Berkeley Hacker Admits To Government Infiltration
Wednesday, September 27, 2000
A Berkeley hacker pleaded guilty Monday to gaining unauthorized access to Defense Department computers after an investigation by NASA, the FBI, and the U.S. Navy and Air Force.
Max Butler, also known as Max Vision, agreed to a plea bargain in federal court after being charged in March with 15 counts of breaking into government computers, "recklessly causing damage" and intercepting electronic communications.
The government accused Butler, who is 27 years old, of infiltrating systems of the federal defense, energy and transportation departments, as well as systems at UC Berkeley and Lawrence Berkeley National Laboratory.
Butler also allegedly broke into Aimnet, an Internet service provider, and obtained 477 passwords, according to the indictment.
Though Butler only pleaded guilty to one count, the maximum sentence he could receive is five years in prison and a $250,000 fine plus restitution, according to Matt Jacobs, a spokesperson for the U.S. Attorney's Office in San Francisco. If he had been convicted of all counts, he would have faced more than 75 years in prison and fines exceeding $1 million.
Butler was also a "confidential source" for the FBI for two years, according to the agency's affidavit.
"He has provided useful and timely information on computer crimes in the past," the affidavit said.
The Lawrence Berkeley lab contributed to the investigation by detecting his break-ins on their Bro program, said Jon Bashor, a lab spokesperson.
"Bro is named for George Orwell's 'Big Brother' - it's always watching," Bashor said.
He said the program monitors all Internet traffic at the lab, acting as the "computer equivalent to a luggage scanner." The program detected "unusual behavior" by Butler in May of 1998, a kind of attack that nobody had seen before, he said.
Soon, however, infiltrated systems were taken offline and the loopholes were filled, Bashor said. No serious damage was done, but hackers continually scan the lab's systems for cracks.
"When there's a vulnerability, the bad guys exploit it, the good guys fix it, the bad guys look for another one and the good guys fix it again," Bashor said.
Lawrence Berkeley has much less classified material than other national laboratories and is more "open to the world" as a result, Bashor added.
According to the FBI, Butler used a computer vulnerability called Berkeley Internet Name Domain buffer overflow. This system is known for its problems and, while scientists have developed a "patch" for it, every computer needs to be upgraded to fend off hackers, said David Wagner, acting professor in electrical engineering and computer science.
"BIND is a common piece of infrastructure for the Internet," he said. "UC Berkeley has many, many machines that could be running BIND."
The FBI alleged that Butler used the domain buffer overflow to infiltrate computers at the U.S. departments of Commerce, Transportation and of the Interior and the National Institute of Health.
Butler's sentencing will take place in federal court in San Jose in January.
Comments (0) »Comment Policy
The Daily Cal encourages readers to voice their opinions respectfully in regards to both the readers and writers of The Daily Californian. Comments are not pre-moderated, but may be removed if deemed to be in violation of this policy. Comments should remain on topic, concerning the article or blog post to which they are connected. Brevity is encouraged. Posting under a pseudonym is discouraged, but permitted. Click here to read the full comment policy.