Suelette dreyfus julian assange

systems walks free', an indignant Guardian announced. `Computer Genius

is cleared of hacking conspiracy', said the Evening Standard. `Hacking

"addict" acquitted', sniffed The Times. Overpowering them all was the

Daily Telegraph's page one: `Teenage computer addict who hacked White

House system is cleared'.

Then came the media king-hit. Someone had leaked another story and it

looked bad. The report, in the Mail on Sunday, said that the three

hackers had broken into a Cray computer at the European Centre for

Medium Range Weather Forecasting at Bracknell. This computer, likes

dozens of others, would normally have been relegated to the long list

of unmentioned victims except for one thing. The US military used

weather data from the centre for planning its attack on Iraq in the

Gulf War. The media report claimed that the attack had slowed down the

Cray's calculations, thus endangering the whole Desert Storm

operation. The paper announced the hackers had been `inadvertently

jeopardising--almost fatally--the international effort against Saddam

Hussein' and had put `thousands of servicemen's lives at risk'.9

Further, the paper alleged that the US State Department was so

incensed about British hackers' repeated break-ins disrupting Pentagon

defence planning that it had complained to Prime Minister John Major.

The White House put the matter more bluntly than the State Department:

Stop your hackers or we will cut off European access to our satellite

which provides trans-Atlantic data and voice telecommunications.

Someone in Britain seemed to be listening, for less than twelve months

later, authorities had arrested all three hackers.

Pad thought the allegations were rubbish. He had been inside a VAX

machine at the weather centre for a couple of hours one night, but he

had never touched a Cray there. He had certainly never done anything

to slow the machine down. No cracking programs, no scanners, nothing

which might account for the delay described in the report. Even if he

had been responsible, he found it hard to believe the Western allies'

victory in the Gulf War was determined by one computer in Berkshire.

All of which gave him cause to wonder why the media was running this

story now, after Wandii's acquittal but before he and Gandalf were

sentenced. Sour grapes, perhaps?

For days, columnists, editorial and letter writers across Britain

pontificated on the meaning of the Wandii's verdict and the validity

of an addiction to hacking as a defence. Some urged computer owners to

take responsibility for securing their own systems. Others called for

tougher hacking laws. A few echoed the view of The Times, which

declared in an editorial, `a persistent car thief of [the hacker's]

age would almost certainly have received a custodial sentence. Both

crimes suggest disrespect for other people's property ... the jurors

may have failed to appreciate the seriousness of this kind of

offence'.10

The debate flew forward, changing and growing, and expanding beyond

Britain's borders. In Hong Kong, the South China Morning Post asked,

`Is [this] case evidence of a new social phenomenon, with immature and

susceptible minds being damaged through prolonged exposure to personal

computers?' The paper described public fear that Wandii's case would

result in `the green light for an army of computer-literate hooligans

to pillage the world's databases at will, pleading insanity when

caught'.11

By April Fool's Day 1991, more than two weeks after the end of the

court case, Wandii had his own syndrome named after him, courtesy of

The Guardian.

And while Wandii, his mother and his team of lawyers celebrated their

victory quietly, the media reported that the Scotland Yard detectives

commiserated over their defeat, which was considerably more serious

than simply losing the Wandii case. The Computer Crimes Unit was being

`reorganised'. Two experienced officers from the five-man unit were

being moved out of the group. The official line was that the

`rotations' were normal Scotland Yard procedure. The unofficial word

was that the Wandii case had been a fiasco, wasting time and money,

and the debacle was not to be repeated.

In the north, a dark cloud gathered over Pad and Gandalf as their

judgment day approached. The Wandii case verdict might have been cause

for celebration among some in the computer underground, but it brought

little joy for the other two 8lgm hackers.

For Pad and Gandalf, who had already pleaded guilty, Wandii's

acquittal was a disaster.
[ ]

On 12 May 1993, two months after Wandii's acquittal, Boris Kayser

stood up at the Bar table to put forward Electron's case at the

Australian hacker's plea and sentencing hearing. As he began to speak,

a hush fell over the Victorian County Court.

A tall, burly man with a booming voice, an imperious courtroom

demeanour and his traditional black robes flowing behind him in an

echo of his often emphatic gesticulations, Kayser was larger than

life. A master showman, he knew how to play an audience of courtroom

journalists sitting behind him as much as to the judge in front of

him.

Electron had already stood in the dock and pleaded guilty to fourteen

interrupted the long process of the court clerk reading out each

charge and asking whether Electron would plead guilty or not guilty.

With an impatient wave of his hand, Kayser asked the judge to dispense

with such formalities since his client would plead guilty to all the

agreed charges at once. The interjection was more of an announcement

than a question.

The formalities of a plea having been summarily dealt with, the

question now at hand was sentencing. Electron wondered if he would be

sent to prison. Despite lobbying from Electron's lawyers, the DPP's

office had refused to recommend a non-custodial sentence. The best

deal Electron's lawyers had been able to arrange in exchange for

turning Crown witness was for the DPP to remain silent on the issue of

prison. The judge would make up his mind without input from the DPP.

Electron fiddled nervously with his father's wedding ring, which he

wore on his right hand. After his father's death, Electron's sister

had begun taking things from the family home. Electron didn't care

much because there were only two things he really wanted: that ring

and some of his father's paintings.

Kayser called a handful of witnesses to support the case for a light

sentence. Electron's grandmother from Queensland. The family friend

who had driven Electron to the hospital the day his father died.

Electron's psychiatrist, the eminent Lester Walton. Walton in

particular highlighted the difference between the two possible paths

forward: prison, which would certainly traumatise an already mentally

unstable young man, or freedom, which offered Electron a good chance

of eventually establishing a normal life.

When Kayser began summarising the case for a non-custodial sentence,

Electron could hear the pack of journalists off to his side

frantically scribbling notes. He wanted to look at them, but he was

afraid the judge would see his ponytail, carefully tucked into his

neatly ironed white shirt, if he turned sideways,

`Your Honour,' Kayser glanced backward slightly, toward the court

reporters, as he warmed up, `my client lived in an artificial world of

electronic pulses.'

Scratch, scribble. Electron could almost predict, within half a

second, when the journalists' pencils and pens would reach a crescendo

of activity. The ebb and flow of Boris's boom was timed in the style

of a TV newsreader.

Kayser said his client was addicted to the computer the way an

alcoholic was obsessed with the bottle. More scratching, and lots of

it. This client, Kayser thundered, had never sought to damage any

system, steal money or make a profit. He was not malicious in the

least, he was merely playing a game.

`I think,' Electron's barrister concluded passionately, but slowly

enough for every journalist to get it down on paper, `that he should

have been called Little Jack Horner, who put in his thumb, pulled out

a plumb and said, "What a good boy am I!"'

Now came the wait. The judge retired to his chambers to weigh up the

pre-sentence report, Electron's family situation, the fact that he had

turned Crown witness, his offences--everything. Electron had given a

nine-page written statement against Phoenix to the prosecution. If the

Phoenix case went to trial, Electron would be put on the stand to back

up that statement.

In the month before Electron returned to court to hear his sentence,

he thought about how he could have fought the case. Some of the

charges were dubious.

In one case, he had been charged with illegally accessing public

information through a public account. He had accessed the anonymous

FTP server at the University of Helsinki to copy information about

DES. His first point of access had been through a hacked Melbourne

University account.

Beat that charge, Electron's lawyer had told him, and there's plenty

more where that came from. The DPP had good pickings and could make up

a new charge for another site. Still, Electron reasoned some of the

Crown's evidence would not have stood up under cross-examination.

When reporters from Australia and overseas called NASA headquarters

for comment on the hacker-induced network shutdown, the agency

responded that it had no idea what they were talking about. There had

been no NASA network shutdown. A spokesman made inquiries and, he

assured the media, NASA was puzzled by the report. Sharon Beskenis's

statement didn't seem so watertight after all. She was not, it turned

out, even a NASA employee but a contractor from Lockheed.

During that month-long wait, Electron had trouble living down Kayser's

nursery-rhyme rendition in the courtroom. When he rang friends, they

would open the conversation saying, `Oh, is that Little Jack Horner?'

They had all seen the nightly news, featuring Kayser and his client.

Kayser had looked grave leaving court, while Electron, wearing John

Lennon-style glasses with dark lenses and with his shoulder-length

curls pulled tightly back in a ponytail, had tried to smile at the

camera crews. But his small, fine features and smattering of freckles

disappeared under the harsh camera lights, so much so that the black,

round spectacles seemed almost to float on a blank, white surface.

The week after Electron pleaded guilty in Australia, Pad and Gandalf

sat side by side in London's Southwark dock one last time.

For a day and a half, beginning on 20 May 1993, the two hackers

listened to their lawyers argue their defence. Yes, our clients hacked

computers, they told the judge, but the offences were nowhere near as

serious as the prosecution wants to paint them. The lawyers were

fighting hard for one thing: to keep Pad and Gandalf out of prison.

Some of the hearing was tough going for the two hackers, but not just

because of any sense of foreboding caused by the judge's imminent

decision. The problem was that Gandalf made Pad laugh, and it didn't

look at all good to laugh in the middle of your sentencing hearing.

Sitting next to Gandalf for hours on end, while lawyers from both

sides butchered the technical aspects of computer hacking which the

8lgm hackers had spent years learning, did it. Pad had only to give

Gandalf a quick sidelong glance and he quickly found himself

swallowing and clearing his throat to keep from bursting into

laughter. Gandalf's irrepressible irreverence was written all over his

face.

The stern-faced Judge Harris could send them to jail, but he still

of the courtroom, the judge was--and would always be--out of the loop.

None of them had any idea what was really going on inside the heads of

the two hackers. None of them could ever understand what hacking was

all about--the thrill of stalking a quarry or of using your wits to

outsmart so-called experts; the pleasure of finally penetrating a

much-desired machine and knowing that system is yours; the deep

anti-establishment streak which served as a well-centred ballast

against the most violent storms washing in from the outside world; and

the camaraderie of the international hacking community on Altos.

The lawyers could talk about it, could put experts on the stand and

psychological reports in the hands of the judge, but none of them

would ever really comprehend because they had never experienced it.

The rest of the courtroom was out of the loop, and Pad and Gandalf

stared out from the dock as if looking through a two-way mirror from a

secret, sealed room.

Pad's big worry had been this third charge--the one which he faced

alone. At his plea hearing, he had admitted to causing damage to a

system owned by what was, in 1990, called the Polytechnic of Central

London. He hadn't damaged the machine by, say, erasing files, but the

other side had claimed that the damages totalled about [sterling]250

000.

anything near that amount. He had a reasonable idea of how long it

would take someone to clean up his intrusions. But if the prosecution

could convince a judge to accept that figure, the hacker might be

looking at a long prison term.

Pad had already braced himself for the possibility of prison. His

lawyer warned him before the sentencing date that there was a

reasonable likelihood the two 8lgm hackers would be sent down. After

the Wandii case, the public pressure to `correct' a `wrong' decision

by the Wandii jury was enormous. The police had described Wandii's

acquittal as `a licence to hack'--and The Times, had run the

statement.12 It was likely the judge, who had presided over Wandii's

trial, would want to send a loud and clear message to the hacking

community.

Pad thought that perhaps, if he and Gandalf had pleaded not guilty

alongside Wandii, they would have been acquitted. But there was no way

Pad would have subjected himself to the kind of public humiliation

Wandii went through during the `addicted to computers' evidence. The

media appeared to want to paint the three hackers as pallid, scrawny,

socially inept, geeky geniuses, and to a large degree Wandii's lawyers

had worked off this desire. Pad didn't mind being viewed as highly

intelligent, but he wasn't a geek. He had a casual girlfriend. He went

out dancing with friends or to hear bands in Manchester's thriving

alternative music scene. He worked out his upper body with weights at

home. Shy--yes. A geek--no.

Could Pad have made a case for being addicted to hacking? Yes,

although he never believed that he had been. Completely enthralled,

entirely entranced? Maybe. Suffering from a passing obsession?

Perhaps. But addicted? No, he didn't think so. Besides, who knew for

sure if a defence of addiction could have saved him from the

prosecution's claim anyway?

Exactly where the quarter of a million pound claim came from in the

first place was a mystery to Pad. The police had just said it to him,

as if it was fact, in the police interview. Pad hadn't seen any proof,

but that hadn't stopped him from spending a great deal of time feeling

very stressed about how the judge would view the matter.

The only answer seemed to be some good, independent technical advice.

At the request of both Pad and Gandalf's lawyers, Dr Peter Mills, of

Manchester University, and Dr Russell Lloyd, of London Business

School, had examined a large amount of technical evidence presented in

the prosecution's papers. In an independent report running to more

than 23 pages, the experts stated that the hackers had caused less

havoc than the prosecution alleged. In addition, Pad's solicitor asked

Dr Mills to specifically review, in a separate report, the evidence

supporting the prosecution's large damage claim.

Dr Mills stated that one of the police expert witnesses, a British

Telecom employee, had said that Digital recommended a full rebuild of

the system at the earliest possible opportunity--and at considerable

cost. However, the BT expert had not stated that the cost was

[sterling]250000 nor even mentioned if the cost quote which had been

given had actually been accepted.

In fact, Dr Mills concluded that there was no supporting evidence at

all for the quarter of a million pound claim. Not only that, but any

test of reason based on the evidence provided by the prosecution

showed the claim to be completely ridiculous.

In a separate report, Dr Mills' stated that:

i) The machine concerned was a Vax 6320, this is quite a powerful

`mainframe' system and could support several hundreds of users.

ii) That a full dump of files takes 6 tapes, however since the type of

tape is not specified this gives no real indication of the size of the

filesystem. A tape could vary from 0.2 Gigabytes to 2.5 Gigabytes.

iii) The machine was down for three days.

With this brief information it is difficult to give an accurate cost

for restoring the machine, however an over estimate would be:

i) Time spent in restoring the system, 10 man days at [sterling]300

per day; [sterling]3000.

ii) Lost time by users, 30 man days at [sterling]300 per day;

[sterling]9000.

The total cost in my opinion is unlikely to be higher than

[sterling]12000 and this itself is probably a rather high estimate. I

certainly cannot see how a figure of [sterling]250000 could be

justified.

It looked to Pad that the prosecution's claim was not for damage at

all. It was for properly securing the system--an entirely rebuilt

system. It seemed to him that the police were trying to put the cost

of securing the polytechnic's entire computer network onto the

shoulders of one hacker--and to call it damages. In fact, Pad

discovered, the polytechnic had never actually even spent the

[sterling]250000.

Pad was hopeful, but he was also angry. All along, the police had been

threatening him with this huge damage bill. He had tossed and turned

in his bed at night worrying about it. And, in the end, the figure put

forward for so long as fact was nothing but an outrageous claim based

on not a single shred of solid evidence.

Using Dr Mills's report, Pad's barrister, Mukhtar Hussain, QC,

negotiated privately with the prosecution barrister, who finally

relented and agreed to reduce the damage estimate to [sterling]15000.

It was, in Pad's view, still far too high, but it was much better than

[sterling]250000. He was in no mind to look a gift horse in the mouth.

Judge Harris accepted the revised damage estimate.

The prosecution may have lost ground on the damage bill, but it wasn't

giving up the fight. These two hackers, James Richardson told the

court and journalists during the two-day sentencing hearing, had

hacked into some 10000 computer systems around the world. They were

inside machines or networks in at least fifteen countries. Russia.

India. France. Norway. Germany. The US. Canada. Belgium. Sweden.

Italy. Taiwan. Singapore. Iceland. Australia. Officers on the case

said the list of the hackers' targets `read like an atlas', Richardson

told the court.

Pad listened to the list. It sounded about right. What didn't sound

right were the allegations that he or Gandalf had crashed Sweden's

telephone network by running an X.25 scanner over its packet network.

The crash had forced a Swedish government minister to apologise on

television. The police said the minister did not identify the true

cause of the problem--the British hackers--in his public apology.

Pad had no idea what they were talking about. He hadn't done anything

like that to the Swedish phone system, and as far as he knew, neither

had Gandalf.

Something else didn't sound right. Richardson told the court that in

total, the two hackers had racked up at least [sterling]25000 in phone

bills for unsuspecting legitimate customers, and caused `damage' to

systems which was very conservatively estimated at almost

[sterling]123000.

Where were these guys getting these numbers from? Pad marvelled at

their cheek. He had been through the evidence with a fine-toothed

comb, yet he had not seen one single bill showing what a site had

actually paid to repair `damage' caused by the hackers. The figures

tossed around by the police and the prosecution weren't real bills;

they weren't cast in iron.

Finally, on Friday 21 May, after all the evidence had been presented,

the judge adjourned the court to consider sentencing. When he returned

to the bench fifteen minutes later, Pad knew what was going to happen

from the judge's face. To the hacker, the expression said: I am going

to give you everything that Wandii should have got.

Judge Harris echoed The Times's sentiments when he told the two

defendants, `If your passion had been cars rather than computers, we

would have called your conduct delinquent, and I don't shrink from the

analogy of describing what you were doing as intellectual joyriding.

`Hacking is not harmless. Computers now form a central role in our

lives. Some, providing emergency services, depend on their computers

to deliver those services.'13

Hackers needed to be given a clear signal that computer crime `will

not and cannot be tolerated', the judge said, adding that he had

thought long and hard before handing down sentence. He accepted that

neither hacker had intended to cause damage, but it was imperative to

protect society's computer systems and he would be failing in his

public duty if he didn't sentence the two hackers to a prison term of

six months.

Judge Harris told the hackers that he had chosen a custodial sentence,

`both to penalise you for what you have done and for the losses

caused, and to deter others who might be similarly tempted'.

This was the show trial, not Wandii's case, Pad thought as the court

officers led him and Gandalf out of the dock, down to the prisoner's

lift behind the courtroom and into a jail cell.