Hacker speaks on his findings in NASA's systems

I know that what he did was illegal He should be fined. but to face the incarceration he faces while leaders are pardoned and exonerated for lying and exposing others to danger just exposes the hipocracy of our sytem not its integrity. As a rogue Johnny Depp is in his movies, do we not love him? that brash recklessness that is the mark of many an American and Brit, that same spirit that wants to propel us to the stars.This boy went where angels fear to tread..because he wanted to know as we all do. Selflessly without gain in mind He wanted to bring it back to us. All I can say is I hope he keeps his chin up..dont wimper...the trial will go quickly as it involves classified material and rather than risk attention to that a deal will be struck, papers signed..and then silence..for we will never know what he saw.
Cheers Gary..You tried..and Cheers to the next Gary, and the one after that , or the deep throat who comes forth and breaks the wall of secrecy proving once and for all we are not alone.

Originally posted by schuyler
6. People who actually deal with Top Secret classifications know that number five above is a crock. 'Top Secret' is serious business. It's not a game. This is an adult activity engaged in by grown-ups who take it very seriously. Does it fail? Sure. You will notice, however, that the vast majority of failures are from people who managed to get a clearance and be on the inside, then spilled the beans for money or politics. Sometimes they manage to 'lose' something important, but for some reason this never does much harm and is quickly recovered. Rarely does anyone from the outside just wander in and pick up top secret stuff that is lying around.

7. Top Secret computers are not hooked to the Internet. There are separate systems. Anything truly classified is on an interior network. Believe it or not, but security personnel are quite aware that PCs and networks are vulnerable. “Communications Technicians” all have Top Secret security clearances and have been lectured ad nauseum about the issues.

1. Los Alamos

2. The data has to get out somehow, at some point they are connected. Furthermore we can't prove anything 100% one way or another. But the idea that no computer containing TS info is connected to the net does not seem plausible to me for many different reasons.

Originally posted by xout1
I dont buy it. Hackers DONT get caught. Hacks do though.
Most hackers worth a sh*t dont do it for 'fun'. They get payed.
They get in. Then they show how to the people who pay them.
Hackers don't put garbage on Youtube. Hacks do though.

Keep in mind that not all people are the same.
Putting people in little boxes, is actually quite foolish.

Not saying whether his findings are valid or not though, however he seems to be more of a ''script kiddy'' to me than an actual hacker. (He says himself he was using a perl script to scan for pc's with blank passwords, an actual hacker would've had more knowledge than just that)

So, if he's available for contact at this time, someone should ask him how his perl script worked, and post it here (What he claimed, not the perl script itself), then it's easy to find out if he at least knew what he was talking about, rather than play a wannabe script kiddy that downloaded leethax.plc / pld or w/e perl scripts were called at that time from the internet..

[edit on 23/7/07 by -0mega-]

And if you knew anything about computers, or had listened to everything he said, you'd know that he used an app that's similar to PC Anywhere and he also said he had gotten some screenshots. unless you watched a different interview with him or something where he doesn't mention that. I saw one where he did admit to saving screenshots.

Sometimes apps like this won't give you a full image if you press the Print Screen key. You'd press the Print Screen key and open an image app like Photoshop and paste it. You'd have a screenshot of your desktop with the app open. Inside the app you wouldn't see what was onscreen when you hit Print Screen, you'd see a purple, pink, blue or black square instead.

You should be able to test this by playing a video or a DVD or something in Windows Media Player and hitting the Print Screen key. Instead of the video you'd see a pink or other colored square where the video had been playing. I know that Windows Media Player 11 usually shows a black or pink square.

Here's Windows Media Player 11 on my system playing a music video as I'm typing this post out. I did not pause the video or anything. You can see that the video was playing as I hit Print Screen.



As you can see, the video is playing but Print Screen doesn't capture it. This is why there's seperate small apps out there for taking screenshots like this that will allow you to capture everything.

He's also not that great of a hacker. He admitted he wrote a simple script. He is a very bright guy though. Instead of actually downloading then saving it directly from their computers to his computer, he tried to get screenshots of everything instead. One rule of hacking, look...just don't touch. That's the thing about hacking. As long as you don't actually take anything or move anything around. You can do it for years on the same systems and never be found.

He also mentioned that he found references to - I believe - a building 8 at NASA where the images were being held. Building 8 was mentioned in the Disclosure Project by a former NASA employee who said building 8 was where they airbrushed everything out of the images before being released to the public.

You also have to think about the hefty time he's going to have to do for this. If he didn't see anything that important and just caused simple damage, why do they want him to do 70+ years in prison? Look at Kevin Mitnick. He was considered the best/most dangerous hacker in the world and he did small time compared to this guy.

He found something they didn't want found and it's something they REALLY don't want him talking about. So put him in a military prison for the rest of his life to make sure he NEVER talks. Never talks more than he already has that is

It's also true that the military/government has taken the hackers they've busted and given them jobs. That's a proven fact.

Originally posted by Forlon
The guy is smart with computers yet he can't even get a screen shot of what he finds? come on... He just has to press printscreen when he remotes in and gets a picture but he didn't? Right.....Heck even a 12 year old kid knows how to use printscreen to capture stuff he sees on the screen.


This makes about as much sense as the worlds best action photographer not getting a picture of a UFO he finds in a forest when he had all his cameras out and ready to take a picture.

hmm i've found that blank screen thing is pretty much limited to only video files. And not all.. it works fine with webcam etc.
I've never encountered it happening with any other programs.
I may be wrong, but that's my experience.

Originally posted by PapaHomer
I agree with Forlon. Why is that he didn't save any evidence of what he saw? Why didn't any of the other hackers he claims to have seen in the government computers come forward and back him up? One answer may lie here, where Gary says to the interviewer,

"I was smoking a lot of dope at the time. Not good for the intellect."

I think he was right at least about that.

Why didn't he save any evidence? Maybe he was concerned about retaining evidence that would implicate him later? Maybe he was nervous? How many times have you watched a show like "Jepordy" at home at answered question after question? Now get up on that stage in front of those lights and people and see how well you think on your feet?

There are many things that could explain why he chose to do what he did and why he didn't. The fact of the matter is, he found something that got the US upset. I think he knows better than to say what it is and I think he will use it as leverage while serving his time. I assure you he will be out in no longer than 10 years but only time will tell.

Oh and as far as the quote about smoking dope not being good for the intellect, this is true is doesn't help in some cases but in others it does, creatively its is invaluable to me so to just assume this guy is full of it because he was smoking weed is just silly. I'm high most of the evenings I'm on here and I will be willing to go head to head with just about anyone when it comes to intellect or wit. Thats like saying he was drinking a few beers while he was hacking so we have to disregard what he said. Its about educating yourself on the effects of something before forming an opinion on it.

Originally posted by xiack
Gary McKinnon is the real deal. I have been monitoring his case for a good while, and have even signed his 'unlawful extradition' petition that went to 10 Downing Street. I trust him far more than any of our British politians. bare in mind, that this guy has absolutely nothing to lose/gain by talking of his discoveries. Anyhow, for a rain check, visit: freegary.org.uk...

Ditto. I've signed that too. I feel very sorry for him, he seems really scared. Don't know if it's mentioned on this thread already but someone from the US has told him he's "gonna fry" when he's sent over there. I sincerely hope they just give him a job.

[edit on 23-7-2007 by wigit]

Originally posted by NoobieDoobieDo
1. Los Alamos

2. The data has to get out somehow, at some point they are connected. Furthermore we can't prove anything 100% one way or another. But the idea that no computer containing TS info is connected to the net does not seem plausible to me for many different reasons.

1. Right. As I said, it happens, most often from inside, as was the case here. That was a CD if I remember correctly, not a matter of connecting via the open Internet. In any case, this incident corraborates what I said.

2. The datadoes not 'have to get out' at all. And of course we can't prove anything 100%. It's all the details as a whole that need to make sense. Have you worked with top secret military computers in a net? Do you know the procedures in place? Have you ever had a Top Secret security clearance and had to go through the 'steps required'?

Don't know if it has been said, but I believe he used 'Terminal Services' to get into these machines. Terminal Services is a chunk of software that allows your PC to be used remotely. It's quite handy for diagnostic work. Microsoft has this ENABLED as the default for Windows. (Stupid!) Of course, it is a massive (and well-known) security hole. You can see this in Control Panel->Services (2000 & prior) or Control Panel-Administrative Services->Services. (XP-Pro) This is the "server" side of the application. Why not check right now? I'll bet it is on. You don't even have to know the name of the computer because you can browse for whatever is out there once you find the network. In XP, you use "Remote Desktop Connection" (the client side of Terminal Services) which is in Accessories. Earlier versions of Windows had similar functionality, albeit named slightly differently and in different locations. Then, given unchanged default passwords, you're in. Note that this is not particularly sophisticated. It relies on no special software, no 'buffer overflows' or esoteric knowledge. It's a part of Windows you can use if you know about it.

This means that two things had to happen. First, the network itself had to be open to the Internet; and second, the computer itself had to be open to its own network. In a secure environment, neither one of those things will happen.

We've already had testimony here about the two NASA networks, one of which is public, the other with the good stuff, which is not. This information matches my own on the last network that I have some knowledge of. There were two networks. One was connected to the Internet; one was not. It's common sense, really.

I can easily believe our hacker guy got into the public side, but having done so, I doubt very much that he obtained anything useful. He could have gotten into users' PCs, which could have contained anything off the Internet, including Billy Meier wedding cake pictures.

My real question here is the so-called 'damage' he is said to have done. With Terminal Services you have control of the computer, so what can you do? Change settings or erase files. Now, if you change settings you can cause some temporary damage, but it's more of an inconvenience. Say you changed the IP address and caused a reboot. That would make the PC not functional on the network until someone figured out what happened, but this makes no sense. It's a smoking gun. Why would he do that? I would think he would do everything possible NOT to get caught. That would mean leaving things alone. What if he erased files? Well, even if you erase a file it's not really gone. Just a couple of bytes are changed to say that the space where the file resides is now 'open for use.' If nothing else gets written on top of it, the file contents are still there. ANY administrator has 'unerase' tools easily available to him. Further, there are those pesky backups. Anything important is backed up. If it's not backed up, that's the fault of the Network Administrator. What if he erased a system file required for Windows to work? That would definitely get some attention and might cause a reinstall of the OS. But once again, WHY would he do this? It makes no sense. That's where the case falls apart, IMO. I'd like to know just what damage he is supposed to have done. Frankly, I doubt he did any.

Originally posted by schuyler
Here's a theory I cannot prove.........I can't. I’m basing this on the public knowledge we have of the issue collectively, plus some information of my own.

I'd like to respond to some of this. This is also just my opinion.

1. From what we know this guy is not a particularly gifted hacker. He got into some un-secure machines which still had default passwords on a dial-up connection.

Most hackers are not gifted. The best hacking tools are automated. Apart from social engineering, what frightens security experts the most is the amazing sophistication of kiddie scripts--tools designed to let idiots hack strong security systems. DARPA is spending lots of money to try to limit this problem. They admit it is a problem, so I think we should too.

2. His connection was dial-up, a maximum of 56Kbps. This is pretty darned slow.

It is slow. But anything you can do on broadband you can do on a modem (apart from some real-time stuff), only slower. If you are willing to wait a long time, and you have years to waste hacking, you can still get the job done. You might even avoid setting off some traffic signature systems by being slow.

4. Our hacker friend seems to have failed to capture screen shots that would have helped prove his case. Why did he not?

An excellent question.
Concerning points 5, 6, and 7, I agree. I'll take your word on 8.

Now to the meat of it:

9. I believe what happened here is that our hacker did, indeed, get into a non-secure network and poke around. Whether he caused damage or not, I couldn’t say. That’s an issue for the government to prove. But I think he made up the UFO angle in an attempt to deflect attention away from the core issue that he did break into these machines.

I agree that this is a distinct possibility. Your suggestion that he has fabricated a conclusion to his goals in order to rally anti-government support is a distinct possibility.

However, it is also possible that he saw what he claims, and that he simply misunderstood how passive the public is.

I understand he got a final appeal to the Louse of Lords or something. Given that he is out on bail, I think that time is allowed for him to discredit himself as part the price to pay, and coughing up anything else he or his ex may have had. With the drug admission and all it seems he has done a commendable job. And with that sheer terror and paranoia he has right now He probably won't be looking at a computer for a while, Just look at him. Poor Lad I hope the House of Lords grants him his wish. He should be aware though that The British gov. is lot less forgiving about violations of the State Secrets Act than even the Americans are, if my memory serves me correctly.

SyS

Originally posted by kleverone
Why didn't he save any evidence? Maybe he was concerned about retaining evidence that would implicate him later? ...........
Oh and as far as the quote about smoking dope not being good for the intellect, this is true is doesn't help in some cases but in others it does, creatively its is invaluable to me so to just assume this guy is full of it because he was smoking weed is just silly. I'm high most of the evenings I'm on here....

If he was worried about not saving any evidence, then why has he gone and repeatedly given interviews stating he committed illegal activities? Surely, his unsolicited statements will be equally damning in court? As to Mr. McKinnon's statement about his drug use, I was merely agreeiing with him that it wasn't good for his intellect. Perhaps if you weren't so worried about your personal habits, as I assure you I am not (although now you have made us aware of them), then you would have not tried to read additional content into my statement. Mr. McKinnon stated it wasn't good for his intellect, I was agreeing with him.

Gary McKinnon's House of Lords appeal hearing date seems to be set, provisionally, for Thursday 19th June 2008

Will the Lords bow down to the USA's extradition order?
Hope not, someone has to stop them from believing they are the "World Police".

I honestly don't see where this places the US in the role of being the "world police." They are merely trying to prosecute an individual that they caught breaking into sensitive computer systems. They are just trying to protect their interests as any sovereign nation would.

PapaHomer
As the crime(?) was commited in England, than the place to be on trial for must be England.

If you stole anything from my computer now, I would expect you to be on trial for it in your own homeland.

Now, look, some of you. Real Top Secret material does not get sent over a network which isn't secure and disconnected from internet. It is stored on storage media, and whenever needed, it is copied to another storage media and after that they physically get it to the location in where it is needed. After they are done with it, the copy gets destroyed. forever.

It amazes me what people are willing to imagine sometimes. Closed networks have hard coded detection systems to actually see if any part of it becomes exposed on some public network. They also have several dfferent softwares to do exactly that. Monitoring is constant, there is no 3am break for that. They also have people to do exactly that. They WILL notice at the instant you log on a secure network. After a very short perioid of time counter-measures are in place.

They also have neural network to detect behavioral patterns of people who use closed networks. If that pattern changes, it means that somebody other is using the network, and that connection is immediately closed.

They have callback-features, which means that you cannot get connected except from a specific phone number or ip-number.

The list goes on and on, and public networks usualyl don't have any of these features. Obviously, *any* network can be penetrated and logged into, but it isn't likely.

Oh, and this is the best part. Secret closed networks do have detectors to detect weak and blank passwords. Those must also be changed very often. Like once a week for example.

So then there is this guy who used.. hmm, blank passwords? That explicitly tells me that he did not penetrate any secure network. He propably found employee conversations about ufo subject. Exactly the kind of conversation taht we sometimes do here on ATS.

why would nasa airbrush anything?

isn't is far simpler to just no release those pics?

Originally posted by SecretGoldfish
why would nasa airbrush anything?

isn't is far simpler to just no release those pics?

The trouble is the tax payer is paying for NASA and to keep the project going they have to show progress and value for the ongoing investment. They have to release photos and video footage or the project would have to be ceased.

Whether they do actually airbrush them is another story.

I trust him far more than any of our British politians. bare in mind, that this guy has absolutely nothing to lose/gain by talking of his discoveries

Uh really??

Suppose he had hacked into NASA, and then his public story is, truthfully, "Yeah, I pissed over some files and changed the whole department's screen savers to my favorite punk metal band."

Would there be a "Free Gary" petition and fan club? I mean other than the band's fan club? Any action or notoreity to help him?

I doubt it.

Remember, hackers are good at "social engineering". Suppose we're being socially engineered right now?

It's a good idea to think everything through.

Also, NASA's budget would go up by about 50x if there were clear public evidence of close-by ET life.

I did think that Gary was legit in his claims when i first heard about him.

But there have been 'changes' to his story of the last two years, things that has been 'added'.
Typical for the so called 'ufo sickness'.
His first claims as i have read about them where that:
NASA air brushed their raw images from their probes.
He found a list with so called 'Non terrestrial officers'.
;

I hadn't heard about the more recent claims about anti-gravity and other things.

Well, his case more and more sounds like a HOAX to me.

As personally understanding everything that this man has stated, I will certainly state that I myself in hypothesis may have tampered with government servers and gained possible root.


I will state PERL scripts are released and made public everyday on www.securiteam.com...

I will state that if those computers WHERE in fact on 56k, they would not have been able to download the substantial amount of updates needed to maintain good defense against us "hackers".


I will state that the way this man articulates his words, uses his knowledge of computers widely in the segment, and the movement in the crack of the door,


This man is WELL GUARDED by some body.


This man is NOT lieing.

EVERYTHING in that footage is 100% TRUE.

I will state if you DO NOT BELIEVE THAT MAN, you are IGNORANT.


I will state EVERYTHING in that segment is 100% CORRECT AND LEGITAMATE AND I WOULD KNOW, I am partaking in computer science classes right now and everything he used is the simplest methods of hacking.


This is the big one, this is the big fish.


Whatever he found on those computers he cannot release, because if he where to release them he would be killed.


The fact is, do not believe it if you don't want to.

That's personal choice.


I know for a God Damned fact that this is the truth, and you can believe otherwise if you choose to.


End Transmission.


EDIT:

ALSO IF YOU TRY AND COUNTER, Take this into hand, do you think the government is going to remember to hire a computer geek to bring updates and install them on their computers? HELL NO! Hackers are in the government as we speak.

And they are good hackers, not bad hackers, because if they where bad hackers they would have shut down the internet.

The fact is, us hackers, we can shut down the whole internet if we want right now, but we don't. I don't know how to personally, but if I where to chose the hacking route in life I would indefinetly become amongst the best hackers.

This is all truth he speaks of.

Fact.


End Transmission.

[edit on 9-3-2008 by someguy4]

[edit on 9-3-2008 by someguy4]