Wi-Fi hack threat man pleads guilty
A US man has pleaded guilty to hacking into his neighbour's wireless network before setting up counterfeit webmail accounts in the innocent man's name and sending death threats against the Vice President, Joe Biden. Barry Vincent Ardolf of Blaine, Minnesota, 45, admitted the crimes two days into his trial. As part of a plea …
I never understand why we have such lenient prison terms over here (UK) - can't even get 20 years for murder over the pond!
Most are let out on licence in the UK because we understand that reabilitation can work, unlike our American Cousins. Never-the-less the licence is for life, these people aren't truely free.
We American believes in punishment not rehabilitation (well, unless you're name's Bush anyway) ... 20 years would be a reasonable punishment for his list of transgressions ... of course, if he'd simply walked over and shot the guy he'd have probably been out in 5 years.
Double Fail.
"The distribution of child porn charges carry a tariff of up to 20 years behind bars though the circumstances of the case would seem to suggest punishment towards the lower end of this scale."
If he was deliberately and maliciously trying to falsely implicate another person for distributing child porn, I would personally expect the punishment to be towards the upper end of the scale.
I was about to castigate this guy for missing out a final, yet obvious step in the obfuscation path. However, upon reflection I'm glad they got him.
I really should think of the context before engaging my tech-sense.
I imagine there'd be some market for a 'logging' wireless router after something like this.
Log the MAC address, time, and nature of the packets coming and going... Use it to implicate your 'not-as-clever-as-he-thinks' neighbor for trying something like this.
DrayTeks 2820 does, you've gotta use their Windows app if that is your OS of choice, or the syslog port for Linux. I used it when I let my neighbour use my WiFi connection - for his sons homework, he said - but I'm not so trusting. Am I bad?
<oops I forgot>
Here we are in 21st century and still deception rallies more powerful over integrity?
I say I am he and I have IP and access to pretend it is so.
How, one ponders, did the poor unfortunate take to the deception and what harm did fall upon him?
Credit card?
are just plain nasty as well as being perhaps a bit sick in the head and maybe just a little bit backward. He couldn't have been much of a computer technician considering he got caught.
I despair for the morality and righteousness of the human race when I read stuff like this. But then again, at my age I cannot remember a time when I haven't. I'm just kidding everything was wonderful and the world was just perfect when I was ten.
10 years in the slammer will be enough to change his perspective of the world.
Did the police break into all the neighborhood houses with warrants?
What would have happened if he hadn't hired his own tech investigators?
RE @Mike S:
> Log the MAC address, time, and nature of the packets coming and going...
If MAC-based security is used the evildoer will have to spoof one of the allowed addresses... easily done and then all that logging won't help :-/
You'd better be sure they are up to their stuff. Being able to radiolocate the WiFi clients would be very useful here using a pair of directional receivers and triangulation, together with standards of equipment maintenance and validation, knowledge of equipment use and logging of activity all good enough to capture evidence usable in court. MAC addresses are whatever the penetration tester or cracker tells aircrack-ng to make them, so a cracker will only disclose these during an attack if they are being careless. Precisely locating the clients is more useful.
Much cheaper to configure WPA2 securely with a very strong password you keep well secret, but if you have good reason to believe a neighbour is hacking your system with intentions of framing you for serious crimes then hiring a well equipped and highly competent PI in the WiFi department seems like an excellent idea.
I'm just a teensy bit concerned about this.
Scenario #1: neighbour turns off his security, and hires PIs to wait for the miscreant to break into his network. Miscreant gets done for kiddie porn, the war on stuff, etc.
Scenario #2: neighbour turns off his security, and hires PIs to wait for the alleged miscreant to break into his network. He then spoofs the alleged miscreant's MAC address, and breaks into his own network remotely. Alleged miscreant gets done for kiddie porn, the war on stuff, etc.
Scenario #3: Neighbour has WEP/WPA encrypted security in place, it's cracked and his work colleagues and everyone on MySpace thinks he's a pedo because it's all happening from his IP address. He hires a PI and finds it's his evil neighbour doing it all. Evil neighbour gets done for kiddie porn, the war on stuff, etc.
Where in your world is this not possible?
I'm saying that there are 2 ways to frame an innocent person: plant stuff on their computer (#1), or make it appear that they planted stuff on your computer (#2).
In this case, someone pleaded guilty as part of a plea bargain arrangement, so it appears to be #1 (I'd be very surprised if security was enabled, by the way; your average pedo is probably not up to cracking WEP/WPA). I don't know about you, but when I hear the words 'plea bargain' I don't get a nice warm feeling that justice has been done.
I'm concerned because (1) in general, if someone doesn't confess, how are you going to tell the difference between #1 and #2, and (2) turning off security, hiring PIs, and waiting for someone to walk in smells of entrapment.
It's strange to call this a "plea bargain" - when what he did was change his plea to guilty to all charges two days into his trial.
Two days of expert testimony that left the jury with litttle more to decide than how many years he should be locked away.
"I'm concerned because (1) in general, if someone doesn't confess, how are you going to tell the difference between #1 and #2, and (2) turning off security, hiring PIs, and waiting for someone to walk in smells of entrapment.
There is entrapment - only - if you go out of your way to tease, persuade, and convince someone to commit a crime.
That he was not well on the way to commiting on his own.
In this case:
"After Ardolf sent threatening e-mails to Vice President Joe Biden, Gov. Tim Pawlenty and U.S. Sen. Amy Klobuchar, claiming to be the Kostolniks, an investigator hired by Matt Kostolnik's firm discovered Ardolf was hijacking the family's wireless service.
That led to a search of Ardolf's home, which produced evidence taken from more than a dozen computers and dozens of computer storage devices, evidence that included detailed notes of e-mail addresses, passwords, photographs and text of e-mails that had been sent."
http://www.startribune.com/local/north/112080854.html?elr=KArks:DCiUHc3E7_V_nDaycUiD3aPc:_Yyc:aUoD3aPc:_2yc:a_ncyD_MDCiU
.....the wireless network of the neighbour was unsecured and the papers are only saying it was secured to stop the victim look like an utter moron....
I thought it was only in TV dramas that the perpetrators (a favourite word in American cop vocabularies) broke down confessed.
The cops also seem to use 'child pornography' coupled with phrases intended to exaggerate the their extreme nature to besmirch both those charged as well as those convicted of many crimes seeking to confirm in the publics mind the person in question as being despicable.
They even used this technique in connection with the GCHQ decrypter on loan to MI-6 saying they didn't know he was into female fashion design and that he had women's clothes in his closet and, horror of horrors, even visited 'bondage' sites. This guy was the victim of murder - yet they paint him as a bad character.
Sign up, sign up for The Register's weekly IT security newsletter - click here
