Re: cr> Wiretapping


(The following is reposted by permission from the American Reporter.
You can freely redistribute it so long as you keep the name, place,
date, slug and price section intact.  Please be aware that this is an
exception, and the American Reporter usually does not permit
reposting.  This article, along with many others, is at their URL

by Joe Shea
American Reporter Correspondent
Hollywood, Calif.

                                by Joe Shea
                       American Reporter Correspondent

        WASHINGTON, D.C. -- The first authorized computer network wiretap
has led to charges against a 21-year-old computer hacker who used the
Internet and Harvard University's computer system to break into Pentagon
and NASA computers.
        Attorney General Janet Reno and Massachusetts U.S. Atty. Donald
K. Stern said said Jacob Ardita, a Buenos Aires university student who ran
a computer BBS called "Scream" ("griton" in Spanish) was caught in part by
a search for his online moniker in another BBS whose files were posted to
the Net.  A warrant for Ardita's arrest has been issued.
        The DOJ search turned up a use of the name years before, and
traced that to Ardita's BBS, which was identified in his old posting.
Excerpts of his postings obtained exclusively by The American Reporter
appear below.
        "This case demonstrates that the real threat to computer privacy
comes from unscrupulous intruders, not government investigators," said
Reno, who complimented the investigators for using techniques that did not
compromise the privacy of other users. 
        A DOJ wiretap on Harvard's Faculty of Arts and Sciences (FAS)
computer late in 1995 was the first ever authorized without the consent of
users.  The Department said law enforcement agencies had conducted
electronic surveillance on other systems with the consent of users, but
Harvard's system did not contain a warning that computer usage might be
monitored, so Reno determined a court order was required by the Fourth
Amendment, which prohibits unlawful searches. 
        "This is an example of how the Fourth Amendment and a court order
can be used to protect rights while adapting to modern technology," Reno
        Ardita is charged with using the Harvard system as a staging area
to break into high- security computers at U.S. military sites across the
country, including the Navy Research Laboratory, the Jet Propulsion
Laboratory in Pasadena, Calif., the Ames Research Center, Los Alamos
National Laboratory and the U.S. Navy's Naval command and control ocean
surveillance center, which noticed the intruder and began the hunt for
Ardita.  The Navy system contained no classified information, but did hold
"sensitive" research files on aircraft design, radar technology and
satellite engineering, the department said. 
        In the complaint filed in Boston, Mass., Reno alleges the hacker
"invaded the Harvard computer through a broadly accessible modem bank and
the Internet, and there stole a series of account and passwords. 
        "Using these stolen accounts as his base," a DOJ release said,
"Ardita gained unauthorized access to computers" at other universities in
the United States.  Cal Tech, The University of Massachusetts and
Northeastern University, and sites in Korea, Mexico, Taiwan, Chile and
Brazil were also hacked by Ardita, the department said. 
        "The intruder was identified by using a specially configured
monitoring computer that conducted the complex searches needed to isolate
his activities," a press release obtained from the Department revealed. 
        The investigation of Ardita was accomplished in three phrases, the
DOJ said.  First, the Naval Command Control and Ocean Surveillance Center
spotted the intruder and discovered he had broken into other computers
from the Harvard system, too. 
        "Initially, it was impossible to identify the intruder or where he
was coming from," the department said.  "The FAS Harvard computer is
widely accessible to 16,500 account holders through modems and through the
Internet, and the intruder was stealing and then using many different
Harvard account holders' passwords." 
        Analyzing the hacker's user patterns, the Naval Criminal
Investigative Service (NIS) was able "to identify words and phrases used
by the intruder not commonly used in the same manner by legitimate users"
of the Harvard sytem. 
        "The patterns included signature programs he used to intercept
passwords, pirated accounts he used as a basis for his criminal activity,
and sets of overlapping computer systems he seemed to break into and work
through," the department said. 
        "These patterns of behavior provided us with a general description
of the intruder -- we knew his modus operandi, his hangouts, his patterns
of computer speech, the computer tools he used for his break-ins, and hi
disguises," said Stern, the Massachusetts U.S. Attorney. 
        Next, the NIS and the FBI obtained a wiretap order from a federal
judge to conduct surveillance of Ardita's comings and goings via the
Harvard FAS system.  That was when they observed his use of the phrase
"griton" to identify himself, and found the word using search engines
        The identity of the search engines "is outside the scope of the
affidavit," said prosecuting U.S. Atty. Stephen Heyman. The "Open Text"
search engine provided the information immediately, however, when searched
at Yahoo ( by The American Reporter. 
        The cybersleuths of NIS and the FBI the identified Ardita by name
from his posting, and working with the government of Argentina determine
that his telephone line "was being used to access the Harvard system."
Ardita is also under investigation in Argentina. 
        In the U.S., the hacker is charged with fraudulent possession of
unauthorized computer passwords, user identification names, codes and
other access devices;  destructive activity in connection with computers;
and illegal interception of electronic communications. 
        "We will work with our foreign counterparts to achieve justice,"
Reno added.  "International teamwork is being applied to international

(Second article of less interest removed.--Andy)


Sender: •••@••.•••
Subject: hacking the pentagon (3/31/96)


here's what i know about the case.
some guy from buenos aires, argentina, put a sniffer program on the harvard
net (i'm guessing he hacked into there, but that's just me).  the sniffer got
him passwords which he used to invade the pentagon i believe.  the way that
they caught him, and knew it was the same guy every time, was that he signed
off in the same manner : he used some words of which his mother would *not*
approve.  if you are wondering how someone would learn how to do such a
thing, i think i know.  there is a monthly local meeting in buenos aires of
the hacker quarterly, 2600.  good job, guys.

 Posted by Andrew Oram  - •••@••.••• - Moderator: CYBER-RIGHTS (CPSR)
   CyberJournal:  (WWW or FTP) -->
 Materials may be reposted in their _entirety_ for non-commercial use.