls to prevent fraud were so weak. I guess they treated him with kid gloves.

They do not even say that he changed names, just that he continually moved on to new victims and that he looked older than 13 (blame the victim?).

A police source said: “It was like he was addicted to conning people. And whenever he was confronted with what he did, he showed absolutely no remorse.”

Guilt, remorse…they’re good ethical foundations, but they generally do not put up the best defense against a criminal mind, especially when the perpetrator lacks them entirely. I get the sense that his real exploit was simply that the police did not want to charge him as an adult.

But despite his intelligence, his lack of education was exposed in emails littered with spelling and grammatical errors.

But a police source said he could be very convincing: “He is 6ft tall and looks a lot older.”

Is it really that intelligent to lack remorse, and to build a business by abusing the trust of consumers? He just seems like someone who was awarded repeated opportunities to break the rules that he did not respect in the first place. Why does Enron come to mind…?

So I guess the question is whether the incident(s) will be treated as an exception or if anti-fraud measures will be altered now to account for juvenilles. Even more radical might be to start treating 13 year olds as adults in terms of Internet commerce, as the age seems to be recognized as formal adulthood in some cultures.

Adulthood can be defined in terms of biology, law, personal character, or social status. These different aspects of adulthood are often inconsistent and contradictory. A person may be biologically an adult, and have adult behavioral characteristics but still be treated as a child if they are under the legal age of majority. Conversely one may legally be an adult but possess none of the maturity and responsibility that define adult character.

…such as spelling and grammatical accuracy.

I’m speechless…

Despite a market capitalization of almost $13bn, it appears the company couldn’t afford to secure its Wi-Fi network with anything more robust than the woefully inadequate Wired Equivalent Privacy protocol. (The much more secure Wi-Fi Protected Access has come standard on most routers for four years now.) It also failed to use firewalls or install software patches and disregarded requirements imposed by Visa and MasterCard concerning how card information is stored and transmitted.

[…]

All told, the breach could cost TJX $1bn over five years in costs for consultants, security upgrades, attorney fees and damage-control marketing, analysts from Forrester Research estimate.

Significantly, Forrester’s estimate doesn’t include liabilities that may result from lawsuits, such as one recently filed by associations representing almost 300 Northeastern banks in the US.

Plenty of banks have been saddled with costs resulting from the breach. Banking associates are lobbying federal and state lawmakers for legislation that would require companies who suffer security breaches to absorb the costs of issuing new credit cards.

From the Register.