Hacking for Israel

[William Knowles <wk () C4I ORG>]

http://new.globes.co.il/serveEN/globes/DocView.asp?did=450980&fid=984

Aviva Mishmari
15.11.2000 15:00

Ehud Tenenbaum ("the Analyzer") was only eighteen-and-a-half at the
end of 1998 when he achieved his fifteen minutes of fame by breaking
into the US Pentagon computer. The Tenenbaum trial has continued ever
since and the defense is now entering its plea.

In the meantime, it turns out that Tenenbaum has adapted himself to
the Zeitgeist by serving as technical manager and security consultant
in the 2XS company, which for its part cooperates with an anonymous
organization, called the Israeli Internet Underground (IIU).

The goal, part commercial and part patriotic, includes marketing the
security services of Tenenbaums company to Israeli web sites. Are you
worried that Arab hackers will break through your security wall? Here
is your salvation.

"We can protect you"

The Globes site was one of hundreds of sites that received e-mail from
the IIU a few days ago, along the lines of, We have discovered
security problems on your site...at least one of the sites services
contains a bug, through which your site can be broken into and damage
caused. We call upon you not to let this happen. We can protect you
from attacks by malicious hackers belonging to Islamic groups. All you
have to do is download a security report from our site, free of
charge, including repairs for the security defects. The letter is
signed by a White-hatted Hacker Group (hackers intending to warn of
security defects, not steal information, A.M.).

So you are alarmed and enter the site. There you find a list of
several hundred sites in which security faults were discovered a real
economic Whos Who. There is also a list of sites already broken into,
including educational institutions, such as the Kibbutz Seminar and
the Open University in Jerusalem, and various religious web sites
behold and beware. After you have been properly horrified and have
decided to save yourselves by hiring the security services of 2XS, you
will be asked to sign a statement absolving the company of liability
for the information collected for it by the IIU.

Ex-hackers

Why is this necessary? For reasons of legal liability. The IIU claims,
Our aim is the good of all the Israeli companies. The idea for the
statement came from 2XS. It is important for a security company to
emphasize that it has no link to the IIUs activity. Do they really
cooperate with hackers, while washing their hands? They are
ex-hackers, corrects 2XS manager Sharon Weiss. They claim they have
information about a massive attack on Israeli sites in the coming
weeks and came to us to offer a solution.

Ehud Tenenbaum explains that the IIU doesnt really break into sites.
These guys are serious people with a worthwhile purpose. They want to
protect Israel, not attack it. They trace general problems. For
example, if a given site relies on a certain version of a server known
to have many bugs, it is vulnerable to break-ins. You dont have to
break in to find that out; it is enough to go online and examine the
server. That is not an intrusive scan.

2XS is nevertheless in need of honesty. Tenenbaum writes in an e-mail:
I cant say that IIU has done anything illegal, because I am not sure,
but 2XS will definitely not assume responsibility. In conversation, he
says, Although we share their goals, we cant accept responsibility for
the way they get the information. Publishing a list of web sites is a
little vulgar and overly aggressive; we would have confined ourselves
to a personal e-mail. Thats the way hackers are, though. Our legal
department told us straight out dont be part of the process. Thats why
we published a statement, clearly saying that we are not responsible
for the information.

Well, this is at least a pretentious sales trick, if not something
worse. How much do 2XSs security services cost? Ladies and gentlemen,
a one-time offer. At the moment, at least for the coming week, the
solution is provided for free, in Tenenbaums cautious wording.

Globes: What happens later? Meanwhile, you have a list of potential
customers.

Tenenbaum: Were not forcing anyone to work with us in the future.

To sum up the package, you get half a service, based on
half-information (general information), collected using unorthodox
means, from which 2XS is careful to disassociate itself. Tenenbaum
himself says, What they have done is very nice, but not so clever. All
those involved, however, take an oath in the name of patriotism, the
one and only excuse, covering everything. Whom can this help?

We are a young company with good intentions. We work with complete
sincerity. Its not a gimmick. Weve received hundreds of thank you
letters, avers Tenenbaum.

Gall

One of the recipients of the alarming letter was Dapey Reshet web site
founder and Internet journalist Ido Amin, who claims, When companies
sign the declaration, they give the Analyzer a comprehensive
authorization to any sites whatsoever. I regard this as unmitigated
gall, all the more infuriating because it is done in the name of
patriotism. If Israeli Internet people want to do something patriotic,
they should unreservedly condemn the childish and immoral attacks on
the Hezbollah sites. These actions brought in their wake
counterattacks that paralyzed half of Israels e-mail system for
several days running. The spirit of the Internet is free speech, even
if you dont like the photographs shown on the Hezbollah sites.

Adv. Samuel Tzang, representing Tenenbaum, told Globes he was unaware
of this activity by Tenenbaum. Im not involved in it, Tzang said. Im
only working on the criminal case. Asked by Globes if Tenenbaum is
permitted to work on safeguarding sites or break-ins, Tzang replied,
As long as this activity takes place within the law.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".