Return-Path: <sentto-279987-5200-1029636571-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Sat, 17 Aug 2002 19:12:08 -0700 (PDT) Received: (qmail 25689 invoked by uid 510); 18 Aug 2002 02:07:58 -0000 Received: from n36.grp.scd.yahoo.com (66.218.66.104) by all.net with SMTP; 18 Aug 2002 02:07:58 -0000 X-eGroups-Return: sentto-279987-5200-1029636571-fc=all.net@returns.groups.yahoo.com Received: from [66.218.67.193] by n36.grp.scd.yahoo.com with NNFMP; 18 Aug 2002 02:09:31 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_7_4); 18 Aug 2002 02:09:31 -0000 Received: (qmail 72668 invoked from network); 18 Aug 2002 02:09:30 -0000 Received: from unknown (66.218.66.218) by m11.grp.scd.yahoo.com with QMQP; 18 Aug 2002 02:09:30 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta3.grp.scd.yahoo.com with SMTP; 18 Aug 2002 02:09:30 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g7I2AV809661; Sat, 17 Aug 2002 19:10:31 -0700 Message-Id: <200208180210.g7I2AV809661@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Sat, 17 Aug 2002 19:10:29 -0700 (PDT) Subject: [iwar] The secret life of a cyber hero (fwd) Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=0.1 required=5.0 tests=PORN_10,DIFFERENT_REPLY_TO version=2.20 X-Spam-Level: [FC - perhaps a secret superhero - or perhaps not. There are many who toil in this arena without recognition but also without violations of law. While I appreciate that some are motivated to do good things, part of being a real superhero is doing it within the bounds of legality.] The secret life of a cyber hero By Gary Dimmock Ottawa Citizen http://www.dimmockreport.com/hackerunmasked.htm The mystery hacker whose online infiltration has led to several arrests of= suspected child predators -- including a California superior court judge= -- was a 19-year-old loner who penetrated 3,000 computers around the world= from his parents' basement in Langley, B.C. In all of this, the Canadian hacker has remained anonymous, even in police= affidavits -- until now. Dubbed "Citizen Tipster" by police, Brad Willman, spent night after night= writing a Trojan Horse program that gave him complete control over every= computer that downloaded it. Alone and in the dark, he sat for up to 16 hours a day monitoring hundreds= of targets, secretly reading their e-mail and tracking their every step= online. He started keeping files on the targeted users. He tracked them for almost= three years --recording everything. The majority of his targets were= ordinary people -- but some in the files included priests, social workers,= soldiers, police officers and justice officials. He catalogued each file by degree of risk and focused on suspected= child-porn producers and molesters. This was his life. He had no friends in school and skipped the prom. Even= these days, his only entertainment away from the computer is going to the= odd movie, alone. The son of a coffee shop owner, Mr. Willman, a.k.a. Omni-Potent, finds if= hard to socialize and rarely answers the telephone. He can only be himself= online -- staring at the screen and chewing sour candies. Though never publicly credited, Omni-Potent is the same mystery hacker who= led the Mounties to the capture and conviction of an Alberta man who= offered his eight-year-old daughter up for sex through the Internet in= 1999. The hacker's investigations have exposed suspected child predators across= Canada, the United States and Russia. Some of the suspects included foster= parents, social workers and justice officials. He has also helped find child victims. He first set his fingertips on a keyboard at the age of five and taught= himself to hack by the time he was 14. He began targeting online child predators three years ago. He started= turning in suspects two years ago, ignoring police threats that if he= didn't stop he'd be arrested for breaching privacy. He did all of this, for up to 16 hours a day, on his free time and in= secret. And it began as a game. "I was just playing around with this program I wrote. I wanted to see how= it worked. Then I got way more curious about what these people were doing.= It's exciting to see something you build actually work. It means I have= actually helped out. It challenges me and makes me work," said Mr.= Willman, now 21. The program, disguised as an image, allowed him to retrieve anything --= undetected -- once downloaded. He posted the image on several usenet= groups used by pedophiles. In reality, the downloaded image was simply one= retrieved from the user's own hard drive. Some 3,000 users around the world downloaded the Trojan Horse program--= giving him full control of targeted computers. "Then, I would stay up late at night to see what I could drag out of their= computers, which turned out to be more than I expected. I could read all= of their e-mails without them knowing. As far as they were concerned, they= didn't know their e-mails had even been opened. "I could see who they were chatting with and read what they were saying as= they typed. I judged these people by reading their incoming and outgoing= e-mails. I was more interested in actual abusers or producers. That was my= priority --not the people that were just downloading images." Sometimes the work was overwhelming, what with tracking every single e-mail= for hundreds of people. "It did get quite busy. It was a lot of work to= keep on top of it." The motive behind his investigations was always to protect children "who= can't protect themselves." He often ignored police threats of arrest and instead pressed ahead,= particularly in the case of Orange County Superior Court Judge Ronald= Kline. After reading the judge's electronic diary, he concluded it showed= an apparent plot to sexually exploit young boys at a private health club. "Sure, a violation of privacy you must cry, but if you have nothing hurting= kids, the future of the world, then there's no reason to worry as that is= all that Omni-Potent protects," he said. In several interviews with the Ottawa Citizen, the hacker expressed= frustration with police reluctance to pursue his information about child= pornography producers. In some cases, he says police in Canada and the= United States ignored his evidence packages. In some cases, he says U.S. police and the RCMP have backed away from= offers of reward for tracking down online child predators. "Omni-Potent's service thus far has been provided without cost to the= public. Not one dime has been provided to Omni-Potent and yet there has= been tremendous success in providing accurate information. "Technology is everyone's enemy whether they realize it or not. It is after= all, technology which helped to find me and mess up important= investigations by attempting to lift my veil," he said. Mr. Willman says he measures his success by his "contribution" to= protecting those who cannot protect themselves. In the case against Judge Kline, U.S. detectives credit him alone for= breaking the case. "The diary he retrieved gave us the probability that we= needed to get the search warrant," said California Det. Ronald Carr. The search warrant unearthed more than 100 images of young children engaged= in sex acts. In police affidavits obtained by the Citizen, the judge admitted that he= authored the journal. The judge has not been charged with any crime for= keeping the electronic diary, but has been charged with possession of more= than 100 images of child pornography. Since that indictment, an alleged= molestation victim has come forward and the judge now also faces= sexual-assault charges dating back to 1976. In the electronic journal, excerpted in police documents, the author writes= exclusively about his sexual interest in young boys. The journal entries= span May 2000 through March 2001 and detail the author's deviant sexual= urges and the times and places where he meets young boys. These details,= and his written thoughts about cases before him, made it easy for= authorities to conclude the retrieved diary was genuine. The judge, a Little League umpire, had contact with numerous boys at ball= games, in a mall and at a private health club -- where he befriended= vulnerable young boys with the hopes of exploiting them. "You can't just charge in like you did with (a boy). How do I encourage him= without pursuing him too hard? You have great entr=E9=A5 in the separation= of his parents," says an entry dated June 6, 2000. The next day, the author writes: "I gave a lot of thought today about this= business of approaching these kids too fast ... He doesn't strike me as a= lonely boy like (boy) was. You have to make them come to you or it just= doesn't work," says a diary entry dated June 9, 2000. After reviewing the journal, Det. Tracy Jacobson concludes in an affidavit= that the author is a pedophile. "He refers to the child as 'gorgeous' and= writes about how and when to approach the child, and plans his moves= carefully. It is further my opinion these are the type of comments only a= pedophile or a child molester would make," Det. Jacobson said. In the journal, the author seems fixated with young boys and often writes= about the problems of enticing them to be alone with him. He talks about= buying them baseball tickets and giving them a tour around town in his= Porsche Boxster. According to California Motor Vehicles records, a 2000= Boxster with the licence 4HTV361 is registered to Judge Kline. Sometimes, he found it hard to control his urges. In one entry, the author= writes about sitting next to a young boy at a pizzeria, and rubbing his= back "with no resistance at all." Other times, the author wrote that when= he was preparing to give a drive to a boy to a ball game, he likened it to= getting ready for a date. Because the author was noting the names of the boys and tracking their= movement, Mr. Willman feared he would molest one of the targeted boys. In= turn, the hacker forwarded the electronic diary to Predator-Hunter.com, an= Internet organization created to stop child exploitation. "Parents in a number of countries, I think, owe Omni-Potent a debt of= gratitude for doing what he did. I don't endorse what he did as being= legal, but law enforcement should seriously look at putting guys like him= to work because they are obviously not getting the job done," said Wendell= Krueth, president of the Predator-Hunter.com. The Internet group conducted its own probe, then forwarded the files to the= California Department of Justice. On May 8, 2001, Irving police Det. Ron= Carr was assigned to assist the department in a probe into alleged child= pornography. He concluded the journal was genuine, then set out to track the hacker who= built the case. Three months later, after tracing him to a Web site, Det.= Carr travelled to Langley, just outside Vancouver, to interview Brad= Willman, known only as "Citizen Tipster." The hacker explained how the Trojan Horse program worked and then agreed to= hand over his hard drives to police. They also wanted him to thumb through= his files -- a tall order, he said, for one person. "They wanted everything right away. I had to dig through all the= information. And to go through my archives when it's just one person is= pretty hard. They said they would see what they could do about= compensating me for my time but I never heard from them again." In the time it took to search his archives, he lost too many days to resume= monitoring other targeted users. "When you're reading every single e-mail= for hundreds of people it's impossible to keep doing it when you lose a= week. You're too far behind." The judge is now under house arrest in a two-storey home at the end of a= cul-de-sac in Irvine, California. It will be the judge's defence that= because the electronic diary, the cornerstone of the case, was stolen, the= federal grand jury charges should be dropped. The defence will also argue that the diary was stolen by a hacker who was= working on behalf of law enforcement -- a charge Mr. Willman denies. For now, Mr. Willman, at the behest of his parents, has stopped hacking. "They liked what I was doing but they don't want me to do anything= illegal." Sometimes he regrets his online life. "My whole life has been online. I've= literally spent half of my life on the Internet. I'm anti-social in real= life. I've been on the computer too much to keep friends. I'm trying to= get out more. And don't tell me about meeting girls -- boy oh boy." He is now working hard to launch a computer security career and thinking= about moving out of his parents' basement to assume a new identity so he= can hack again. "If I am ever to come back, it'll be on my own terms and no one will know= ever again who I am." ------------------------ Yahoo! Groups Sponsor ---------------------~--> 4 DVDs Free +s&p Join Now http://us.click.yahoo.com/pt6YBB/NXiEAA/Ey.GAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-10-01 06:44:32 PDT