Slashdot Mirror
Republican Aide Tries to Hire Hackers
Noryungi writes "It seems as though a Republican Communications Director contacted Attrition.org, trying to hire hackers to improve his educational records. I don't know what is his dumbest move: (a) contacting Attrition in the first place, (b) using a real name Yahoo email address or (c) speaking at length about what he needed? Kudos to the Attrition crew for posting the whole email dialogue online! A sample from the conversation: 'Jericho: First, let's be clear. You are soliciting me to break the law and hack into a computer across state lines. That is a federal offense and multiple felonies. Obviously I can't trust anyone and everyone that mails such a request, you might be an FBI agent, right? So, I need three things to make this happen: 1. A picture of a squirrel or pigeon on your campus. One close-up, one with background that shows buildings, a sign, or something to indicate you are standing on the campus. 2. The information I mentioned so I can find the records once I get into the database. 3. Some idea of what I get for all my trouble.'"
I'm sorry, I keeled over laughing from that part. They really had him strung along with the whole thing. Although, I think he started to catch on after the "bust":
Honestly, the more I see of this stuff, the more I wonder if it isn't time for a congress reform rather than any of the billion other little "reforms" that congress proposes. The original intent of the founding fathers was that regular people would run for office and represent the best interests of their constituents; in the tradition of Cincinnatus They certainly never intended for the "career" politicians we see today. Too much money, organized crime, and generally dispicable people getting into office.
The only question is, what is the best approach to encourage more honorable folks to run for office? Perhaps the terms of office should be limited? That would certainly help discourage careering. Limits on advertising budgets would be good, but difficult to police. Any other ideas?
Javascript + Nintendo DSi = DSiCade
Is he trying to improve his own records? Isn't this just a case of an idiot who tries to get people to hack their educational stuff for them? I mean, it probably will lead to a congressional scandal, but it doesn't really have much to do with the aide's aide-ness or republican-ness.
Ninjas and pirates. How piquant.
Umm, pretty much everything that came from the attrition.org side is a joke. They were yanking this guy's chain.
-R
Everyone knows that squirrels and pigeons have a protection from FBI spell cast on them, and cannot be photographed or photoshopped by FBI agents or those in collusion with them.
34486853790
Connection too slow for X forwarding? Try "ssh -CX user@host"
I read the email correspondence before reading the network world article. They were just leading him on.
They had the whole exchange posted for a while, but it was only recently that anyone in the media bothered to track down the actual guy.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
Um, I'm sure I won't be the only one to ask this. But how in the hell does this prove that you are not the FBI, Secret Service, Police or whoever? Even if he was on campus at the time, I'm sure any authority that you'd want to fear could get to wherever they needed to be to take that picture in the same day that he asks for it.
In case you are wondering, what they are doing is a variant of the 419 eater technique. They had no intent of following through, but they had every intent of making the guy look like a fool as they strung him along.
Try to hack my 31337 firewall!
They were just messing with him. They were playing on the whole "hacker movie" stereotypes of being able to do anything with even the slightest bit of information*. The request to get a sign or buildings in the background was to solidify the idea that they wanted this information for verification purposes. They probably wanted him to believe they could zoom in from a live satellite and see the location he photographed.
They continued to jerk his chain with email exchanges like this one:
It sounds good (lots'o techno-jargon), but it's obviously nonsense to anyone who knows better.
* I don't watch 24, but I've heard some rather amusing takes on their entire "hacker" philosophy. In particular, they seem to be able to do the impossible without blinking an eye, just by wrapping it up in some techno-babble that's intended to sound good to the average joe.
Javascript + Nintendo DSi = DSiCade
The real mystery is how somebody this sharp, informed and educated managed to do so badly in college. I mean, the guy's obviously got street smarts and book smarts.
These stories are free but worth money.
Am I the only one reminded of a very good independant british computer game?
:D
Of course, you'd have to bounce your connexion through InterNIC, hack into the International Academic Database, disable the proxy and clear your logs afterwards...
Lex
1)
I'm not surprised that yet another Republican is violating moral and legal standards to improve his/her position. I'm glad that someone outed this prick. I don't necessarily see this as an attack on Republicans on a partisan basis, but if you have a group that has a long and varied history of this sort of behavior, and you bring it up yet again, it can look partisan. I vote for honorable Republicans, so I'm not some kind of rabid partisan. I'm not impressed with the way Democrats conduct campaigns; it's half-assed, but I tend to prefer voting for Democrats.
We see Democratic boobs do all sorts of stupid, venal stuff. But when it comes to craven, cynical behavior, you have to hand it to the Republican for the no-holds-barred, down-and-dirty politicking.
Keep up the pressure on the bad guys.
Best regards.
Everyone knows that squirrels and pigeons have a protection from FBI spell cast on them, and cannot be photographed or photoshopped by FBI agents or those in collusion with them.
Actually, their inability to be photoshopped has nothing to do with it. Pigeons are protected under whistle-blower laws.
There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
Corruption should always be condemned. It disturbs me that you are willing to ignore the actions involved because of partisanship. That said, I'd say this posting has less to due with politics than with technological naivety. Basically it was posted so that we can all have a good laugh at the unfortunate victim.
First of all, slashdot has to protect only one reputation: "news for nerds". Now, granted, lots of what is posted on slashdot is neither news nor for nerds, but THIS story is. It's hilarious.
Second, slashdot isn't making this a partisan issue. The fact that the guy works for the republican party is what makes this a partisan issue. In this case slashdot is only reporting the news, not trying to make it.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
It's just hilarious - this guy is supposed to be a Republican Communications Director?! A Communications Director didn't realise he was posting to a public site using his real name?! Yikes!
When they tell him that the Feds may have busted the operation by cracking their rot-26 encryption I nearly choked on my breakfast (cold pizza of course)! This is a classic.
On one of the linked sites, the guy is claiming that he was 'under the influence' for the whole exchange and is 'seeking treatment'. So he's claiming he was blind drunk for the entire two weeks? Wow - the Republicans either have better parties than I ever suspected - or they truly are drowning their sorrows after recent election defeats!
He needs to go to jail for a few years.
www.sjbaker.org
It would have been cooler if they'd sent this knucklehead screenshots of them doing the "hack" and it be from Uplink.
Then it would have been complete!
Yes Francis, the world has gone crazy.
I know that Sandy Berger (just so no one thinks I'm biased) is a real moron but come on, how much lack of intelligence does one have to have to think that they could get away with this?
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
To make up for that, I've created a mirror:
http://suso.suso.org/attrition1.html
http://suso.suso.org/attrition2.html (Page 2)
If a job's not worth doing, it's not worth doing right.
The squirrel requirement eliminates the nuts.
Infuriate left and right
...I'm just proud my representative (or his aide) knew about the Interweb! ;)
This is so funny. You guys will believe anything posted on the Internet! :)
Companies want programmers who think "out of the box" only to put them in tightly controlled boxes after hiring. WHY?
IANAL, but if I understand correctly, either party of a two-way communication can generally make them public unless it's declared private by some sort of legal notice (terms of use, legal disclaimers in the sigs, or something.) Since Attrition is a publicly available website, and maintainer of all those public Infosec mailing lists, it's probably not legally reasonable for this guy to assume his emails would be kept private. After all, he didn't even have any real idea who the person was he contacted, much less have a nondisclosure agreement with him.
Slashdot Burying Stories About Slashdot Media Owned
This reminds me of a Hilarious West Wing scene:
[CJ is mad at Josh for posting to the message board of a Josh Lyman fansite]
C.J. Cregg: If you ever post anything on that website again, I will shove a motherboard so far up your ass... What?
Josh Lyman: You DO know I outrank you, right?
C.J. Cregg: SO FAR UP YOUR ASS...
"All great wisdom is contained in .signature files"
Nah, the rot-26 takes the cake.
It's just like rot-13, but twice as secure!
MABASPLOOM!
There's a classic comment that A people hire A people, but B people hire C people. Bush has not exactly been known for great job appointments. If you actually follow his appointments, it's embarrassing, even if you're a Republican. They're loyal, but often not very good. (It's not just that lightweight at FEMA, "Mr. Torture" at Justice, and the economic advisers from Enron; there's a long, painful list of bad high level hires.)
Once you get the institutional idea that each level hires dumber people below them, a few steps down the food chain, people like this turkey are getting jobs.
Holy cow. This technique actually has a name.... and you knew what it was... I'm in complete awe over here.
:)
(not a troll, simply poking fun)
There is simply too much glass..
The folks at attrition have *always* had a policy of posting email to them. It's usually a great read (and this one started back in September, ISTR). It was only when Mr. Bright Guy was outed as a congressional aide that it hit the big time.
I love the smell of napalm in December.
The difference between a Miracle and a Fact is exactly the difference between a mermaid and a seal. (Mark Twain)
Both squirrels and pigeons have a genetic fear of authority and an inate ability to spot federal agents. Hence by examining the expressions on their faces, someone experienced in such covert arts can instantly tell if the photo was take by law enforcement.
You also can often see the refections of badges in the critter's eyes if you blow up the photo. The same technique works with drug dealers, but they sometimes express displeasure at being photographed.
I have been studying these techniques as part of my CSI scriptwriting course.
ccalam - acoustic versions of new songs.
Todd's punishment is going to be uniquely modern... or will it?
The punishment is that this is going to go viral. It's just too darn interesting seeing people doing something they shouldn't. For the rest of his life people will be reading about this. It's not yet mentioned in Denny Rehberg's Wikipedia page, but it will. Todd will probably get his own Wikipedia page [dead link as of this moment but we'll see how long that lasts]. There will probably be a Snopes article too.
In other words, Todd will be publicy humiliated. It'll be like having to wear a big red letter...
I've found that my posts don't format quite right w/o a sig.
Can you site a case, or an actual law that prohibits forwarding of emails?
1 7article that is directly on point (after a quick google search). The article specifically mentions a 2006 reversal by the California Supreme Court, (original case Barrett v. Rosenthal http://www.eff.org/legal/cases/Barrett_v_Rosenthal /ruling.pdf) which upholds that blogs, websites, listservs, etc. are protected under the Communications Decency Act (CDA 1996) Section 230. This section explicitly states that "[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider."
Though I have only found one http://www.eff.org/news/archives/2006_11.php#0050
Other relevant portions of the article:
"The issue raised in Barrett v. Rosenthal was whether Section 230's protection applies to individuals who frequently use the internet to pass on information obtained elsewhere, whether by forwarding an email written by someone else or, as was the case in Barrett, posting an email from someone else to a newsgroup."
The CDA basically covers anyone from being sued, prosecuted {in my non-legal opinion) for posting forwarding emails from other sources. It is unclear from the article, and I don't have time to reread the CDA at the moment, if this also covers emails that include the 'privacy' footer. However, email is a public method of passing data around, there isn't any expectation of privacy in this form of communication. Finding and ferreting out a private email, either from a mail server, or while it is traveling through a network, isn't a very tough thing to do. You just have to know where to look.
People will go to extraordinary lengths to suspend their own disbelief if they think there's going to be a big payout at the end. This explains not only why the 419eater counter-scams work, but also why the 419 scams themselves work.
Unless he's a Republican Congressman hitting up underage teenage boys for information on their masturbatory habits, then he's referred to as a "Democrat"...
Server must be running on a box in someone's bedroom or something, 'cuz it's off line now... And what's with having the domain registered at NetSol? I guess pretentious "security researchers" need their domain registered with equally pretentious domain registrars... Oh yeah, we got some quality hackers, er, I mean "security researchers" here!
.com registrars existed. I still have a domain hosted with Network Solutions myself for the same reason (although they did open up the market for testing with five competing registrars shortly after I registered mine). For awhile I was afraid if I tried to transfer it to a new registrar they'd botch the transfer and I'd end up losing the domain (I've heard of that sort of thing happening, and the rightful owner having no recourse), but now it's mostly laziness.
Attrition.org has been around since long before multiple
As for the the server, I don't know where it's hosted now, but I saw it in about 1999. It was the only server in the colo room covered in bumper stickers.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Partisan or not, the fact remains thus. The title and the summary say nothing about anything political save to mention the man in question is a republican aide. Because he __is__ a republican aide. Did the title or the summary go on about how this is typical republican behavior? Nope. Several comments did, but that's not the summary or title is it? Admittedly it would be just as valid to call him a congressional aide. But I fail to see the noting of a job title as partisan.
Say bad words about my book, in cold oatmeal, or I shall sue!
It's simple:
a) The republican party claims to be the party of morality and "family values".
b) There's been a rash of republican political gaffs in the last few months which, in the face of 'a', are really pretty funny.
So laugh, ffs. 'cuz, lets face it... it really is funny.
You have my deepest condolences. I know that the Republican Party is a persecuted minority these days: Nobody gives the poor, innocent Republicans a fair shake. Everyone else in the world hates God and America and, therefore, Republicans as well. And there's the vast conspiracies, the lynchings, and all the inequities and indignities Republicans must suffer for no other reason than following the divine hand of God - appointed by holy power and elected by a clear majority choice. Oh, woe be the poor Republican, for he is a poor, battered victim of a world which is against him for no good reason at all.
This guy made Slashdot because he was especially stupid, not simply because he was caught, and not because he was a Republican. He tried to commit a crime, but went about it in a very idiotic way - made contact with someone he had no logical reason to trust and requested an illegal job, discussed details that were way out of his depth and technical expertise, freely gave away his personal information, went outside to take a picture of some pigeons (I guess to prove that he is one himself) - the whole story just shows an incredible lack of intelligence and sophistication - any kind of subtlety or careful discretion in how he sought criminal help - and he got completely suckered as a result. A tale like this is great "News For Nerds" fodder - dope who knows nothing about computers tries to contract for a system intrusion goes in over his head with someone who actually knows a thing or two, and gets exposed.
Stealing national security documents isn't "News for Nerds", it's just "News". Go watch some Fox News if you want to see that story, I'm sure they'll rattle their sabers and go on about it for weeks - because they are not part of the conspiracy. They are not biased. They will give you the straight story, just the facts, and let you draw your own conclusion. England Prevails!
---GEC
I'm but the humble pupil, seeking to snatch the scratchbuilt pebble from the master's fully articulated hand
I'm as liberal as they come: anarcho-syndicalist, it doesn't get more hardcore leftist than that. Normally I am all for anything that makes the Republicans look bad, but this is just dumb. It's like how news stations only mention the race of an alleged criminal if they are non-white. Who cares what race a murderer is, or what party a doofus belongs too? What's that got to do with anything?
Until I read the summary, I was hoping this was some kind of political hack attempt that would put another big black eye on the Repugnicans, but no such luck, it's just some dumbass trying to get his grades changed. The story is funny enough to warrant being on Slashdot's front page without mentioning the word "Republican" at all.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
You have absolutely no expectation for the average person to keep your communication a secret. They are the reciepent and can now do whatever they feel like unless they are bound by certain cases of privilege (lawyers for instance), or signed an NDA.
Just telling them they cant disclose it is not enough, they must acknowledge they wont before you tell them the information
The phrase "more better" is acceptable English. suck it grammar Nazis
The question isn't whether or not there are idiots on one side or the other. The question is how many idiots there are on one side or the other, to what extent are those idiots informing policy and decision making, and most of all, how many of those idiots happen to be President right now.
Doesn't it make you feel good to know that our freedoms are protected by politicans, lawyers and journalists.
Press aide who tried to hire hackers has been fired.1 5
http://www.networkworld.com/community/?q=node/100
A name, hell it's practically an official internet sport! Some people live for a 419 Email, and a chance to play! The idea is to scam the scammer into performing stupid and demeaning tasks, you start slow, build them up.
Apocalypse Cancelled, Sorry, No Ticket Refunds
"Toned down"? They pulled audio off of a ceramic freakin' pot in an episode. There isn't anything worthwhile in CSI if you don't turn off your "I know what it's like to live in the real world" sense.
My blog. Good stuff (when I remember to update it). Read it.
Of course, the length of the audio was less than 1 second (the time it takes to rotate the pot once) but hey...
Yes he did, the first page he visited was encrypted in double rot 13.
liqbase
I take extreme offense that you have a (disparaging/humorous) word for Repugs but not for Demos? Demons? D-craps?
Honestly, what is the propper slur to use here, anyway?
while (sig==sig) sig=!sig;
Bonch is a known troll, he was trolling there so I was trolling him back. As he responded in a reasonable manner, I won't do it again. I love how Repuglicans have people like Anne Coulter on their side spewing venom, and when called on it they claim it was only a joke, but when Libs fight back, you accuse us of being mean-spirited. Seems like a double standard to me...
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton