[funsec] Crossing the line when doing computer security
Richard M. Smith
rms at computerbytesman.com
Sat Apr 28 15:07:42 CDT 2007
The LA Times story on WiFi eavesdropping reminded me a lot of these two
related stories from 2002. The bottom line here is that it is a really bad
idea to mess with other people's networks and computer systems without a
good understanding of the law and/or the owner's permission of the computer
Richard M. Smith
Sleuths Invade Military PCs With Ease
By Robert O'Harrow Jr.
Washington Post Staff Writer
Friday, August 16, 2002; Page A01
SAN DIEGO, Aug. 15 -- Security consultants entered scores of confidential
military and government computers without approval this summer, exposing
vulnerabilities that specialists say open the networks to electronic attacks
The consultants, inexperienced but armed with free, widely available
software, identified unprotected PCs and then roamed at will through
sensitive files containing military procedures, personnel records and
ForensicTec officials said they first stumbled upon the accessible military
computers about two months ago, when they were checking network security for
a private-sector client. They saw several of the computers' online
identifiers, known as Internet protocol addresses. Through a simple Internet
search, they found the computers were linked to networks at Fort Hood.
Former employees of a private investigation firm -- and relative newcomers
to the security field -- the ForensicTec consultants said they continued
examining the system because they were curious, as well as appalled by the
ease of access. They made their findings public, said ForensicTec President
Brett O'Keeffe, because they hoped to help the government identify the
problem -- and to "get some positive exposure" for their company.
Hacker Arrested in San Diego
By Tony Perry
Times Staff Writer
September 30, 2003
SAN DIEGO - A computer security specialist who claimed he hacked into
top-secret military computers to show how vulnerable they were to
snooping by terrorists was arrested and charged Monday with six felony
counts that could bring a 30-year prison sentence.
Brett Edward O'Keefe, 36, president of ForensicTec Solutions, a
start-up company here, is accused of hacking into computers of the
Navy, the Army, the Department of Energy, the National Aeronautics and
Space Administration and several private companies.
Before his arrest, O'Keefe told reporters that he had hacked into the
computers to drum up business for his fledgling company and to show
that the nation's top military secrets are not safe, despite
pronouncements that security has been tightened since the terrorist
attacks of Sept. 11, 2001.
More information about the funsec