Experts investigate 'Harry Potter hack'

A hacker named "Gabriel" posted this week on insecure.org that he or she cracked the networks of (United Kingdom publisher) Bloomsbury Publishing to find out the ending of the best-selling series.

(Warning: This link contains potential spoilers.)

The series, which has sold more than 300 million copies worldwide, is set to end with its seventh book, "Harry Potter and the Deathly Harrows," due in bookstores on 21 July.

Kyle Good, vice president of corporate communications at Scholastic, the series' US distributor, told SCMagazine.com today that she had no comment on the reports, other than to say, "Anyone can post almost anything they want on the internet, and you can’t believe everything you see."

Gabriel claimed that hacking into the networks wasn’t difficult.

"The attack strategy was the easiest one. The usual milw0rm downloaded exploit delivered by email/click-on-the-link/open-browser/click-on-this-animated-icon/back-connect to some employee of Bloomsbury Publishing, the company that’s behind the Harry crap," the hacker said. "It’s amazing to see how much people inside the company have copies and drafts of this book."

The hacker said that he had religious motivations for revealing the end of the acclaimed series.

"We did it by following the previous words of the great Pope Benedict XVI when he still was Cardinal Joseph Ratzinger," he said. "He explained why Harry Potter brings the youngs [sic] of our earth to [the] neo-paganism faith."

Mark Loveless, a former hacker and now a security architect at Vernier Networks, told SCMagazine.com that the report is almost certainly a hoax.

"I think it’s completely a hoax. I would rarely trust some odd claim like that from someone on Full Disclosure," he said. "If the person was smart, and they actually got that, they would’ve published a few paragraphs or a chapter."

John Thielens, vice president of technology at Tumbleweed Communications, told SCMagazine.com that Scholastic's "no comment" means fans of the series aren’t likely to find out soon whether the hack was authentic.

"You just can’t know. It’s sort of an unauthenticatable premise. It reminds me of what other media producers have done when they will record two or three possible endings and one of them airs," he said.

"So did it really happen? Personally I don’t want to know because I want to read the book."

doubtexpertshackharryofpottersecurity