Feeds

Fame, Infame, All the Same

ForensiFelons

  • alert
  • submit to reddit

Intelligent flash storage arrays

Opinion A New York Times researcher -- that's what they're calling themselves these days -- contacted me a couple of weeks ago about a story the newspaper was considering, writes SecurityFocus columnist George Smith.

"The World's Most Famous Virus-writers and Hackers!" was the general idea. The researcher was preparing memos on the subject so higher-ups could decide what development path to take. Should it be a photo-essay or written exposition? The researcher wasn't even sure it would see the light of day.

The name of Jeffrey Lee Parson came up. You may recall him as the slug arrested for spreading a spin-off of the Blaster virus. Well, it just so happened Parson's contribution to net wildlife had snarled the New York Times.

Yep, he wanted his virus to be famous, and it was, with just the right people. Fifteen thousand citations in Google-- among them, my favorite, "Evil Fiend or Sad No-lifer?"

The dull and sweaty Parson whined he was being set up as a scapegoat -- a scapegoat [!] -- by the FBI because the original author of Blaster was
still running around loose. True, but tough beans.

If the New York Times took sufficient interest in him, perhaps Parson could get an agent and pitch a book proposal: "My Country Versus Me." Maybe Rick Bragg, the famous journalist given the job of ghost-writing the Jessica Lynch story, could be hired.

Also mentioned was Kevin Mitnick. Do you think the Times ought to do more high visibility stories on him?
But the unmentioned elephant standing in the room was Adrian Lamo.

As the very definition of an Exxon Valdez-sized cybersecurity oil slick, Lamo hardly needed me to point him out to the Times -- again. Google citations: 50,000 or so.

What I couldn't make sense of was why Lamo was allegedly so interested in using the paper's Lex-Nex subscription? If true, he couldn't be quite as brilliant as portrayed. Using the Google news tab or a variety of search engines to look himself up would have worked just as well, maybe better, and kept the ridiculous claims in dollar damages out of the FBI's indictment.

"Adrian speaks!" from Security Helpnet, Croatia, for example, is in Google -- but I bet not in Lex-Nex.

ForensiFelon

Anyway, crushing vanity comes before a fall. And at some point in the distant past, the story of the wandering good-hearted young bum drawing attention to the computer security lapses of bloated sitting-duck corporations went from being quaint to an exercise in psychosis. He couldn't fix the nation's corporate security troubles, and he won't fix himself, so the FBI will attempt to fix him and everyone remotely connected.

So more spreads in the New York Times would be just the thing. Agent, publishing deal, Hollywood options. Call it "The Trial of Billy Jack, strike that, Adrian Lamo" or "My Country Versus Me (and some reporters)."

A good sidebar to our famous criminal-computer-security-expert-or-hacker-something expo could be "How To Start a Computer Security Business."

The featured player would be Brett Edward O'Keefe of ForensicTec, San Diego.

A little over a year ago O'Keefe entered the Fool's Hall of Fame when he landed on the front page of the Washington Post. The story told how his company had done unauthorized entries into Department of Defense networks and -- out of the goodness of its heart -- decided to inform the nation through the pages of its capital's newspaper of record.

A very stupid person might have believed the altruistic computer security town-crier angle if O'Keefe hadn't been pitching to the San Diego Union-Tribune at the same time. With the interest of the bigger newspaper in the pocket, he unceremoniously jilted his homeys.

Google citations of ForensicTec after appearance in Washington Post: Over one thousand, all varying flavors of bad.

O'Keefe, like everyone else here, made the tyro's mistake of confusing fame with success. Now he is considering these issues under the gun of six felony counts, which is what the FBI hit him with after a year of investigation from the day the Post made him frontpage grist. Two co-workers, it seemed, had also been persuaded to impeach their boss after being roped into the prosecution.

Brett, start working on your entertainment pitch now: "My Country and My Co-workers versus Me and My Company."

Finally, time to spike the myth that the only way to fix the nation's computer security trouble is to give cold showers to easy designated victims in the nation's leading two newspapers. Call a spade a spade over eager computer security men and hackers: you want the infame!

If you don't want to be thought of this way, stop chasing the media giants.

Copyright © 2003,

George Smith is a Senior Fellow at GlobalSecurity.org, a defense affairs think tank and public information group. He also edits the Crypt Newsletter and has written extensively on viruses, the genesis of techno-legends and the impact of both on society.

Remote control for virtualized desktops

More from The Register

next story
UK smart meters arrive in 2020. Hackers have ALREADY found a flaw
Energy summit bods warned of free energy bonanza
DRUPAL-OPCALYPSE! Devs say best assume your CMS is owned
SQLi hole was hit hard, fast, and before most admins knew it needed patching
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Mozilla releases geolocating WiFi sniffer for Android
As if the civilians who never change access point passwords will ever opt out of this one
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.