fidelio@geech.gnu.ai.mit.edu (Rob J. Nauta) (04/23/91)
Hello Today I read in the local paper that sunday's New York Times contained an article about Dutch Hackers. Since I live in Holland, and the NYT costs $12 here, and many other large newspapers are not on sale here, could some kind soul please collect all articles about this subject, and mail them to me ? I'd be eternally grateful ! Thanks, Rob
boaz@CONCERTO.LCS.MIT.EDU (Boaz Ben-Zvi) (04/23/91)
fidelio@geech.gnu.ai.mit.edu (Rob J. Nauta) writes: |> |> Today I read in the local paper that sunday's New York Times contained |> an article about Dutch Hackers. Since I live in Holland, and the NYT |> costs $12 here, and many other large newspapers are not on sale here, |> could some kind soul please collect all articles about this subject, and |> mail them to me ? I'd be eternally grateful ! Without permission, from Sunday's NYT : COMPUTER INTRUDERS TAPPING U.S. SYSTEMS ( by JOHN MARKOFF ) Beyond the reach of American law, a group of Dutch computer intruders have been openly defying United States military, space and intelligence authorities for almost six months. Recently they broke into a U.S. military computer while being filmed by a crew from Dutch television station. The intruders, working over local telephone lines that enable them to tap American computer networks at almost no cost, have not done serious damage, federal investigators say. And they have not penetrated the most secure government computer systems. But they have entered a wide range of computers, including those at the Kennedy Space Center, the Pentagon's Pacific Fleet Command, the Lawrence Livermore National Laboratory and Stanford University via an international computer network known as the Internet. While the information on these systems is not classified, the computers store a great variety of material, including routine memorandums, unpublished reports and data from experiments. Federal officials said the group had tampered with some information stored on systems they have illegally entered. U.S. government officials said that they had been tracking the interlopers, but that no arrests had been made because there are no legal restrictions in the Netherlands barring unauthorized computer access. A reporter's efforts to reach Dutch government officials for comment have been unsuccessful. ``This has been a terrible problem,'' said Gail Thackeray, a former Arizona assistant attorney general who has prosecuted computer crimes. ``Until recently there have been few countries that have computer crime laws. These countries are acting as hacker havens.'' She said that just as offshore banks in certain countries have traditionally protected financial privacy, today some countries protect intellectual property violations. American law-enforcement officials said they believed there were three or four members of the Dutch group, but would not release any names. A Dutch television news report in February showed a member of the group at the University of Utrecht reading information off a computer screen showing what he said was missile test information taken electronically from a U.S. military computer. His back was to the camera, and he was not named. Military and intelligence agencies physically separate classified computer networks from those used by businesses and researchers to protect the data from electronic forays. When classified information is transmitted over unprotected computer networks or telephone lines it must be specially coded. Because there are no computer crime laws in the Netherlands, American investigators said members of the Dutch group boasted that they could enter computers via international data networks with impunity. But some of the intruders have been identified, and a federal official, who spoke on the condition of anonymity, said there were numerous other criminal offenses for which the they could be prosecuted in both the United States and the Netherlands. One possible charge might be telephone fraud. But legal experts said that because there are no prohibitions against unauthorized computer entry in the Netherlands successfully prosecuting the group may still prove impossible. The case is significant, legal experts said, because while the United States and many European countries have strict laws barring illegal access to computers, there are many nations that have no computer crime laws. There is a proposed law before parliament in the Netherlands that would make unauthorized computer access a crime. Also, a governmental committee of the European Community is now working to standardize computer crime laws in Europe. Because computer networks are accessible from anywhere in the world via a telephone call they are potentially vulnerable to those who cannot easily be prosecuted or convicted of a crime. In the Netherlands case, the group was detected last year after an unusually skilled U.S. government computer researcher at a national laboratory tracked the group's every move using advanced computer security techniques. He notified U.S. authorities of the break-ins. The researcher has been able to make computer records of the intruders' keystrokes as they have electronically prowled through U.S. military, NASA, university and dozens of other computers. It has then been possible to play this information back and gain an exact picture of the computer screen as it appeared to the intruders in the Netherlands. From 1986 to 1988 Clifford Stoll, an astronomer at Lawrence Berkeley Laboratories traced a similar group of West Germans, who were illegally entering U.S. computers and selling computer data and software to a Soviet intelligence officer. Stoll was able to persuade law enforcement officials to locate the group in West Germany and three arrests were made. A German court eventually convicted them, but gave them suspended sentences. One computer expert who has watched the electronic recordings made of the activities of the Dutch group said they do not demonstrate any particularly unusual computer skills, but instead appear to have access to a compendium of documents that contain recipes for breaking computer security on many U.S. systems. These documents have been widely circulated on underground computer systems.
jb107@prism.gatech.EDU (Jim Burns) (04/27/91)
in article <1991Apr23.013425.3461@mintaka.lcs.mit.edu>, boaz@CONCERTO.LCS.MIT.EDU (Boaz Ben-Zvi) says: > Without permission, from Sunday's NYT : > COMPUTER INTRUDERS TAPPING U.S. SYSTEMS ( by JOHN MARKOFF ) [...] > The researcher has been able to make computer records of the intruders' > keystrokes as they have electronically prowled through U.S. military, NASA, > university and dozens of other computers. It has then been possible to play > this information back and gain an exact picture of the computer screen as it > appeared to the intruders in the Netherlands. *This* is a hell of a lot scarier than what the Dutch are doing! -- BURNS,JIM (returned student & GT Research Institute staff member) Georgia Institute of Technology, Georgia Tech Station 30178, Atlanta Georgia, 30332 | Internet: jb107@prism.gatech.edu uucp: ...!{decvax,hplabs,ncar,purdue,rutgers}!gatech!prism!jb107
peter@ficc.ferranti.com (Peter da Silva) (04/29/91)
In article <27495@hydra.gatech.EDU> jb107@prism.gatech.EDU (Jim Burns) writes: > *This* is a hell of a lot scarier than what the Dutch are doing! Why? All he did was attach a printer to the modem. The equivalent of picking up an extension phone. What's so scary about that? -- Peter da Silva. `-_-' peter@ferranti.com +1 713 274 5180. 'U` "Have you hugged your wolf today?"
sef@kithrup.COM (Sean Eric Fagan) (04/30/91)
In article <27495@hydra.gatech.EDU> jb107@prism.gatech.EDU (Jim Burns) writes: >in article <1991Apr23.013425.3461@mintaka.lcs.mit.edu>, boaz@CONCERTO.LCS.MIT.EDU (Boaz Ben-Zvi) says: >> It has then been possible to play >> this information back and gain an exact picture of the computer screen as it >> appeared to the intruders in the Netherlands. >*This* is a hell of a lot scarier than what the Dutch are doing! Repeat after me: a networked computer is an insecure computer. (No, not completely and always true, but given the current state-of-affairs, it's not that difficult to get into someone's machine. All you need to do is monitor internat packets for a while, and figure out what the person was typing. Bad, bad, bad. I believe kerberos encrypts passwords locally, and sends out the encrypted password, which is *much* better.) -- Sean Eric Fagan | "I made the universe, but please don't blame me for it; sef@kithrup.COM | I had a bellyache at the time." -----------------+ -- The Turtle (Stephen King, _It_) Any opinions expressed are my own, and generally unpopular with others.
xanthian@zorch.SF-Bay.ORG (Kent Paul Dolan) (04/30/91)
jb107@prism.gatech.EDU (Jim Burns) writes: > boaz@CONCERTO.LCS.MIT.EDU (Boaz Ben-Zvi) says: >> Without permission, from Sunday's NYT : >> COMPUTER INTRUDERS TAPPING U.S. SYSTEMS ( by JOHN MARKOFF ) [...] >> The researcher has been able to make computer records of the >> intruders' keystrokes as they have electronically prowled through >> U.S. military, NASA, university and dozens of other computers. It has >> then been possible to play this information back and gain an exact >> picture of the computer screen as it appeared to the intruders in the >> Netherlands. > *This* is a hell of a lot scarier than what the Dutch are doing! Why? You break into my machine, I catch you at it and record the full duplex echo going back on your line, I say to myself "self, those look like ANSI terminal escape codes", I play the recording onto an ANSI terminal, and I've got, minus a few lines I may have missed at the beginning, the same thing on my screen you have on yours. If I tee off the returning echo, I have it in real time. Takes slightly less brains than a flatworm to figure that one out, nothing the least bit high tech or "scary" about it. Kent, the man from xanth. <xanthian@Zorch.SF-Bay.ORG> <xanthian@well.sf.ca.us>
gary@sci34hub.sci.com (Gary Heston) (04/30/91)
In article <27495@hydra.gatech.EDU> jb107@prism.gatech.EDU (Jim Burns) writes:
=in article <1991Apr23.013425.3461@mintaka.lcs.mit.edu>, boaz@CONCERTO.LCS.MIT.EDU (Boaz Ben-Zvi) says:
=> [ .... ]
=> The researcher has been able to make computer records of the intruders'
=> keystrokes as they have electronically prowled through U.S. military, NASA,
=> university and dozens of other computers. It has then been possible to play
=> this information back and gain an exact picture of the computer screen as it
=> appeared to the intruders in the Netherlands.
=*This* is a hell of a lot scarier than what the Dutch are doing!
Huh? You've never heard of a network monitor? What would be so
difficult about tee'ing the data to a file and terminal? If they
go thru a serial link somewhere, it's even more trivial.
Read _The Cuckoos' Egg_ sometime. Add a few years of software and
hardware advances. It's easy, if you have backbone access.
--
Gary Heston System Mismanager and technoflunky uunet!sci34hub!gary or
My opinions, not theirs. SCI Systems, Inc. gary@sci34hub.sci.com
I support drug testing. I believe every public official should be given a
shot of sodium pentathol and ask "Which laws have you broken this week?".
halloran@sldv21.mdcbbs.com (05/02/91)
In article <1991Apr30.064042.18410@zorch.SF-Bay.ORG>, xanthian@zorch.SF-Bay.ORG (Kent Paul Dolan) writes: > > jb107@prism.gatech.EDU (Jim Burns) writes: >> boaz@CONCERTO.LCS.MIT.EDU (Boaz Ben-Zvi) says: > >>> Without permission, from Sunday's NYT : > >>> COMPUTER INTRUDERS TAPPING U.S. SYSTEMS ( by JOHN MARKOFF ) > > [...] > >>> The researcher has been able to make computer records of the >>> intruders' keystrokes as they have electronically prowled through >>> U.S. military, NASA, university and dozens of other computers. It has >>> then been possible to play this information back and gain an exact >>> picture of the computer screen as it appeared to the intruders in the >>> Netherlands. > >> *This* is a hell of a lot scarier than what the Dutch are doing! > [...] > > Takes slightly less brains than a flatworm to figure that one out, > nothing the least bit high tech or "scary" about it. > Unless your a Cracker..... > Kent, the man from xanth. > <xanthian@Zorch.SF-Bay.ORG> <xanthian@well.sf.ca.us> -- Mark J. Halloran | Voice: (314) 233-6973 McDonnell Douglas M&E | Fax: (314) 232-8698 Dept C705 MC 3065386 | Internet: halloran@sldev1.mdcbbs.com St. Louis, Mo. 63166 | UUCP: uunet!sldev1.mdcbbs!halloran