Re: Major hack attack on the U.S. Senate

From: ~Kevin Davisł (computerguy_at_cfl.rr.com)
Date: 01/23/04

  • Next message: Brian C. Lane: "Re: Major hack attack on the U.S. Senate" 
    To: "BUGTRAQ@SECURITYFOCUS. COM" <BUGTRAQ@securityfocus.com>
Date: Thu, 22 Jan 2004 22:29:21 -0500

    This was clearly not a "hack attack". The title and opening content of this
    article is quite intentionally misleading. The phrases "infiltration",
    "monitoring secret memos", "exploited computer glitch", "hack attack" are
    used. If you read the entire article you will find out the following:

    First, "A technician hired by the new judiciary chairman, Patrick Leahy,
    Democrat of Vermont, apparently made a mistake that allowed anyone to access
    newly created accounts on a Judiciary Committee server shared by both
    parties -- even though the accounts were supposed to restrict access only to
    those with the right password."

    Which means the Democrats screwed up setting up their own share point and
    allowed public access to it. There was no "computer glitch" which was
    "exploited". This was completely a human screw-up. And there was no
    hacking ("exploitation of a computer glitch") done by the Republicans.
    Unless you wish to call clicking on a share point configured with public
    access and opening it up "hacking".

    Additionally the Republicans allegedly "in the summer of 2002, their
    computer technician informed his Democratic counterpart of the glitch".

    The Republicans knew that the share was supposed to be protected (why else
    would they inform the Democrats of the misconfiguration?) so they certainly
    did something wrong despite (supposedly) warning the Democrats of the
    problem, but not to the extent that the article - in the way that it was
    written - would like you to believe.

    ----- Original Message -----
    From: "Richard M. Smith" <rms@computerbytesman.com>
    To: "BUGTRAQ@SECURITYFOCUS. COM" <BUGTRAQ@securityfocus.com>
    Sent: Thursday, January 22, 2004 12:25 PM
    Subject: Major hack attack on the U.S. Senate

    >
    http://www.boston.com/news/nation/articles/2004/01/22/infiltration_of_files_
    > seen_as_extensive?mode=PF
    >
    > Infiltration of files seen as extensive
    > Senate panel's GOP staff pried on Democrats
    > By Charlie Savage, Globe Staff, 1/22/2004
    >
    > WASHINGTON -- Republican staff members of the US Senate Judiciary Commitee
    > infiltrated opposition computer files for a year, monitoring secret
    strategy
    > memos and periodically passing on copies to the media, Senate officials
    told
    > The Globe.
    >
    > From the spring of 2002 until at least April 2003, members of the GOP
    > committee staff exploited a computer glitch that allowed them to access
    > restricted Democratic communications without a password. Trolling through
    > hundreds of memos, they were able to read talking points and accounts of
    > private meetings discussing which judicial nominees Democrats would
    fight --
    > and with what tactics.
    >
    > The office of Senate Sergeant-at-Arms William Pickle has already launched
    an
    > investigation into how excerpts from 15 Democratic memos showed up in the
    > pages of the conservative-leaning newspapers and were posted to a website
    > last November.
    >
    > With the help of forensic computer experts from General Dynamics and the
    US
    > Secret Service, his office has interviewed about 120 people to date and
    > seized more than half a dozen computers -- including four Judiciary
    servers,
    > one server from the office of Senate majority leader Bill Frist of
    > Tennessee, and several desktop hard drives.
    >
    > ...
    >
    >
    >

  • Next message: Brian C. Lane: "Re: Major hack attack on the U.S. Senate"

    Relevant Pages

    • RE: Major hack attack on the U.S. Senate
      ... Major hack attack on the U.S. Senate ... Which means the Democrats screwed up setting up their own share point ... no hacking ("exploitation of a computer glitch") done by the ... > Trolling through hundreds of memos, they were able to read talking ...
      (Bugtraq)
    • OT- Why I hate politics this time around
      ... The story I'm talking about is on p.35, and it is called "The Senate ... Democrats regained control of Congress by promising to stand up to ... committed is Schumer to his phantom friends that he has even ... makes as chair of the Democratic Senatorial Campaign Committee. ...
      (rec.arts.tv.soaps.cbs)
    • Anthrax Attacks 2001 - An Inside Job?
      ... Vermont, and Senate Majority leader Tom Daschle, from South Dakota. ... Senator from Wisconsin was the only Senator to vote against this ... the U.S. Senate had been split evenly, 50 Democrats to ... 2001, Republican Vice President Richard Cheney held the deciding vote, ...
      (uk.politics.misc)
    • Re: Anthrax Attacks 2001 - An Inside Job?
      ... Vermont, and Senate Majority leader Tom Daschle, from South Dakota. ... Senator from Wisconsin was the only Senator to vote against this ... the U.S. Senate had been split evenly, 50 Democrats to ... 2001, Republican Vice President Richard Cheney held the deciding vote, ...
      (uk.politics.misc)
    • Re: Anthrax Attacks 2001 - An Inside Job?
      ... Vermont, and Senate Majority leader Tom Daschle, from South Dakota. ... Senator from Wisconsin was the only Senator to vote against this ... and announced he would be caucusing with the Democrats. ... 2001, Republican Vice President Richard Cheney held the deciding vote, ...
      (uk.politics.misc)