Security Bullet In
Communiques from the security front, sir
Thursday 30 October 2008, 5:39 PM
Gibson: Is McKinnon still here?
McKinnon is accused of "the biggest military hack of all time" for accessing US military computers, and faces almost certain extradition. McKinnon, who claims he was looking for evidence of UFOs, has never denied accessing the military computers, but denies deliberately deleting files and causing damage. He was recently diagnosed with Asperger's Syndrome, a condition on the autistic spectrum.
The temperature at an RSA Conference Europe press event plummeted when I raised the subject of McKinnon's probable extradition with Gibson. I asked the ex-FBI agent whether he thought Gary McKinnon's Asperger's diagnosis should have any bearing on whether or not McKinnon should be extradited. Gibson replied:
"I think Jacqui Smith made the determination -- the Asperger's diagnosis shouldn't have any bearing [on whether McKinnon is extradited]," said Gibson. "Is he still here?"
When I said that yes, McKinnon was still here, Gibson said: "Why?" I said that his defence lawyers were seeking a judicial review of Home Secretary Jacqui Smith's decision to extradite the self-confessed hacker, given his Asperger's diagnosis.
The already chilly atmosphere in the press room dropped still further when I quizzed Gibson as to his role in the plea bargaining. Gibson is believed to have told Karen Todner, McKinnon's solicitor, that the New Jersey authorities were determined to see McKinnon "fry" for his alleged crimes, should he be extradited. New Jersey has the death penalty.
When I asked Gibson whether he had threatened that McKinnon could "fry", Gibson muttered: "That was never said. The court records are really clear."
I was curious as to whether that was correct, so I gave Karen Todner a ring. She told me she had sworn an affadavit that Gibson had said McKinnon could "fry", while Gibson had sworn an affadavit that he hadn't said that.
"[Gibson] later sent me an email insisting he hadn't said that," said Todner.
Hmmm, sounds to me that it still isn't "really clear" exactly what was said at all.
PreviousComments on this post
Oh my god no...that isn't clear at all is it? The extradition should be halted right away. The UK has a policy of not sending people to their deaths!!
Absolutely Brilliant Interviewer having the Guts to ask such relevant questions.
This information re-the "Fry" comment was raised in the courts several times and was in the public domain for almost two years without being challenged by the prosecution.
It seems odd then that only weeks before Gary McKinnon's case was due to be heard by the Law Lords did the prosecutors put in Afidavits denying that they had threatened Gary McKinnon during negotiations. in order to induce him to accept a plea bargain.
The prosecution putting these Afidavits before the Law Lords at the last minute, would undoubtedly have had an influence on the outcome of Gary's appeal to the House of Lords.
The threats have never yet been tested in a court of law and I hope they will be, as if lies were told, those responsible might well be prosecuted for perjury.
As reported in several newpapers and confirmed by Gary McKinnons solicitors. The file containing details of the alleged threats went "missing" from Gary's solicitors office and Gary's Barristers Laptop containing the same legal notes on the alleged threats, was stolen from his car.
However I believe there is still evidence out there that can prove what was actually said. So let's hope it all comes out with a blast.
Great Journalism!!! Great Courage!!!
Hope there's a good outcome for Gary McKinnon
The only offense in the US Federal court system punishable by death is treason. Since he's not a US citizen, he can't have committed treason. There has to be an un-impeached witness to the treason as well. The crimes he committed and confessed to were against US Federal websites. It will be a big stretch to mangle the treason statutes to cover web hacking. He can't be tried in a state court for a crime committed on Federal property, the NASA site and other websites.
If they told him they were going to try him in New Jersey its probably because they have a judge "in their pocket" there. His US attorney needs to file for a change of venue immediately.
If they told him they could kill him for breaking into a website that's probably enough right there to dump the case out of the US court system assuming he gets a sharp US attorney. Misconduct by the US Attorney General's office or the FBI or misconduct performed on behalf of the US Attorney General's office by UK subjects can get the case tossed because the evidence gained from that misconduct is tainted. Its the same issue the Guantanamo prisoners are attempting to take advantage of because use of torture is misconduct.
Is there a public record that can be accessed of the extradition hearing? Any evidence that can be read on-line? I would like to know what he confessed to. The FBI and the US Attorney General sure seem awfully intent on getting the guy. He sounds like he was lousy hacker since he got tracked so easily.
Was the US Attorney General required by the UK court system to present any evidence at all? Did that make it into a public record?
Xwindowsjunkie, the details you need are here....
1. An Interview With Gary By the Guardian newspaper.
http://www.guardian.co.uk/theguardian/2005/jul/09/weekend7.weekend2
2. A video Interview.
http://video.google.com/videoplay?docid=-4252902807834262581
-------------------------
Tom I have also e-mailed
http://freegary.org.uk/
a link to this blog in case it has not already come to their attention.
Well he sure protrays himself incompetent as a hacker. Thanks for the URL's.
Well guess what? Real Life, its not a movie. That alone makes Asperger's a possible diagnosis but its not definitive, he could have been fed the symptoms to feign. It wouldn't be hard to maintain while in limited scrutiny.
The video and print interviews technically aren't evidence, they are his opinions about what he did. He might be relatively truthful but since he admitted to smoking dope while cracking websites, a lot of what he said could be wrong simply because he's his own worse character witness. Nothing he "saw" or experienced while high on grass or whatever supports a favorable outcome for him.
I guess what I was looking for was what's the "official" record say he did? What has he been specifically charged with that merits extradition? Since he's free on bond the UK courts don't seem to really care what he's done.
Also it appears he really pissed off the American FBI agents doing the investigation. He picked a really bad time (post 9-11) to re-start his "cracking career".
A side note, he mentioned smoking Bensen and Hedges. I nearly laughed out loud. The hacker in Germany caught cracking into US computer systems in Clifford Stoll's book Cuckoo's Egg smoked them. Maybe McK started out as a "wannabee"!
Try this one:
BBC profile of Gary McKinnon
Finally got a look at an article on the BBC with some detail besides what he says he did. They mentioned that the UK authorities gave the hard drive of his system to the FBI. So they now know what he was up to.
Its obvious that they are using him as an "example". But he's screwed. He probably should have taken the deal. If he can still take it he should. They will want him to "co-operate", that means they will grill him to find out what he was doing and what he did to get onto those sites.
Since he mentioned that there were others hacking the same sites as he was, they are going to probably going to want to know everything he knows about them.
You don't mess with the US Navy and US Army. Another website (Wired I think) indicated that he got into a system that does ship scheduling, likely a quartermaster system. Crashing a large Army network was also a big no-no. Maybe he shouldn't have been doing dope while he cracked sites. And keeping his mouth shut would have been smart as well.
All of those interviews he did since his arrest can be used as evidence if the prosecutor wants to. Also he may have dropped some clues for more things they can get evidence on and re-arrest him for that while he's in custody either doing time or awaiting his trial.
Both Obama and McCain (presidential candidates, one of them wins it all tonight) have said that they will close Guantanamo. So he won't end up there. If he can delay the extradition until after the President's Inaugural (Jan 21 2009) by a couple of months they might relent a little.
Since he'll be doing federal time he might be incarcerated in a minimum security prison. Most of the offenders in those prisons are white-collar felons, embezzlers, former bank presidents (I wish!) not murderers and rapists. Its pretty obvious he's not considered much of a flight risk or he'd be in jail instead of semi-house-arrest.
This whole case has a repugnant whiff of "Homeland Insecurity" about it.
Briefly, the US alleged that McKinnon identified US Government and that he deleted data, including critical OS files from nine computers, the deletion of which shut down the entire US Army’s Military District of Washington network of over 2,000 computers for 24 hours, significantly disrupting governmental functions. Some 2,455 user accounts were allegedly deleted from a US Army computer that controlled access to an Army computer network, causing them to reboot and become inoperable. And an alleged deletion of files at US Naval Weapons Station Earle was said to render the base’s entire network of over 300 computers inoperable at a critical time following the 11 September attacks.
The US said it cost $700,000 to repair the alleged damage, and the plea bargain was said to be based on this figure, as opposed to a higher figure which the prosecution believed they could prove if they calculated the damages by taking into account the downtime of affected systems and people.
Could it be possible that Garys dodgy hacking software left the door ajar for more malicious types to follow in after him? I don't know how hacking works, but if this was the case, maybe it would be good for his defence....
Considering that they say they can prove he deleted the OS files, tells me that he was running as an admin on the system. If he left an open door behind him, its conceivable that what he did enabled other hacks. But its more likely that that they used the same entry mechanism that he did. Quite often the way into a Windows system is an "elevation of privileges" hack. A lot of IIS (Windows web server) code was very buggy and insecure. In a Win2K server install, installation of IIS was the default condition. If the system allowed a implied "Guest" logon to serve web pages, sometimes that's the first step you need to get past the security. The big question would be what security patches had been installed when he broke into the systems.
In late 2001 the Army and Navy were probably still using Windows 2000 Pro and Server for a lot of their systems. Windows XP Pro was out but I can't remember if SP1 had been released yet or not. It was as bad as Win2K at first. They may also have had some Win98 systems still running and those should have never had a NIC installed in them! A lot of US government systems were setup with Win2K servers and Win98 desktops, it had the best price structure.
Mr McKinnon and/or his US attorney ought to look at this:
http://news.yahoo.com/s/ap/20081110/ap_on_re_eu/eu_romania_nasa_hacker;_ylt=AvywKMQ3uZoEugXpln5CvuuHgsgF
Romanian court handed down a suspended sentence to a hacker that did essentially what he did. Looks like extradition is in his future as well.
On Roger's comment about pardons--here's an editorial cartoon from Pat Oliphant about the presidential pardon routines.
http://news.yahoo.com/edcartoons/patoliphant;_ylt=AgwsVn63n4pl043wbOOyOmJW_b4F
Outside of the jackals so prominent on the right of Dubba-Bubba, its factual.
I would have thought that once a national court had metered out it's punishment that would be the end of the matter. Yes I checked out the cartoon and liked it. I picked up the idea from the background, of an out going president being lobbied by the goons and lowlife to issue pardons! Would make good comedy.
