And although I don't owe an answer to each question, here it is:
Obvious question number 1: how did you "discover" that someone else pick a dictionary word?I ran crack against the password file.
Obvious question number 2: even though you were previously an admin there, you weren't at the time of your discovery... what were you doing on that machine? What were you doing there that led to your discovery of the dictionary password?The trial transcript goes into that. I had access to that machine to maintain Perl on the SGI platform. It was not "overlooked", except that they didn't realize I had been given that charter.
As for "why", I think I've answered that above. I was a sys admin for Intel. I was noticing a problem. I was investigating, to help out the people who had paid my bills for five years.
Yes, in retrospect, I could have gotten more permissions or more declarations earlier in the process. But I've been told by dozens of people through the years (usually also old-school sysadmins) "I would have done it exactly the same way" and sometimes even "I did do that, migawd, I could be a felon!".
Obvious question number 3: as a sysadmin who supposedly is so concerned about security, I would think you would have emailed the new admin to have your account deleted as it is an obvious breach of security to have dormant accounts laying around. Why didn't you email someone to have this account closed as soon as your term there finished? If you were concerned about restarting activities here, then they could archive your files until your possible return, but it is without question a breach of security to leave this account open and a second breach to re-access this computer even though your duties there were finished ... mind telling us why these breaches were not sealed up?My duties weren't finished. So, assumes fact not in evidence. {grin}
Obvious question number 4: instead of playing mother Teresa for the current sysadmin why did you not simply report this breach to the relevant authorities?This is the group that left plus in the hosts-equiv file on a firewall machine (permitting an actual firewall breach from some German hackers), and SunOS 4.1.3 FTPD in place a year after it was CERT-bugged (which was used by the guy in the book "@large" to get the very same password file I was accused of stealing). I wanted to get as complete a report I could get before I went to their managers to show that they were indeed continuing to be incompetent.
Obvious question number 5: you mean to tell me that you did not immediately report the first breach? Instead you decided, in a job that you no longer held, to continue to look for other breaches?Again, if you've held a sysadmin job in the 80's, you'd know that I followed SOP. Get all the details, solve the problem if you can, and then tell the overworked sysadmin who failed to notice it. I was in the middle of the "get all the details" phase.
Obvious question number 6: didn't you have important work to do for intel on a particular project? Why did you devote your time and energy to an un-announced and un-paid-for project?I was on a part-time project: about 20 hours a week. And this took no more than about a half hour of my time, to transfer a copy of the password files and to start crack. Small investment for what I thought would be a big payoff for the company.
Obvious question number 7: yes you did make a number of boneheaded mistakes. So, if that is the case, why don't you work to get the Oregon computer law rewritten so that boneheaded security breaches like the ones you clearly made do result in punishment because they do deserve punishment. It is scary to think that the law is so poorly written that when someone does something that is boneheaded and potentially injurious to a company that they might get away on a mere technicality like you are trying to do.I am doing that. Unfortunately, it was a mostly Republican Oregon congress for the last few years, and the terrorism stuff won't make it any easier. If you want to help, I can put you on the mailing list where we discuss such activities.
And it escapes me why you Mr. Juerd would think that someone with an old account on a machine that he was no longer sysadmin for would be "doing his job". This is insanity. He was doing someone else's job unless someone assigned him back to this machine to do his job here.As I said, it's clear to me that you weren't a sysadmin in the 80's. Anyone who had been understands my actions perfectly.
And if he was so security-minded, why didn't he install a program which prevented easily-cracked passwords during his reign as sysadmin there?I did. The guys who took over, took it offline. Or else there wouldn't have been 48 guessable passwords after 600. And I wouldn't be a felon.
-- Randal L. Schwartz, Perl hacker
In reply to Re: Re: So merlyn why did you hack the password file?
by merlyn
in thread Reaped: So merlyn why did you hack the password file?
by NodeReaper
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |