Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

A trio of interesting stories about computer hackers crossed my laptop this morning.

Randall Schwartz was a system administrator at Intel back in 1993, when he was arrested for running a password-cracking program called “crack” on one of Intel’s computer systems. I knew of Schwartz because he was the author of the best-selling O’Reilly book Learning Perl. How could another O’Reilly author be a criminal?

Although the facts of Schwartz’s case are confusing, we know that he had basically tried to crack the password file of Intel’s Supercomputer Systems Division (SSD) after he had terminated a consulting job with that part of Intel and moved on to another. In his defense, he said that he had been upset about the poor status of the group’s security and was trying to demonstrate the problem. That explanation didn’t fly with the court, and Schwartz was convicted of a felony. It was widely believed at the time that Schwartz was attacked by members of his old group because of bad blood: they wanted to run an internal group with little security, and he wanted to demonstrate that their actions were materially jeopardizing the company. Well, after 10 years as a felon, Schwartz has finally been granted a pardon and had his sentence expunged. He’s no longer a felon. CNET has a summary of the article.

The big lesson here is to remember that, as a consultant, you have fewer rights at a company than an employee does. And don’t ever white-hack without a get-out-of-jail-free card, which is an authorization from the company to do what you want to expose its weaknesses.

Joanna Rutkowska is an impressive hacker in Europe who has made her name by finding low-level exploits based on the architecture of modern computer systems. She created a “red pill/blue pill” set of exploits that used the new virtualization instructions on modern computers as a super “rootkit” that’s very hard to detect (because it’s running outside of the operating system). I love her work! Now she has given a demonstration of how rootkits can defend themselves against computer forensic tools that use direct memory access to read their memory. You can read about it in Techworld too.

Photo Credit: Dave Bullock

Unnamed hacker in France has broken into a computer system used by Jean-Marie Le Pen and leaked the names of elected officials in France who have promised to endorse him in an upcoming election. According to Dan Goodin’s article, “Le Pen needs the endorsement of 500 of France’s 42,000 elected officials by March 16 in order to run.” What a weird election system they have in France.

Goodin’s article, incidentally, was written in San Francisco for the U.K.-based Register. Oh, how I love the Internet.

0 comments about this story. Start the discussion »

Tagged: security, hackers

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me