The NASA hacker: Scapegoat or public enemy?July 12, 2005
Gary McKinnon has a lot to worry about. His job prospects are bleak. He will shortly have to leave his home in North London and could be facing up to 70 years in a US federal prison - a prospect that terrifies him.
His actions have been well recorded. Over a period of years he managed to bypass the security of what should be the most sophisticated IT systems on the planet, many of which belong to the US Department of Defense (DoD) and NASA.
That was back in 2002 and he has already been investigated thoroughly by the legal authorities in this country and released without charge. No one in the UK justice system considered him a threat. But the slow-working cogs of the US legal system have finally clicked into action leaving him hanging in limbo awaiting an extradition hearing later this month.
The unemployed UFO enthusiast was, metaphorically speaking, able to walk right in, look around and make himself at home in what are supposedly some of the most secure systems in the world. Although breaking into the DoD required a combination of ingenuity and hours of mindless drudgery, ultimately it was the "dangerously lax IT systems" that made it possible, he claims. And as for the "minor" damage to the systems concerned, it was not deliberate but happened accidentally while he was trying to cover his tracks.
Mckinnon, now 39, admits that there was a period of his life when he was "addicted" to computers. It threatened his life, his health and his relationships at the time, but he couldn't leave them alone.
His interest in IT was sparked, as it was for many others, by an interest in science, science fiction and the unknown. It was the search for proof of extraterrestrial life and a potential cover-up around the events of 11 September, 2001, that led him to the restricted government sites to begin with.
His story raises some critical issues around the rights of British citizens accused of committing a crime in the US, the state of IT security internationally and the possible existence of antigravity technology in a US military establishment.
Q: Why do you think the US authorities behaved the way they did, with an extradition order?
A :Well, the reason they give is that I, on my own, closed down the entire metro district of Washington for a few days, including a weapons station, which I dispute. My thing was being quiet and not being seen and getting the information out. And also, when I was there, you do a NetStat routine and you see all the other connections to that machine and there is a permanent weakness for foreign hackers because their security is not even lax, it is non-existent. You wouldn't believe it.
They might claim that by installing a remote control program, I opened them [the systems] up, but the access was already there. I didn't even have to crack passwords.
What about the damage you are said to have caused?
What they call damage is really just them realising that they have been accessed without authorisation. Then they say things like I deleted 300 users, deleted systems files and such. That was one instance when I did a batch file to clean up all my stuff. I think once and only once, though perhaps I ran it on the root drive of the "c:" drive. But it certainly wasn't every machine I was on and, if you believe them, they talk about 94 networks being damaged.
Surely all the data was backed up anyway?
Well, it should be and it should be behind a firewall, and the local administrator should not have a blank password. Take one defence computer where they use image-based installation techniques where most of the machines have the same BIOS, the same hard drive, the same hardware specification and you just whack it out across the systems. Unfortunately for them, the local system administrator's password was blank. So you don't even need to become the domain administrator. That's 5,000 machines all with a blank system level administrator password. To be fair to them, as I got deeper into it they closed me down pretty quickly.
Did it worry you, this lack of protection for systems?
I was always very frightened when I realised there were always other people from all over the world on there. These were like foreign ISPs, routinely going through things. It is very worrying that it is the world's only superpower and it is that easy to breach security.
What were you doing prior to the most recent arrest?
I wanted to get the trailing documentation. I looked at things and I didn't like what I was seeing. They talk about the war on terror and meanwhile they are training people in torture techniques, breaking and entering and close-quarter fighting and these are all little South American dictatorships. And then there is the humanist angle of anti-gravity technology and the 9/11 thing, but that didn't get very far.
Was your main motivation the search for extra-terrestrials?
That is how it started off and it then grew into suspicions about 9/11, because there are hundreds of unanswered questions about 9/11, the dragging away of all the forensics evidence, and the sale of all the concrete and steel to China. Even the firemen of New York organised their own web site to complain that this isn't a proper process. Then there are the schools for terrorists run by America to help Latin-American dictatorships and stuff.
So when you were searching for extraterrestrial life how did you feel about it? Was it just fun?
It was mainly very, very boring. You had to trawl through so much and bear in mind that it wasn't publicly accessible Web sites, it was all private military Web sites. So it was about logistics, support and, basically, as soon as I controlled a network I ran a file-searching program looking for keywords in files. So it was exciting every time you did turn up something, which only happened a few times, that was very exciting. I called it research, but it is a bit of a misnomer really.
Was the fun part just in being where you are not supposed to be?
Yes. There is a definite illicit thrill that didn't last very long. The issues around the UFO thing, as I discovered more and learned more, became much more serious. Eventually it became all about the issue of suppressed technology. I know for a fact that they have antigravity and the basic quantum-physical mechanics of having antigravity imply a free source of energy, getting energy direct from the vacuum. Now to me that would stop all the wars over oil. It would help fight famine and with irrigation. It would be free energy and that is a huge thing.
So the US has have developed an antigravity device?
Yes. Recently, I think two years ago, Boeing Aerospace announced that they were putting $50m (£28m) into investigating antigravity research. For me, the timing was interesting because I think it is something they already have, but it's not general knowledge and if they were caught they would probably say that it was renegade factions high-up in NASA, high-up in the military and high-up in commerce.
How do you come across these things? Is information on antigravity devices freely available?
Some of it is but it is a combination of what is freely available and what isn't. Take the Disclosure Project which is a group investigating UFOs run by Steven Greer, a doctor, and he had 300 testimonials in his book from people, ranging from civilian air traffic controllers to ex-commanders-in-chief of NATO, all saying 'yes, UFOs exist, yes certain parts of the military know about this, and have this and are using the technology and implementing a trickle-down thing so that eventually the technology will be everywhere.'
How does the possibility of being extradited to the US make you feel?
Better than I was the first time around [the 2002 case], although it is very similar. I had lots of work lined up which was Internet-related - computer games testing - and I have lost that because of my bail conditions. My landlord wants me out, because of all the press and police attention we had so it is a bit of a rerun of 2002. Lost the flat, lost the work but I managed to keep the girlfriend this time. For a few days it was very dark but I am feeling quite up now because we have been talking to [Conservative MP] Boris Johnson who is leading a Parliamentary Early Day Motion against the 2003 Extradition Act along with the Enron Three [three British bankers who are also facing extradition to the US] - or the NatWest Three as they like to be called now. So together we are trying to get a judicial review going and change the law.
So what is the official position?
I asked my solicitor why the CPS had taken my case away from the UK police and handed it to the US. She was speaking to someone who was fairly high up and he said that it had gone way above his head. Reading between the lines, that means the Home Office.
Is that a good thing?
No. It almost sounds like a done deal to me. The fact that I am not alone is encouraging. We are getting nearly 70 MPs signed up to the early-day motion.
Have you had much response, or help, from the hacker community?
I never really mixed with the hacker community, if you can call them that. In fact, after all of this happened back in 2002, some of them contacted me but they are not really hackers. In fact they are all professionals, but they used to hack, and they are very good and they are a knowledgeable lot. Some know about the law, some know forensic computing, and there has been a good bit of support there. In fact, the Free Gary Web site came from one of those people.
A Web site you are not allowed to use, of course, because of your bail conditions?
Right, I have to collect printouts of my emails and stuff. Which is silly as I have been free to use the Internet for three years, although I haven't actually had my own Internet account.