Security Bullet In
Communiques from the security front, sir
Friday 23 January 2009, 1:29 PM
Nasa hacker gains judicial review
At the High Court in London this morning Lord Justice Maurice Kay ruled that there would be a judicial review of Smith's decision to turn down McKinnon's second appeal.
In a statement, Gary's mother Janis Sharp said she was "overjoyed".
"We are overjoyed that the British Courts have shown sense and compassion by allowing our son Gary, a young man with Asperger's Syndrome, this judicial review," said Sharp. "We have always been outraged by the Home Office's decision to have him extradited to stand trial in a foreign land where he would face an out-of-proportion sentence for what is essentially a crime of eccentricity."
McKinnon stands accused by US prosecutor's of "the biggest military hack of all time". The prosectuors allege that McKinnon caused $700,000 worth of damage by deleting files on various military systems in 2002. McKinnon has never denied hacking the systems, but denies causing damage. He claims to have been searching for evidence of UFOs, and later to have discovered evidence of anti-gravity projects.
Should McKinnon be tried by a US court, he could be sentenced to up to 70 years in a "supermax" maximum security gaol.
Were McKinnon to be extradited, he would suffer the risk of psychosis, and possibly become suicidal, autism expert Professor Simon Baron Cohen told ZDNet UK at a press conference last week. Professor Baron Cohen of Cambridge University diagnosed McKinnon with Asperger's, a condition on the autistic spectrum, last summer.
Smith turned down McKinnon's second appeal against extradition in October, after he had been diagnosed with Asperger's.
PreviousComments on this post
Since the US Government has the hard drive and presumably trace logs from the systems he allegedly damaged, it would be very interesting to compare files from both sources and see what he really did and what might have happened after he "opened the door".
My optimistic guess is that he's become a fall-guy. The crackers that took down those systems were already there in the system, they took note of his log-on and they re-wrote the event logs. The other possibility is that an inexperienced military non-com running management software shutdown all the systems to prevent what he might have mis-diagnosed as a worm or Trojan infection instead of an "illegal" logon.
Microsoft distributes a VB script for remote system shutdown as part of its Win 2000 server resource kits. All you need to do is connect to the domain server, make a collection of the system names and then send shutdown messages via RPC to all the systems. Options that are set in the script include an instantaneous shutdown without saving current file data AND most important of all would be authentication credentials! The instantaneous shutdown could have caused enough file corruption to prevent the applications on re-start from working right if there were open files on those systems when the shutdown command occurred. Access 97/2000 applications with open record-sets are especially susceptible to damage. Wait till the command executes and then re-write the event log and the security log and then nobody knows you've been in there.
Considering they claim 70,000 systems were damaged, it had to have been done with scripting or management tools. What I would like to know is why in the freaking world would any military IT department think that having a SINGLE 70,000 computer domain is a good idea? If they broke the systems up into smaller domains with trust settings that enabled "excluding" security, the management domain could be completely off the Internet to prevent that from being accessed by crackers. Even Windows 2000 server came with Active Domain which would have allowed that level of security.
