--- From: "Deviant" <brianat_private> To: <declanat_private> Subject: another case of criminal charges over disclosure of security hole Date: Sat, 27 Jul 2002 18:11:35 -0400 Hi, Declan, We met at this year's H2K2 (i was one of the blue-shirted volunteers enjoying panels such as yours in between running water to speakers and holding audience mics. we actually spoke briefly and got a photo together after the panel regarding the FBI.) You are likely to have seen this already, but I would be remiss if i didn't pass along what information I have along with some key points which I feel are being drowned out among the squabbling slashdot.org posters. http://www.theregister.co.uk/content/55/26397.html http://www.chron.com/cs/CDA/story.hts/tech/news/1507766 [Summary] Stefan Puffer, A 33-year-old Houston computer security analyst was indicted by a Grand Jury on Wednesday with two counts of fraud. What was his "crime" you ask? He demonstrated the insecurity of the Harris County (TX) district court's wireless LAN to their staff and a reporter. <quote> On March 18, Puffer showed a county official and a Chronicle reporter how he was able to use his laptop computer and a... wireless card to tap into the clerk's system. Puffer said he noticed he could access the county network in early March, when he scanned for weaknesses throughout Houston. </quote> [Key Points] * Puffer was employed briefly by the county's technology department in 1999. The articles don't state whether or not he was involved with the deployment or securing of the wireless LAN. * Puffer could get five years in jail and faces a $250,000 fine on each count if convicted. What the specific counts are is not documented well in either article. * District Clerk Charles Bacarisse said no files were compromised. * The county chose to shut down the wireless system due to this information, as opposed to securing it properly. They are claiming that this "forced shutdown" is causing the damages being cited. Damages at $5000, mind you. (As a rather funny slashdot.org post by MrP stated... "where do they get these numbers?? Someone ping me so I can sue you for $1,000,000 in damages.") * Any wireless LAN can be WEP-enabled - all systems support this and it is TRIVIAL to configure. (They could just RTFM) [VERY IMPORTANT POINT] War Driving (also known as NetStumbling) does NOT constitute intrusion on a network by itself. You're technical enough to understand this, so i'll state it in total geek-speek here and let you translate for your readers. (You're so very good at that. :-) Using software such as NetStumbler for War Driving simply sets one's wireless card into a continuous reset mode. I.E. - the card constantly acts as though it was just enabled and begins to listen for a network to which it can connect. The key phrase is "LISTEN FOR." In War Driving, the insecure network is the party contacting the card, not vice-versa. The court's network contacted Puffer's laptop. Now, whether or not he chose to establish a network session with them, well, that remains to be seen. If Puffer did not attempt to connect to the shared resources of the LAN but simply saw the insecure access point appear in his NetStumbler logs, then he is ABSOLUTELY IN NO WAY guilty of any crime according to any Texas state law or federal law of which I or my associates are aware. Thanks again for all you do... I appreciate your work very much and enjoy sharing your pieces with my friends and family. Regards, - Brian Rea ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ ------------------------------------------------------------------------- Like Politech? Make a donation here: http://www.politechbot.com/donate/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Jul 31 2002 - 22:56:39 PDT