Presented at
DEF CON 8 (2000),
July 29, 2000, 10 a.m.
(50 minutes).
Basically I'll discuss the case that went to trial in the spring of 99. I was the Deputy Head of the Computer Science Department at the USAF Academy at the time and was asked by the cadet accused of "hacking" to help with his defense. I testified at the trial as an expert witness for the Defense. I sat at the Defense table throughout the trial serving as their "computer expert". Basically the trial was a comedy of errors by the prosecution. law enforcement, and the cadet's attorneys alike. The cadet was involved in IRC but the law enforcement types and prosecution became convinced that he was the "hacker" (afterall, everybody KNOWS that IRC is nothing more than a place for hackers to trade information on how to break into computers -- the actual sentiment expressed by the investigators). I had up to that point spent the majority of my time in the Air Force trying to protect systems and to catch those who broke into AF systems. This case really shook me as I saw the LE types latch onto the smallest of indicators and blow them into a full blown felony case (the cadet faced 15 years in Leavenworth had he been convicted of all counts). What I will cover in the talk is:
1) Background of the case 2) The "evidence" the prosecution thought they had 3) The many possible areas where clues might have been found had either side known where to look (or asked anybody who knew anything about it) 4) What lessons can be learned from this case. Those from the government and industry need to know where to look if they want to catch folks (and if they want to make sure they don't make fools of themselves) and those who might find themselves accused someday need to know how to help their attorneys find clues that could exonerate them.
Presenters:
-
Gregory B. White, Ph.D.
Gregory B. White, Ph.D. - Vice President, Professional Services. Gregory White joined SecureLogix in March 1999 as the Chief Technology Officer. Before joining SecureLogix, he was the Deputy Head of the Computer Science Department and an Associate Professor of Computer Science at the United States Air Force Academy in Colorado Springs, Colorado. While at the Academy, Dr. White was instrumental in the development of two courses on computer security and information warfare and in ensuring that security was taught throughout the computer science curriculum. During his two tours at the Academy, he authored a number of papers on security and information warfare and is a co-author for two textbooks on computer security.
Between his Air Force Academy assignments, Dr. White spent three years at Texas A&M University working on his Ph.D. in computer science. His dissertation topic was in the area of host- and network-based intrusion detection. Prior to his Academy assignments, Dr. White was a student at the Air Force�s Advanced Communications-Computer Systems Staff Officer Course in Biloxi, Mississippi. He was awarded both the AFCEA and Webb awards for student leadership and academic excellence and was a Distinguished Graduate of the course. Before attending the course in Biloxi, Dr. White served as the Branch Chief of the Network Security Branch at the Cryptologic Support Center in San Antonio, Texas. His first assignment in the Air Force was as a systems analyst at the Strategic Air Command Headquarters in Omaha, Nebraska. Dr. White obtained his Ph.D. in Computer Science from Texas A&M University in 1995. He received his Masters in Computer Engineering from the Air Force Institute of Technology in 1986 and his Bachelors in Computer Science from Brigham Young University in 1980. He separated from the Air Force in 1999 and is currently serving in the Air Force Reserves at the Defense Information Systems Agency.
Links:
Similar Presentations: