Электронная библиотека
Библиотека .орг.уа
Поиск по сайту
Фантастика. Фэнтези
   Зарубежная фантастика
      Bruce Sterling. The hacker crackdown -
Страницы: - 1  - 2  - 3  - 4  - 5  - 6  - 7  - 8  - 9  - 10  - 11  - 12  - 13  - 14  - 15  - 16  -
17  - 18  - 19  - 20  - 21  - 22  - 23  - 24  - 25  - 26  - 27  - 28  - 29  - 30  - 31  - 32  - 33  -
34  - 35  -
lf or his family if I repeat the long-established fact that his name is Craig Neidorf (pronounced NYE-dorf). Neidorf's jury trial took place in the United States District Court, Northern District of Illinois, Eastern Division, with the Honorable Nicholas J. Bua presiding. The United States of America was the plaintiff, the defendant Mr. Neidorf. The defendant's attorney was Sheldon T. Zenner of the Chicago firm of Katten, Muchin and Zavis. The prosecution was led by the stalwarts of the Chicago Computer Fraud and Abuse Task Force: William J. Cook, Colleen D. Coughlin, and David A. Glockner, all Assistant United States Attorneys. The Secret Service Case Agent was Timothy M. Foley. It will be recalled that Neidorf was the co-editor of an underground hacker "magazine" called *Phrack*. *Phrack* was an entirely electronic publication, distributed through bulletin boards and over electronic networks. It was amateur publication given away for free. Neidorf had never made any money for his work in *Phrack.* Neither had his unindicted co-editor "Taran King" or any of the numerous *Phrack* contributors. The Chicago Computer Fraud and Abuse Task Force, however, had decided to prosecute Neidorf as a fraudster. To formally admit that *Phrack* was a "magazine" and Neidorf a "publisher" was to open a prosecutorial Pandora's Box of First Amendment issues. To do this was to play into the hands of Zenner and his EFF advisers, which now included a phalanx of prominent New York civil rights lawyers as well as the formidable legal staff of Katten, Muchin and Zavis. Instead, the prosecution relied heavily on the issue of access device fraud: Section 1029 of Title 18, the section from which the Secret Service drew its most direct jurisdiction over computer crime. Neidorf's alleged crimes centered around the E911 Document. He was accused of having entered into a fraudulent scheme with the Prophet, who, it will be recalled, was the Atlanta LoD member who had illicitly copied the E911 Document from the BellSouth AIMSX system. The Prophet himself was also a co-defendant in the Neidorf case, part-and-parcel of the alleged "fraud scheme" to "steal" BellSouth's E911 Document (and to pass the Document across state lines, which helped establish the Neidorf trial as a federal case). The Prophet, in the spirit of full co-operation, had agreed to testify against Neidorf. In fact, all three of the Atlanta crew stood ready to testify against Neidorf. Their own federal prosecutors in Atlanta had charged the Atlanta Three with: (a) conspiracy, (b) computer fraud, (c) wire fraud, (d) access device fraud, and (e) interstate transportation of stolen property (Title 18, Sections 371, 1030, 1343, 1029, and 2314). Faced with this blizzard of trouble, Prophet and Leftist had ducked any public trial and had pled guilty to reduced charges -- one conspiracy count apiece. Urvile had pled guilty to that odd bit of Section 1029 which makes it illegal to possess "fifteen or more" illegal access devices (in his case, computer passwords). And their sentences were scheduled for September 14, 1990 -- well after the Neidorf trial. As witnesses, they could presumably be relied upon to behave. Neidorf, however, was pleading innocent. Most everyone else caught up in the crackdown had "cooperated fully" and pled guilty in hope of reduced sentences. (Steve Jackson was a notable exception, of course, and had strongly protested his innocence from the very beginning. But Steve Jackson could not get a day in court -- Steve Jackson had never been charged with any crime in the first place.) Neidorf had been urged to plead guilty. But Neidorf was a political science major and was disinclined to go to jail for "fraud" when he had not made any money, had not broken into any computer, and had been publishing a magazine that he considered protected under the First Amendment. Neidorf's trial was the *only* legal action of the entire Crackdown that actually involved bringing the issues at hand out for a public test in front of a jury of American citizens. Neidorf, too, had cooperated with investigators. He had voluntarily handed over much of the evidence that had led to his own indictment. He had already admitted in writing that he knew that the E911 Document had been stolen before he had "published" it in *Phrack* -- or, from the prosecution's point of view, illegally transported stolen property by wire in something purporting to be a "publication." But even if the "publication" of the E911 Document was not held to be a crime, that wouldn't let Neidorf off the hook. Neidorf had still received the E911 Document when Prophet had transferred it to him from ъich Andrews' Jolnet node. On that occasion, it certainly hadn't been "published" -- it was hacker booty, pure and simple, transported across state lines. The Chicago Task Force led a Chicago grand jury to indict Neidorf on a set of charges that could have put him in jail for thirty years. When some of these charges were successfully challenged before Neidorf actually went to trial, the Chicago Task Force rearranged his indictment so that he faced a possible jail term of over sixty years! As a first offender, it was very unlikely that Neidorf would in fact receive a sentence so drastic; but the Chicago Task Force clearly intended to see Neidorf put in prison, and his conspiratorial "magazine" put permanently out of commission. This was a federal case, and Neidorf was charged with the fraudulent theft of property worth almost eighty thousand dollars. William Cook was a strong believer in high-profile prosecutions with symbolic overtones. He often published articles on his work in the security trade press, arguing that "a clear message had to be sent to the public at large and the computer community in particular that unauthorized attacks on computers and the theft of computerized information would not be tolerated by the courts." The issues were complex, the prosecution's tactics somewhat unorthodox, but the Chicago Task Force had proved sure-footed to date. "Shadowhawk" had been bagged on the wing in 1989 by the Task Force, and sentenced to nine months in prison, and a $10,000 fine. The Shadowhawk case involved charges under Section 1030, the "federal interest computer" section. Shadowhawk had not in fact been a devotee of "federal-interest" computers per se. On the contrary, Shadowhawk, who owned an AT&T home computer, seemed to cherish a special aggression toward AT&T. He had bragged on the underground boards "Phreak Klass 2600" and "Dr. ъipco" of his skills at raiding AT&T, and of his intention to crash AT&T's national phone system. Shadowhawk's brags were noticed by Henry Kluepfel of Bellcore Security, scourge of the outlaw boards, whose relations with the Chicago Task Force were long and intimate. The Task Force successfully established that Section 1030 applied to the teenage Shadowhawk, despite the objections of his defense attorney. Shadowhawk had entered a computer "owned" by U.S. Missile Command and merely "managed" by AT&T. He had also entered an AT&T computer located at ъobbins Air Force Base in Georgia. Attacking AT&T was of "federal interest" whether Shadowhawk had intended it or not. The Task Force also convinced the court that a piece of AT&T software that Shadowhawk had illicitly copied from Bell Labs, the "Artificial Intelligence C5 Expert System," was worth a cool one million dollars. Shadowhawk's attorney had argued that Shadowhawk had not sold the program and had made no profit from the illicit copying. And in point of fact, the C5 Expert System was experimental software, and had no established market value because it had never been on the market in the first place. AT&T's own assessment of a "one million dollar" figure for its own intangible property was accepted without challenge by the court, however. And the court concurred with the government prosecutors that Shadowhawk showed clear "intent to defraud" whether he'd gotten any money or not. Shadowhawk went to jail. The Task Force's other best-known triumph had been the conviction and jailing of "Kyrie." Kyrie, a true denizen of the digital criminal underground, was a 36-year-old Canadian woman, convicted and jailed for telecommunications fraud in Canada. After her release from prison, she had fled the wrath of Canada Bell and the ъoyal Canadian Mounted Police, and eventually settled, very unwisely, in Chicago. "Kyrie," who also called herself "Long Distance Information," specialized in voice-mail abuse. She assembled large numbers of hot long-distance codes, then read them aloud into a series of corporate voice-mail systems. Kyrie and her friends were electronic squatters in corporate voice-mail systems, using them much as if they were pirate bulletin boards, then moving on when their vocal chatter clogged the system and the owners necessarily wised up. Kyrie's camp followers were a loose tribe of some hundred and fifty phone-phreaks, who followed her trail of piracy from machine to machine, ardently begging for her services and expertise. Kyrie's disciples passed her stolen credit-card numbers, in exchange for her stolen "long distance information." Some of Kyrie's clients paid her off in cash, by scamming credit-card cash advances from Western Union. Kyrie travelled incessantly, mostly through airline tickets and hotel rooms that she scammed through stolen credit cards. Tiring of this, she found refuge with a fellow female phone phreak in Chicago. Kyrie's hostess, like a surprising number of phone phreaks, was blind. She was also physically disabled. Kyrie allegedly made the best of her new situation by applying for, and receiving, state welfare funds under a false identity as a qualified caretaker for the handicapped. Sadly, Kyrie's two children by a former marriage had also vanished underground with her; these pre-teen digital refugees had no legal American identity, and had never spent a day in school. Kyrie was addicted to technical mastery and enthralled by her own cleverness and the ardent worship of her teenage followers. This foolishly led her to phone up Gail Thackeray in Arizona, to boast, brag, strut, and offer to play informant. Thackeray, however, had already learned far more than enough about Kyrie, whom she roundly despised as an adult criminal corrupting minors, a "female Fagin." Thackeray passed her tapes of Kyrie's boasts to the Secret Service. Kyrie was raided and arrested in Chicago in May 1989. She confessed at great length and pled guilty. In August 1990, Cook and his Task Force colleague Colleen Coughlin sent Kyrie to jail for 27 months, for computer and telecommunications fraud. This was a markedly severe sentence by the usual wrist-slapping standards of "hacker" busts. Seven of Kyrie's foremost teenage disciples were also indicted and convicted. The Kyrie "high-tech street gang," as Cook described it, had been crushed. Cook and his colleagues had been the first ever to put someone in prison for voice-mail abuse. Their pioneering efforts had won them attention and kudos. In his article on Kyrie, Cook drove the message home to the readers of *Security Management* magazine, a trade journal for corporate security professionals. The case, Cook said, and Kyrie's stiff sentence, "reflect a new reality for hackers and computer crime victims in the '90s.... Individuals and corporations who report computer and telecommunications crimes can now expect that their cooperation with federal law enforcement will result in meaningful punishment. Companies and the public at large must report computer-enhanced crimes if they want prosecutors and the course to protect their rights to the tangible and intangible property developed and stored on computers." Cook had made it his business to construct this "new reality for hackers." He'd also made it his business to police corporate property rights to the intangible. Had the Electronic Frontier Foundation been a "hacker defense fund" as that term was generally understood, they presumably would have stood up for Kyrie. Her 1990 sentence did indeed send a "message" that federal heat was coming down on "hackers." But Kyrie found no defenders at EFF, or anywhere else, for that matter. EFF was not a bail-out fund for electronic crooks. The Neidorf case paralleled the Shadowhawk case in certain ways. The victim once again was allowed to set the value of the "stolen" property. Once again Kluepfel was both investigator and technical advisor. Once again no money had changed hands, but the "intent to defraud" was central. The prosecution's case showed signs of weakness early on. The Task Force had originally hoped to prove Neidorf the center of a nationwide Legion of Doom criminal conspiracy. The *Phrack* editors threw physical get-togethers every summer, which attracted hackers from across the country; generally two dozen or so of the magazine's favorite contributors and readers. (Such conventions were common in the hacker community; 2600 Magazine, for instance, held public meetings of hackers in New York, every month.) LoD heavy-dudes were always a strong presence at these *Phrack*-sponsored "Summercons." In July 1988, an Arizona hacker named "Dictator" attended Summercon in Neidorf's home town of St. Louis. Dictator was one of Gail Thackeray's underground informants; Dictator's underground board in Phoenix was a sting operation for the Secret Service. Dictator brought an undercover crew of Secret Service agents to Summercon. The agents bored spyholes through the wall of Dictator's hotel room in St Louis, and videotaped the frolicking hackers through a one-way mirror. As it happened, however, nothing illegal had occurred on videotape, other than the guzzling of beer by a couple of minors. Summercons were social events, not sinister cabals. The tapes showed fifteen hours of raucous laughter, pizza-gobbling, in-jokes and back-slapping. Neidorf's lawyer, Sheldon Zenner, saw the Secret Service tapes before the trial. Zenner was shocked by the complete harmlessness of this meeting, which Cook had earlier characterized as a sinister interstate conspiracy to commit fraud. Zenner wanted to show the Summercon tapes to the jury. It took protracted maneuverings by the Task Force to keep the tapes from the jury as "irrelevant." The E911 Document was also proving a weak reed. It had originally been valued at $79,449. Unlike Shadowhawk's arcane Artificial Intelligence booty, the E911 Document was not software -- it was written in English. Computer-knowledgeable people found this value -- for a twelve-page bureaucratic document -- frankly incredible. In his "Crime and Puzzlement" manifesto for EFF, Barlow commented: "We will probably never know how this figure was reached or by whom, though I like to imagine an appraisal team consisting of Franz Kafka, Joseph Heller, and Thomas Pynchon." As it happened, Barlow was unduly pessimistic. The EFF did, in fact, eventually discover exactly how this figure was reached, and by whom -- but only in 1991, long after the Neidorf trial was over. Kim Megahee, a Southern Bell security manager, had arrived at the document's value by simply adding up the "costs associated with the production" of the E911 Document. Those "costs" were as follows: 1. A technical writer had been hired to research and write the E911 Document. 200 hours of work, at $35 an hour, cost : $7,000. A Project Manager had overseen the technical writer. 200 hours, at $31 an hour, made: $6,200. 2. A week of typing had cost $721 dollars. A week of formatting had cost $721. A week of graphics formatting had cost $742. 3. Two days of editing cost $367. ` 4. A box of order labels cost five dollars. 5. Preparing a purchase order for the Document, including typing and the obtaining of an authorizing signature from within the BellSouth bureaucracy, cost $129. 6. Printing cost $313. Mailing the Document to fifty people took fifty hours by a clerk, and cost $858. 7. Placing the Document in an index took two clerks an hour each, totalling $43. Bureaucratic overhead alone, therefore, was alleged to have cost a whopping $17,099. According to Mr. Megahee, the typing of a twelve-page document had taken a full week. Writing it had taken five weeks, including an overseer who apparently did nothing else but watch the author for five weeks. Editing twelve pages had taken two days. Printing and mailing an electronic document (which was already available on the Southern Bell Data Network to any telco employee who needed it), had cost over a thousand dollars. But this was just the beginning. There were also the *hardware expenses.* Eight hundred fifty dollars for a VT220 computer monitor. *Thirty-one thousand dollars* for a sophisticated VAXstation II computer. Six thousand dollars for a computer printer. *Twenty-two thousand dollars* for a copy of "Interleaf" software. Two thousand five hundred dollars for VMS software. All this to create the twelve-page Document. Plus ten percent of the cost of the software and the hardware, for maintenance. (Actually, the ten percent maintenance costs, though mentioned, had been left off the final $79,449 total, apparently through a merciful oversight). Mr. Megahee's letter had been mailed directly to William Cook himself, at the office of the Chicago federal attorneys. The United States Government accepted these telco figures without question. As incredulity mounted, the value of the E911 Document was officially revised downward. This time, ъobert Kibler of BellSouth Security estimated the value of the twelve pages as a mere $24,639.05 -- based, purportedly, on "ъ&D costs." But this specific estimate, right down to the nickel, did not move the skeptics at all; in fact it provoked open scorn and a torrent of sarcasm. The financial issues concerning theft of proprietary information have always been peculiar. It could be argued that BellSouth had not "lost" its E911 Document at all in the first place, and therefore had not suffered any monetary damage from this "theft." And Sheldon Zenner did in fact argue this at Neidorf's trial -- that Prophet's raid had not been "theft," but was better understood as illicit copying. The money, however, was not central to anyone's true purposes in this trial. It was not Cook's strategy to convince the jury that the E911 Document was a major act of theft and should be punished for that reason alone. His strategy was to argue that the E911 Document was *dangerous.* It was his intention to establish that the E911 Document was "a road-map" to the Enhanced 911 System. Neidorf had deliberately and recklessly distributed a dangerous weapon. Neidorf and the Prophet did not care (or perhaps even gloated at the sinister idea) that the E911 Document could be used by hackers to disrupt 911 service, "a life line for every person certainly in the Southern Bell region of the United States, and indeed, in many communities throughout the United States," in Cook's own words. Neidorf had put people's lives in danger. In pre-trial maneuverings, Cook had established that the E911 Doc

Страницы: 1  - 2  - 3  - 4  - 5  - 6  - 7  - 8  - 9  - 10  - 11  - 12  - 13  - 14  - 15  - 16  -
17  - 18  - 19  - 20  - 21  - 22  - 23  - 24  - 25  - 26  - 27  - 28  - 29  - 30  - 31  - 32  - 33  -
34  - 35  -


Все книги на данном сайте, являются собственностью его уважаемых авторов и предназначены исключительно для ознакомительных целей. Просматривая или скачивая книгу, Вы обязуетесь в течении суток удалить ее. Если вы желаете чтоб произведение было удалено пишите админитратору