Politech archive on U.S. v. Brian K. West:
http://www.politechbot.com/cgi-bin/politech.cgi?name=sperling
**********
http://www.wired.com/news/politics/0,1283,47146,00.html
'Good Sam' Hacker 'Fesses Up
By Declan McCullagh (declan_at_wired.com)
7:10 a.m. Sep. 27, 2001 PDT
WASHINGTON -- It seemed like such a straightforward example of
prosecutorial misconduct: An Oklahoma man was being investigated by
the Justice Department for helping a newspaper fix a website security
hole.
The outcry among the geek community last month began with an
uncritical story on LinuxFreak.org entitled "Cyber Citizen Lands
Felony Charges?" Sites such as Slashdot soon picked up the sad tale of
24-year-old Brian K. West as evidence of out-of-control, tech-clueless
government lawyers, and urged everyone to e-mail the U.S. Attorney in
charge of the prosecution.
Making the story even more appealing to the open-source community was
the Microsoft angle: West was said to have reported to the Poteau
(Oklahoma) Daily News and Sun a security flaw in Microsoft NT 4.0 IIS
and Microsoft FrontPage.
But a guilty plea that West signed tells a far different story -- and
shows how easily a well-meaning community of programmers and system
administrators can be led astray.
[...]
**********
Date: Wed, 26 Sep 2001 17:36:08 -0400
From: "Sperling, Sheldon" <Sheldon.Sperling_at_usdoj.gov>
Subject: USAO/EDOK
Message-Id: <"USAOKEML01-010926213607Z-20823*/PRMD=USDOJ/ADMD= /C=US/"@MHS>
NEWS
RELEASE
U.S. Department of Justice
SHELDON J. SPERLING
United States Attorney
Eastern District of Oklahoma
(918)
684-5100
For Release: September 24, 2001
For further information contact: Jeffrey A. Gallant, Assistant U.S. Attorney
MUSKOGEE, OKLAHOMA - BRIAN KEITH WEST, age 24, of Stigler, Oklahoma, pled
guilty today to intentionally accessing and obtaining information from a
protected computer without authorization through the use of an interstate
communication in violation of Title 18, United States Code, Section
1030(a)(2)(C). United States Magistrate-Judge James H. Payne accepted
defendant's plea of guilty, found defendant guilty of the misdemeanor
charge, and ordered a presentence investigation report.
Defendant was released pending sentencing, pursuant to the
agreement of the prosecutor and defendant, on an unsecured promise to
return for sentencing.
Pursuant to a written plea agreement which was filed
in open court, defendant
"agree[d] to the following statement of
facts: On February 1, 2000, defendant was viewing the Poteau Daily News
and Sun (PDNS) website using MS Front Page and a web browser, MS Internet
Explorer. Using MS Front Page, defendant discovered a common security flaw
between MS Front Page and MS Internet Information Server (IIS), the server
software being run by PDNS. Defendant recognized the security flaw and
continued to probe the website following the discovery. Computer logs from
the PDNS web server confirm this. While probing the site, defendant made
copies of six proprietary Practical Extraction Report Language (PERL)
scripts that were part of the source code running the PDNS webpage.
Defendant also obtained password files from PDNS and used those passwords
to access other parts of the PDNS webpage. Defendant
electronically shared the scripts and the password files for the PDNS
website with another individual. Defendant's access to the webpage
involved interstate communications. On February 2, 2000, defendant
contacted PDNS and alerted them concerning the security flaw.
On February 11, 2000, agents of the FBI executed a federal search
warrant at the CWIS Internet Services office in Stigler, Oklahoma. During
the search, FBI Computer Analysis Response Team (CART) members made image
copies of computers used by defendant. On February 11, 2000, defendant was
interviewed by FBI agents. During that interview, defendant indicated that
he found the security hole in the PDNS website, and copied the PERL
scripts. Defendant further stated that he was re-writing the scripts in
another computer programming language. Following the interview, defendant
provided the FBI with written consent to search his laptop computer and
all the computers he controlled inside CWIS. Defendant indicated
previously to other individuals that he could use the PDNS PERL script to
produce and market his own version.
A review of the electronic evidence obtained from defendant's
computers show that he saved the PERL script in several places and created
separate directories called "/home/PDNS/" and "/home/pdns2". These two
directories were substantially the same directories and contained
substantially the same files. One of the directories was a "shortcut" to
the other. In these directories files were found indicating that defendant
was rewriting a part of the PDNS program in another computer language. The
files written by defendant were in the PHP computer programming language
and the file extensions of those files ended in .inc and .asp. These
files were not in the PERL programming language."
WEST penetrated a security hole in the website of the Poteau Daily
News and Sun, employed a user ID and password, and downloaded computer
files of value. WEST reported to the newspaper editor that he had
penetrated the website, accessed the site using a username and password,
and downloaded several files. West told the newspaper editor that his
intrusion accidental. The website owner reported the unauthorized access
to law enforcement authorities.
Pursuant to an application for search warrant, a United States
Magistrate-Judge ordered a search of WEST's employer's place of
business. Files which WEST had downloaded from the website were found on
WEST's laptop. A copy of the search warrant was left with WEST's employer
as provided by law. WEST was not arrested nor charged at the
time. Subsequent investigation revealed that WEST had downloaded the
computer files, was in the process of rewriting the files, and intended to
market the revised software program.
At the plea hearing before United States Magistrate-Judge James H.
Payne, WEST waived the right to proceed before a district judge and entered
a plea of guilty to the misdemeanor Information. The defendant was
represented by Cherie Chappel, of Edmond, Oklahoma, and Kenneth Poland, of
Cleveland, Texas. WEST said he was satisfied with the performance of his
attorney and believed they had done all that they could do to counsel and
assist him with regard to this matter.
"In the context of recent events, even as before, we don't
prioritize unauthorized computer access where there is no
consequence," noted United States Attorney Sheldon J. Sperling. "This
matter was pursued because the defendant downloaded files and intended to
derive a financial benefit from the unauthorized access. Of course,
hacking with attendant web site damage would be taken much more seriously."
"This case generated a very substantial amount of e-mailed
correspondence to our office and across the world,' Sperling said. "The
wide range of opinion was instructive. In this case, the defendant rewrote
the files he downloaded, planned to distribute his rewrite, added another
page to the website, modified the password file, and misled sympathizers
and others as to both the character and scope of what he had done."
"It is important that web sites are secure from unauthorized
access and that intellectual property is protected. Cyberspace will be a
better place for all if such privacy and property rights are respected,"
stated Assistant United States Attorney Jeff Gallant.
The offense to which WEST pled guilty is a misdemeanor which is
punishable by a term of imprisonment not to exceed one year. Prosecutors
expect that, under the United States Sentencing Guidelines, WEST will
eligible for probation.
The Information to which defendant pled guilty is as follows:
COUNT ONE
[18 U.S.C. § 1030(a)(2)(C)]
(Accessing a Computer without Authorization)
On or about February 1, 2000, in the Eastern District of Oklahoma, and
elsewhere, the defendant, BRIAN KEITH WEST, did intentionally access a
protected computer without authorization through the use of an interstate
communication, and did thereby obtain information from a protected
computer; to wit: the defendant, BRIAN KEITH WEST downloaded proprietary
Practical Extraction Report Language scripts and password files from the
protected computer.
In violation of Title 18, United States Code, Section 1030(a)(2)(C).
.
Shelly
Sheldon J. (Shelly) Sperling
United States Attorney
Eastern District of Oklahoma
1200 West Okmulgee
Muskogee, OK 74401
918/684-5151 (phone)
918/684-5150 (fax)
sheldon.sperling_at_usdoj.gov
**********
-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
Declan McCullagh's photographs are at http://www.mccullagh.org/
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------
Received on Sep 27 2001
Intro
