Chad D Davis pled guilty on 5 Jan to hacking into the US Army's web site. The judge, however, agreed to consider evidence that the Army had failed to protect the site adequately when setting the amount of restitution that Davis must pay. It had become common knowledge on Internet that there was a security flaw in a set of computer software commonly used to create web sites. The Army had installed a "patch" to close the security gap, but when the site was moved to a new server, the new patch was not installed. Davis, presumably checking various sites and servers for the weak point, found the Army site vulnerable and replaced its opening page with a page promoting the nationwide hacker group he belonged to. --Stephen V Cole