The situation was getting sticky, but it was about to get worse. A few days after Comrade’s success in penetrating a system associated with SIPR-NET, his father was pulled over on his way to work. The cops told him,
“We want to talk to your son,” and showed him a search warrant.
Comrade remembers:
There were some people from NASA, the DoD, the FBI. In all there were like ten or twelve agents, and some cops, too. I had been
messing around in some NASA boxes, I put a sniffer up on ns3.gtra.mil, just to pick up passwords. But as a side effect, it picked up emails as well. They told me I was being charged with illegal wiretaps for that. And then for the NASA computers I got copyright violations or infringement. And other things.
Just the day before, a friend said, “Dude, we’re going to get busted soon.” He was flipping out. I figured, “Yeah, he’s got a point.” So I wiped my hard drive.
But Comrade wasn’t thorough about the cleanup job. “I had forgot-ten the old drives hanging around my desk.”
They questioned me. I admitted it, I said, “I’m sorry, here’s what I did, here’s how to fix it, I won’t do it again.” They were like,
“All right, we don’t consider you a criminal, don’t do it again.
If you do it again, you’ll leave in handcuffs.” They packed up my computers, peripherals, and spare hard drives, and they left.
Later on they tried to get Comrade to tell them the password to his encrypted hard drives. When he wouldn’t tell, they said they knew how to crack the passwords. Comrade knew better: He had used PGP (Pretty Good Privacy) encryption and his password was “about a hundred char-acters long.” Yet he insists it’s not hard to remember — it’s three of his favorite quotes strung together.
Comrade didn’t hear anything more from them for about six months.
Then one day he got word that the government was going to press charges.
By the time he got to court, he was being nailed for what the prosecutor claimed was a three-week shutdown of NASA computers and intercepting thousands of email messages within the Department of Defense.
(As I know all too well, the “damage” claimed by prosecutors and the real-life damage are sometimes quite different. Comrade downloaded software from the NASA’s Marshall Space Flight Center in Alabama, used in controlling the temperature and humidity of the International Space Station; the government claimed that this had forced a three-week shut-down of certain computer systems. The Department of Defense attack offered more realistic cause for concern: Comrade had broken into the computer system of the Defense Threat Reduction Agency and installed a “back door” allowing him access at any time.)
The government obviously considered the case important as a warning to other teenage hackers, and made much of his conviction in the press, proclaiming him the youngest person ever convicted of hacking as a fed-eral crime. Attorney Genfed-eral Janet Reno even issued a statement that said in part, “This case, which marks the first time a juvenile hacker will serve
time in a detention facility, shows that we take computer intrusion seri-ously and are working with our law enforcement partners to aggressively fight this problem.”
The judge sentenced Comrade to six months in jail followed by six months probation, to start after the end of the school semester.
Comrade’s mother was still alive at the time; she hired a new lawyer, got a lot of letters written, presented the judge what Comrade calls “a whole new case,” and, incredibly, managed to get the sentence reduced to house arrest followed by four years of probation.
Sometimes in life we don’t make the best of opportunities. “I did the house arrest and was going through probation. Various things happened, I started partying too much, so they sent me to rehab.” Back from rehab, Comrade got a job with an Internet company and started his own Internet outfit. But he and his probation officer weren’t seeing eye to eye and Comrade was sent to prison after all. He was just 16 years old, incar-cerated for acts he committed at age 15.
There aren’t all that many juveniles in the federal system; the place he was sent turned out to a “camp” (apparently an appropriate word) in Alabama that housed only 10 prisoners and that Comrade describes as looking “more like a school — locked doors and razor wire fences but otherwise not much like a jail.” He didn’t even have to go to class because he had already finished high school.
Back in Miami and again on probation, Comrade was given a list of hackers he would not be allowed to talk to. “The list was like this guy, this guy, and ne0h.” Just “ne0h” — the federal government knew him only by his handle. “They had no idea who he was. If I had access to two hundred things, he had access to a thousand things,” Comrade says.
“ne0h was pretty slick.” As far as either of them knows, law enforcement still hasn’t managed to pin a name on him or pinpoint his location.
Investigating Khalid
Was Khalid the militant he claimed to be, or just some faker pulling the chains of the teenagers? Or maybe an FBI operation to probe how far the young hackers were willing to go? At one time or another, each of the hackers who had dealings with Khalid were suspicious that he wasn’t really a militant; the idea of providing information to a foreign agent seems to have bothered them a good deal less than the idea the guy might be duping them. Comrade said that he “wondered for the longest time what [Khalid] was. I didn’t know if he was a Fed or if he was for real. Talking to ne0h and talking to him, I decided he was pretty legit.
But I never took money from him — that was a barrier I didn’t want to cross.” (Earlier in the conversation, when he had first mentioned the
offer of $10,000 from Khalid, he had sounded impressed by the sum.
Would he really have declined the money if his efforts had been successful and Khalid had actually paid up? Perhaps even Comrade himself doesn’t really know the answer to that one.)
ne0h says that Khalid “sounded absolutely professional” but admits to having had doubts along the way about whether he was really a militant.
“The whole time I was talking to him, I thought he was full of shit. But after researching with friends who he’s contacted and given other infor-mation to, we actually think he really was who he said he was.
Another hacker, Savec0re, encountered someone on IRC who said that he had an uncle in the FBI who could arrange immunity for an entire hacker group called Milw0rm. “I thought that this would send a message to the FBI that we weren’t hostile,” Savec0re told journalist McKay in an email interview. “So I gave him my phone number. The next day I got a call from the so-called FBI agent, but he had an amazingly strong Pakistani accent.”
“He said his name was Michael Gordon and that he was with the FBI in Washington, DC,” Savec0re told the journalist. “I realized then that it had been Ibrahim all along.” While some people were wondering if the sup-posed terrorist might be an FBI sting, Savec0re was reaching the opposite conclusion: that the guy claiming to be an FBI agent was really the same terrorist, trying to see if the boys were willing to blow the whistle on him.
The notion that this might have been an FBI operation doesn’t seem to stand up. If the federal government wanted to find out what these kids were capable of and willing to do, money would have been flowing.
When the FBI thinks a situation is serious enough to run a sting, they put money behind the effort. Promising $1,000 to ne0h and then not pay-ing it wouldn’t make any sense.
Apparently only one hacker actually saw any money from Khalid:
Chameleon. “I went to my post-office box one morning, and there was a check for a thousand dollars with a number to call in Boston,”
Chameleon was quoted as saying in another Wired News story (November 4, 1998). Khalid understood he had maps of government computer networks; the check was payment for the maps. Chameleon cashed the check. Two weeks later he was raided by the FBI and interro-gated about the payment, raising the interesting question of how the government knew about the thousand dollars. This was before 9/11, when the FBI was focused on domestic crime and paying scant attention to the terrorist threat. Chameleon admitted taking the money but insisted to the Wired News journalist that he had not provided any gov-ernment network maps.
Though he had confessed to accepting money from a foreign terrorist, which could have brought a charge of espionage and the possibility of a very long sentence, no charges were ever filed — deepening the mystery.
Perhaps the government just wanted word to spread in the hacker com-munity that doing business with foreign agents could be risky. Perhaps the check wasn’t from Khalid after all, but from the FBI.
Few people know Chameleon’s true identity, and he very much wants to keep it that way. We wanted to get his version of the story. He refused to talk about the matter (merely giving himself an out by mentioning he thought Khalid was a Fed just posing as a terrorist). If I were in his posi-tion, I probably wouldn’t want to be interviewed on the subject either.