RPI Student's Computers Seized in Web Site Vandalization Investigation
Dave Aiello wrote, "Yesterday, I noticed an article on Slashdot that indicated that an RPI student had his computers seized and was questioned by the FBI in connection with an investigation into the vandalization of the New York Yankees Web Site. I did not want to post a story that discussed this until I could confirm the information, and I was too busy to do much digging. But now, the story has hit the mainstream press, appearing in USA Today. If they ran the story, we can be pretty confident that the details check out."
(Update: The Poly is now providing a report on this incident, as are the The Times-Union and the Associated Press.)
"The student, Andres Salomon, a sophomore, posted this explanation of what occurred. If you are interested in a simpler explanation of what he claims he did, read on...."
This is a less technical summary of the statement that appears on the Web Page http://devrandom.net/~dilinger/. News accounts state that this Web Page is the work of Andres Salomon, an undergraduate student at Rensselaer:
He indicates that people who know him will vouch for the fact that he is not a hacker. He does, however, have an interest in computer security-related issues.
He said that when the FBI arrived (on Saturday 10/28) at his room and presented him with a search warrant, he thought that they would be upset to find out that he had hundreds of recorded music files on his computer that could be copied by others without paying for the album at the record store. He thought he could explain himself, and they would move on to a more likely suspect.
The previous day, he had gotten up early and caught up with news about technology at some of his favorite Web Sites. He also worked on some computer science projects, while communicating with his friends on IRC -- Internet Relay Chat. IRC is a service similar to America On-Line Instant Messenger. It was at this time that he found out about the vandalization of the Yankees.com Web Site.
He went to the Yankees.com Web Site and found that it had not yet been restored to its original condition. Since he had some experience reparing the damage done by computer vandals on other computers, he began his own "post-mortem inspection".
The last time a friend had asked him to fix a Linux computer that had been broken into by an unauthorized user, he found that they had exploited a documented bug in a program that allows people to send and receive files from that computer via the Internet. So, he looked for the same problem on the Yankees Web Site, found that it existed, and that the unauthorized user had used the problem to change the contents of the Web Site.
He then searched the network that the Yankees Web Site is on, looking for other computers. He found another machine called old.yankees.com which seemed to be a copy of the original Web Site. Then, he tried to find evidence that the vandals had simply changed the name of the computer where the Yankees Web Site is, and replaced it with a completely different Web Site that contained embarassing information.
For reasons he could not determine, he was unable to find conclusive evidence of the replacement. So, he simply commented to his friends that he was chatting with over the Internet that it looked like that was what had happened, and left it at that.
The rest of his account talks about what happened after the FBI arrived. Basically, they took all of his computers and a lot of other computer-related supplies. He complains that a lot of his work that is not saved elsewhere is now in jeopardy of being lost, since police often do not return computer equipment seized in a criminal investigation.