Alleged hacker: U.S. defense sites poorly secured

A British man facing possible extradition to the United States says poor security was a major factor in his ability to have wandered through the IT systems of some key defense establishments.

Gary McKinnon, who is accused of hacking and causing damage to federal defense systems, also said that his actions, far from intending to cause harm, all started as an innocent attempt to prove that the U.S. Defense Department knows of the existence of extraterrestrials. Later he was driven by suspicions about federal policies and actions in the wake of the Sept. 11, 2001, terror attacks.

In an interview with ZDNet UK, McKinnon, who is out on bail pending an extradition hearing later in July, said that he was "frightened" to find U.S. defense systems were open to "people from all over the world."

He claims that in one system he found that the local administrator's password was blank. Those in charge of the system, McKinnon said, had used "image-based installation techniques where most of the machines have the same BIOS, the same hard drive, the same hardware specification" just applied across different systems.

"So you don't even need to become domain administrator," he said. "That's 5,000 machines all with a blank system-level administrator password."


read the rest at:
http://news.com.com/Alleged+hacker+U...l?tag=nefd.top