Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

FBI agents raided the dormitory room of Rensselaer Polytechnic Institute computer science student Andres Salomon in Troy, New York on Saturday, after a Register story piqued his interest in the recent New York Yankees' Web site defacement. The agents searched his room and removed three computers, two books, and a collection of notes.

Salomon said he'd visited the defaced Yankees site after learning about it from a friend on line Friday morning. "During a conversation [in IRC] about Microsoft's break in, and how the stolen source code would affect things... a friend mentioned that Yankees.com had also just been hacked (I found out later that he got that information from The Register)," Salomon says in an essay posted at /dev/random.

After sniffing about for a while, "I returned to my IRC client, said 'Looks like a DNS hack....' and the conversation went elsewhere. The entire thing lasted possibly five minutes, and occupied no more than three or four lines on IRC."

It was because of this brief exploration, carried out to satisfy his curiosity, that the Feds became interested in him as a suspect.

Salomon had not merely viewed the Yankees.com site with a Web browser which would have connected him via port 80, as it would also have done for hundreds of other curious folks as soon as the story broke. He had connected to different ports, which the Feds interpreted as a possible return visit by the vandal.

"I did blind connects to, at most, five ports (meaning I just telnetted to them, without knowing if they were even open or not), and my session consisted of getting the banner, and possibly typing 'QUIT'. Far less than if I had gone to port 80 and done a couple of GETs... Either way, you're in the logs, and you're transferring data," he observes.

It's certainly not rational for the Feds to be interested in Salomon solely on the basis of his curiosity about the Yankees site defacement after it had become news. In the absence of any further evidence tying him to the site earlier, the FBI's urgent move against him smacks of overzealous law enforcement, and the incontinent issuing of search warrants by judges.

Salomon would hardly have been alone in sniffing around the Yankees' Web site this weekend past. "I bet the real cracker connected to port 80 and admired his work," he observes. "I bet people he told did as well. What about the ton of people that connected to the site after The Register posted the story? They trampled all OVER precious logs," he notes.

"Because I trampled over them in a different [manner], that somehow makes it akin to tampering with a murder scene?"

Salomon was clearly taken aback by the willingness of the US government in general, and Janet Reno's Justice Department in particular, to invade the lives of individuals on very scant evidence.

"The FBI managed to get a search warrant based on logs from a firewall, that showed my IP only connecting, not even logging in, hours after news of the cracking had appeared on news sites. If they can get a search warrant this easily, your data is not safe sitting on your hard drive," he warns. ®

Cloud storage: Lower cost and increase uptime