- Email: [email protected]
Hacker pleads guilty to Unix theft
Computer
Fraud & Security Bulletin
June 1991
via an invited advisory board to the DTI only. The day to day running of the scheme is undertaken by the Certification Body, staffed by the DTI and CESG and based at Cheltenham. The Certification Body licences commercial evaluation centres (CLEFS), of which Logica Space and Defence Systems Ltd and Secure Information Systems Ltd are the first two to be licenced. Assessment of the CLEFS is by the National Measurement Accreditation Service (NAMAS), to check compliance with European Community Standard EN 45001 and IS0 Guide 25.
electronic bulletin board and to a computer account belonging to Craig Neidorf. Craig Neidorl is the former publisher of the computer hacker publication Phrackand was the central figure in the 1990 BellSouth 911 prosecution. One source suggested that Neidorf, who was acquitted in that case, may be the subject of some later US Government indictment. Be/den Menkus
Melbourne
hackers on trial
Hacker pleads guilty to Unix theft As a result of a bargain struck with US Government prosecutors computer hacker Leonard Rose pleaded guilty in March to five felony counts related to his admitted distribution of stolen AT&T Unix source code. He was sentenced to concurrent one year prison sentences for each of the offences. Rose is expected actually to serve only a portion of this time and to be released from prison before the end of 1991. Known in hacker circles as ‘Terminus’, Rose confessed that he knew in October 1989 when he received the source code that it had been stolen by a former AT&T technical contractor. (According to US Justice Department sources, this person is currently working under contract at IBM and remains under investigation.) In pleading guilty to the charges Rose also admitted that he had: Exchanged the code with various individuals in Texas and Illinois; Downloaded proprietary AT&T source code stored in computers belonging to his employer at the time, Interactive Systems Inc. Placed a Trojan horse, designed to trap and save passwords, into the code’s login sequence; and Transferred
this
modified
code
to an
Two Melbourne men, a student and a programmer, have been committed for trial in April for allegedly penetrating overseas computers, including computer systems of the US space agency NASA. They have been charged under a provision of the Commonwealth Crimes Act, which makes it an offence to use any facility of the Commonwealth of Australia to damage computer data. In this case the facility was the Overseas Telecommunications Corporation. A third man’s committal hearing has been adjourned until June. It is alleged that the three men illegally penetrated a number of foreign computer systems between January and February last year. One of the accused, aged 21, faces 14 charges arising from alleged access to a computer system at Melbourne University and a further 33 charges, adjourned to a superior court, in which the Crown claims that the accused obtained access to computers in Australia, Europe and the USA, and then changed and deleted data. Lawyers will follow these cases closely as they are seen as a significant test of the Commonwealth legislation which was passed in June 1990 to combat hacking. Frank Rees
IT challenge to US constitution with
Concerned that US laws have not kept up new information practices, computer
01991
Elsevier Science Publishers Ltd
Fraud & Security Bulletin
June 1991
via an invited advisory board to the DTI only. The day to day running of the scheme is undertaken by the Certification Body, staffed by the DTI and CESG and based at Cheltenham. The Certification Body licences commercial evaluation centres (CLEFS), of which Logica Space and Defence Systems Ltd and Secure Information Systems Ltd are the first two to be licenced. Assessment of the CLEFS is by the National Measurement Accreditation Service (NAMAS), to check compliance with European Community Standard EN 45001 and IS0 Guide 25.
electronic bulletin board and to a computer account belonging to Craig Neidorf. Craig Neidorl is the former publisher of the computer hacker publication Phrackand was the central figure in the 1990 BellSouth 911 prosecution. One source suggested that Neidorf, who was acquitted in that case, may be the subject of some later US Government indictment. Be/den Menkus
Melbourne
hackers on trial
Hacker pleads guilty to Unix theft As a result of a bargain struck with US Government prosecutors computer hacker Leonard Rose pleaded guilty in March to five felony counts related to his admitted distribution of stolen AT&T Unix source code. He was sentenced to concurrent one year prison sentences for each of the offences. Rose is expected actually to serve only a portion of this time and to be released from prison before the end of 1991. Known in hacker circles as ‘Terminus’, Rose confessed that he knew in October 1989 when he received the source code that it had been stolen by a former AT&T technical contractor. (According to US Justice Department sources, this person is currently working under contract at IBM and remains under investigation.) In pleading guilty to the charges Rose also admitted that he had: Exchanged the code with various individuals in Texas and Illinois; Downloaded proprietary AT&T source code stored in computers belonging to his employer at the time, Interactive Systems Inc. Placed a Trojan horse, designed to trap and save passwords, into the code’s login sequence; and Transferred
this
modified
code
to an
Two Melbourne men, a student and a programmer, have been committed for trial in April for allegedly penetrating overseas computers, including computer systems of the US space agency NASA. They have been charged under a provision of the Commonwealth Crimes Act, which makes it an offence to use any facility of the Commonwealth of Australia to damage computer data. In this case the facility was the Overseas Telecommunications Corporation. A third man’s committal hearing has been adjourned until June. It is alleged that the three men illegally penetrated a number of foreign computer systems between January and February last year. One of the accused, aged 21, faces 14 charges arising from alleged access to a computer system at Melbourne University and a further 33 charges, adjourned to a superior court, in which the Crown claims that the accused obtained access to computers in Australia, Europe and the USA, and then changed and deleted data. Lawyers will follow these cases closely as they are seen as a significant test of the Commonwealth legislation which was passed in June 1990 to combat hacking. Frank Rees
IT challenge to US constitution with
Concerned that US laws have not kept up new information practices, computer
01991
Elsevier Science Publishers Ltd