Quote:
Lamo believes the arrest warrant is for his most high-profile hack. Early last year he penetrated the New York Times, after a two-minute scan turned up seven misconfigured proxy servers acting as doorways between the public Internet and the Times private intranet, making the latter accessible to anyone capable of properly configuring their Web browser.
Once inside, Lamo exploited weaknesses in the Times password policies to broaden his access, eventually browsing such disparate information as the names and Social Security numbers of the paper's employees, logs of home delivery customers' stop and start orders, instructions and computer dial-ups for stringers to file stories, lists of contacts used by the Metro and Business desks, and the "WireWatch" keywords particular reporters had selected for monitoring wire services.
So if I read it correctly he understood what he was doing and he's smart enough to not get caught already. Besides I really dislike the "lamer and "scriptkiddy" stamps, I think that is enough to say he's not just someone with malicous intends. He did it for ethical reasons and because it was appearantly so ****ing easy. You could almost say with them open proxies at the times server (or something) it was just exposed to the internet like it was "just normal" to view the information.
Quote:
In a telephone interview, Lamo said he was in California, but does not plan to turn himself in until after conferring with the attorney. The hacker was quick-witted and seemingly in good humor, with only a trace of nervousness in his voice. He quipped about the proper etiquette of being arrested by the FBI, and suggested jokingly that SecurityFocus should purchase the publication rights to a favorite photo. He said he was in the company of a camera crew producing a television documentary on hackers.
edit: