Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security United States Government The Courts IT News

Hacker Gary McKinnon Interviewed 350

Posted by Zonk from the not-quite-the-x-files dept.
G0rAk writes "The BBC World Service has a half hour audio interview with British hacker Gary McKinnon. As recently reported on/. and BBC News, Gary was arrested and freed on bail pending extradition proceedings to the U.S. There, he faces charges of gaining unauthorised access and causing criminal damage to military computers in his search for evidence of UFO coverups and anti-gravity technology of extra-terrestrial origin. In a very candid interview, Gary re-affirms that he had no malicious intent, was amazed at the ease with which he penetrated the networks, explains in detail what evidence of UFO coverups he saw, describes a personal journey through hell as he became obsessed with the project and how very scared he is that he could be facing up to seventy years in a Virginian jail. A bit of a nut, perhaps. But a fascinating listen that helps a lot in making that judgment. The Interview can be listened to with RealPlayer from 11:32 GMT (06:32 EST) on Saturday until the same time next week."
This discussion has been archived. No new comments can be posted.

Hacker Gary McKinnon Interviewed More

Hacker Gary McKinnon Interviewed

Comments Filter:

  • Thank you Gary (Score:5, Insightful)

    by bigwavejas ( 678602 ) * on Sunday July 24, 2005 @03:52PM (#13151120) Journal
    This has scapegoat written all over it and has a striking resemblance to the Kevin Mitnick detention. I find it questionable the government claims he caused 900k USD in damages. How can that be? System cleaning, turning on security (which should have been on already)? Their ineptness lead to this breach of "security", if anything they should thank Gary for pointing out their shortcomings... Better him than a terrorist.

    • Comment removed (Score:5, Insightful)

      by account_deleted ( 4530225 ) on Sunday July 24, 2005 @04:00PM (#13151160)
      Comment removed based on user account deletion
      • We all know how well that works judging by the laws protecting intellectual property.

        The truth is, they should secure their systems to keep the honest man honest, the script kiddies outside and the crackers in jail. Their current defenses wouldn't have stopped a honest man, as we can see that it didn't stop the script kiddie in the article and for sure it wouldn't have stopped a cracker.

      • Re:Thank you Gary (Score:5, Insightful)

        by itistoday ( 602304 ) on Sunday July 24, 2005 @04:39PM (#13151398) Homepage
        The problem with that argument is that what he "did" was browse file systems, change a desktop picture, and attempt to persuade system admins to secure their systems by leaving notes on the desktop. How is 70 years in prison a justifiable sentence for these actions?
        • Comment removed based on user account deletion

          • Deterrent? (Score:4, Insightful)

            by einhverfr ( 238914 ) <chris...travers@@@gmail...com> on Sunday July 24, 2005 @08:43PM (#13152751) Homepage Journal
            I agree that this is meant to be a deterrent against people acting against the perceived national security interests, however I have to wonder what its general effect would be.

            This sort of sentence is not going to deterr the Chinese or N. Korean governments. It won't deterr Al Qaeda operatives. And these guys could theoretically leapfrog off systems in the US. And if he could enter this easily, then what of the North Koreans or the Chinese? What of militants/terrorists with hostile intentions (Islamic or not)?

            I am a firm believer that there should be a two-tier punishment for these sort of incidents. I reasonably lenient punnishment for the actual tresspass and then a very severe punishment if the tresspassor can be linked to a terrorist group or foreign government.

            The fact is that if national security were the priority, these systems would not have been so easily compromised.
        • His crime was to show up the US Military, somebodies head has to roll.
          • His crime was to show up the US Military, somebodies head has to roll.
            Yeah, like the head's of the dumbass network admins that work for the US Military.

        • Re:Thank you Gary (Score:2, Insightful)

          by warkda rrior ( 23694 )
          The problem with that argument is that what he "did" was browse file systems [...]
          I think this qualifies as unauthorized access to classified information. Similar to how I would not like anyone to read my credit card numbers off my system, even if they find a way in.

      • Even if the door is wide open, you do no walk into a military base. Same goes for their network.

        Very true, but does not that thought scare the hell out of you?

        What was that ficticious movie called where missle silos were being activated and the hacker thought it was a similator? Wasn't it War Games (1983).

        He should have had more humor though, he could have issued a gate pass to Andrews for Colonel Bin Laden and have it sent to ABC or CBS (NBC would down play it as it involved Winodws).

        Yesterday's

      • Re:Thank you Gary (Score:4, Insightful)

        by asscroft ( 610290 ) on Sunday July 24, 2005 @07:30PM (#13152368)
        Karl Rove reveals the identity of a US SPY during a time of war and he'll likely get a promotion. This guy hacks in to look at some pictures of weather balloons and they're ready to brand him a cyber terrorist. FTS.

    • Re:Thank you Gary (Score:5, Interesting)

      by thelost ( 808451 ) on Sunday July 24, 2005 @04:01PM (#13151171) Journal
      I found a recent interview [smh.com.au] with him interesting as in it he mentioned that he was far from the only one nightly sneaking into US Gov computer networks, saying that he saw many others from all over the world doing exactly the same as him. How well protected are these systems really then?

      • Re:Thank you Gary (Score:4, Funny)

        by yotto ( 590067 ) on Sunday July 24, 2005 @04:20PM (#13151286) Homepage
        Please don't take offense at me if I voice my inability to believe the word of someone who breaks into military computers to look for evidence of UFOs. "I see people breaking into these comptuers all the time." Was that before or after you were pulled into the mothership and shown the proof that we never landed on the moon?

        • Re:Thank you Gary (Score:5, Insightful)

          by munpfazy ( 694689 ) on Sunday July 24, 2005 @06:43PM (#13152146)
          >Please don't take offense at me if I voice my inability
          >to believe the word of someone who breaks into military
          >computers to look for evidence of UFOs.

          Breaking into a government computer to look for evidence for UFO's is a perfectly rational decision. If you believe that there's a conspiracy to hide information and that there's no legitimate way to obtain that information, going after it in this way makes perfect sense. (Allowing yourself to be caught doing it is pretty dumb, but he readily admits to having been dumb on that count.)

          While he may be wrong, that doesn't make him insane or unreliable.

          The fact that he claims not to have found the evidence he wanted - outside of a photograph of a weird looking aircraft and the phrase "non-terrestrial personnel" in a document - makes him seem all the more reliable. He's not a crackpot falling over himself to misenterpret or invent data.

          He's just a guy who went too far following a reasonable (if wrong) idea, and the care with which he described what he did observe is admirable. If all the UFO nutters were as precise as him, there'd be a lot fewer UFO nutters out there.

          >"I see people breaking into these comptuers all the time."
          >Was that before or after you were pulled into the mothership
          >and shown the proof that we never landed on the moon?

          LTFI.

          That's exactly the sort of thing he didn't say.
          (I was expecting to hear something similar myself.)

      • Re:Thank you Gary (Score:3, Informative)

        by niittyniemi ( 740307 )


        > How well protected are these systems really then?

        Badly.

        I heard the interview on the World Service and he said in the interview that he broke into Windows machines using user admin where the password hadn't been set. Remember that MS-SQL used to ship like that by default? But I bet he used others too eg. IIS.

        So his uber 133t hacking skills involved the use of Google and setting a password!

        He said that netstat and traceroute on IP addresses showed that the boxes already had active tcp/ip

    • Re:Thank you Gary (Score:2, Insightful)

      by Seumas ( 6865 ) *
      The BBC World Service has a half hour audio interview with British hacker Gary McKinnon. As recently reported on/. and BBC News, Gary was arrested and freed on bail pending extradition proceedings to the U.S.. There, he faces charges of gaining unauthorised access and causing criminal damage to military computers in his search for evidence of UFO coverups and anti-gravity technology of extra-terrestrial origin.

      Doesn't this make him:

      + A cracker - not a hacker.
      + Insane.
      • Doesn't this make him:

        + A cracker - not a hacker.
        + Insane.

        Thank you!

      • Re:Thank you Gary (Score:5, Insightful)

        by Tim C ( 15259 ) on Sunday July 24, 2005 @04:53PM (#13151501)
        + A cracker - not a hacker.

        You've lost that fight; time to move on to one you have a chance of winning. Language use changes, and hacker has changed to mean cracker, as well as programmer or other similar geeky type. For that matter, the former is *all* it means to the public. Carry on calling people hackers if you wish, but most people will get entirely the impression.
        • I agree: "hacker" and "cracker" are synonymous, despite what ye olde hackers believe. It seems that this happened so long ago, that it's way beyond quixotic to keep up the fight now:

          Check out this thread, dated March 7, 1989:
          http://catless.ncl.ac.uk/Risks/8.36.html#subj3 [ncl.ac.uk]

          Brad Templeton wrote: It is with regret that I have to say that this fight has been lost. "Hacker" and "computer criminal" are now equated in the public mind, to the extent that this use of "hacker" now appears in newspaper headlines.

        • Re:Thank you Gary (Score:3, Informative)

          by the_womble ( 580291 )
          To be fair to him lots of words have different meanings within and outside particular groups of people.

          However I do think hacker is a lost cause, because the two meanings are too similar. However while those of you who want the word used correctly, could you help improve precision which we can use the English language by also being careful to use the following words strictly according to their original definitions:

          gay: happy, jolly
          rude: rustic, crude
          gentleman: person with enough property not to need to wo

    • Re:Thank you Gary (Score:4, Insightful)

      by A beautiful mind ( 821714 ) on Sunday July 24, 2005 @04:15PM (#13151251)
      Let's just point it out: he's a script kiddie. He basically didn't do anything that 6 month experience using the internet and an interest in UFOs wouldn't teach him.

      He got into a bloody cemetary ffs! He only got in because the military personnel there were too stupid to change the default password. He used his own email address for god's sake!

      a 70 year penalty for something a script kiddie can do is more than harsh: it's outrageous.
    • The 900k USD figure is ofcourse trumped up. It would include the direct costs of reinstalling all of the computers that were compromised or suspected of being compromised. This figure would also include the forensics and investigation costs. These costs do add up quickly. Labour, even army labour, is not cheap, and lots of staff across organizations would have been involved. The 900k would also include bullshit costs such as the time spent by a General to read the incident reports, and the cost of the pizza
    • The guy deleted 1300 accounts! If my account at work just disapeared one night, it would certainly cost them more than $1000. $10,000 wouldn't suprise me. Code, contacts, calander, and content can add up.

  • Once again... (Score:2, Insightful)

    by rel4x ( 783238 )
    ...Reminding us that you don't necessarily have to be stupid to be more than a little crazy...

  • Anti-Grav? (Score:5, Funny)

    by yotto ( 590067 ) on Sunday July 24, 2005 @03:52PM (#13151128) Homepage
    If he found the plans for anti-gravity, why doesn't he just make some boots or perhaps a belt and leap over the wall? That's what Lex Luthor would do.

    • Re:Anti-Grav? (Score:3, Interesting)

      by itistoday ( 602304 )
      I understand you're joking, but listening to the interview reveals that he did not find any information in regards to anti-gravity. However, he claims to have found plenty of evidence for UFOs, mainly in the form of very high-resolution images. Whether or not the owner of that particular system he was on intentionally left those images there for conspiracy theorists like him to find remains unknown...

  • He's in for it (Score:4, Interesting)

    by confusion ( 14388 ) on Sunday July 24, 2005 @03:53PM (#13151131) Homepage
    The US government is going to make an example out of him, assuming he actually gets convicted.

    I have to say, though, that even if the government computers were wide open, finding documents about UFO's seems like looking for the proverbial needle in a haystack.

    Jerry
    http://www.cyvin.org/ [cyvin.org]

    • Re:He's in for it (Score:2, Insightful)

      by Mahou ( 873114 )
      not really, any UFO documents could just be a bunch of fake stuff to distract hackers so they don't actually find anything important. seriously why would you have UFO files connected to a network (assuming you would have any digital data in the first place rather than just paper and ink) unless as misinformation?
      • I'm guessing the reason they have these computers hooked up to the internet with important stuff on is the same reason they have default passwords.. cos they're 'tards who specialize in military stuff rather than security stuff, like he says in the interview.

        He didn't find anti-gravity tech. If the UFO files he found were bullshit, slamming a 70 year jail sentence in a prison which has a record for abuse of their tazer belts seems a little harsh, no? $900k worth of damage caused by some guy looking around
    • he sounds like he's well on his way to an insanity defense ....

  • Hack this format (Score:3, Insightful)

    by Free_Trial_Thinking ( 818686 ) on Sunday July 24, 2005 @03:56PM (#13151144)
    How about someone hack this real player (tm) interview and put it into MP3 for us?

    I'll do it if someone sends me instructions. I think this BBC encourages remixing, and format changing stuff, right?

    Sincerly,

    A concerned /. community member in MD, US
  • If I were the government, i'd have a weak-security honeypot sitting out there somewhere with faked UFO documents. That way when someone see's them, they'll think, "Big Bird is a front for communication to other aliens to tell them that we're already owned by the greys!"

    The funny part comes when they try to go to the media.
    • " If I were the government, i'd have a weak-security honeypot sitting.."

      Yeah, well if _I_ were the govt, I'd put the same fake info in the same type honeypot, but my govt would be smart enough to make that "fake" information _real_ so that real info is discredited along with the hacker. Two birds, one stone. But that's just me and my vastly superior govt. Thank God we have people like you running ours. :)

  • Poor Goofball (Score:3, Interesting)

    by Kr3m3Puff ( 413047 ) * <meNO@SPAMkitsonkelly.com> on Sunday July 24, 2005 @04:03PM (#13151178) Homepage Journal
    The guy thought that 9/11 was a hoax and thought he found evidence of UFO's and "Non-Terrestrial Officers" being transfered, thinking that there is some fleet of Anti-Gravity Spacecraft. Now he is facing 70 years in an American federal prison. That is a lot of work for nothing really show for it.

    Silly American military for setting up Windows with blank administrator passwords too. Whole thing is kinda silly.
    • No, he thought 9/11 was a conspiracy (which was his own words). It could have been set up by the gov't, blah blah blah. A hoax would mean it didn't happen at all.
      • And in the interview [spy.org.uk] he admits he found no conspiracy at all. It clearly sounds like it was just a random thought he had (a lot of people had similar thoughts about 9/11, that's only normal nowadays), so he investigated it to see for sure.

  • 70 years is too much but.... (Score:5, Insightful)

    by ShatteredDream ( 636520 ) on Sunday July 24, 2005 @04:07PM (#13151204) Homepage
    Just because you can do something, doesn't mean you should. If you know you're not supposed to sneak around a company or agency's property, then why do you think it's ok to break into their computers? In most parts of the world, just walking into someone's house and looking around without the owner's permission would get you beaten or killed by the owner. It's common courtesy and most of these "hackers" seem to lack any of it.

    As for the "horror" of his extradition, don't blame uncle sam. The British government is big enough to tell our government to piss off if it felt such a thing weren't warranted. The main reason that we don't do such a thing to our citizens is that most countries that would want our people sent over to them wouldn't give them a fair trial, and that's not inherently because they're American. A Chinese is probably no more like to get a fair trial in Mugabe's Zimbabwe than an American. Foreign governments know that if our people attack them, that our law enforcement will arrest them and prosecute them, even if the country is hostile. The feds threatened to arrest the Americans who defaced Chinese websites after the PLA-Air Force brough our AWAC down early in Bush's first term. Few governments, China's especially, would do that to their own people.

    Every so often I get some dumbass at my university trying to get me to teach them those "mad skillz" of h@x0ring that apparently all CS majors have. My interest was always in programming, not in things like that. They even have the gall to look at me like I'm the asshole, when I tell them that I've never bothered to learn such things, that I feel that what they want to do is morally wrong and that they should learn to actually respect others' privacy and property. The same people would probably wonder what the hell is wrong with someone who asked them to teach them how to use a jimmy to open up some frat boy's car so they could screw around in his mustang. IMO, there's really no difference.

    • Re:70 years is too much but.... (Score:5, Funny)

      by The Ape With No Name ( 213531 ) on Sunday July 24, 2005 @04:18PM (#13151275) Homepage
      Just because you can do something, doesn't mean you should.

      You have just disqualified yourself from any position in the current US Administration.

    • The main reason that we don't do such a thing to our citizens is that most countries that would want our people sent over to them wouldn't give them a fair trial, and that's not inherently because they're American. A Chinese is probably no more like to get a fair trial in Mugabe's Zimbabwe than an American.

      And people wonder why the US is loathe to join the ICC. [icc-cpi.int]

    • The feds threatened to arrest the Americans who defaced Chinese websites after the PLA-Air Force brough our AWAC down early in Bush's first term.


      I am not familiar with this incident... could you please elaborate?
    • Actually, you really need to listen to the interview.

      He doesn't consider what he did okay, and he even says feels bad for it. Maybe you call bullshit on this one, but I don't honestly think so... I don't think he's lying, he's just insane--not like (most) of the people at your school.

      The man is a complete nut (really, listen to the interview)... he talks about the proof of UFO's he's seen, and most importantly, he isn't defending himself like a sane person would. Instead of making up a story, or letti

    • The joy of hacking is in discovery, whether or not you are an asshole is neither here nor there. I think you really just don't "get it". There is a complete rush in obtaining "forbidden knowledge" that has been a core value in human history. There are multibillion dollar industries in place that are profiteering for just that reason. Check your inbox if you need proof: Need to be a better lover? How bout hidden transdimensional communication device secrets?

      You may have smoked a bit of the ivory in the

    • In most parts of the world, just walking into someone's house and looking around without the owner's permission would get you beaten or killed by the owner.
      Jesus Christ, are you serious? If so, you have aseriously fucked up view of the world.
      • Assuming you're from the UK, you find it surprising that someone might beat the crap out of someone else for barging into their house, in spite of the fact that there are riots and deaths pretty much every year over sports? At least the grandparent's view of the world is based on reality.
    • "In most parts of the world, just walking into someone's house and looking around without the owner's permission would get you beaten or killed by the owner. It's common courtesy and most of these "hackers" seem to lack any of it."

      I'm not sure that it true that simple trespass is met with automatic violence in most parts of the world. In many places there are strong social customs that treat trespassers as a guest unless there is evidence that the trespasser has bad intent.

      In english commonlaw there is a clear distiction between criminial and civil trespass. Basicly, you have to break in for trespass to be a crime. If you walk in the front door and then leave, it is rude, but not a crime. Also, under English common law the property owner can ask the trespasser to leave, but they are not allowed to force them off the property. The police must be called if the trespasser refuses to leave. Of course, if the trespasser threatens the owner the minimal amount of force to defend yourself is allowed.

      As far as I can tell, while most people don't want strangers bounding into their living room, only the USA has the "old west" shoot 'em first and ask questions later mentality.

    • For comparison: This guy caused 900k of damage (figure inflated, because you always inflate damages). He's looking at 70 years of maximum security. Nasty.

      Ebbers caused *11 billion* in damages. Over 1000 times as much. He got 20 years of soft time. Yes, Ebbers could have gotten more, but anyone want to place bets that this guy will get 20 years in a low security prison near his home so his family can visit?

      Patrick Quinlan, the CEO of MCA financial, led a fraud scheme worth $256 million. He got the maximu

  • I don't care if he found a picture of ET doing shots with Paris Hilton. He hacked into a computer system and started fucking around. I don't care if he's a scapegoat - he still broke the law.

    • I think an insanity defense could work well for him.

      If you're insane, you're not responsible for your actions, you're just as guilty though. Big difference...

      • Yes, but 'lay-person insane' and 'legally insane' are two very different things.

        To be legally insane, it must be demonstrated that you do not understand the difference between right and wrong, as defined by the rest of society.

        He apparently did know the difference, since he said he feels bad about doing it afterwards.

        If you feel guilt or regret for an action, it follows that you knew what you were doing was wrong.

    • Re:Nutters are Criminals too.. (Score:2, Insightful)

      by Anonymous Coward
      And yet the Watergate reporters were hailed as American heros. How many 'laws' do you think they would have to break today to get a story?

      If you assert that the ends never justify the means when the law must be broken then consider the shooting last week of an unarmed and innocent man in London who was 'resonably suspected' of being a suicide bomber. The cop that pulled the trigger (5 times at contact range) made a bad one and will live with it for life, its a mess. However his reasonable suspicion led him
      • The problem is where to draw the line.

        In America the lefties are screaming about civil rights and torture in Guantanamo, but by your reasoning it's ok if it's for the greater good.

        We must view the law as strict, uncompromising, and applying to everyone. However, in cases for which the common good was served, a congressional or presidential pardon should be considered - after the law has had it's say.

  • Extradition (Score:2, Insightful)

    by panurge ( 573432 )
    Is it true that inmates of US jails are regularly subjected to homosexual attack without protection from the authorities, as the accused seems to believe? It seems to be a common theme here on /.

    If so, I would hope that an English judge would block extradition on the basis of the failure of the US to subscribe to the UN Declaration on Human Rights.

    Of course, in the UK prison system you have the right to inhabit overcrowded cells, be locked up with racist murderers to see if you get killed, and eventually c

    • yes (Score:3, Informative)

      by subtropolis ( 748348 )
      No escape: Male Rape in US PRisons [hrw.org]

      Most guys raped are guys for there first time locked up, between the ages 18-30 that looks young, not strong, looks lonely, scared. Guys watch these things.
      -- M.F., Ohio, 9/6/96

      I was "rented out" for sexual favors, and a lot of the guys who rented me are not rapists, or assaulted as children, or any other stereotypical model. They just wanted some sexual satisfaction, even though they knew I was not deriving pleasure from it, and was there only because I was fo

  • I call B.S. on some of what he says (Score:4, Insightful)

    by fakeid ( 242403 ) on Sunday July 24, 2005 @04:09PM (#13151214)
    At one point in the interview, this guy talks about some of the things he saw, in regards to UFO activity. He claims he was able to view a "large image" over "graphical remote control", but he didn't have any proof because it was "too large to download". Uhm, if it's being displayed on your screen, that's taking the same amount of time to download I would guess; even if he was seeing a scaled image, he could still do a screenshot, right? I think he's both a bit crazy and/or a liar...

    I will agree that $900,000 of damage seems a bit of out line, however.
  • A Guardian article [guardian.co.uk] interviewing McKinnon with much of the same information in the audio interview. The most interesting part of his XYZ conspiracy "evidence" that McKinnon describes is the "non-terrestrial officers" mentioning he found in US military documents. He seems to believe that a complete U.S. space army already exists, with those involved based in military orbiting stations.

    • ...McKinnon describes ... the "non-terrestrial officers" ... he found in US military documents. He seems to believe that a complete U.S. space army already exists, with those involved based in military orbiting stations.

      And earlier today, General Richard Dean Anderson said that bastard cracker who stole the script for the next season of Stargate SG-1 would be tracked down and punished to the full extent of the law.

  • Sad (Score:5, Insightful)

    by roman_mir ( 125474 ) on Sunday July 24, 2005 @04:52PM (#13151493) Homepage Journal
    I just read the transcript, it is a very sad story. The guy got hooked on doing things he shouldn't have been doing, fucked up his personal life - stopped working, broke up with his GF. I think this thing really became a game to him. Like the online multi-player games, this consumed him. He got so bad though, got really sloppy, needed more and more excitement. Used a remote tool to manipulate desktops to leave messages. It is almost as if he wanted to be found. The guy is into self-destructing behaviour. I think this is a very sad story because he got what he wanted.

  • Rich! (Score:2, Funny)

    by PingXao ( 153057 )
    From TFA:
    "The Americans have a secret spaceship?" I ask.
    "That's what this trickle of evidence has led me to believe."
    "Some kind of other Mir that nobody knows about?"
    "I guess so," says Gary.
    "What were the ship names?"
    "I can't remember," says Gary. "I was smoking a lot of dope at the time. Not good for the intellect."

    This is too funny! They can make an example out of him in both the War on Terrah and the War on Drugs!
  • At hohocon (this was Defcon before there was such a thing as Defcon), in 1991, in Austin TX, Erik Bloodaxe and Doc Holiday from LOD announced "project green cheese", designed to entice hackers to to break into military systems to uncover evidence of extra-terrestrial activity. I don't think anyone took it seriously, but this is the first time since that in where I've heard of someone actually attempting something similiar to this (or at least with this type of motive).

    This was the same con where John Drap

  • Okay, I can't argue that this wasn't hacking, but having recently been accused of it myself, I'm curious where other people stand.

    intentionally vague but true

    In my case, I was given a username and password and address of a server for ftp. I wondered what else was out there so I logged in via ssh. No special trick needed, the firewall was open, I had a server account, had a shell and all I did was gather a little basic info on what the server was and what it was running. Apparently nobody realized they

  • My Experience (Score:5, Interesting)

    by techsoldaten ( 309296 ) * on Sunday July 24, 2005 @06:33PM (#13152106) Journal
    I have experience working with the U.S. Federal Government as an IT contractor in various capacities. While I find it completely possible Mr. McKinnon penetrated a system using a default password and was able to access various documents, I strongly doubt people's interpretations of what he saw.

    This is based on several factors in his story, including the ease with which he was able to penetrate this system as well as the total lack of understanding of the English language common to people in positions of authority in the U.S. Federal government.

    First off, I have had the displeasure of being party to audits by the Office of the Inspector General and am familiar with their standards for assessing IT policy based on the security level of content being housed on the server. They are fairly standard, highly regimented, and include every possible protection someone could have imagined 3 years ago.

    While these requirements do not automatically extend to military networks, they are regarded as being less stringent than military networks (for instance, you will commonly see references to 'military grade standards' when receiving proposals from other contractors).

    One specific requirement of an OIG assessment is evidence of the enforcement of a password security. They check to see whether users are required to have passwords, how often passwords expire, how many characters should be in each password, the minimum number of characters that must be non-alphanumeric, etc.

    The type of content Mr. McKinnon accessed surely would have been classified secret if it referred to a non-public military capability, and would probably be top secret if it referred to something of extraterrestial origin. 100% of servers containing secret documents are hardened against attack in public agencies, and I would assume the same is true with the military.

    All this leads me to believe it is extremely unlikely Mr. McKinnon saw what he thinks he saw, or else he is probably not being truthful in his description of how he cracked the system. I prefer to think of this in the former, but cannot really render judgement without seeing the source materials.

    The other reason I am extremely skeptical of the idea Mr. McKinnon understood what he was seeing is that people in positions of authority in the U.S. Government and in the military tend to be unable to understand English to the point they are bordering on illiterate. This is not an exaggeration, I know of several agencies that require all of their SES officers to attend remedial English classes as a requirement for employment. These people commonly use words with total disregard for their meaning, their memos often communicate instructions which are exactly the opposite of their intended message, and most importantly, they give names to things which are wholly inappropriate.

    If Mr. McKinnon saw a memo referring to non-terrestrial officers, we can only guess at what that term may mean. My guess is that it refers to aerial or naval forces, but it really could be anything.

    M

  • Extradition (Score:3, Interesting)

    by shrewtamer ( 521554 ) on Monday July 25, 2005 @02:27AM (#13154127)
    That interview was a good listen. Thanks for the link.

    I am concerned that the alleged crime did not take place on American soil. So far as I know this bloke hasn't even been to the States. Certainly the "hacking" seems to have been done from a London flat.

    If it happened on British soil the Americans should have the decency to respect the British courts to deal with it under British law. However decency is not something that we've come to expect from America in it its dealings with the rest of the world.

    I suppose this does raise a serious question about where it actually did happen. Personally I'd say that while the effects were in the states, the direction and motivation happened in the UK and so this is where the crime took place. This seems to be by far the simplest and most pragmatic legal interpretation.

    The ammount of damage he is being charged with doing seems to be ludicrous. Ok I can see how the compromised systems needed to be rebuilt....but their state of security was patently so shocking that this was required in any case - he saved them money by pointing this out sooner rather than later.

    It also seems clear that this guys motivations were not malicious to the United States. I think the British courts should tell the US to stop whinging and concentrate on securing their systems. Even if their systems were unlawfully penetrated they lacked dillegence in insuring that data, particularly confidential data was not in the plain on any machine ever connected to a network.

    The revelation that there exists a fleet of American spaceships is rather worrying. Is the American military under alien control? I don't believe these people could've sorted out a space fleet by themeselves - not without a blue room. Was the bombing of Iraq carried out under alien orders? If Bush and his supporters think they can get away with planting a load of goof on some computers and saying "I didn't do it", they've got another thing coming. I don't believe a word of it.

    Seriously though this guy is obviously harmless. If he did any harm then its not his fault. If someone nipped into an army base and made off with some missiles and tanks then blew a few small towns up then it would be right to be more concerned with military security than the actions of the passing nutter. In fact I'd hold the military wholly responsible. I demand my right to be a passing nutter! Whether u grant it or not there will always be passing nutters.

Slashdot Top Deals

The Tao is like a glob pattern: used but never used up. It is like the extern void: filled with infinite possibilities.

Close