Forum Moderators: phranque
[news.bbc.co.uk...]
In it he tells how he logged into the American Army, Navy, Airforce, Department of Defence and NASA for 2-3 years before being caught.
He mentions that many of the pcs being used had no basic security (i.e. no passwords set) making it very simple to get into. He says that he could also tell that there were many other hackers/foreign governments logging onto these computers just as he was, looking at the information on them.
Furthermore he says he used a simple, popular remote access program that anyone can buy to log onto the computers. In other words on all these computers the mouse would be moving, windows would be opening etc - yet no one spotted it for several years.
He goes onto say that that a network administrator at NASA caught him using a PC and spoke to him by typing on wordpad. Gary says he then typed into wordpad claiming that he was from military security - which the network administrator - in charge of security - actually believed (if its all true).
I know nothing about network security - but it strikes me that it is or was incrediably easy for hackers (perhaps even novice hackers as I don't think he was the most experienced hacker around) to compromise the security of all these organistation and collect any information they wanted - something I personally find shocking.
I heard a claim from a former employer (turnover 10s of Millions£) that their system was impossible to hack.
Took me twenty minutes to gain root access with a trial copy of a security software.
Werent overly interested when I told them either.
The US government has, no doubt, its own geeks employed to use these methods (and others) to spy on other countries, etc. Therefore they know all about these holes in Windows... Even in peacetime, misinformation is widely used by Governments - this is probably a classic example.
However, even if aliens are known to exist, I would support Governments in keeping it secret - whilst some people could handle it, newspaper editors (and cable news services) would stir things up so badly with speculation and nonsense that chaos would undoubtedly follow.
Kaled.
The alien part of the interview didn't interest me in the slightest - like the BBC I was more interested in the security (or to more precise the lack of it).
I hate hackers and spammers but shouldn't they be tried in the country where the offences were committed?
<snip>
I think the US DoD would have been better keeping quiet about this and putting him on their payroll. No mattter what happens they won't come out of it smelling of roses.
[edited by: trillianjedi at 10:07 am (utc) on May 11, 2006]
[edit reason] Steering from politics [/edit]
Essex_boy, yet another example of SMEs not having competent IT departments. All the good sysadmins are hired by a few (mostly big) companies who really do care about security etc.
The management of SMEs do not know enough about IT to judge how good their staff are and hire the cheapest person or the best talker to run IT. That person then hires a bunch of others of equal competence.
[edited by: trillianjedi at 10:07 am (utc) on May 11, 2006]
[edit reason] Steering from politics [/edit]
This is not a thread about extradition policy. Let's keep it to network security issues...
