Re: Major hack attack on the U.S. Senate

From: Brian C. Lane (bcl_at_brianlane.com)
Date: 01/23/04

  • Next message: Fredrik Björk: "Multiple Vulnerabilities in Phorum 3.4.5" 
    To: BUGTRAQ@SECURITYFOCUS.COM
Date: Fri, 23 Jan 2004 07:28:23 -0800

    On Thu, 2004-01-22 at 09:25, Richard M. Smith wrote:
    > http://www.boston.com/news/nation/articles/2004/01/22/infiltration_of_files_
    > seen_as_extensive?mode=PF
    >
    > Infiltration of files seen as extensive
    > Senate panel's GOP staff pried on Democrats
    > By Charlie Savage, Globe Staff, 1/22/2004
    >
    > WASHINGTON -- Republican staff members of the US Senate Judiciary Commitee
    > infiltrated opposition computer files for a year, monitoring secret strategy
    > memos and periodically passing on copies to the media, Senate officials told
    > The Globe.
    >

    [snip]

    You left off the most important fact in your snip. The final paragraph
    pretty well sums it up:

    "A technician hired by the new judiciary chairman, Patrick Leahy,
    Democrat of Vermont, apparently made a mistake that allowed anyone to
    access newly created accounts on a Judiciary Committee server shared by
    both parties -- even though the accounts were supposed to restrict
    access only to those with the right password."

    I sure wouldn't call this a major hack attack. Someone goofed. Someone
    else took advantage of the goof (and according to some reports even
    reported it to the bonehead technician).

    One one hand you really shouldn't look at someone else's files. On the
    other hand if you're cooking up dirty tricks you darn well ought to make
    sure your memos are protected, not stored in the clear on a shared
    system.

    And these are the jokers who want to dictate to us how to secure the
    Internet and stop SPAM? Heh!

    Brian

    ---[Office 71.6F]--[Fridge 38.4F]---[Fozzy 88.8F]--[Coaster 71.7F]---
    Linux Software Developer http://www.brianlane.com

  • Next message: Fredrik Björk: "Multiple Vulnerabilities in Phorum 3.4.5"

    Relevant Pages

    • Re: [Full-Disclosure] Major hack attack on the U.S. Senate
      ... > Senate panel's GOP staff pried on Democrats ... > infiltrated opposition computer files for a year, ... > memos and periodically passing on copies to the media, ...
      (Full-Disclosure)
    • OT- Why I hate politics this time around
      ... The story I'm talking about is on p.35, and it is called "The Senate ... Democrats regained control of Congress by promising to stand up to ... committed is Schumer to his phantom friends that he has even ... makes as chair of the Democratic Senatorial Campaign Committee. ...
      (rec.arts.tv.soaps.cbs)
    • Anthrax Attacks 2001 - An Inside Job?
      ... Vermont, and Senate Majority leader Tom Daschle, from South Dakota. ... Senator from Wisconsin was the only Senator to vote against this ... the U.S. Senate had been split evenly, 50 Democrats to ... 2001, Republican Vice President Richard Cheney held the deciding vote, ...
      (uk.politics.misc)
    • Re: Anthrax Attacks 2001 - An Inside Job?
      ... Vermont, and Senate Majority leader Tom Daschle, from South Dakota. ... Senator from Wisconsin was the only Senator to vote against this ... the U.S. Senate had been split evenly, 50 Democrats to ... 2001, Republican Vice President Richard Cheney held the deciding vote, ...
      (uk.politics.misc)
    • Re: Anthrax Attacks 2001 - An Inside Job?
      ... Vermont, and Senate Majority leader Tom Daschle, from South Dakota. ... Senator from Wisconsin was the only Senator to vote against this ... and announced he would be caucusing with the Democrats. ... 2001, Republican Vice President Richard Cheney held the deciding vote, ...
      (uk.politics.misc)