Wow, nice guy. I watched about 3 minutes of his toorcon talk and he seems to be advocating destroying internet infrastructure and committing as much crime as possible. Exploiting 0 days, etc. What a class act. We need more upstanding individuals like him in the "community."
His livejournal is like looking inside the mind of a drugged out crazy. He seems to be anti-jew, anti-muslim, anti-gay, and affiliated with the Westboro Baptist Church somehow. Basically, if there is some psycho hate speech group on the Internet somewhere, he's probably in it.
Not exactly security professional material, if you get my drift.
"His livejournal is like looking inside the mind of a drugged out crazy."
IANAD, but wouldn't surprise me if he was developing some sort of mental illness. He seems to have just about every risk factor, and his writing combined with the fact that he's gained 50+ lbs in the last two years are telling.
At what point is the trolling supposed to be put on hold for honest expression of his true beliefs? Most of that interview sounds like the words of someone who needs serious help.
I think the main reason the FBI got involved was not because the leak was massive or damaging, but to figure out whether he actually broke any laws. Or more realistically, to find something to charge him with.
We're at a gaping chasm of misunderstanding here. Tech people see websites as things to be used and toyed with. Non-tech people see websites as things that have terms of service that are supposed to legally restrict what you can do. "YOU MUST NOT ACCESS THIS WEBSITE IN ANY AUTOMATED FASHION WHATSOEVER."
They argue on a basis resembling: "You wouldn't break into the admissions office and steal the list of accepted candidates, would you?" We counter-argue that it's like knowing a person who can't lie to you. If you ask them for the result, they give you the result. Is it illegal to ask for an answer if they don't even hesitate to give it to you?
I think that is the same line of reasoning some warez/piracy sites used to put those "if you are a law enforcement personnel you are not allowed to view this website" messages.
Exactly right. Let's jump further in to not-quite-isomorphic-analogy land.
Consider banks not having vaults and instead leaving their money sitting out in the open. It would be easy and tempting to swipe some. Doing so may be "wrong" technically, but by the availability and lack of security, one can presume the banks are aware of the risks and can tolerate some shrink.
I would argue it's not wrong if they put no security in place, it's in a public place, and no person is denied a resource by your act of accessing the public resource with no security.
Like a bank whose tellers (a gatekeeping mechanism) will give you however much money you ask for as long as you end your sentence with "swordfish" - they just don't tell anyone about swordfish.
I also recall a case where someone just removed one or two directories from a path and found an unprotected virtual listing but they said it was unauthorized because he had been sent a 403 at some point.
It's not random shit, it's deliberately crafted shit. Just because something can be represented by bunch of ones and zeros doesn't make it any less meaningful. So of course it should be illegal. Just as illegal as "random characters" that happen to contain terrorist plans or worse.
Though, admittedly, the question does arise regarding just why AT&T would publicly publish a web page if they didn't want anyone to see it. "I thought it was private" might be a legitimate excuse for a middle-aged woman on Facebook. I have less sympathy for a telecom, somehow.
False. It's called conspiracy [to break the law] and it's illegal in almost every country, including the United States. Even if you never intend to carry through with your plans, it's still very illegal.
On the contrary, conspiracy is an agreement between people, not a plan, and especially not a plan you don't intend to carry out. Otherwise quite a few novels and disaster recovery documents would be illegal. http://www.lectlaw.com/def/c103.htm
Do you sincerely believe that the "random characters" that make up the plan of a terrorist are themselves illegal? A group of Saudi men planned and carried out an attack on New York City in 2001. There - am I now liable for prosecution for describing "terror plans"?
The intent to break the law, the intent to commit terrorist acts, can indeed be illegal. The intent, however, cannot be contained by "random characters," as you put it. The law does seek to ensure that people can live without fear of attack, but the act of mentioning terrorism or mentioning terrorist acts is certainly not illegal. And this is specifically what you said: you said that the random characters which make up a terror plan or worse are illegal.
In ordinary trespass it is. I am about to spend several hundred dollars to fence my back yard, because that is the only way to stop people from just cutting across it.
I remember a police officer telling me they like getting warrants for small things. For example, if they have a bait car they're trying to get someone to steal they'll have a purse in there. If they can get a warrant that lets them search for a purse (or something the equivalent size) they can basically search everything in the house (anywhere a purse could be hidden), which means free reign to search all drawers, etc. Then anything they find in that search (drugs, etc) can all be used against the person. But if you're only looking for something big (like if someone stole a big screen TV) you're not allowed to search places that it can't possibly be hidden.
But of course I am not a police officer and this was all casual conversation, so grain of salt you know?
I took Navy Security Forces training years ago and our instructors were all ex-cops. They said the exact same thing. It was basically all a big game to see how you could trick or manipulate the "suspect" into letting you violate their rights. Still makes me angry.
You're off a little bit, though this is a HUGELY unclear area in law right now. The term is the "plain View exception" or "plain view doctrine." It's why your trash is searchable if you put it out for pickup. It's why your trash is searchable over a fence if the lid is off.
Horton v. California, while executing a narrowly issued warrant, officers found additional evidence "in plain view" and the Supreme Court ruled the evidence admissible.
The "plain view" issue is one reason to never, ever let a police officer into your house without a warrant. Especially since it can be hard to know what they will claim to be evidence of a crime any more.
They can't keep searching after they find what they're looking for, but if they notice something else while they're there, I think it's okay in the eyes of the law.
I think that the best idea of what the security group did was comparable to calling up a company that does not provide a directory and the group showed you can easily create that directory but didn't publish it
He's always been known for his extreme drug use. While doing a presentation at Toorcon (I believe) a few years back, he was tripping fairly hard, and even made a comment not quite off mic to that effect. This isn't remotely shocking, really -- only a matter of time. Of course, most hackers I've known have had a similar love of drugs, just tend not to have, well, all of them at the same time.
Agreed. Although I don't personally consume anything but beer and the occasional scotch, I've always viewed drugs, and psychedelics in particular, as mechanisms used to hack the most interesting computer...our brain.
I'm not judging, it just doesn't fit IMHO. A hacker using cocaine and psychedelics? That seems like an Olympic runner smoking cigars, if you follow my meaning.
I don't see how this is related. I know people who are lot smarter than me and I would call "hackers" who regularly consume cocaine. It's a (quite dangerous) lifestyle decision with disastrous long-term effects but very little, if any short-term effects on their intelligence or creativity.
This article doesn't really tell us anything. He could be drinking coca tea once every few months, or he could be smoking crack every day. Or he might just be a collector who doesn't even use the drugs. I wouldn't jump to any conclusions.
The drugs/sex/rock+roll spectacle always draws attention, without fail. If the man in this story instead consumed alcohol (a narcotic of similar potency) in a conspicuous fashion, the spectacle would be less.
Politics. The drug war ensures that USA money will enslave Mexico and several countries in South America.
Otherwise superior natural resources could make those countries grow too strong for USA to be happy about it. They can even become socialist countries.
You should read "What the Doormouse Said." Basically, modern micro-computer culture owes so much to counterculture/drug culture that it's beyond belief.
JOEY
That was me. That was me. I did that.
DADE
You did this from your house.
Joey takes a drag from his cigarette and just
nods, with a big grin on his face.
PHREAK
What are you, stoned or stupid? You don't
hack a bank across state lines from your
house, you'll get nailed by the FBI. Where
are your brains, in your ass? Don't you know
anything?
CEREAL
Stupid, man. It's universally stupid.
http://weev.livejournal.com/
weev as the iProphet: http://the-iprophet.org/
http://video.google.com/videoplay?docid=-5643217366887354926... (toorcon talk while tripping)
http://seclists.org/fulldisclosure/2009/Oct/82 (some background, dox; sorry if this sort of thing is frowned upon here)
The E.D. page: http://encyclopediadramatica.com/Weev
Antisec: http://antisec.wordpress.com/
Goatse Security: http://security.goatse.fr/