[LINK] "Good Samaritan" hacker pleads guilty to breaking and
entering
Nick Smith
NSMITH@nla.gov.au
Fri, 28 Sep 2001 10:34:10 +1000
Rick
Read the whole article and the court decision. Declan's report should give
you a clue on this:
" But a guilty plea that West signed tells a far different story --
and
> shows how easily a well-meaning community of programmers and system
> administrators can be led astray."
>
The point is that he wasn't as innocent as was first made out.
Nick
--
=========================================================
Nick Smith
Executive Officer :: Australian Digital Alliance
Copyright Advisor :: Australian Libraries Copyright Committee
PO Box E202 \\ Kingston ACT 2604
Ph: 02 6262 1273 \\ Fax: 02 6273 2545
Email: nsmith@nla.gov.au \\ Web: www.digital.org.au
=========================================================
> ----------
> From: Rick Welykochy[SMTP:rick@praxis.com.au]
> Sent: Friday, 28 September 2001 9:32
> To: link@www.anu.edu.au
> Subject: [LINK] "Good Samaritan" hacker pleads guilty to breaking and
> entering
>
> Now it seems that in good ole Gawd Save America, if you discover and
> demonstrate
> security flaws in software running on Internet servers, you can wind up
> incarcerated.
>
> This poor fellow clicked on a few links that allowed Microsoft's dubious
> combo of Frontpage and IIS to expose private files on a server, all due
> once
> again to that company's lack of quality assurance on its products. Silly
> fool
> reported the problem to the owners of the server and lo and behold in
> come the FBI troops.
>
> Conclusion: Americans should not connect to *any* Microsoft servers on the
> Internet,
> since one misplaced click on a buggy server and you've lost your personal
> freedom.
>
> Rgds
> Rick W
>
>
>
> -------- Original Message --------
> Subject: FC: "Good Samaritan" hacker pleads guilty to breaking and
> entering
> Date: Thu, 27 Sep 2001 12:53:53 -0400
> From: Declan McCullagh <declan@well.com>
> Reply-To: declan@well.com
> To: politech@politechbot.com
>
> Politech archive on U.S. v. Brian K. West:
> http://www.politechbot.com/cgi-bin/politech.cgi?name=sperling
>
> **********
>
> http://www.wired.com/news/politics/0,1283,47146,00.html
>
> 'Good Sam' Hacker 'Fesses Up
> By Declan McCullagh (declan@wired.com)
> 7:10 a.m. Sep. 27, 2001 PDT
>
> WASHINGTON -- It seemed like such a straightforward example of
> prosecutorial misconduct: An Oklahoma man was being investigated by
> the Justice Department for helping a newspaper fix a website security
> hole.
>
> The outcry among the geek community last month began with an
> uncritical story on LinuxFreak.org entitled "Cyber Citizen Lands
> Felony Charges?" Sites such as Slashdot soon picked up the sad tale of
> 24-year-old Brian K. West as evidence of out-of-control, tech-clueless
> government lawyers, and urged everyone to e-mail the U.S. Attorney in
> charge of the prosecution.
>
> Making the story even more appealing to the open-source community was
> the Microsoft angle: West was said to have reported to the Poteau
> (Oklahoma) Daily News and Sun a security flaw in Microsoft NT 4.0 IIS
> and Microsoft FrontPage.
>
> But a guilty plea that West signed tells a far different story -- and
> shows how easily a well-meaning community of programmers and system
> administrators can be led astray.
>
> [...]
>
> **********
>
> Date: Wed, 26 Sep 2001 17:36:08 -0400
> From: "Sperling, Sheldon" <Sheldon.Sperling@usdoj.gov>
> Subject: USAO/EDOK
> Message-Id: <"USAOKEML01-010926213607Z-20823*/PRMD=USDOJ/ADMD=
> /C=US/"@MHS>
>
> NEWS
> RELEASE
>
> U.S. Department of Justice
> SHELDON J. SPERLING
> United States Attorney
> Eastern District of Oklahoma
> (918)
> 684-5100
>
> For Release: September 24, 2001
> For further information contact: Jeffrey A. Gallant, Assistant U.S.
> Attorney
>
> MUSKOGEE, OKLAHOMA - BRIAN KEITH WEST, age 24, of Stigler, Oklahoma,
> pled
> guilty today to intentionally accessing and obtaining information from a
> protected computer without authorization through the use of an interstate
> communication in violation of Title 18, United States Code, Section
> 1030(a)(2)(C). United States Magistrate-Judge James H. Payne accepted
> defendant's plea of guilty, found defendant guilty of the misdemeanor
> charge, and ordered a presentence investigation report.
> Defendant was released pending sentencing, pursuant to the
> agreement of the prosecutor and defendant, on an unsecured promise to
> return for sentencing.
> Pursuant to a written plea agreement which was filed
> in open court, defendant
> "agree[d] to the following statement of
> facts: On February 1, 2000, defendant was viewing the Poteau Daily News
> and Sun (PDNS) website using MS Front Page and a web browser, MS Internet
> Explorer. Using MS Front Page, defendant discovered a common security flaw
>
> between MS Front Page and MS Internet Information Server (IIS), the
> server
> software being run by PDNS. Defendant recognized the security flaw and
> continued to probe the website following the discovery. Computer logs from
>
> the PDNS web server confirm this. While probing the site, defendant made
> copies of six proprietary Practical Extraction Report Language (PERL)
> scripts that were part of the source code running the PDNS webpage.
> Defendant also obtained password files from PDNS and used those passwords
>
> to access other parts of the PDNS webpage. Defendant
> electronically shared the scripts and the password files for the PDNS
> website with another individual. Defendant's access to the webpage
> involved interstate communications. On February 2, 2000, defendant
> contacted PDNS and alerted them concerning the security flaw.
> On February 11, 2000, agents of the FBI executed a federal search
>
> warrant at the CWIS Internet Services office in Stigler, Oklahoma. During
>
> the search, FBI Computer Analysis Response Team (CART) members made image
> copies of computers used by defendant. On February 11, 2000, defendant was
>
> interviewed by FBI agents. During that interview, defendant indicated that
>
> he found the security hole in the PDNS website, and copied the PERL
> scripts. Defendant further stated that he was re-writing the scripts in
> another computer programming language. Following the interview, defendant
>
> provided the FBI with written consent to search his laptop computer and
> all the computers he controlled inside CWIS. Defendant indicated
> previously to other individuals that he could use the PDNS PERL script to
> produce and market his own version.
> A review of the electronic evidence obtained from defendant's
> computers show that he saved the PERL script in several places and created
>
> separate directories called "/home/PDNS/" and "/home/pdns2". These two
> directories were substantially the same directories and contained
> substantially the same files. One of the directories was a "shortcut" to
> the other. In these directories files were found indicating that defendant
>
> was rewriting a part of the PDNS program in another computer language.
> The
> files written by defendant were in the PHP computer programming language
> and the file extensions of those files ended in .inc and .asp. These
> files were not in the PERL programming language."
> WEST penetrated a security hole in the website of the Poteau
> Daily
> News and Sun, employed a user ID and password, and downloaded computer
> files of value. WEST reported to the newspaper editor that he had
> penetrated the website, accessed the site using a username and password,
> and downloaded several files. West told the newspaper editor that his
> intrusion accidental. The website owner reported the unauthorized access
> to law enforcement authorities.
> Pursuant to an application for search warrant, a United States
> Magistrate-Judge ordered a search of WEST's employer's place of
> business. Files which WEST had downloaded from the website were found on
> WEST's laptop. A copy of the search warrant was left with WEST's employer
>
> as provided by law. WEST was not arrested nor charged at the
> time. Subsequent investigation revealed that WEST had downloaded the
> computer files, was in the process of rewriting the files, and intended to
>
> market the revised software program.
> At the plea hearing before United States Magistrate-Judge James
> H.
> Payne, WEST waived the right to proceed before a district judge and
> entered
> a plea of guilty to the misdemeanor Information. The defendant was
> represented by Cherie Chappel, of Edmond, Oklahoma, and Kenneth Poland,
> of
> Cleveland, Texas. WEST said he was satisfied with the performance of his
> attorney and believed they had done all that they could do to counsel and
> assist him with regard to this matter.
> "In the context of recent events, even as before, we don't
> prioritize unauthorized computer access where there is no
> consequence," noted United States Attorney Sheldon J. Sperling. "This
> matter was pursued because the defendant downloaded files and intended to
> derive a financial benefit from the unauthorized access. Of course,
> hacking with attendant web site damage would be taken much more
> seriously."
> "This case generated a very substantial amount of e-mailed
> correspondence to our office and across the world,' Sperling said. "The
> wide range of opinion was instructive. In this case, the defendant
> rewrote
> the files he downloaded, planned to distribute his rewrite, added another
> page to the website, modified the password file, and misled sympathizers
> and others as to both the character and scope of what he had done."
>
> "It is important that web sites are secure from unauthorized
> access and that intellectual property is protected. Cyberspace will be a
> better place for all if such privacy and property rights are respected,"
> stated Assistant United States Attorney Jeff Gallant.
>
> The offense to which WEST pled guilty is a misdemeanor which is
> punishable by a term of imprisonment not to exceed one year. Prosecutors
> expect that, under the United States Sentencing Guidelines, WEST will
> eligible for probation.
>
> The Information to which defendant pled guilty is as follows:
>
> COUNT ONE
>
> [18 U.S.C. § 1030(a)(2)(C)]
> (Accessing a Computer without Authorization)
>
> On or about February 1, 2000, in the Eastern District of Oklahoma,
> and
> elsewhere, the defendant, BRIAN KEITH WEST, did intentionally access a
> protected computer without authorization through the use of an interstate
> communication, and did thereby obtain information from a protected
> computer; to wit: the defendant, BRIAN KEITH WEST downloaded proprietary
> Practical Extraction Report Language scripts and password files from the
> protected computer.
> In violation of Title 18, United States Code, Section 1030(a)(2)(C).
> .
>
> Shelly
> Sheldon J. (Shelly) Sperling
> United States Attorney
> Eastern District of Oklahoma
> 1200 West Okmulgee
> Muskogee, OK 74401
> 918/684-5151 (phone)
> 918/684-5150 (fax)
> sheldon.sperling@usdoj.gov
>
> **********
>
>
>
>
> -------------------------------------------------------------------------
> POLITECH -- Declan McCullagh's politics and technology mailing list
> You may redistribute this message freely if you include this notice.
> Declan McCullagh's photographs are at http://www.mccullagh.org/
> To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
> This message is archived at http://www.politechbot.com/
> -------------------------------------------------------------------------
>