The European Court of Human Rights has refused U.K. hacker Gary McKinnon's appeal against demands for his extradition to the U.S.

McKinnon stands accused of breaking into computers belonging to NASA and the U.S. military, and had appealed against his extradition under Article 3 of the European Convention on Human Rights. He had claimed that the conditions of detention he would face if convicted in the U.S. would breach a European prohibition on inhumane or degrading treatment.

The court said Thursday it had refused his appeal, and will not prevent his extradition. The court had previously ordered that his extradition be delayed until midnight Friday while it considered his request.

It was in 2002 that a U.S. court first indicted McKinnon for the offenses, committed in 2001, although he was not arrested by U.K. police until 2005. The U.K. government first approved his extradition in 2006.

McKinnon has never visited the U.S., and the offenses of which McKinnon is accused were committed in the U.K., his lawyers at Kaim Todner LLP said.

"We maintain that any prosecution of our client ought therefore to be carried out by the appropriate British authorities," the London law firm said. "U.K. citizens are at the mercy of the ever-increasing tendency of overseas prosecutors to extend their jurisdiction to crimes allegedly committed in this country."

The message is clear -- if you hack into computers you have to realize that the legal consequences could be severe. Others should take note of McKinnon's predicament!

How do I read the results table?

Scatterplots:
The scatterplots are provided as an additional safety check. Even if the tests show that the server passes, the values may still be easy to predict. If so, the graph may show patterns that are easy for human eyes to recognize. If you see an obvious pattern in either of the images, your DNS server has a poor or nonexistant source of randomness.

Based on the results, a DNS server is vulnerable if:
The query source ports or the query IDs from a given server match or are easily predictable. Matching query source ports make it easier to spoof results to the DNS server, poisoning its cache. Matching query IDs are usually an indication of a misconfigured DNS server, while changing query IDs that are predictable also make DNS cache poisoning easier.

^*Vulnerability:

A server that is subtly vulnerable is making an attempt to randomize or otherwise change its source port and query IDs, but it appears that the source it uses for random numbers is weak or predictable. Fixing this problem will most likely require patching the operating system the DNS server is running on. If the server is under your control, please apply any security patches it has available. If the server is not under your control, contact the owner and inform them of the issue, or switch to a different DNS provider, such as SOADNS.