Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Simson Garfinkel

A View from Simson Garfinkel

Hackers in the News

It’s about the people, not the technology.

  • March 6, 2007

A trio of interesting stories about computer hackers crossed my laptop this morning.

Randall Schwartz was a system administrator at Intel back in 1993, when he was arrested for running a password-cracking program called “crack” on one of Intel’s computer systems. I knew of Schwartz because he was the author of the best-selling O’Reilly book Learning Perl. How could another O’Reilly author be a criminal?

Although the facts of Schwartz’s case are confusing, we know that he had basically tried to crack the password file of Intel’s Supercomputer Systems Division (SSD) after he had terminated a consulting job with that part of Intel and moved on to another. In his defense, he said that he had been upset about the poor status of the group’s security and was trying to demonstrate the problem. That explanation didn’t fly with the court, and Schwartz was convicted of a felony. It was widely believed at the time that Schwartz was attacked by members of his old group because of bad blood: they wanted to run an internal group with little security, and he wanted to demonstrate that their actions were materially jeopardizing the company. Well, after 10 years as a felon, Schwartz has finally been granted a pardon and had his sentence expunged. He’s no longer a felon. CNET has a summary of the article.

The big lesson here is to remember that, as a consultant, you have fewer rights at a company than an employee does. And don’t ever white-hack without a get-out-of-jail-free card, which is an authorization from the company to do what you want to expose its weaknesses.

Joanna Rutkowska is an impressive hacker in Europe who has made her name by finding low-level exploits based on the architecture of modern computer systems. She created a “red pill/blue pill” set of exploits that used the new virtualization instructions on modern computers as a super “rootkit” that’s very hard to detect (because it’s running outside of the operating system). I love her work! Now she has given a demonstration of how rootkits can defend themselves against computer forensic tools that use direct memory access to read their memory. You can read about it in Techworld too.

Photo Credit: Dave Bullock

Unnamed hacker in France has broken into a computer system used by Jean-Marie Le Pen and leaked the names of elected officials in France who have promised to endorse him in an upcoming election. According to Dan Goodin’s article, “Le Pen needs the endorsement of 500 of France’s 42,000 elected officials by March 16 in order to run.” What a weird election system they have in France.

Goodin’s article, incidentally, was written in San Francisco for the U.K.-based Register. Oh, how I love the Internet.

Keep up with the latest in security at EmTech MIT.
Discover where tech, business, and culture converge.

September 11-14, 2018
MIT Media Lab

Register now
Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    Print + Digital Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

    Technology Review PDF magazine archive, including articles, images, and covers dating back to 1899

    10% Discount to MIT Technology Review events and MIT Press

    Ad-free website experience

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.