Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
News

Real Cyber-Spying 161

Posted by michael from the a-little-knowledge dept.
phr1 writes: "Kevin Poulsen has an article at The Register about a USAF sergeant arrested for emailing classified info to "Country A" (apparently Libya). The guy was something of a bozo, using free webmail accounts from locations near his home to email the stuff. It's an interesting read about a legitimate (for once) cyber-bust."
This discussion has been archived. No new comments can be posted.

Real Cyber-Spying More

Real Cyber-Spying

Comments Filter:
  • yo... apperently the people that want to ban strong cryptografy in your country and want to monitor EVERY mail by Echelon (and Cernivore) got trocked by their own technology
    • This just goes to show, that real criminals aren't all that bright. Note, to the DOJ (or JAG, or whoever): Crimminals are not smart people, or they wouldn't be criminals - therefor, don't waste your time trying to bring unwinable cases against relitively honest people; instead go and win cases against patently dishonest (and in this case treasonus)people. It'll make everyone feel better. The American people will have their confidence in the justice system, and the prosecutord will win a lot of cases. It's a win-win situation.

      --CTH

  • Encryption. (Score:2, Interesting)

    by leuk_he ( 194174 )
    "The encrypted messages, which were decrypted by the US government, set forth contact instructions, establish bona fides, and offered to provide additional classified information,"



    hmm, so they do have some backdoors in the encryption used.

    (Or they just got the key from the first email.)

    • I'm betting it's a surveilance, keystroke logging thing again.

    • Assuming he used PGP, they could have cracked his pass phrase and/or bugged his machine. If the FBI/NSA/CIA is really interested in your mail, you better have a tempest certified computer room with a 24-hour armed guard who can't be bribed. Otherwise, you are screwed.

    • Re:Encryption. (Score:1, Funny)

      by Anonymous Coward
      "The encrypted messages, which were decrypted by the US government....."

      Decryption? I hearbye declair the US Gov't is guilty of violating the DMCA and furthermore shall have their internet access revoked until further investigation, and their computers shall be seized and searched for illegal copies of Metallica songs.

      • Dcma: That is what i thougth too when i saw the word decryption. I could not think of any funny to say about it. Since i do not know american law that good (hey i am not a american.) I could not say it does not apply to the government.

        I bet they do not have to show how they decrypted it "for obvious reasons"

  • While the court records don't indicate what encryption system Regan favored, it evidently didn't pose an insurmountable obstacle to the FBI. "The encrypted messages, which were decrypted by the US government ..snip..

    Hmm, if you're really into espionage, and you use computers, but no real crypto, you must be really stupid, yes? Somewhere near as stupid as a sergeant in the USAF, maybe? :)

    I mean, use a 2048-bit PGP key, and you'll probably be home free...


    ad

    • That is, if you make sure the key doesn't gets snatched (i.e. don't send it electronically, use snail mail or whatever) (Reading leuk_he's post reminded me of this..)


      ad

    • Re:Crypto-foolish (Score:4, Insightful)

      by Kryptonomic ( 161792 ) on Thursday August 30, 2001 @05:13AM (#2234091) Homepage
      I mean, use a 2048-bit PGP key, and you'll probably be home free...

      Unless, of course, the FBI gets a search warrant, raids your house and copies your secret key from your hard drive (or floppy disk, if you've tried to be that careful).

      Or would they have to have a search warrant at all. Just carry out in illegal search, copy the key and just claim in court that you cracked the encryption using a new, classified method that cannot be revealed "for obvious reasons" (as in the keyboard logger case).

      • Getting your secret key is not a compromise of the encryption.

        • Re:Crypto-foolish (Score:5, Interesting)

          by nabucco ( 24057 ) on Thursday August 30, 2001 @06:15AM (#2234144)
          Your secret key being lost does not make the encryption readable. From the PGP FAQ:

          http://www.uk.pgp.net/pgpnet/pgp-faq/faq-03.html #3 .10

          3.10 If my secret key ring is stolen, can my messages be read?
          No, not unless they have also stolen your secret pass phrase, or if your pass phrase is susceptible to a brute-force attack. Neither part is useful without the other. You should, however, revoke that key and generate a fresh key pair using a different pass phrase. Before revoking your old key, you might want to add another user ID that states what your new key id is so that others can know of your new address.

        • Re:Crypto-foolish (Score:2, Insightful)

          by Kryptonomic ( 161792 )
          Yes it does if you're facing an organization with the resources of the government.

          The pass phrase is susceptible either to the brute force method (or, if you're really paranoid, to the "rubberhose" method).

      • Unless, of course, the FBI gets a search warrant, raids your house and copies your secret key from your hard drive (or floppy disk, if you've tried to be that careful).

        Which is why you want your PC in a room with no windows and heavy duty wires around the door frame with a few thousand volts running through the wires. They try and remove your PC and presto! No data. William Gibson rules.

      • Re:Crypto-foolish (Score:5, Insightful)

        by viper21 ( 16860 ) <scott@NOspaM.iqfoundry.com> on Thursday August 30, 2001 @08:05AM (#2234368) Homepage
        That is exactly why I memorize my PGP key. Sometimes it takes me 2 minutes to type the whole thing in from a terminal.

        It's a lot safer in my head. And if they try to MAKE me tell them, by the time I become submissive the numbers will jumble together and I will have forgotten it. Can a floppy do that? I think not.

        -S
        • when the keys get stuck?
        • Even that isn't truly safe, is it? Isn't the public key you're typing in still going to be stored somewhere on your local machine at least temporarily? Is it going to be cached? I honestly don't know and am certainly not an expert on how programs using PGP deal with the public key being input, but are they careful enough to not store it anywhere locally (outside of RAM while it's being initally processed, obviously)? And of course, typing your key in by hand won't stop a keyboard logger for a second...

        • Don't people realize this is a joke? (Memorized a PGP *key*--not a passphrase!)

          9aebdbd054a6cfc9db5bcb8f3eaa82c9d8b925018b7795401 3e170025a7f420beb57b7b905869b53a24d08ce5cb76dc812 e8081e4140704e0d3875dee731962f56420f6eea5cd081051 3fe9fcb0227852ec4fd289ced1b3e87b62f6ce5fcef955273 d28e916db157e6ff7b1038db41608da42d701f83d9ed34a90 c6047705a6657bb75347718d17879be72f38296b13ddab9df 4fc7cf2c6a0fb03e86efa18dc0123ffba51a0afb6c8d97764 0faf1dfde83c96186524a02879e84e22503c3d95ca6638088 9da78ea0ba8ba68c3b2167442a059fe13654ac75f422374e4 648bfb6d35dfde06ba961dee283e0cbb4fc682f32fea08138
          14c62806b433e9bb332cab

          Kind of catchy, eh? I think I could write music to it.

          Yeah, I memorized my DNA sequence in case I ever have to re-create myself.

      • Any "three letter" agency is unlikely to waste time and resources trying to cryptanalyze your PGP key/message. Instead, harwdware or software will be installed (pursuant to a court order, we hope) to capture keystrokes. Then, presto, all they need to do is type in your password.

        There might be ways to frustrate some of this activity. One way might be to have the encryption software display random letter pairs in order to have the keyboard input differ from the actual password. There should also be padding keystrokes prompted by the software.

        This method would slow things down, but with that CCD camera looking over your shoulder, I think the game would be up shortly.

        Remember, security is a system and a process, not a single program or device in isolation. And it's hard to get right!

    • He might have used a 2048 bit PGP Key but the government could have decrypted it as well and you don't even know it.

      That's the great part about cryptography: if you find out a way to decrypt messages that are known as undecryptable, no one will ever know about it because the [NSA|FBI|CIA] would have eventually killed you and stealed your algorithm...

    • I'm betting that he did use PGP and they just used surveilance to crack his private key password, or (less likely) he chose a bad private key password.

    • Hmmm ....

      He's worked in a high-security job, and he's been a sysadmin, yet he can't work out how to encrypt a message properly? Not clever.

      Perhaps that's the solution to national security - instead of trying to stop people using encryption, just employ people too stupid to cover their tracks properly :-)

      • He's worked in a high-security job, and he's been a sysadmin, yet he can't work out how to encrypt a message properly? Not clever.

        And par for the course, He's former enlisted, and the enlisted sysads (at least the ones here) aren't worth squat.For the most part, they're 20-year old's whose sole training on computers has been the Windows 3.1 training they got in a six-week tech school from the Air Force. And if they do have a clue, then they usually don't stay in since they can triple their salary in the civillian world.

        • Oh, I see..

          Enlisted people are morons and the Officers are the intelligent ones. Is that right? Being young also disqualifies someone from being competent, as well? Your comments display an inability to differentiate cause and effect. Way to jump on the bandwagon and blabber complete nonsense.

          Did the article explain the encryption technique or the methods used to break it? No. Why are you reinforcing a statement from an equally clueless poster?

          The fact is, no one is as clever as they feel they are. This could happen to any of us, no matter the pains taken to cover our tracks. Espionage is wrong. I have no problem with this guy going to prison. I am, however, concerned about the loss of anonymity when a person decides to wander the internet. Rather than preach to the world about this criminal's alleged incompetence, we should focus on the process and rules which allowed the Government to monitor him. Which Agency is monitoring Slashdot right now? I'm sure this post probably put me in their book.......
  • The article mentioned 13 different intelligence agencies in the US, which I didn't know about. I looked some more and found this [straightdope.com]. Hmm.. maybe this is off topic :)
  • Whenever you read on of thse stories, the people involved don't sound all that bright. It's a far cry from James Bond, anyway -- more like Amway gone bad.
    • the people involved don't sound all that bright

      You never hear about the good ones, that's why.

    • Re:Spies 'R' Dumb? (Score:3, Insightful)

      by gnovos ( 447128 )
      Spend some time watching "The FBI Files" or another of those true crime shows. In every single case, the killer is caught either through

      a) dumb luck (the cop, after five years of searching, bumps into the guy at disneyland or something)

      b) dumb criminal (going back to the scene of the crime, going to the cops with some "new evidence" long after you were cleared, running directly to your mother's, girlfriend's, or best friend's house to "hide out")

      I have no doubt that the spy game works the same way.
  • Arrested spy Brian Regan has initiated legal proceedings against the FBI under the DMCA ruling.

    "While it is legal in special circumstances to reverse engineer my private messages to Libya - it was clearly illegal in this case. If the FBI start decrypting all messages from spies, then there is nothing to stop them posting them on the Internet for other countries to download for free. How do they expect spies to make a living then? There claim that they had a right to access these photos and that it was only for their private use just doesn't cut it ..."
  • The Intelink network mentioned in the article sounds pretty wild, but I'm a little suprised it just uses standard tcp/ip tools (and that each dept is responsible for it's own servers, and can choose what server software they want to use). Seems like it would be so easy to misconfigure something, or for an intruder who can get onto the physical network to exploit holes in the server software to gain more access than is allowed.

    And what happens when a bumbling FBI agent hooks up a wireless LAN base station so he can surf Intelink on his laptop? Doh!
    • Probably, the really highly classified stuff would not be stored on that network anyways. You have to be aware that all 13 "agencies" are connected to it. Knowing that often those agencies have secrets that they don't share with other such agencies, we can deduce that this network is mostly for "almost public" information. You can bet that really juicy stuff is stored elsewhere, and is only accessible from terminals within the same secure facility.

      Probably our wannabe spy was punished more for his stupidity, rather than for leaking stuff that was actually useful to a foreign country. For all we know, the Libyan operatives to whom he was trying to sell the materials are laughing as loudly as we are...

      • Re:Intelligence Intranet(s) (Score:2, Informative)

        by Anonymous Coward
        As a matter of fact, you are correct in the assertion that there is more than one variant of Intelink. The most common variant is Intelink-S which is routed over a closed circuit encrypted WAN called SIPRnet (Secret Internet Protocol Network). Intellink-S (secret clearance) hosts mostly processed intelligence reports that are aimed towards analysts in various agencies. A higher echelon is Intelink-SCI (Top Secret clearance or better) which contains raw intel such as aerial photographs etc. All Intelnet variants are encrypted thmeselves as well as their SIPRnet rides, thus making the traffic encrypted several times over.

        Access to terminals is very secure from a physical standpoint. For one any workstation connected to SIPRnet is expressly forbidden to be connected to ANY other network. Each user has an account with a digital security key which in turn limits his or her access to a strictly need-to-know basis. SIPRnet itself is a hardened, DoD maintained, all fibre backbone which maintains at least T-1 connectivity between terminals and is capable of carrying Tcp/IP, Voice over IP, Video Conferencing, Facsimile, as well as other digital traffic.

        While theoretically it is impossible to physically compromise this setup terrestrially, one must remember that the military demands field access to intelligence. Remote access is acheived through the use of humvee-portable satellite system called Trojan Spirit-II. C, Ku, or X band uplinks can establish up to fourteen 512kbps channels with the various DoD WANs. As one could imagine these links are very heavily encrypted and utilize geostationary satellites whose exact keps are a secret in of themselves. But theoretically this really is the only weakness in that it is the only public channel through which this service is routed.

        On top of this is TIPRnet which carries the highest-prioroity and most sensitive information. The author knows very little about this, besides the fact that all terminals which access it reside in vaults and require several stages of verification (ID, retinal scan, etc...) to enter.
    • Well many of the machines on it have their own internal security. But the major way it is secure is that it does not connect to the outside internet. To use it you have to be in a government building which has a guy at the door with a gun to make sure you are wearing a badge with the correct picture etc on it.

      The thing they are probably most worried about is when someone who does have privs decides to give (or sell) information to someone who shouldn't have it. Hacking in would be almost imposable as there is no way to connect from the outside.
    • If there were one person responsible for all agencies' server security what would happen when he screwed up? Everybody connected would be compromised since they'd all have the same flaw.

      Sooner or later everybody makes a mistake. By having every department responsible for their own servers a security breach is of limited scope.

  • Is Intelink More Secure Than Enigma? (Score:5, Interesting)

    by cybrpnk ( 94636 ) on Thursday August 30, 2001 @06:07AM (#2234138)
    The referenced article had a link [topsecretnet.com] to the best demo I've seen so far about the US Government's "separate" internet called Intelink [topsecretnet.com] that links intellegence agencies. This is where our spy got his material he tried to sell - online, not from an old-style combination safe. Intelnet is supposed to be totally isolated from the "regular" internet (yeah, right, anybody got a connecting URL?) but it's got 250,000+ users. How can the security on this thing be airtight enough to entrust US secrets to it? A few nights ago I watched the Nova rerun about Bletchley Park breaking the Nazi Enigma code and the point was made over and over that the Brits got toeholds into breaking the code by flaws in the way the Germans in the field actually used the Enigma on a day-to-day basis. Aren't we setting ourselves up for exactly the same thing with a quarter-million users out there? Yo, some Slashdot user who has access to this thing - tell us what administrative security is in force! Also, this guy went to his public library and logged onto free email accounts to transfer his information - what should he have done? What is the next way a spy will use the regular internet as an anonymous deaddrop more successfully than Sgt Regan?

    • The network itself is physically seperated from any other networks. The cabling and links are all a closed loop, it's just built using the same protocols and tools that the internet runs. The Register article mentioned that it now uses a digital signature file to restrict access to a "need to know" level set by the people who create user accounts.

      The people who run this network are extremely paranoid about what you point out, so there are no access points that exist outside of secure installations. The network traffic itself is probably encrypted as well, but that's beyond my "need to know"

    • Well, as a sort-of US of A. authority at Intelink, I can assure you that we have a top-notch security and stuff here. As a matter of Fact, we just hired some pretty keen security-guys from Russia, and some step-overs from China.
      One example of our high security is that we use exclusively Adobe PDF personalized format for exchanging information within.
      We also recently upgraded our PKI infrastructure to support ROT-14 encrypting method, which makes the "bits of key" ("standard" being 128bit) effectively 8*bytes of encrypted message.
      More information can be gained from www.intelnet.gov.

      FYEO.

      Rojer Saramantch,
      SPR, Intelnet.

    • Yo, some Slashdot user who has access to this thing - tell us what administrative security is in force!

      You're asking alot--I'd guess that you won't get a discussion in the open about details of admin security on Intelink. I'm no expert on the matter, but I'd suspect that this is classified national security information that would entail a loss of employment and/or jail time for the offender. Not to mention the fact that it would likely compromise the security that you are so concerned about in your post.
      • Asking a lot? Hey, I'm a taxpayer, I PAID for this thing. Besides, the National Security Agency (NSA) offers a course to anybody on just this subject here [nsa.gov]....
        • Try using the "Hey, I'm a taxpayer, I PAID for this thing..." line with, say, Los Alamos National Lab weapons designers regarding plans and the detailed operation of the B61 or W76. Simple curiosity does not entail a "need to know." Nor does filing a 1040.

          If you can get the information you want from the NSA, then more power to you. I'd suspect, however, that you won't get all the nitty gritty details you're after. (I could be wrong though--this is far abreast of either my expertise or whatever experience I may or may not have with classified computing systems).

    • First of all, don't send email to quaddafi@intel.mil.lb. That is good advice for anyone, not just spies.

      2) Use one-time pads. A DVD full of geiger counter readings will do a better job of fooling the spooks than any method that can be brute forced. If it can be brute forced, they will do it. NSA pays the salaries of more math Ph.D.s than anyone else on the globe. The only problem with the OTP is ridding yourself of the traces of the plaintext and noise (the DVD itself and residual memory on your box)

      3) Remailers, public and private. I would have Country B set up clean cover companies in third countries (those Scandinavian countries are good). Send your mail to katrina@fakecompany.fi, let it get bounced around and rehashed with static. This should slow down the spooks a bit.

      I hope this would take care of the secure data transmission end.

      Remaining problems:
      -getting the goods (unless you're the boss like Hanssen, don't get any secrets you wouldn't normally have access to anyway)
      -getting paid (diamonds in a ziploc bag are fun to have around, but how are you going to spend them? Hanssen drove around in a beat-up minivan, b/c all his "l3wt" was in jewel form, or in a "secret account" in the SovUnion. If you show up at the office driving a Maserati, eyebrows are sure to raise)
      -getting away (eventually they'll catch up to you, so you'll want to leave before they do. Where are you going to go? Libya? Talibanistan? The Sudan?)

      In conclusion, let me say that spying is bad. We're the good guys (well, compared to Libya and Iraq). Put 15% of your salary into an IRA, and when you retire, you'll have your pension & a cool mil.
    • Funny you mention that NOVA program. The Lorenz machine had the stroke of luck that day with the double keyed ~4000 char transmission with diffs that became the first break in its design. Newmanry History [codesandciphers.org.uk] Hedley
  • Regan...
    cold war irony :)

  • silly spies, DES is for kids (Score:3, Interesting)

    by beanerspace ( 443710 ) on Thursday August 30, 2001 @06:27AM (#2234158) Homepage
    As someone who lives in the D.C. area, I run into alot of retired 20yr/career military types who are "double dipping" (local vernacular for someone taking a pension while working). I didn't realize spying was an option.

    What I find most interesting is whow BAD a spy this guy was. Going back to the same account nine times ? Especially regularly using, and repeatedly ging back to local public libraries, where all activity is recorded and logged for just such abuses ? Where the library's access to the network is often via some other local government agency or educational institution ?

    And the list of stupidity goes on. Including continuing with the same Modus Operendi after making the initial contact via the internet ... moreover, to do it in a town which is chock full of feds looking for the big bust. Man, this guy did everything but walk in front of the Hoover building with a sandwhich board that read "Hi I'm Brian. Come Spy with Me".

    The entire incident is mind boggling and makes me wonder what type of security they're NOT teaching our USAF boys in blue.

    • Beanerspace wrote:

      What I find most interesting is whow BAD a spy this guy was. Going back to the same account nine times ? Especially regularly using, and repeatedly ging back to local public libraries, where all activity is recorded and logged for just such abuses ? Where the library's access to the network is often via some other local government agency or educational institution ?

      I think, what got this guy was mostly that he was low on funds. Setting up a communication system safe from backtracking or spying for regular use isn't that easy, if you're just a lone guy and can't afford to jet around the world just to check your mail or open untraceable remailing or anonymizer servers in strange locations.

      Now if the american counter-espinage got hold of the documents from the Lybians (I guess they have some inside contacts there too), he's in real deep trouble. As soon as he's on the suspect list, because he accessed the documents, he's toast. A perfect safe communication system would only have delayed the time until they catch him.

      All in all I agree, that guy was stupid, but not because he used Hotmail and the Library, his stupidity was the way he procured himself the documents he sold. As long as they can be linked to his Intelnet account or workstation, it would just have been a matter of time.
    • Actually, the DOD isn't in the business of teaching people how to be spies. Instead, they concentrate on creating a system where inadvertent security compromise is unlikely. Once the system is in place, they then train personnel on a system of best practices designed to both reduce information security risk and make it obvious when the procedures aren't followed. For example, I'm curious how the USAF member in question got the information out of the facility - those systems aren't supposed to have any removable media besides the hard disk (so it can be locked in the safe). That means no floppies, no zip drives, no CDRs, nothing. It would not surprise me if the facility he removed the information from were given a security audit in the near future.

      It wouldn't surprise me either if the people he worked with were getting lazy about security - the periodic lectures on how to tell if one of your cow-orkers is spying generally get greeted with groans beforehand, snores during, and blank looks afterwards. It's laziness like that that allows security compromises to occur in the first place.

      I heard a story once about someone who managed to get access to a DOD secure network. After he got busted they asked him how he had done it, and he anwered that he waited for someone to get lazy about procedure and do something not allowed by the "best practices" policies. He was convinced that if policy hadn't been broken that there would have been no way to get access.

      And I complain about stupid users on _MY_ network...
      • He was convinced that if policy hadn't been broken that there would have been no way to get access.


        There's always a way, even in very vigilant organizations, assuming you're willing to take the trouble and sustain the risks. An, ahem, acquaintence once wanted into a room that was protected by an electronic combination lock. He put invisible ultraviolet powder on the keys and went back a few hours later to see which had been rubbed off. It was a simple matter to try the limited number of combos to gain entry.

  • The man is a spy. F*ck encryption breaking. That's not the issue. Whether or not they used anything to find his message is irrelevant. There should be certain times, like this one for instance, in which the government should almost have a right to keep an eye on people, or be allowed to monitor. HOw else are we going to survive and stay #1?People like this person should have no rights. Being USAF, I thought he would have a better appreciation for this great country of ours, but some give in to the prospect of a few extra dollars. Hopefully he will be prosecuted to the fullest extent.
    Being a former military person myself, I know how important it is in catching spies. I guess people in this country that haven't served in the military before, don't have an appreciation for this country like I do. Many take it for granted that what they have here is bliss and they forget that this country isn't like Australia or Afghanistan and have that choice to practice what they want when they want.
    I do think with all of that 'free-speech' out there, that there would have to be a way for our government to monitor it. I don't think the government is telling us half the truth about what is going on out there, but I guess we don't have a 'need to know.'
    I don't like anyone snooping in on me either, but then again, I can't control anything outside my house. Hell there could be someone sitting outside my house reading what's on my screen right now because of my monitor not being TEMPEST secure. It's great that I have the right to look up what I want on the internet and do research on the internet even if I was planning on blowing something up in the government. What about McVeigh? Do you think it would have been wrong for the U.S. to snoop in on him?
    People get too paranoid and think the government has too much power and should back off. I think that our government will monitor us and whether we like it or not, and will continue in the future. Sometimes for good, sometimes not so good. We can't prevent it and as long as we live here, you might as well get used to it. If you don't like it, move some place else.
    • ha ha ha ha ha ha - another deluded soul!

    • People like this person should have no rights.

      The problem with that attitude is that you don't define "like this person".

      Sure, bad guys shouldn't have rights. Who gets to pick the bad guys ? J. Edgar Hoover ? The Pinkerton agency ? Was Rodney King a bad guy, deserving of losing his rights ? - LA's finest seemed to think so.

      The point about "inalienable rights" is that they're inalienable. Even spies, murderers and Flash coders get to keep them. You might like to be able to withdraw these rights from "appropriate" groups, but on the whole society works better if we leave the bad guys with a few too many, but don't have to worry about stormtroopers and death squads artbitrarily deciding they can remove them from any citizen they choose to.

    • One question for you: how do you think this "#1" nation got to be so free? Do you think it was by allowing an oppressive government to do whatever it wished?

      Washington and the other revolutionary leaders never would allowed England's rule by saying, "We can't prevent it and as long as we live here, you might as well get used to it. If you don't like it, move some place else." It seems that on one hand you say America is a place of freedom and on the other you say we should just accept that we have a government that spies on us for sometimes evil purposes. Which is it?

      I would argue that for any country to be "#1" implies that it treats its citizens with respect and allows them true freedom. But maybe that's just me...
    • Even peole you don't like have rights to prevent abuses of governemnt authority. Ever hear of McCarchyism?

      I've heard that certain people think people who are the wrong (race, religion, sexual orientation, ethnic backgroung, IQ, likes computers, listens to the wrong music....) shouldn't have any rights because they are sub-normal scum. It is particularly important to make sure that the rights all citizens have are protected at all times - especially when they are unpopular. It might you who is uppopular next.

      Spying will stop being a problem once people abolish Nation States - nothing but a bunch of right squelching meglo-maniacs.

  • How did they know about it? (Score:3, Interesting)

    by bat'ka makhno ( 207538 ) on Thursday August 30, 2001 @07:03AM (#2234198)
    What the article doesn't adequately address is the issue of just how the FBI first got wind of Regan's activity. It's an interesting question, one that should give pause to anyone considering providing information to third parties as a way of supplementing a meager government pension.

    Come to think of it, the initial discovery steps are never addressed in the popular reporting of spy incidents, and since most cases either never make it to court or contain "sensitive material" that is not accessible to those not in the loop (that usually involves defense lawyers). Somehow though, I get the impression that foreign agencies are so thoroughly penetrated by American intelligence that spying against the US is a death wish. You will be sold out by your contact in Moscow or Tripoli who probably makes $100 a month and dreams of nothing better than retiring in the States with an American government pension. Either that, or the powers that be monitor all communications to an extent that even Slashdot readers would find unbelievable, so that anything even remotely secret that goes over the wire or the ether is read, catalogued and forwarded to the competent authorities.
    • Evidently he emailed various foreign governments and a US friendly contacted the USA. At that point the FBI got involved and posed as Libya in a reply to his email "advertisement."
    • Somehow though, I get the impression that foreign agencies are so thoroughly penetrated by American intelligence that spying against the US is a death wish. You will be sold out by your contact in Moscow or Tripoli who probably makes $100 a month and dreams of nothing better than retiring in the States with an American government pension. Either that, or the powers that be monitor all communications to an extent that even Slashdot readers would find unbelievable, so that anything even remotely secret that goes over the wire or the ether is read, catalogued and forwarded to the competent authorities.

      That's what they want us to think, anyway.
  • I'm no foreigner so don't nuke me for what I'm about to say......... I would HOPE that our members of "US Intelligence" would be somewhat knowledgeable when it came to the topic of encryption. I am under the assumption that this bum's messages were not cracked by a government employee but rather some "cracker" with a trivial brute force method. From personal experience, only a small handful of people involved with the government would have the brain power to attempt such a feat. (let alone think they could get away with it scott-free.)

    Now this is "military intelligence" at its finest.

  • "Legitimate" arrests (Score:1, Insightful)

    by Anonymous Coward
    You know, I really dislike that editorial bit at the end, about finally a legitimate cyber-arrest.

    We may not like the laws that are being used to hassle some people, but the laws are indeed on the books, and prosecuting people under those laws is indeed legitimate, even if they go against the know-it-all attitude displayed here on Slashdot.

    For the record, DMCA is law, and arresting somebody that peddles a circumvention device that is specifically marketed to thward e-book security is legitimate, as long as the DMCA is in effect. Instead of endlessly harping about this arrest, and that witch hunt, do something... like helping out the EFF, or letting your local representatives and senators know about how you feel about these things.

    What's the use? This is Slashdot.

  • Intellelink (Score:2, Funny)

    by Anonymous Coward
    Do you think this top secret network includes top secret pop-up adds? If I worked for the CIA, that would make me pretty mad.

    • Re:Intellelink (Score:1, Informative)

      by Anonymous Coward
      *pounds head on desk*
      Actually yes....there are banner ads. There's a banner share program thingy. It's all gov't related, but come on! And winky blinky flashy ones are allowed.

      There is no escaping the banner ads.
    • I wonder if X10.com's government sales have increased, their wireless cameras are probably pretty useful for the spying business. :)
  • This guy has a lot of company [dss.mil]. It is important to note this individual did not appear to breach the intregity of intelink. He had a security clearence (which means he has had an extensive background investigation as well as periodic reinvestigations) and authorized access to the information he sold.
  • I live about 3 miles from the National Reconnaisance Office in Chantilly, Virginia. They have strangely-shaped blue-colored buildings with very reflective windows. The entire compound is surrounded with tall fences. There's a footpath around the compound, and guards walk around this footpath at all times (weekends too).. They also have two vehicle entrances.. one for guests and one for employees. It's a very secretive place.

  • duh, this story was broken by the washington post last saturday.

    not to mention the 5th word in his article is spelled wrong.
  • More information is available at the Washington Post article [washingtonpost.com]

  • Treason (Score:2, Funny)

    by Tekgno ( 321071 )
    Treason is treason, he betrayed his country and like all others who commit treason, should be executed. No questions asked, money back guarantee. Shoot the fscker.
  • No one ever mentioned the idea, if the criminal was smart, we probably wouldn't know about it and he would be living comfortable some place.
  • Regan isn't the first accused spy with computer expertise
    Apparently, the definition the press uses for computer expertise is the ability to download pictures and use Hotmail. Well hell, if this is expertise, I'm Linus Torvalds!

    Magius_AR

Slashdot Top Deals

"Your stupidity, Allen, is simply not up to par." -- Dave Mack (mack@inco.UUCP) "Yours is." -- Allen Gwinn (allen@sulaco.sigma.com), in alt.flame

Close