Adrian Lamo: Difference between revisions

Adrian Lamo
Adrian Lamo (left) with contemporaries Kevin Mitnick (center) and Kevin Poulsen
Born	(1981-02-20) February 20, 1981 (age 43) Boston, MA
Nationality	Colombian-American
Other names	Adrián Lamo
Known for	Hackers Wanted, The Screen Savers
Spouse	Lauren[1] [2]

Adrian Lamo (born 1981) is a former grey hat hacker and journalist, principally known for breaking into a series of high-security computer networks, and his subsequent arrest. Best known among these were his intrusions into The New York Times and Microsoft. He is also known for attempting to identify security flaws in computer networks of Fortune 500 companies and then notifying them of any flaws he found.

Personal

Lamo was born in Boston, Massachusetts to Mario Lamo and Mary Lamo-Atwood.^[3] He spent his early childhood in Arlington, VA, until moving to Bogotá, Colombia around the age of 10. When his family moved back to the United States two years later, they settled in San Francisco, where Adrian lived until he tested out of High School a year early. Dubbed the "homeless hacker"^{[citation needed]} for his transient lifestyle, Lamo spent most of his travels couch-surfing, squatting in abandoned buildings and traveling to Internet cafes, libraries and universities to investigate networks, and sometimes exploit security holes. Despite performing authorized and unauthorized vulnerability assessments for several large, high-profile entities, Lamo refused to accept payment for his services.

Activities and techniques

File:Duty.gif

Lamo is featured in a cover story by SF Weekly

Adrian Lamo is perhaps best known for breaking into The New York Times internal computer network in February 2002, adding his name to confidential databases of expert sources, and using the paper's LexisNexis account to conduct research on high-profile subjects, although his first published activities involved operating AOL watchdog site Inside-AOL.com.^[4][5][6] The Times filed a complaint and a warrant for Lamo's arrest was issued in August 2003 following a 15 month investigation by federal prosecutors in New York. At 10:15 AM on September 9, after spending a few days in hiding, he surrendered to the US Marshals in Sacramento, California. He re-surrendered to the FBI in New York City on September 11, and plead guilty to one count of computer crimes against Microsoft, Lexis-Nexis and The New York Times on January 8, 2004.

Later in 2004, Lamo was sentenced to six months detention at his parent's home plus two years probation, and was ordered to pay roughly $65,000 in restitution. He was convicted of compromising security at The New York Times and Microsoft, and is alleged to have admitted to exploiting security weaknesses at Excite@Home,^[7][8] Yahoo!,^[9] Microsoft, MCI WorldCom,^[10] Ameritech, Cingular and has allegedly violated network security at AOL Time Warner, Bank of America, Citigroup, McDonald's and Sun Microsystems.^[11] Companies sometimes use proxies to allow their employees access to the internet, without giving the internet access to their internal network. However, when these proxies are improperly configured, they can allow access to the company's internal network. Lamo often exploited this, sometimes using a tool called ProxyHunter.^[11]

Critics have repeatedly labelled Lamo as a publicity seeker or common criminal, claims that he has refused to publicly refute. When challenged for a response to allegations that he was glamorizing crime for the sake of publicity, his response was "Anything I could say about my person or my actions would only cheapen what they have to say for themselves." When approached for comment during his criminal case, Lamo would frequently frustrate reporters with non sequiturs such as "Faith manages"^[12] and "It was a beautiful day."^[13]

At his sentencing, Lamo expressed remorse for harm he had caused through his intrusions, with the court record quoting him as adding "I want to answer for what I have done and do better with my life."^[14]

As of January 16, 2007, Lamo's probation was terminated, ending a three-year period during which the U.S. District Court's ruling prevented him from exercising certain freedoms, including the ability to employ any privacy protection software, travel outside certain established boundaries, or socialize with security researchers.

DNA controversy

On May 9, 2006, while 18 months into a two year probation sentence, Adrian Lamo refused to give the United States government a blood sample they demanded so as to record his DNA in their CODIS system.^[15] According to his attorney, Adrian Lamo has a religious objection to giving blood, but is willing to give his DNA in another form. "He went in there with fingernail clippings and hair, and they refused to accept it, because they will only accept blood," said federal public defender Mary French.

File:Lamo-tss.jpg

Lamo is interviewed by Leo Laporte on TechTV's The Screen Savers

On June 15, 2007, lawyers for Lamo filed another motion citing the Book of Genesis as one basis for Lamo's religious opposition to the frivolous spilling of blood: "The Book of Genesis leaves unambiguous this matter. Therein, those who would spill the blood of man are rebuked as follows: 'Whoever sheds the blood of man, by man shall his blood be shed; for in the image of God has God made man.' Genesis 9:6 (New International Version)."^[16]

Lamo continued: "Under this admonition, not only would I be blinding myself to the direct instructions of scripture by shedding blood, but I would similarly be casting whomever facilitated this act into sin, multiplying my culpability," setting the basis for defense counsel Mary French to urge US District Court Judge Frank Damrell to exempt Lamo from the sampling entirely, or to order his probation officer to accept some other biological product in lieu of blood, as previously offered by Lamo.

On June 21, 2007, it was reported that Lamo's legal counsel had reached a settlement agreement with the U.S. Department of Justice granting Lamo's original request. According to Kevin Poulsen's blog, "On Wednesday, the Justice Department formally settled the case, filing a joint stipulation along with Lamo's federal public defender dropping the demand for blood, and accepting cheek swabs instead." Reached for comment, Lamo reportedly affirmed to Poulsen his intention to "comply vigorously" with the order.^[17]

Professional

Since Lamo's sentencing, he has entered the early stages of a career as an award-winning^[18][19] journalist, studying at American River College, with writing, photography, and editorial work / collaboration appearing in Network World, Mobile Magazine, 2600 Magazine, The American River Current, XY Magazine, and others. Lamo has interviewed personalities ranging from John Ashcroft, to Oliver Stone^[20] to alleged members of the Earth Liberation Front. Lamo also has a history of public speaking - he was a keynote speaker at a government security conference in 2005 alongside Bruce Schneier, and a panelist at the Information Security In the Age of Terrorism conference.^[21]

Lamo has shown signs of increased cooperation with media since his release from federal custody, including a podcast interview with Patrick Gray in Australia, and an April 2007 segment^[22] on 88.1 WMBR out of Cambridge.

Can You Hack It?

Can You Hack It?, a documentary covering Lamo's life and times, is slated for release under the care of Trigger Street Productions.^[23] Directed by Sam Bozzo, it features Apple Computer co-founder Steve Wozniak, TechTV personality Leo Laporte, and narration by actor Kevin Spacey. The film explores the practical and ethical themes of modern computer hacking, intertwining Lamo's story with those of controversial figures throughout history.

A rendering of Adrian Lamo by AAlib.

Miscellaneous

• Lamo does not program; he used a web browser for 95% of his legwork and intrusion.
• Lamo previously worked as a senior staff writer at The American River Current, and also worked with 2600 Magazine and XY Magazine.
• In his spare time, he donates his time and expertise to Voluntary Legal Services of Northern California, a Sacramento-based nonprofit organization providing assistance to indigent and low-income clients involved in civil litigation.
• Lamo was appointed to the Lesbian, Gay, Bisexual, Transgender, Queer and Questioning Youth Task Force by San Francisco Supervisor Tom Ammiano.^[24]
• Lamo was removed from a segment of NBC Nightly News when, after being asked to demonstrate his skills for the camera, he gained access to NBC's internal network in under five minutes.^[25]

In popular culture

• The Wholly Book of Clichés & Cabbages, a Discordian RPG based on the Risus system cites Lamo as an embodiment of the Discordian Hacker character class, an AD&D-style prestige class of Hacker, noting "A Discordian Hacker has the abilities of the pulp hacker, but utililizes them much differently.".^[26]
• Adrian Lamo is mentioned in the web comic xkcd.^[27]

Notes

1. "IMDB biography". Imdb. imdb.com. 2008-02-27. Retrieved 2008-02-27.
2. "Adrian Lamo's (alleged) blog". Retrieved 2008-07-01.
3. A Duty to Hack
4. Brown, Janelle. "Can AOL silence its critics?" Salon.com. July 1, 1999.
5. Poulsen, Kevin. "Hijackers take AIM accounts." SecurityFocus.com. November 29, 2000.
6. Null, Christopher. "Hackers Run Wild and Free on AOL". Wired News. February 21, 203. If this article disappears, see mailing.
7. Lemos, Robert. "Hacker helps Excite@Home toughen defenses". News.com. May 29, 2001.
8. Security Focus. "@Home's mis-configured proxy Excites hacker". BSDvault. May 30.
9. Poulsen, Kevin. "Yahoo! News Hacked". SecurityFocus. September 18, 2001.
10. Poulsen, Kevin. "Lamo's Adventures in WorldCom". SecurityFocus. December 5, 2001.
11. How To Keep Your Info Inside. (Powerpoint) Also see Google's cache. (You may have to highlight text in the cache in order to be able to read it.) See "Also gained access to: Bank of America, JP Morgan, Citicorp, Sun Microsystems, AOL".
12. McCullagh, Declan. "The 'homeless hacker' talks". CNET News.com. September 16, 2003.
13. McCullagh, Declan. "Judge lifts hacker's PC restrictions". CNET News.com. September 12, 2003.
14. Poulsen, Kevin. "Feds say Lamo inspired other hackers". The Register. September 16, 2004.
15. Poulsen, Kevin. "Feds Want Hacker's Genetic Code". Wired News. May, 10, 2006.
16. Kevin Poulsen on June 15 filing
17. Poulsen, Kevin Hacker Adrian Lamo Wins, Won't Have to Give the FBI his Blood; June 21 2007
18. Adrian Lamo 2005 awards at JACC
19. Adrian Lamo 2004 awards at JACC
20. Oliver Stone set to visit CSUS
21. Information Security in the Age of Terrorism
22. Adrian Lamo on 88.1 WMBR's darkbot radio
23. Can You Hack It? at IMDb
24. Adrian Lamo, Seat No. 10;
25. Poulsen, Kevin (2002-08-27). "Lamo Bumped from NBC After Hacking Them". SecurityFocus. Retrieved 2007-01-02. {{cite web}}: Check date values in: |date= (help)
26. Prince Mu-Chao. "The Wholly Book of Clichés & Cabbages". "23 Apples of Eris. February 28, 2005.
27. Lamo mentioned in xkcd

References

• Losing His Religion: Techfocus interviews Adrian Lamo Bill Royle, TechFocus.
• Slashdot.org Discussion regarding TechFocus interview 9 April 2004.
• Inside The Hacker Mind Chris Null, New Architect December 2002.
• New York Times Internal Network Hacked Kevin Poulsen, SecurityFocus 26 February 2002.
• Lamo Bumped from NBC After Hacking Them Kevin Poulsen, SecurityFocus 27 August 2002.
• Adrian Lamo charged with computer crimes Kevin Poulsen, SecurityFocus 5 September 2003.
• Lamo Pleads Guilty to Times Hack Kevin Poulsen, SecurityFocus 8 January 2004.
• Off the Hook Interview - April 7, 2004; with Emmanuel Goldstein and Bernie S. on the phone with Lamo's comments recorded here
• 'Homeless Hacker' speaks out Tech News on ZDNet
• He Hacks by Day, Squats by Night Noah Shachtman, Wired News 6 March 2002.
• Hollywood.com Preliminary documentation of Trigger Street Productions documentary involving Lamo.
• BusinessWeek Stop Him Before He Hacks Again
• MacUser.com Woz + Kevin Spacey + Adrian Lamo = A Movie about Hacking?

External links

• Lamo, Adrian. "Just Breathe". Resist!ca. Retrieved 2006-10-20.
• "TechTV Video - Adrian Lamo interviews prior to arrest". {{cite web}}: Cite has empty unknown parameters: |accessyear=, |month=, |accessmonthday=, and |coauthors= (help)
• "Articles about Adrian Lamo dating back to 2001 and pro-Lamo advocacy". FreeLamo.org. Retrieved 2006-10-20.
• Adrian Lamo at IMDb
• Can You Hack It? at IMDb

{{subst:#if:Lamo, Adrian|}} [[Category:{{subst:#switch:{{subst:uc:1981}}

|| UNKNOWN | MISSING = Year of birth missing {{subst:#switch:{{subst:uc:}}||LIVING=(living people)}}
| #default = 1981 births

}}]] {{subst:#switch:{{subst:uc:}}

|| LIVING  = 
| MISSING  = 
| UNKNOWN  = 
| #default = 

}}

Template:Persondata