◆ SpookStack

+ New York Times Intranet, Source ~~ Hacked e Page 2 of 2 Lame gained access to the network using Web proxies located on the network, Proxies are machines that allows users to route through - or into ~ networks, often skirting past firewalls. The whole process from search to discovery took less than two minutes. “It struck me as being a part of their network more likely to be placed in a trusted location,” he said. “Ironically, jt wasn't until I mistyped a URL that I found what I was looking for - the error message invited me to ‘try the main New York Times intranet site’ instead." The Times' corporate intranet also allows users to access other sensitive areas, including the company's human resources department, as well as tools used to submit advertisements that accompany stories in the daily paper and the New York Times Web site, http://www.nytimes.com . The discovery highlights just how susceptible the Internet can be as a tool for spreading misinformation. Lamo said had he been so inclined, he probably would have been able to figure out how to successfully submit a small news item or advertisement for publication. Days after the Sept. 11 attacks, Lamo used a proxy on the Yahoo network to add satirical comment to a story on the company's Web site about Russian programmer Dmitry Sklyarov, a stunt that raised public concern about the integrity of online media. Last week, Lamo alerted SBC Communications that several of its Web pages containing tens of thousands of subscriber user names and passwords were exposed to the Web and completely unprotected. In December, Lamo discovered an Internet-accessible Web too! that provided easy access to the keys to private network routers for dozens of companies, including AOL Time Warner, Bank of America, Citicorp, Fox News Corp., JP Morgan, McDonalds, and Sun Microsystems - to name just a few. When asked why he does what he does, Lamo is noncommittal and somewhat cagey, downplaying his penchant for seeing things in ways that often go unnoticed by most. - That didn’t stop him, however, from quietly adding his name to the newsroom's source list as an expert on computer hacking. . “I'm not trying to bring about any sort of specific change anywhere by what I do - but in doing what I do, acting in goad faith doesn't seem like a bad thing, and hoping that someone in a similar situation in some undefined future might have options that aren't all a downwards spiral doesn't seem unreasonable either,” Lame said, “It would be nice." Reported by Newsbytes.com, http://www.newsbytes.com 19:52 CST Reposted 08:23 CST (20020227/WIRES ONLINE, LEGAL, BUSINESS, TELECOM/NYTIMES/PHOTO) © 2001 The Washington Post Company FBI(19-cv-1495)-1616. http://www newsbytes.com/cgi-bin/udt/im.display.printable?client.id=newsbytes&story.id=174792 2/27/02