Ron Collins
Curiously Confused
I think I might be changing my opinion on Gary McKinnon.
I think a big distinction has to be made in this case. Mckinnon is not a super smart, genius, code warrior, all tech knowing super hacker from a Hollywood film that somehow managed to crack U.S. government security protocols. He didn't hack into the CIA mainframe by piggybacking on satellites or stolen passwords from some shady midnight exchange. The fact is he was a normal systems administrator that was aware of the vulnerability of a default windows setup. Specifically, he was aware that the "Admin" password in the default setting for that version of windows was always set to blank. Meaning no password. This vulnerability was made possible by another windows default setting allowing remote access. This combined with lazy system admins, techs, and a non-compartmentalized or properly segmented network (same lazy Sys Admins) enable the hack.
I mention this to say that, once inside a network a major problem with pre-McKinnon government wide security protocols was that they assumed you had the right to be there.
So, Mckinnon would simply login to these machines under that wide open admin account using remote access software. Then he had access to the network and the chance to access other machines in that network or adjacent networks or shared networks. Then he used port scanners and VNC to gain access to other systems. The most exotic item he had in his arsenal to pull this off was balls.... or stupidity depending on your vantage point.
He isn't being charged with writing a worm or virus. Here is what they say about him.
London, England Hacker Indicted Under Computer Fraud and Abuse Act For Accessing Military Computers (November 12, 2002)
So he accessed 92 systems, and deleted critical system files causing a 2000 user network to close for 3 days. BS! What network with 2000 nodes doesn't have backups? He only accessed 92 systems. Even if several of them were servers, how was it down for 3 days. Something about the US Governments case smells. Personally, I think it has less to do with UFO's and more to do with mitigating the press exposure of such a massive security vulnerability by pointing to one guy and saying in essence "He is the only one. We are certain nobody else got it!" Then they throw the book at him, a 70 year sentence, and say it is a warning to hackers. Thus hiding the security issue in plain sight.
As for McKinnon, I honestly believe that his initial reasoning was to find information about UFO's. Then it was just to poke around where he shouldn't. I have a suspicion that his revelations of imagery and names are a convenient excuse and a plea for support. For someone who says that this was his driving motivation, he is sure short on detail. That lack of detail is precisely why I don't believe him. The filename and folder-name would be burned into my longterm memory no matter how excited/shocked/scared I might be. Finding a log of ship to ship transfers like that, I would have written some down. He claims he tried to follow up on ship names, but says he now cant remember them.
When I first heard his story and watched his interview, I thought he was lacking on detail because he was using it as leverage or because the interviewer/editor deemed it not necessary for the angle they were shooting for. In fact it is not there because he can't remember. Why can't he remember the single greatest moment in his his life at that time? The entire reason he began hacking? Because he was smoking a bunch of dope! Yep, he blames his memory loss on the whacky weed. (Jon Ronson meets hacker Gary McKinnon | World news | The Guardian )
I call bullshit! He got busted taking a peak at various and sundry systems. Now they initially tried to give him a plea bargain to make the story go away. McKinnon assumed that meant that they were afraid he had actually found the secret UFO files. So being stupid... (or if you prefer, deciding to once again use his extraordinarily large balls) he denied the plea bargain hoping to get a dismissal or shorter sentence if he threatened to release all his UFO information. But I contend that they really didn't want to expose the depth of the vulnerability. So he hacked, got caught, embellished, bluffed, and they called him on it. Now he has spent years fighting extradition. Thats my new theory. Any takers?
I think a big distinction has to be made in this case. Mckinnon is not a super smart, genius, code warrior, all tech knowing super hacker from a Hollywood film that somehow managed to crack U.S. government security protocols. He didn't hack into the CIA mainframe by piggybacking on satellites or stolen passwords from some shady midnight exchange. The fact is he was a normal systems administrator that was aware of the vulnerability of a default windows setup. Specifically, he was aware that the "Admin" password in the default setting for that version of windows was always set to blank. Meaning no password. This vulnerability was made possible by another windows default setting allowing remote access. This combined with lazy system admins, techs, and a non-compartmentalized or properly segmented network (same lazy Sys Admins) enable the hack.
I mention this to say that, once inside a network a major problem with pre-McKinnon government wide security protocols was that they assumed you had the right to be there.
So, Mckinnon would simply login to these machines under that wide open admin account using remote access software. Then he had access to the network and the chance to access other machines in that network or adjacent networks or shared networks. Then he used port scanners and VNC to gain access to other systems. The most exotic item he had in his arsenal to pull this off was balls.... or stupidity depending on your vantage point.
He isn't being charged with writing a worm or virus. Here is what they say about him.
London, England Hacker Indicted Under Computer Fraud and Abuse Act For Accessing Military Computers (November 12, 2002)
So he accessed 92 systems, and deleted critical system files causing a 2000 user network to close for 3 days. BS! What network with 2000 nodes doesn't have backups? He only accessed 92 systems. Even if several of them were servers, how was it down for 3 days. Something about the US Governments case smells. Personally, I think it has less to do with UFO's and more to do with mitigating the press exposure of such a massive security vulnerability by pointing to one guy and saying in essence "He is the only one. We are certain nobody else got it!" Then they throw the book at him, a 70 year sentence, and say it is a warning to hackers. Thus hiding the security issue in plain sight.
As for McKinnon, I honestly believe that his initial reasoning was to find information about UFO's. Then it was just to poke around where he shouldn't. I have a suspicion that his revelations of imagery and names are a convenient excuse and a plea for support. For someone who says that this was his driving motivation, he is sure short on detail. That lack of detail is precisely why I don't believe him. The filename and folder-name would be burned into my longterm memory no matter how excited/shocked/scared I might be. Finding a log of ship to ship transfers like that, I would have written some down. He claims he tried to follow up on ship names, but says he now cant remember them.
When I first heard his story and watched his interview, I thought he was lacking on detail because he was using it as leverage or because the interviewer/editor deemed it not necessary for the angle they were shooting for. In fact it is not there because he can't remember. Why can't he remember the single greatest moment in his his life at that time? The entire reason he began hacking? Because he was smoking a bunch of dope! Yep, he blames his memory loss on the whacky weed. (Jon Ronson meets hacker Gary McKinnon | World news | The Guardian )
I call bullshit! He got busted taking a peak at various and sundry systems. Now they initially tried to give him a plea bargain to make the story go away. McKinnon assumed that meant that they were afraid he had actually found the secret UFO files. So being stupid... (or if you prefer, deciding to once again use his extraordinarily large balls) he denied the plea bargain hoping to get a dismissal or shorter sentence if he threatened to release all his UFO information. But I contend that they really didn't want to expose the depth of the vulnerability. So he hacked, got caught, embellished, bluffed, and they called him on it. Now he has spent years fighting extradition. Thats my new theory. Any takers?
.
