[Follow-up on RISKS-21.62 items. PGN]
'Good Sam' Hacker 'Fesses Up, By Declan McCullagh, 27 Sep 2001 declan@wired.com
It seemed like such a straightforward example of prosecutorial misconduct:
An Oklahoma man was being investigated by the Justice Department for helping
a newspaper fix a Web site security hole.
The outcry among the geek community last month began with an uncritical
story on LinuxFreak.org entitled "Cyber Citizen Lands Felony Charges?" Sites
such as Slashdot soon picked up the sad tale of 24-year-old Brian K. West as
evidence of out-of-control, tech-clueless government lawyers, and urged
everyone to e-mail the U.S. Attorney in charge of the prosecution.
Making the story even more appealing to the open-source community was the
Microsoft angle: West was said to have reported to the Poteau (Oklahoma)
Daily News and Sun a security flaw in Microsoft NT 4.0 IIS and Microsoft
FrontPage. But a guilty plea that West signed tells a far different story
-- and shows how easily a well-meaning community of programmers and system
administrators can be led astray.
http://www.wired.com/news/politics/0,1283,47146,00.html
[Politech archive on U.S. v. Brian K. West:
http://www.politechbot.com/cgi-bin/politech.cgi?name=sperling]
[PGN-excerpted from the Sperling release:
While probing the site, defendant made copies of six proprietary
Practical Extraction Report Language (PERL) scripts that were part of
the source code running the PDNS Web page. Defendant also obtained
password files from PDNS and used those passwords to access other parts
of the PDNS Web page. Defendant electronically shared the scripts and
the password files for the PDNS Webs ite with another individual.
Defendant's access to the Web page involved interstate communications.
...] [Declan McCullagh via risks-digest Volume 21, Issue 67]
0:00
#
G!
