The Wi-Fi Hacking Neighbor From Hell

Hugh Pickens writes "Barry Ardolf, a Minnesota hacker prosecutors described as a 'depraved criminal,' has been handed an 18-year prison term for unleashing a vendetta of cyberterror that turned his neighbors' lives into a living nightmare. Ardolf hacked into his next-door neighbors' Wi-Fi network and used it to try and frame them for child pornography, sexual harassment, various kinds of professional misconduct, and to send threatening e-mail to politicians, including Vice President Joe Biden. The bizarre tale began in 2009 when Matt and Bethany Kostolnik moved into the house next door to Ardolf. On their first day at their new home, the Kostolnik's then-4-year-old son wandered near Ardolf's house. While carrying him back next door, Ardolf allegedly kissed the boy on the lips. 'We've just moved next door to a pedophile,' Mrs. Kostolnik told her husband. The couple reported Ardolf to the police, angering their creepy new neighbor (PDF). 'I decided to "get even" by launching computer attacks against him,' said Ardolf, who downloaded Wi-Fi hacking software and spent two weeks cracking the Kostolnik's WEP encryption. Then he used their own Wi-Fi network to create a fake MySpace page for the husband, where he posted a picture of a pubescent girl having sex with two young boys. Ardolf turned down a 2-year plea agreement last year to charges related to the Biden e-mail. After that, the authorities piled on more charges, including identity theft and two kiddie-porn accusations carrying lifetime sex-offender registration requirements."

2 weeks for a WEP?

[LordAzuzu]

Noob! :)

Re:

[wisnoskij]

He obviously is, encase there is anyone on this site who knows little about wireless security it only takes a few minutes to crack WEP and it is extremely easy to do.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[IANAAC]

I only read the summary, so I don't know the specifics, but it's also entirely possible for someone to purposely use WEP. There are many older WiFi devices out there made less than 6-8 years ago even that offered WEP as the only "secure" option.

I still have a WiSIP phone that only does WEP in use (and works like a champ!), although I keep it on a separate AP.

Re:2 weeks for a WEP?

[LordLimecat]

It only takes a few minutes IF:
A) there is a decent amoiunt of traffic going on.
B) You do active cracking, sending all sorts of bogus traffic and making the router light up like a christmas tree, as well as causing suspicious disconnections
C) Corollary to B, you have a wifi card capable of injection

Otherwise, you need to do passive sniffing to get enough IVs to actually crack it, and that really depends on whether you are sniffing when their primary usage times are, and how much data they regularly pull over wifi.

Re:

[Larryish]

Was he using a Hermes I card?

If so, injection does not work out-of-the-box.

It could well take 2 weeks to learn to use the tools and then gather sufficient data.

BTW does anyone have an angle on patching a Hermes card for injection?

Kernel 2.6.18 on Debian

Re:

[mwvdlee]

Presuming he didn't know anything about cracking WEP before he started, two weeks seems about right to get to grips with the tools and technology required.

Re:

[DJLuc1d]

Wouldn't matter, WEP attacks can be performed offline.

Re:

[phillips321]

Ummm, WEP requires enough IVs to crack, either through sniffing the network and capturing IVs (slowly) or by using a replay attack against the router in order to massively speed up the IV collection process.
WPA on the otherhand can be performed offline once the 4 way handshake as been captured.... (Which can be optained by waiting for a valid client to connect or by de-authing the clients and then capturing the handshake once they reconnect)

Re:

[Eponymous Coward]

WEP is worthless. If your password is random characters, you could likely crack it faster than you can type it in.

Re:

[nedlohs]

Given there's a passive attack against WEP the router can't possibly block you. Heck there's an active attack that just replays packets so you'll have to block yourself...

Even the brute force key guessing technique is done offline on a single captured packet. Your router is magic!

Re:

[Tx]

That's the only interesting part though, the rest can be summed up as "Complete asshole behaves like complete asshole". There was nothing technical clever or new about what he did, although he went further than most such incidents I've heard of, but few slashdotters will be at all surprised that that kind of thing is possible. The only surprise is that it doesn't happen more often, more subtly ... or does it?

Re:2 weeks for a WEP?

[Applekid]

That's the only interesting part though, the rest can be summed up as "Complete asshole behaves like complete asshole". There was nothing technical clever or new about what he did, although he went further than most such incidents I've heard of, but few slashdotters will be at all surprised that that kind of thing is possible. The only surprise is that it doesn't happen more often, more subtly ... or does it?

Reading the TFA from ars [arstechnica.com], the reason why he was caught was because he wasn't clever at all:

1) The only reason why he was caught is because his malicious actions were intertwined with his normal web traffic (his name in plain text and Comcast packets). He could have used a clean purpose-built computer for his torture, like a laptop, that wasn't configured for his own network at all, and hid it in a safe deposit box or something and they never would have figured out where it's coming from without a long and arduous task with a spectrum analyzer.

2) Ardolf did so much stuff on the target network that it raised suspicion. It's the same thing that happens to regular criminals: they get greedy and keep coming back for more. If he just went right for the terrorist threats and never ever connected again, his neighbors would never have had any reason to suspect external hacking. Even then, his prank emails to coworkers and social network profiles were so out there that they were obvious. There must have been many more subtle ways to do damage that aren't immediately obvious.

3) The neighbor works for a law firm and they were willing to spend the resources to check out his home network and find the unknown device as well as install a sniffer. I don't see a middle-manager working for a sub Fortune-500 company getting that same kind of help, they'd probably sooner call him a schizoid and fire him instead of dealing with that.

If he was a little smarter, I think he very well could have gotten away with it framing the innocent.

Re:2 weeks for a WEP?

[EraserMouseMan]

Yea, no kidding. After reading an article about a sick pedophile trying to frame his neighbors my first thought was, "I could have done that in a fraction of the time." Quite reassuring to know everyone else on /. thought the same thing.

It's OK!

[muckracer]

They had nothing to hide anyway...

Would MAC address filtering counter this problem?

[Yold]

What additional security measures can be taken to thwart script kiddies like this guy? Is MAC address filtering + WEP/WPA encryption (or one of those) sufficient security. At this point I want to shut the fucking WiFi off, but there are others in the household who wouldn't go for that.

Re:

[drinkypoo]

What additional security measures can be taken to thwart script kiddies like this guy?

Well, there's always physical security. You catch someone doing something like this, and you put them under arrest yourself and then hope they resist, at which point you may use necessary force to subdue them. In California, anyway. Bring a witness with a camera.

Re:

[MichaelSmith]

Some nodes can change their MAC address, so you just need to monitor the network for a while and spoof a good MAC address which is not in use.

Re:

[Rashkae]

Consider the Wifi network as "open" and use it only to connect VPN nodes (such as OpenVPN, for example.) This does require that you use a PC as the Internet gateway/NAT/VPN server.

Re:

[cduffy]

And that would have protected against what happened here how?

The neighbor would have been able to use him as a source address for traffic -- but *not* to steal his usernames and passwords out of the air.

Re:

[Riceballsan]

The only passwords I'm seeing that this guy stole in TFA was the WEP key. Apart from that it looks like he just used the persons connection to create new accounts to frame him for anything and everything he could get away with.

Re:

[cduffy]

Hmm -- I didn't catch that it was new accounts. Depending on how his corporate email system was secured, it may or may not have been necessary to steal username/password credentials to send messages appearing to be from the intended target.

Re:

[Charliemopps]

I shut it off anyway. If you don't have a wire, you don't connect to my network.

Re:Would MAC address filtering counter this proble

[dltaylor]

Most NICs support either intentional or "back-door" MAC address cloning. Cloud-computing resources can crack your WEP (trivial), WPA (harder/slower), and WPA2 (much harder and slower, but still doable, unless you rotate them daily).

Then, if you have implemented some reasonable level of security, when the jackboots kick in your door, you'll have a much harder time defending yourself during the pre-trial investigation, and, then, assuming you live long enough, in court, due to the security you put into place, obviously trying to hide your evil actions.

At best, you can discourage casual (mis-)use of your WiFi, but that wouldn't help against a long-term attack like this one.

If you're worried about it, shut it off, and run the cable, as I have.

Re:

[at_slashdot]

WPA2 is probably adequate, MAC address filtering would probably stop only very incompetent hackers, it's pretty useless in my understanding (correct me if I'm wrong)

Re:

[nitehawk214]

WPA2 is probably adequate, MAC address filtering would probably stop only very incompetent hackers, it's pretty useless in my understanding (correct me if I'm wrong)

You may be right about that. Can you find the MAC addresses of systems connected to a network you are passively sniffing? Then it is a matter of waiting for that system to go offline (such as the case for a laptop or phone), then steal its MAC. In this case the hard part is getting past the WPA2.

Re:

[rhook]

If you use WPA2 and a strong WPA password that is 18+ characters long you don't have much to worry about. MAC filtering is easy to bypass and WEP is a joke.

Re:

[beezly]

MAC address filtering is useless against a determined attacker. Your best bet is a WPA2 PSK with a long key, unless you fancy setting up WPA2 Enterprise.

Re:

[buddyglass]

MAC filtering + "something better than WEP" (e.g. WPA2) + don't broadcast your network's SSID. Of course that makes it sort of annoying when you have guests over to your house who want to connect to your network.

Re:

[shoehornjob]

Every device that has access to the internet in my house is listed in the mac address filter on the router. I use a wpa-tkip-aes key as well as stateful packet inspection. The reality of it is any asshole (like the one mentioned above) who is motivated enough will eventually break my security key. I just do the best I can to make it a pain in the ass to all that are not truly motivated. As a parent I would have had something to say about a stranger kissing my child but to call the police and report him as a

Re:

[heypete]

Why not use WPA2-AES, rather than WPA-TKIP/AES? The latter has only the minimum strength of WPA-TKIP (which isn't terribly strong).

No sense in exposing your network needlessly.

Re:

[grumling]

http://www.random.org/passwords/ [random.org] has a fairly good pw generator. Make a bunch and pick 2 strung together.

Re:

[grumling]

Or it could be the author of the article has his head up his ass and just calls all wireless security WEP.

Re:Would MAC address filtering counter this proble

[TheCRAIGGERS]

Yeah, Mac filtering is pretty useless. I mean, what's the chances of a leet hacker using a Mac?

Steven Seagal's Apple Newton notwithstanding.

Re:

[ArsenneLupin]

1. spoofing an IP will not get you past MAC address filtering

So you just spoof your MAC address as well. It's not as if this was rocket science (... as anybody would know who ever sat in a boring airport lounge..)

Re:

[1s44c]

1. spoofing an IP will not get you past MAC address filtering

So you just spoof your MAC address as well. It's not as if this was rocket science (... as anybody would know who ever sat in a boring airport lounge..)

You don't have to spoof your IP address at all. Just spoof the MAC address and let DHCP take care of the IP address.

Re:

[ArsenneLupin]

Indeed, in most cases this works... unless the DHCP server is smart enough to know that the re-request came way too early (the Mac still has a lease, and it's still valid several hours...)

Re:

[rhook]

There are plenty of WPA and WPA2 cracking services online, pretty much just a click away. These services rely on their "rainbow tables" for WPA/WPA2, which if you use a non-standard SSID and a long (18+ character), strong password are pretty much useless. Once the WPA password passes about 14 characters the table generation time starts running into years.

Re:

[rhook]

Not broadcasting the SSID is a pretty worthless security measure. If you have a wireless client connected I can see your SSID.

Re:

[gatkinso]

True, but make them go through the effort.

It is one more step, which when revealed in court, will help hang them.

Good riddance

[nharmon]

I often balk at the sentences our judicial system hands down (too much punishment for minor offenses, too little for major offenses), but in this case I think the punishment fits the crime.

Re:

[tripleevenfall]

the only fitting punishment for a pedophile is execution, for me

Re:

[grumling]

Assuming there is NO DOUBT at all, like the accused actually performed the act in the courtroom.

I'm against the death penalty, only because I see how the rest of government performs and can't believe the judicial system is any better.

Re:

[wintercolby]

I agree, but I think the standard for conviction in capitol punishment cases needs to be stronger than "Reasonable Doubt" because you can't take back execution.

Re:

[erroneus]

I have to disagree. Generally speaking, the source/cause of paedophilia is mental and/or emotional immaturity. There are other causes, of course, but "loving children" as it were is a rather misunderstood problem often accompanied by the very same witch hunt mentality you exhibit.

And the problems we see these days are only made worse by current marketing and advertising trends, increased paranoia and a general failure to address causes and sources.

Death is not a punishment. It is a remedy for society. D

Re:

[liquiddark]

The dude kissed a little boy who wandered over to his house while he was bringing said little boy home. Murder is not the appropriate response.

Re:

[geekoid]

pedophiloe appears to be a red herring.

I am a parent. I also know a lot of other parents. It would not be unusual fro a 4 year old to random kiss someone who was carrying them, yes even on the lips.

Read the PDF: It happened when she wasn't looking. Why the hell would she suddenly turn around when a stranger was holding her child?
The child said it happened, but only after more then enough time for the memory to be implanted from hearing speculation from it's parents.

Saying this incidence is pedophile is li

Re:

[nschubach]

I suppose he doesn't have to worry about them if he's dead.

Re:

[Machtyn]

I agree that the mother over reacted by calling the police. Marching up to the guy and giving a major scolding is more likely effective. If he then tried to kiss me, a good decking and then call the police. But seriously? A sustained hack attack against your neighbors because they confused your cultural greeting with pedophilia - especially retaliating in such a way that will mark you as a pedophile is not very smart at all.

perceived sleights

[circletimessquare]

turned into byzantine obsession is a sign of a person who will do nothing but bring grief to anyone who ever touches his or her life

if you ever meet this type, back off slowly smiling, then run like hell

their feeling of disempowerment and helplessness (self-learned) and the eternal fight against that (fruitlessly projected outwards) is all they know, it defines their entire existence

Re:

[circletimessquare]

that is the grim calculus isn't it?

there is no easy answer here

Re:

[definate]

If it's the grim calculus, then just differentiate with respect to their ever changing mood, and slowly slowly back away on a tangent.

Re:

[bhtooefr]

If they come after you, make sure you're living in a state with a good castle doctrine, and have a firearm?

Oh, wait, that's death.

Why the sex offenders registration?

[L4t3r4lu5]

The guy didn't download the CP for sexual purposes. He's not a paedophile, just a warped anti-social individual.

That register is for people who have a proven (and acted upon) attraction to minors; Those who are a danger to children. Adding him to the list dilutes it and mitigates its usefulness. What he did should be covered by libel / defamation laws. He deserves to be taken out of society for what he did to that family, but there's nothing in there which supports the idea that he's dangerous sexual offender.

Re:

[TheCarp]

Yes but... that is "justice" for you. He committed the worst, most heinous crime in our court system... he refused the plea deal.

Seriously... 2 years to 18... he is quite litterally getting 16 more years and a lifelong sex offender registration... because the prosecutor was insulted and wanted to become the persecutor.

That said, no defense of this guys actions, he is clearly off his rocker. That still doesn't make this response appropriate

Re:Why the sex offenders registration?

[Combatso]

but there's nothing in there which supports the idea that he's dangerous sexual offender.

uh, so kissing their ten year old son on the lips against his will doesn't qualify?

Re:

[L4t3r4lu5]

I can see I'm going to have to explain the word "allegedly" to a lot of Slashdotters today.

Read the PDF document linked in the stub. There's no mention of a conviction. It'd be classed as "soft evidence" on any Enhanced CRB check in the UK (which is essentially another word for hearsay).

By the way, you should consider what I say in my sig when I comment on subjects like this.

Re:

[Combatso]

I did consider both the word and the signature.. As evidenced, he admits retaliation for them calling the cops after he kissed their son, then admits to downloading child pornography to upload to this guys fake myspace page.. Downloading child pornography + kissing a child = Pedo in my books... Plus, (IANAL), but I believe the act of downloading child pornography is a sex crime in many jurisdictions, the idea being, that if there wasnt a consumer of the material, there wouldnt be creators.. barring th

Re:

[Combatso]

...another interesting thought occured to me.. Since this guy used sex as a weapon (framing somone for child pornography), wouldnt that be enough to classify him as a sex offender? Purely an question of interest, but I wonder if the legislation could be used in this way.

Re:

[JSBiff]

It doesn't matter. He was in possession of, and *distributed* child pornography. It is against the law to be in possession of, and to distribute, child pornography, and if you break that law, you are a sexual offender.

This person sexually exploited children (indirectly) by obtaining child pornography. Everyone who seeks out child pornography is participating in the exploitation of children. It doesn't matter what his reason for exploiting them is - he still exploited them.

Plus, by making possession of child

Re:

[kannibal_klown]

The guy didn't download the CP for sexual purposes. He's not a paedophile, just a warped anti-social individual.

That register is for people who have a proven (and acted upon) attraction to minors;...

All of this supposedly started because the parents claimed he kissed their child on the lips. If the kid acknowledged that happened, then combined with all of the picture / net stuff he did then getting on the registration isn't exactly "out there."

Heck, a minor can be charged with a sex crime for taking a naked photo of themselves and texting it to their other minor friends... ridiculous but it still happens.

An adult male doing stuff with pictures of minors will land him in hot water... whether it was for

Re:

[Joce640k]

You know how I know you didn't even read the summary...?

Re:

[L4t3r4lu5]

You know how I know you didn't read the linked PDF document regarding the sentencing, which would absolutely have stated that he was convicted of an offence for kissing that kid, instead of mentioning that it was only reported.

Re:

[nharmon]

I think you are mistaken about the purpose of the sex offender registry. It is not for people with a proven attraction to minors (which is not a crime by the way, just saying). It is for criminals whose crime is sexual in nature, regardless of whether the victims were minors or not. So you will find everyone from rapists to flashers on the registry.

Claims he is not a "dangerous sexual offender" does reconcile with his behavior. In this case, the individual attempted to frame his neighbors as child pornograp

Re:

[nharmon]

Err: does NOT reconcile with his behavior.

Re:Why the sex offenders registration?

[nitehawk214]

It doesn't matter. If I obtain some heroin and plant it on you to frame you, I am still guilty of a drug offense.

Re:Why the sex offenders registration?

[batquux]

Unless you're a cop.

Re:

[Archangel Michael]

Including a cop. Cops just get away with it, which is entirely different problem.

Re:

[L4t3r4lu5]

While carrying him back next door, Ardolf allegedly kissed the boy on the lips.

You know what that word means, right?

WEP

[david.given]

This seems totally bogus to me. How could someone possibly crack WEP in two weeks? I suppose if you didn't read the instructions [lifehacker.com] you might be able to stretch it to a few hours, but two weeks? What was he doing all that time?

Re:WEP

[crow_t_robot]

What was he doing all that time?

Reading the man pages for aircrack-ng?

Re:

[Vegemeister]

He probably wasn't using injection. He just listened until he had enough IVs.

Re:

[Combatso]

perhaps he only said 2 weeks,.. its possible he sat there for 2 weeks sniffing all their traffic and planning his little "attack". I wouldnt be suprised if they found personal photos of the family in this guys possesion..

So how do you monitor your home wifi?

[Fahrvergnuugen]

So how would you monitor your network to see if someone is brute forcing their way in? The options on a lot of these consumer grade wireless base stations are fairly limited, but there must be some reasonable way to monitor for brute force attacks.

Re:

[rbrausse]

most WLAN routers are used also as DHCP hosts. a simple solution would be a script that gets regularly the DHCP leases page and generates a warning when a new MAC/address combination is found.

Re:

[jo_ham]

Well, the Airport Extreme I use logs all of its various activities, including connection attempts (successful or otherwise) as well as access to the disk that is hooked up to it and I view it on the device itself or export the logs for more thorough review. I'm sure it's far from the only consumer grade AP to do this.

Now, I don't think it can go beyond simply letting me know that someone is trying to get in (beyond MAC filtering which is like trying to block a burglar by putting up a sign that says "do not

Re:So how do you monitor your home wifi?

[ledow]

Don't trust your Wifi router to secure your internet connection, is the answer. WEP was built for wireless, and cracked. WPA was built for wireless, and cracked. Bluetooth was built for wireless, and cracked. It's only a matter of time before WPA2 and everything else goes the same way.

Plug a *real* router in there somewhere so that such things can be monitored and logged and/or you can VPN over your own internal Wifi link so that even someone having complete access to your wireless isn't a problem at all. Then you don't even *need* wifi encryption turned on at all (but it's a good hindrance to any intruders) and you can play games like upside-down-ternet with people who try to get a free ride on your connection.

That's the setup I had - just had a WPA network (WPA2 wasn't around at the time) and didn't trust WEP or (correctly, it seems now) WPA to secure my network. So I just made the wireless access point be an "untrusted" network, as it should be, on my main Linux router - which did the actual connection to the Internet and offering IP's etc.

Whenever I connected to wifi in the home, I ran OpenVPN over the top (so the only traffic you could sniff would be my already-encrypted OpenVPN traffic) - which was transparent and automatic and simple and could use per-client keys. I surfed, and my guests minds were blown that even after I'd told them the WPA password and they'd joined the wireless network they couldn't "see" anything at all.

This also lets you block EVERYTHING coming in via wifi to your laptop except for that OpenVPN port with a decent software firewall, which means you don't have to worry about something accessing filesharing ports, or tapping into whatever junk services your PC's are exposing to the whole wifi network (which, incidentally, can save a lot of bandwidth).

You're seriously relying on a piece of £30 Taiwanese crap to secure your entire Internet connection being broadcast over a radio sphere that could be kilometres wide if you have the right reception equipment? Nope. Treat it like an unsecured Internet connection - tunnel into a known-good server which has a wired connection to the Internet.

MAC address spoofing

[Phoenix666]

It must have taken them a long time to figure out what happened unless he wasn't spoofing MAC addresses. It wouldn't occur to most people that their wifi was hacked. Most would assume someone had hacked their individual machines. Wonder if the target was technical, in which case the hacker would have been stupid to do what he did (not to mention evil).

Re:

[Tangential]

It could have been MAC addresses or it could have been something as simple as the time that a hack occurred. The homeowners may have been able to prove that they were not home at that time and couldn't have done it.

Based on the 2 weeks to hack WEP, this guy wasn't too bright. It may never have occurred to him to make sure that they were home whenever he did something.

The REAL WTF...

[DoofusOfDeath]

Is that prosecutors are allowed to offer plea deals.

If the prosecutor believes crimes were committed, then file charges. If not, don't.

If people are cowed into pleaing guilty (or no contest) to charges to which they believe they're innocent due to legal costs or fears of false conviction, the solution is radical reform of the legal system. NOT to create a gray area of semi-crime, semi-guilt, and semi-punishement. That is *not* innocence until proven guilty.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[DoofusOfDeath]

Absent plea deals, the entire system would break down due to lack of enforcement. Just how many trials can the state run? How many courtrooms are really available for said trials? Logistics...

That should not be the accused's problem to solve. However, one might consider these options:

• Only enact laws which most people agree with (i.e., higher speed limits)
• Hire more judges

Re:

[RazzleFrog]

There is already a huge backlog of cases and trying a case is a huge cost to society. Without plea agreements it could take decades for some of these cases to come to trial.

Re:

[Attila Dimedici]

This looks to me like a case where the prosecutor felt that a two year sentnece was a sufficiently harsh sentence to be worth letting the guy skate on the rest of the criminal violations. When the guy refused that, the prosecutor said, "Well, if we have to go through a trial anyway, we might as well go for everything." There is some legitimacy to that in this case, although it is often scary how prosecutors use the threat of massive prosecution to secure plea deals for what are really very minor offenses wh

Re:

[DoofusOfDeath]

The government had other options available in your case.

Given your circumstances, the prosecutor could have chosen to dismiss the case. Or the judge could have possibly updated your record with a mere warning or traditional ticket, and acquitted you of the criminal charges.

But I shouls also note that your situation is a little different. You weren't offered a plea when you were in fact innocent. You were offered a plea when you were certainly guilty (but with extenuating circumstances).

That being said, y

I've got it!

[PopeRatzo]

The obvious solution is to not piss off the creepy neighbor.

And if some stranger I just met kissed my kid on the lips I'd be doing a little hacking of my own, involving a Extra Heavy Duty Glad Bag and a large surgical skiving knife.

See, the trick is to cut the bags open so you can cover the furniture. It makes cleanup a snap.

Re:

[jank1887]

PROTIP: when you unexpectedly walk into a room with every surface covered in plastic...

Re:

[Attila Dimedici]

You missed the fact that the hacker was the kisser, not the father of the child (not really a big deal, so did I on a first read through of the summary).

Plea Deal

[TheNinjaroach]

He went from a 2-year plea bargain to an 18-year sentence? They raked him over the coals for not cooperating with the prosecution.

Re:

[RazzleFrog]

He basically screwed around with the whole court system. Making a withdrawing pleas, coaching his family on what to say and notes they should write to the judge, making outrageous counter-claims, etc. Once he abandoned the plea they went after him for everything he had done. The 18 years is fair based on everything I read in that PDF.

This man is evil; score one for the good guys

[sirwired]

This man is truly a depraved and evil person. Not only did he try to frame his current neighbors, he harassed and stole from his previous neighbors. When the Feds attempted to go easy on him, he fired the lawyer that scored this sweetheart deal and withdrew his plea. He then proceeded to blatantly violate the terms of his release from prison. Well after the trial had begun, he pled guilty a second time. Because this wasn't nearly enough fun, he tried to withdraw his plea AGAIN (that failed.) He also added attempted witness tampering to his list of crimes, because apparently he wasn't going to be locked away for enough time yet. (But he did it via mail sent from prison! I guess he didn't get the memo that except for mail to your lawyer, all letters to/from prison can be read. Whoops!)

He shows absolutely no remorse for his actions; to this day thinking this "revenge" was justified. (He even tried to get the victim's testimony disqualified because they failed to obtain a construction permit for work done on their basement and therefore they could not be trusted. Talk about the (cast iron) pot calling the stainless-steel kettle black.)

Was he TRYING to dig his hole as deep as possible? About the only thing that could have made him worse off would have been a pro se defense, followed by trying to attack the judge during the trial.

Locking guys like this away is what we have a justice system for. Good riddance.

Re:

[sjpadbury]

From the summary:

'I decided to "get even" by launching computer attacks against him,' said Ardolf

Sounds like he confessed, so, um, yeah?

Re:

[definate]

Tell that to the Norfolk Four [wikipedia.org], watch the PBS documentary [pbs.org].

While I'm not suggesting that's what happened here, I am saying that a confession isn't necessarily definitive evidence that anyone has done what they confessed too. The methods used to solicit the confession, the motivations of those involved, and the persons mental capacity (either at the time, or in general), need to be taken into account.

Hopefully they have substantially more evidence than just a confession. Especially if this person is "creepy",

Re:

[Attila Dimedici]

You appear to have missed the fact that the person who said 'I decided to "get even" by launching computer attacks against him,' is the guy who kissed the other guy's son, not the guy who reported it to the police (which by the way, I did as well on the first read through of the summary).

Re:

[tripleevenfall]

if you read TFsentencingmemo, there's no doubt he did.

Re:

[RazzleFrog]

If you read that whole pdf you would see that the evidence against him is overwhelming. He'd be better off claiming he had an evil twin.

Re:are the police extra sure he did it?

[canajin56]

You mean besides the confession (already mentioned by another reply to you), and besides the fact that when he was emailing his victim's coworkers and bosses with message claiming to be a pedophile he accidentally left some of his ISP's software running, so his laptop was sending login information to Comcast using his own name and Comcast account number? Besides the search warrant that turned up a journal where he detailed his plan to "utterly destroy his life"? Besides the manuals on hacking WEP where he had scribbled his victim's wifi network name? Besides the fact that on his computer was the child pornography he planted on his victim? Along with a note in his journal "PLANT CHILD PORN". Besides the pile of stolen mail under his bed? Besides the unsent letter he had prepared where he had printed off his victim's last tax return, and attached a note that their life belongs to him, and he will end it? Yeah, basically sounds like a setup, could have been anybody!

Re:are the police extra sure he did it?

[Born2bwire]

You read the article! No fair!

Re:

[scharkalvin]

Guess your dad was a made man with low friends in high places.

Re:

[damburger]

Sounds like Asperger's Syndrome gone bad. With AS a person can either recognize that their are massively unsuited to interacted with the human race, and seek to correct their own behaviour, or they can start seeing the human race as a threat and turn into a dangerous, paranoid loon.