[Fife Linux Users Group] Hear how the hairdresser brought downthe US Military and NASA

John A Thomson of Roundtrip Solutions Limited john at roundtripsolutions.com
Sat Jul 30 13:26:10 BST 2005 

Hi Barrie,

>>>Even ZDNet saw that this guy was a moron:
>>>https://www.bsrf.org.uk/article.php?story=20050610203447450
<BLOCKED::https://www.bsrf.org.uk/article.php?story=20050610203447450> 

ALL of the media have reacted in their usual manner - without having
conclusive facts or knowing anywhere near the full story. The articles that
you've pointed at are of the same journalistic standard as all the other
ones reporting this story - IMHO ;-). I suppose the facts will come out at
the trial, if we ever hearing them reported in a factual manner ;-). Is it
just my imagination or is journalistic integrity and accuracy becoming more
of an issue of recent years?

We must also be conscious that the guy is now crapping his pants and may
well be on a damage limitation exercise:
- which may include not revealing anything in detail so his trial isn't
prejudiced
- spinning the story to ensure maximum expose in the international press
- maybe he is wanting to come across as a loon or moron for his own defence
- nah!
  He is a moron for making it so easy for law enforcement to find him!

Hey perhaps the drug induced, mental incompetence legal defence could have
worked if he wasn't now doing radio interviews that destroy any hope of
using such! Or does it! You'd need to be a Harvard Lawyer to understand the
US legal system and the loony defences that get people off! I've never been
a weed smoker so I'm not personally aware of how it affects rational thought
- can't even stand the smell of it, truth be told. I'm always offski out the
room before anyone gets a chance to demonstrate its effects!

This is why I called him the "hairdresser", since I didn't view his methods
to be sophisticated by any means or the actions of someone who could be
termed a skilled hacker. Its just like the story over on GRC, where even
script kiddies managed to bring down GRC on a few occasions ... We shouldn't
underestimate the damage that these tool users can and will do in the
future. The GRC story is another very good read - IMHO. What would happen if
someone was to design a tool to attack and exploit Cisco routers.... And
that tool fell into the hands of the script kiddies.... Now that could be
scary movie stuff!

In this day and age you'd think the Americans would be securing down all the
commonly exploited systems to show the world that they are serious about
Homeland Security ;-). To think that anyone with the ability to use Google
could end up breaking into systems seems alarming!

I'd agree that he is being made a scapegoat due to it being so easy to find
evidence and prove a case. The fact that he didn't use proxies and/or find
himself some Zombies as a bare minimum just makes the evidence gathering so
much easier. US law enforcement will have found it an easy case to build and
are hopeful of a successful prosecution. This will set an example to the
hackers of the world - Yeah right! Half-whit American law enforcement and
prosecutors - IMHO. I've met so many really smart Americans, so why, why,
why do they put up with this behaviour from their officials!

I've spoken with a few people (in the passing) who work in UK military bases
and they present a very different picture, just like you've highlighted
Barrie: internet access is on a isolated machines; need to get a document
from a floppy - isolated machine; etc. The users weren't too happy with the
situation and the fact their USB mouse didn't work on their bast&*ised
laptop. Obviously, they didn't give anything top secret away or anything
that could be used to exploit systems. [Excuse the paranoid statement but we
don't want UK law enforcement breaking down doors ;-)] However, we mustn't
be complacent as someone configured the email server in the UK Army that
allowed users to send massive "Amarillo" movie clips to the point where the
server collapsed under the volume of traffic and use.

Some unis and colleges pay almost "minimum wage" to sys admins! Some of whom
they find from people that have just graduated from a course at the same
educational establishment but aren't quite bright enough to find a proper
job outside. As soon as they have some knowledge and a little experience (I
almost wrote expertise - ha) they are offski to a better paid position.
Leaving the issue to start again ... Find a student who wasn't bright enough
to get a proper job after graduating .... Pay minimum wage .... Etc ... Etc
...


>>>Apologies for linking to my own stuff twice, but it does have relevance
:-)

No apologies needed. If you have a good story, you have a good story ;-).
I've added your blog to my RSS aggregator so I don't miss anything in the
future. You've got some excellent stuff up there. Thanks for sharing it.

NSA? Aren't they the people watching over SG1 and the Stargate programme? Oh
no! That's the NID :-D.
The poor guy in charge of the NSA website probably doesn't even know what an
XSS vulnerability looks like or its effect. Having said that, it has been
there for 2 months and no one has been caught abusing it yet. Perhaps the
fear of 70 years in prison is starting to work.


If nothing else, the interview was an interesting piece of entertainment,
best listened to in the background while doing some real work :-).


My own opinion on aliens ....
"It would be nice to think that we aren't the only ones in this or other
universes. It would be a sad day indeed, if human beings were the most
intelligent things in existence anywhere!"


Many thanks and regards

John A Thomson
BTech - PgDip - IEng - MBCS - MIIE - CSM

Managing Director

Roundtrip Solutions Limited
15 Freuchie Mill, Freuchie, Cupar, Fife KY15 7JL
t: 01337 858826  f: 01337 858794
john at roundtripsolutions.com
http://www.roundtripsolutions.com
<BLOCKED::http://www.roundtripsolutions.com> 





  _____  

avast! Antivirus <http://www.avast.com> : Outbound message clean. 


Virus Database (VPS): 0530-3, 29/07/2005
Tested on: 30/07/2005 13:25:20
avast! - copyright (c) 1988-2005 ALWIL Software.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/standrews/attachments/20050730/aa517ff2/attachment.html

More information about the StAndrews mailing list