Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Wi-Fi Hacking Neighbor From Hell

Posted by Soulskill on from the internet-equivalent-to-road-rage dept.

Hugh Pickens writes "Barry Ardolf, a Minnesota hacker prosecutors described as a 'depraved criminal,' has been handed an 18-year prison term for unleashing a vendetta of cyberterror that turned his neighbors' lives into a living nightmare. Ardolf hacked into his next-door neighbors' Wi-Fi network and used it to try and frame them for child pornography, sexual harassment, various kinds of professional misconduct, and to send threatening e-mail to politicians, including Vice President Joe Biden. The bizarre tale began in 2009 when Matt and Bethany Kostolnik moved into the house next door to Ardolf. On their first day at their new home, the Kostolnik's then-4-year-old son wandered near Ardolf's house. While carrying him back next door, Ardolf allegedly kissed the boy on the lips. 'We've just moved next door to a pedophile,' Mrs. Kostolnik told her husband. The couple reported Ardolf to the police, angering their creepy new neighbor (PDF). 'I decided to "get even" by launching computer attacks against him,' said Ardolf, who downloaded Wi-Fi hacking software and spent two weeks cracking the Kostolnik's WEP encryption. Then he used their own Wi-Fi network to create a fake MySpace page for the husband, where he posted a picture of a pubescent girl having sex with two young boys. Ardolf turned down a 2-year plea agreement last year to charges related to the Biden e-mail. After that, the authorities piled on more charges, including identity theft and two kiddie-porn accusations carrying lifetime sex-offender registration requirements."

9 of 584 comments (clear)

  1. 2 weeks for a WEP? by LordAzuzu · · Score: 5, Insightful

    Noob! :)

    1. Re:2 weeks for a WEP? by Anonymous Coward · · Score: 2, Insightful

      How long does it take to type 'crack wireless encryption' into a search engine, download the first tool you find for cracking WEP, and run it?

      That takes about 5 minutes. Then, you spend a bunch of time rebuilding your computer that has just been joined to a botnet and now has a rootkit installed. After rebuilding your computer, you search again - and this time select your download more carefully.

    2. Re:2 weeks for a WEP? by Applekid · · Score: 3, Insightful

      That's the only interesting part though, the rest can be summed up as "Complete asshole behaves like complete asshole". There was nothing technical clever or new about what he did, although he went further than most such incidents I've heard of, but few slashdotters will be at all surprised that that kind of thing is possible. The only surprise is that it doesn't happen more often, more subtly ... or does it?

      Reading the TFA from ars, the reason why he was caught was because he wasn't clever at all:

      1) The only reason why he was caught is because his malicious actions were intertwined with his normal web traffic (his name in plain text and Comcast packets). He could have used a clean purpose-built computer for his torture, like a laptop, that wasn't configured for his own network at all, and hid it in a safe deposit box or something and they never would have figured out where it's coming from without a long and arduous task with a spectrum analyzer.

      2) Ardolf did so much stuff on the target network that it raised suspicion. It's the same thing that happens to regular criminals: they get greedy and keep coming back for more. If he just went right for the terrorist threats and never ever connected again, his neighbors would never have had any reason to suspect external hacking. Even then, his prank emails to coworkers and social network profiles were so out there that they were obvious. There must have been many more subtle ways to do damage that aren't immediately obvious.

      3) The neighbor works for a law firm and they were willing to spend the resources to check out his home network and find the unknown device as well as install a sniffer. I don't see a middle-manager working for a sub Fortune-500 company getting that same kind of help, they'd probably sooner call him a schizoid and fire him instead of dealing with that.

      If he was a little smarter, I think he very well could have gotten away with it framing the innocent.

      --
      More Twoson than Cupertino
  2. Good riddance by nharmon · · Score: 1, Insightful

    I often balk at the sentences our judicial system hands down (too much punishment for minor offenses, too little for major offenses), but in this case I think the punishment fits the crime.

  3. Why the sex offenders registration? by L4t3r4lu5 · · Score: 4, Insightful

    The guy didn't download the CP for sexual purposes. He's not a paedophile, just a warped anti-social individual.

    That register is for people who have a proven (and acted upon) attraction to minors; Those who are a danger to children. Adding him to the list dilutes it and mitigates its usefulness. What he did should be covered by libel / defamation laws. He deserves to be taken out of society for what he did to that family, but there's nothing in there which supports the idea that he's dangerous sexual offender.

    --
    Finally had enough. Come see us over at https://soylentnews.org/
    1. Re:Why the sex offenders registration? by nharmon · · Score: 1, Insightful

      I think you are mistaken about the purpose of the sex offender registry. It is not for people with a proven attraction to minors (which is not a crime by the way, just saying). It is for criminals whose crime is sexual in nature, regardless of whether the victims were minors or not. So you will find everyone from rapists to flashers on the registry.

      Claims he is not a "dangerous sexual offender" does reconcile with his behavior. In this case, the individual attempted to frame his neighbors as child pornographers. In doing so, he victimized the children depicted in those photographs as well as the neighbors.

    2. Re:Why the sex offenders registration? by batquux · · Score: 4, Insightful

      Unless you're a cop.

  4. Re:Would MAC address filtering counter this proble by dltaylor · · Score: 4, Insightful

    Most NICs support either intentional or "back-door" MAC address cloning. Cloud-computing resources can crack your WEP (trivial), WPA (harder/slower), and WPA2 (much harder and slower, but still doable, unless you rotate them daily).

    Then, if you have implemented some reasonable level of security, when the jackboots kick in your door, you'll have a much harder time defending yourself during the pre-trial investigation, and, then, assuming you live long enough, in court, due to the security you put into place, obviously trying to hide your evil actions.

    At best, you can discourage casual (mis-)use of your WiFi, but that wouldn't help against a long-term attack like this one.

    If you're worried about it, shut it off, and run the cable, as I have.

  5. The REAL WTF... by DoofusOfDeath · · Score: 3, Insightful

    Is that prosecutors are allowed to offer plea deals.

    If the prosecutor believes crimes were committed, then file charges. If not, don't.

    If people are cowed into pleaing guilty (or no contest) to charges to which they believe they're innocent due to legal costs or fears of false conviction, the solution is radical reform of the legal system. NOT to create a gray area of semi-crime, semi-guilt, and semi-punishement. That is *not* innocence until proven guilty.