TUCoPS :: Cyber Law :: court.txt

Transcript of Craig Neidorf Trial

<The following transcript of Craig Neidorf's trial was provided
by his legal counsel, to whom we are indebted. The page numbers
correspond to transcript pagination. The document was retyped by CuD,
and cross-checked against the original. A spell checker removed
spelling errors, and if any of these errors appeared in the original,
they too were removed.>
                           EASTERN DIVISION
                   Plaintiff,      .       90 CR 70
            v.                     .       Chicago, Illinois
CRAIG NEIDORF,                     .       Tuesday,
                   Defendant.      .       July 24, 1990
                                   .       10:10 a.m.
. . . . . . . . . . . . . . . . . ..
                              VOLUME ONE
                              AND A JURY
For the Government:        THE HONORABLE IRA H. RAPHAELSON,
                              United States Attorney, by
                           WILLIAM J. COOK
                           COLLEEN D. COUGHLIN
                           DAVID A. GLOCKNER
                              Assistant United States Attorneys
                              219 South Dearborn Street
                              Fifteenth Floor
                              Chicago, Illinois 60604
For Defendant:             SHELDON T. ZENNER
                              Katten, Muchin and Zavis
                              525 West Monroe Street
                              Suite 1600
                              Chicago, Illinois 60606
Case Agent:                TIMOTHY M. FOLEY
                              Special Agent
                              United States Secret Service
Court Reporter:            Agnes M. Thorne
                              Official Court Reporter
- 2 -
     (Twelve jurors and four alternate jurors sworn to try
     (Following proceedings transpired out of the presence of the
     MR. COOK: Judge, we have two short issues to bring up. The
government, obviously, understands the court's rulings on the First
Amendment mistake of law. We are in a bit of a quandary in terms of
the best way to argue that or front that with the jury during our
openings. Does the court anticipate giving an instruction as to the
law of mistake of law with respect to this either before Mr. Zenner
talks or at the conclusion of the case?
     THE COURT: At the conclusion of the case in written instructions
to the jury.
     MR. COOK: And that would be along the lines that it is not a
     defense to this violation mistake of law.
     THE COURT: That we will decide at the conference on jury
     MR. COOK: All right.
     THE COURT: Mistake of law is no defense. I think we can agree
to that.
     MR. ZENNER: No.
     THE COURT: We can't?
     MR. ZENNER: Wait. We agreed that the First Amendment is no
defense. Mistake of law is a defense to a specific intent crime.
     MR. COOK: That's enough. That's enough for me to make my
- 3 -
Cook -- opening statement
     THE COURT: Is that enough?
     Mr. Cook: Yes.
     THE COURT: Okay. What else?
     MR. COOK: Also, Mr. Zenner is indicating that he wants to
argue about the videotapes or make some presentation about the
videotapes in his opening remarks. Those are irrelevant.
     THE COURT: What is the nature of those videotapes?
     MR. ZENNER: It is very simple. On one of the dates charged
in the indictment, the exact date, in fact, the exact date charged
in the indictment in Count Two, the date the scheme was supposed to
start, Mr. Neidorf was surreptitiously videotaped by the Secret
Service at SummerCon '88, the hacker convention.
     THE COURT: Okay, now I recall.
     MR. ZENNER: That is the subject of that. The fact that he is on
videotape for 15 hours on the date he is supposed to have committed
the crime in the midst of a supposed conspiracy with some
of the other people who are on videotape I expect to mention,
albeit very briefly, probably ten seconds worth in an opening,
well, maybe thirty seconds worth in an opening, that he was
videotaped on that day, a date charged in the indictment, and that
the worst thing they saw him do or talk about when he was with these
people he is supposedly conspiring with is to drink a beer, order
a pizza. I mean, that's it. They have a the videotape in the middle
of this scheme with his coschemers.
- 4 -
Cook -- opening statement
     THE COURT: And what's the problem with that?
     MR. GLOCKNER: Judge, we went through all this before on the
discovery motions. And your Honor agreed with the government that
(a) the fact that the defendant is videotaped not committing a
crime is not relevant to whether or not on some other occasion
he did.
       Second, as we argued in the earlier filings with your Honor,
he is not charged with holding SummerCon, with participating
in SummerCon...
     THE COURT: You will object to the entry in evidence of that
     MR. GLOCKNER: Absolutely.
     THE COURT: The objection will be sustained.
     MR. GLOCKNER: Thank you.
     THE COURT: What else?
     MR. COOK: Nothing else, Judge.
     MR. ZENNER: With respect to the videotape, I accept the court's
ruling that the videotape will not be introduced, but I can
certainly refer to the fact that he was videotaped, and I can ask the
agent that, and I intend to ask the agent who investigated this case:
"On a date charged in the indictment..." Mr. Cook is going to show
that. He is going to say, "On July 22, 1988, my client committed
a wire fraud". He's going to tell them to convict him of that.
On that date, he's on videotape for fifteen hours with the Secret
Service looking at him, and he doesn't do anything of the sort.
He's meeting with his coschemers...he's meeting with his
- 5 -
Cook -- opening statement
     THE COURT: And you will seek to introduce the videotape to
show that he couldn't have committed the crime on that date?
     MR. ZENNER: All I want to be able to do is to cross-examine
Agent Foley on that.
     THE COURT: Well, you might be able to cross the agent
depending on what his direct testimony is. Those issues...
     MR. ZENNER: It is a date charged in the scheme. I have a hard
time imagining how I can't cross.
     THE COURT: Mr. Zenner, you can make the opening statements, and
if there is an objection, I will sustain it. Okay.
     MR. ZENNER: All right.
     THE COURT: What else?
     MR. COOK: Nothing.
     THE COURT: Bring in the jury please.
     (Jury present at 10:20 a.m.)
     THE COURT: Good morning ladies and gentlemen.
     JURORS: Good morning.
     THE COURT: Please be seated.
          Mr. Cook, is the government prepared to make its opening
     MR. COOK: Yes, Judge.
     THE COURT: Very well.
     MR. COOK: Thank you.
     MR. COOK: Good Morning, ladies and gentlemen.
- 6 -
Cook -- opening statement
     JURORS: Good morning.
     MR. COOK: My name is Bill Cook. I'm an Assistant United States
Attorney. I am going to be substantially aided in this prosecution
by Colleen Coughlin, who is an Assistant United States Attorney, and
Dave Glockner, who is also an Assistant United States Attorney. We
will be having Special Agent Tim Foley of the United States Secret
Service working with us. He is sitting at the trial table with us.
           In 1876, the first telephone communication ever made was:
                 "Mr. Watson, come here, I want you".
That was also the very first emergency telephone call ever made.
Since that time, the telephone company has, obviously, sophisticated
their operation to a large degree so that where we stand today in
1990, we are the beneficiaries of what is known as the Enhanced 911
system. That system is a life line for every person certainly in the
Southern Bell region of the United States. It's taken for granted.
It is an extensively developed system. You're going to hear a great
deal of information about the development of that system and the
architecture that that system is based upon. It is built on
computers from bottom to top.
          In 1988, a road map to that computer system, that life
line, was stolen from a computer in Atlanta, Georgia, by a man
by the name of Robert Riggs, who is a member of an organization
known as the Legion of Doom.
          That document, with its proprietary markings, its warnings
- 7 -
Cook -- opening statement
on it, and the clear indications that it was the property of
BellSouth, was transferred electronically to Mr. Craig Neidorf, the
defendant here, seated right here.
          Mr. Riggs is a hacker, a person that breaks into
computers. He answers to no one but his own ability to get into
those computers.
          We anticipate that the evidence will show that in February
of 1989, Mr. Neidorf published that extensive road map to the
life line of the entire hacker community so far as he was able to
determine it and define it.
          In many respects, I submit to you that this is not going
to be a, "Whodunit", or "What was done?".
          There are two sets of violations charged in the indictment.
Very briefly, they are the interstate transportation of stolen
property and what is referred to in legal jargon as a wire fraud.
          With respect to the interstate transportation of stolen
property, the evidence will show that Mr. Neidorf admitted to
receiving the stolen property, the stolen E911 text file from Robert
Riggs. He further admitted to Agent Foley that at the time he
received the document, he knew it was stolen.
          With respect to the wire fraud the evidence will show
that the wire fraud was really an outgrowth of what you are going to
be hearing about and what will be described as the Phoenix Project,
an effort by Mr. Neidorf to consolidate a group of hackers.
          The object of that wire fraud scheme was extensive, but it
- 8 -
Cook -- opening statement
included providing hackers with information about how to crack into
other people's computers, soliciting them to try to provide him
articles, articles for his publication PHRACK  newsletter which
he would then distribute to other hackers.
          The evidence will also show that Mr. Riggs knew of the
hacker activities, the break-ins that were occurring as he would
follow along with their activities. In that respect, he was almost
a "hacker groupie", except a groupie that sought to be in control and
direct many of the operations. He received stolen property, property
stolen from computers, stored on computers.
          Now, just one more set of observations about the indictment
and the format of the indictment, and then I'll move on to what
some of our more immediate concerns might be.
          (Chart) Does everybody see that? One juror I know can't
see the bottom.
     THE COURT: Can all the jurors now see that?
     JURORS: Yes.
     MR. Cook: Mr. Neidorf is charged in each count of the indictment,
except for the first count here. The coding here is this is the
second count of the indictment on down to Count Eleven. These
are the approximate dates that the violations or the activities
occured that are alleged in the indictment.
          Specifically, in the second, the second count of the
indictment alleges that on July 22, 1988 as part of the wire fraud
scheme, Mr. Neidorf generated an issue of PHRACK World News in which
- 9 -
Cook -- opening statement
he announced the instigation of the Phoenix Project, the Phoenix
Project because it had been a year since the 1987, in their parlance,
collapse of the computer world by virtue of a series of law
enforcement raids. Mr. Neidorf announced here that he wanted the hacker
community to come together again to be more effective than ever.
          The next activity is the third count of the indictment,
September 19, 1988, a wire fraud allegation again, E-mail,
electronic mail, generated from Mr. Neidorf to Mr. Riggs and
Mr. Scott O, a computer hacker.
          This electronic mail, this electronic mail here also,
these are efforts by Mr. Neidorf reaching out to consolidate,
identify and pull together a group of hackers that he could be
working with for the publication of PHRACK, people that would supply
him with information and articles, and, as it turned out, people that
in fact, supplied him with stolen information, stolen from computers.
          These allegations refer more directly to the interstate
transportation and movement and file transfers of the E911 text file.
          Count Seven refers to the publication of a series of
computer articles that deal with how to break into a UNIX operating
          Counts Eight and Nine refer to the text file being sent from
Neidorf back to Riggs, from Neidorf in Missouri to Riggs who was
physically in Atlanta, but who used the bulletin board, computer
bulletin board, in Lockport, Illinois, sending it back for review and
to make sure that Neidorf had done an adequate job of concealing the
- 10 -
Cook -- opening statement
nature of the file fro the point of view not the contents so much
of the file, but concealing where Riggs had stolen it from to protect
Riggs, and, to a large degree, to protect himself so that it couldn't
be identified exactly where the document had been stolen from.
          Finally, we have the publication of the E911 text file in
the PHRACK newsletter by Mr. Neidorf.
          you will be seeing the indictment in the jury room as you
deliberate. This is just an overview to give you an overfocus of
where the allegations are going to fall and the types of information
that you are going to be hearing about.
          Now, if I were you, if I were you, I would be sitting
there, as some of you may be, thinking to myself, "What have I gotten
myself in for? He's talking about computers. He's talking about
operating systems. Whooooaaaa!"
          First of all, you don't need to be a computer user, or a
computer ace, to understand what this case is going to be about. It
really deals with, in its most essential form, stealing property and
transferring property, the interstate transportation of stolen
property. So it's a simple stealing and a simple fraudulent
taking, taking by deception. But it just involves some relatively
high-tech tools. Don't let the tools confuse you from the fact of the
taking and the bottom-line information. I'm telling you to relax
about the computer jargon.
          There are several concepts that we're going to be talking
about here. What I'm going to give you is a kind of a lawyer's
- 11 -
Cook -- opening statement
description. That is supposed to let you know that it is far from
an expert's opinion on some of the things you're going to be hearing.
          (Blackboard) Well, let's talk about some of the technology
that's involved, and see if we can't make ourselves more comfortable
with it.
          I referred to the UNIX operating system. UNIX...U-N-I-X.
What is that? Well, computers speak a language. Computers speak
the language that the people that built the computer want them to
speak, or they speak the language that the people that run the
computer want it to speak. Sometimes computers can be set up so that
you can have them speak several different languages. UNIX is just a
language. It is just the language that the computer speaks. It
talks UNIX. Some of you talk about MS/DOS. It's a microsoft disk
operating system. Forget it! It's just the language that the
computer speaks.
          (Blackboard) Now, this is a theft of information. You are
gong to be coming in contact with the concept that when you take
information from a computer, what you really do is you order the
computer to make a duplicate original o what its memory is or what
it contains with respect to that particular item. And when you are
asking the computer to send that information to you, you are doing a
file transfer. I'll get to that later. You are just telling the
computer to send it to you. What the computer sends to you is a
copy. It's an exact copy in every respect of the original
information on the computer.
- 12 -
Cook -- opening statement
          So the value of the property comes from the fact that it
contains information. There is an expression that, "Information is
power". It is only power if it's communicated. That's where the
value of information comes from in our society.
          Certain types of information are protected by companies.
They are reasonably protected by companies, especially when they
become sensitive. The E911 road map and the information about where
all the stops along the way are, that was a sensitive piece of
information. You're going to be hearing about the protections that
BellSouth put on that information, and the efforts that they made to
safeguard it. So when the information is stolen, what is stolen is a
copy of the information. You will be receiving further instructions
>from the judge on all that. So it is the information that is being
          (Blackboard) Now, the next concept--I talked about
protection--file transfers. File transfers. Here's a riddle for you:
                  "Why is a file transfer the same as a high
                  school graduation?"
Here's the answer. When you hear about this, think about a high
school graduation. They call your name from the audience. You come
up to the stirs, probably by the path that the nun ordered you to
take to get to the stage, and you had better not vary from the path.
You follow that route up to the stage, across the stage, and a file
transfer takes place at center stage in the auditorium. You reach
out, you shake hands with the principal, and with the other hand,
after you have shaken hands with the principal, you receive your
- 13 -
Cook -- opening statement
diploma, or you receive your information, you receive your file.
That's really all a file transfer is on a computer. You come up,
you are ordered, someone in a remote location, the principal in this
case, calls your name, you come up to the stage, you are the
computer on one side and he is the computer on the other side. You
shake hands. And in the computer world, all that means is that you
are able to communicate. It's actually called that. It is called a
"handshake relationship" with another computer. There are some other
words, like "protocol" and things like that, but, really, it is just
a handshake relationship with another computer.
          After the handshake is there and the principal recognizes
you to be the problem kid that he's glad to get rid of--he didn't
like you--then he gives you the file. That's the file transfer. It
is no different transferring information from one computer to
          (Blackboard)  Computer network. Well, that is probably a
pretty easy concept to get hold of these days. It is really not much
different than with your televisions, especially if you have cable
television where you have some designated programming and it comes in
to your machine, your television in this case. Of course, the
difference is with cable television as opposed to a computer, with
the computer you are able to have more of an interchange with the TV
and what is going on with the program. So don't be concerned about
the network idea. Keep in mind the idea of a cable coming into your
computer as part of a centralized system. That is really all the
- 14 -
Cook -- opening statement
network is, a series of computers joined together.
          In the case of BellSouth, you are going to see that that is
a very expensive computer network. In order to provide service to
their customers, they hang a lot of computers on that network,
computers that do different things, computers that keep track of
where the people that are using the phones are at, computers that
keep track of what telephone number goes with what address, computers
that keep track of the switches, the computer switches. Now,
that's another concept I'll talk about for a second.
          (Chart) When people think of computer switches, they
are telephone switches. The concept of a lady at the switchboard
always comes to mind with a knob here that goes to a hole up here,
connecting one person to another person. Today, all of that is done
by high-speed computers, high-speed switches. They are electrical.
Because they are electrical, they are referred to as ESS. All this
means is an electronic switch. This is a computer. This computer
has the memory of how to get the numbers that are diales to the
phone that corresponds with those numbers. These computers also have
the information about how to get your call all the way across the
country, which route are we going to take to get there, which
road are we going to take.
          The Enhanced 911 system was built on these computers.
Part of the reason was because of the high speed that is involved.
You can get the emergency call through faster if it goes like thing.
          Now, the switches at various areas: Switch 1, Switch 2.
- 15 -
Cook -- opening statement
This is the first switch we produced, Switch 1. And the second
switch we produced, Switch 2. The fifth switch, Switch 5.
          When they increased the capabilities of those switches, the
way they kept track of which switch they were talking about was to
label the switches: 1 or 1A, 2, 3, 4, 5, a fairly easy way to keep
track of the switch development. But the idea is that all electronic
switches operate essentially the same. So if you have the key to
get into this (indicating), you have the keys to get into them all.
          The evidence will show that the hackers in the BellSouth
Region had the keys to get into them for a period of time.
          Now, another question, a riddle:
               "Why is computer security like a hotel?"
Mr. Garcia is going to be explaining that to you. Actually, it's a
lot like staying in a private hotel.
          In the case of the computers at BellSouth, the computers
that drive the E911 system and support the phone company system
aren't known to the public. They are unpublished numbers. They
have their own network. The network, to be sure, has interlinks
with the private sector and can be reached by field people in the
telephone company, but it is really a closed system. It is designed
to be for protection.
         So the hotel, the computer, is not known to the outside
world. Where the door is is not known to the outside world. When
you walk into the hotel, it's like if you try to walk into a hotel
in downtown Chicago. If you go to the desk and ask them, you know,
- 16 -
Cook -- opening statement
               "I want to have Joe Jones' room".
Well, first of all you say:
              "I want to see Mr. Jones."
                   "Well, we can't tell you if he's here."
               "Well, if you tell me he's here, I want
               to talk to him. I want to speak to him.
               Give me his room number.
                   "Well, we're not going to give you
                   his room number. You are going to
                   have to call him on the house phone
                   and he'll have to verify that you're
                   somebody he knows."
So there are a series of checks that are set up inside the system.
But once you get inside the hotel, you can make contact with Jones.
And you will see, just as in real life, you have a number of people
at one hotel. You will have people going back and forth in the
hotel. And the person that runs the hotel assumes that they're all
there for good valid reasons. He's not going to do anything but
just a cursory check to make sure that everything is still in order.
          It is really the same thing and the same principle is
involved if you are the system administrator on one of these
computers. You are in the position, in the shoes, of the hotel
operator, the guy that runs the hotel or the lady that runs the
hotel. You make sure that the right people show the right
credentials to get in and you exercise and upfront control. You also
exercise control over some of the common spaces. You make sure the
halls are lit. You make sure that things aren't being badly
destroyed to the best of your knowledge, although you don't know always
- 17 -
Cook -- opening statement
what's going on inside each of the rooms. It's very much the same.
So when you hear a person talk about running a system or computer
system security, think to the analogy of being a hotel operator.
We have a man, Mr. Garcia, from BellSouth, who will be testifying
to that and to that analogy, and I think you'll find it most
          (Blackboard) Text file. You will hear a lot about that.
That is probably a new term for you when you walked in: text file.
Just think of it as a book or a pamphlet stored on a computer.
That's it. That's the end of the mystery. A book or a pamphlet
stored on a computer. But because it is stored on a computer, it
can be copied if you can get into the computer. That's what
happened here.
          (Blackboard) BBS. It means bulletin board system.
Sometimes it will have a "C" in front of it. All that means is
computer bulletin board system.
          Now, here's my analogy to that. The computer bulletin
board system is a lot like a private high school where you have to
have permission to get in the front door. And the people that run
the high school have to give you permission to get into their
private location. But once you get into their private high school
and as you walk through, one of the first things that meets you as
you walk into the private high school is a bulletin board with
messages posted on it. And what you will also see along the sides of
it are going to be lockers, student lockers.
- 18 -
Cook -- opening statement
          The principal bulletin board that you are going to be
hearing about during the course of this case is the Jolnet bulletin
board in Lockport, Illinois. The Jolnet bulletin board in Lockport,
Illinois, acted as a central clearing house for the information that
was being sent from Riggs in Atlanta to Neidorf in Missouri.
          To carry the analogy a little further, the evidence is
going to show that Riggs used the bulletin board. He used it under
a false name which he used to disguise his real identity. He use it
under the name of Robert Johnson instead of Robert Riggs. He had
authorization to use the bulletin board section where you post
messages generally, and he also had a storage locker on the bulletin
board, on of those lockers along the wall in a high school, where he
thought he could safely store the text file, the E911 text file that
he had stolen. The evidence is going to be, though, that law
enforcement, Hank Kluepfel, found out about it. Mr. Kluepfel's
efforts to get into and to use Jolnet in that storage area will be
testified by Mr. Kluepfel. But the only thing we need to remember
here at this point is that the information was stored in Lockport,
Illinois. That is where the private high school is located. It was
stored in the locker of a private high school in Lockport.
          But because computer technology is the way it is, Riggs is
able to transfer the file by E-mail or a file transfer down to
Neidorf in the computers at the University of Missouri. Again, this
analogy is not quite the same as the bulletin board, but the
University of Missouri has a capability there at the university to
- 19 -
Cook -- opening statement
allow students to have essentially a locker on their computer system
where Neidorf generated PHRACK Magazine from.
          Just a final note of reassurance. As we go through the
evidence here, we are going to try to have the witnesses explain as
each step progresses what the technology is again. So hang in there
and listen with an open mind, as I know you will anyhow, listen to
the explanations of the technology.
           (Chart) The evidence in this case is going to show that
the text file that was stolen here described in vivid detail each of
the locations along the E911 path to an emergency call. It's going
to show and it did show the central location and the central
significance of two places. When an emergency call is made in the
BellSouth area, BellSouth region--it is really the area
geographically that southerners describe as "Ol' Dixie"--when an
emergency call is made there, it goes to a thing called a PSAP, public
safety access point. The public safety access point is the one that
is in direct communication on secure lines with the fire, police, and
          Under the old 911 system, the old emergency dialing
system, the call would come in, and they would have to trace it back
to the origin in many cases. You have a situation potentially where
someone would call, perhaps a child, and say, "My dad's hurt", and
before the operator could talk to the child, they hang up the phone.
The child, of course, figures, "Well, I called them. I told them y
dad was hurt. They'll e here". So it is, obviously, not that
easy. Under the old 911 system, a complicated tracing procedure had
- 20 -
Cook -- opening statement
to be established. They had to try to find out where the call had
come from, and it's all done in an emergency posture.
          Now comes Enhanced 911. You will hear the lady that is
operating that system, or operated it for the balance of time
involved in this case. You will also hear from the man, Richard
Helms, that brought all the pieces together for the bellSouth
region, and put them in one central location so that all the phone
companies supporting the 911 system, the Enhanced 911 system, would
all be on board and be working with the same game plan, never thinking
that that game plan was going to be over over to hackers.
          The Enhanced 911 gives you this capability within
three to five seconds of the time that the person picks up an
emergency call and that 911 is entered in, sometimes even before the
person at the public safety access point can pick up the phone. The
computers that drive the 911 system have done this: They have gone,
in this case, to the remote location in Sunrise, Florida, where the
back-up systems and the support systems for the control, the
maintenance and the operation of 911 are kept, and it has pulled up
all kinds of information about the person making the call.
          When the person picks up the phone, it's connected wit police,
fire and ambulance. They have a TV monitor in front of them or a
computer monitory, if you will, which has all kinds of information.
It has the name of the caller or the people that the are known to be at the
calling address. It will have location information with respect to
where the closest department is, fire department, police department,
- 21 -
Cook -- opening statement
to that person. It will also contain information in their computer
storage banks about special problems that may exist. If it's a
business, if it's a business involving chemicals, the fact that those
chemicals are explosive will be reflected on that screen. If it is a
private home, if there is a handicapped person there, it will be
reflected on that screen. And it's all done within a matter of three
to five seconds. They have it captured there. That is what
Enhanced 911 is about. That's the system that Robert Riggs stole:
how that all works together, and how the computers at BellSouth
support that kind of capability, consistent with the telephone
company's long history, going back to that first phone call,
"watson, I want you", their tradition of providing emergency services
as the first priority of the phone system.
     You will be hearing from essentially three groups of
witnesses. You will be hearing from people at bellSouth that will
tell you about the steps taken to protect the system. They will tell
you about the way the file was defined. They will also tell you that
at the same time that they were having these problems with 911 in
terms of the los of the file, at the same window, they recognized
that there was a larger problem throughout the network as a result
of hacker intrusions, that there were a series of bellSouth
computers along the network that had been attacked or were under
attack. Some of those computers included the ESS switches. They
recognized that the Enhanced 911 theft was a symptom of a disease.
The disease was the hackers into switches, and they took remedial
- 22 -
Cook -- opening statement
steps. They started out slowly to try to identify it, and then they
rapidly expanded, trying to solve the disease along with the problem
of E911. So you will hear from the BellSouth people.
          You are also going to be hearing from three members of the
Legion of Doom, three hackers. You're going to be hearing from
Robert Riggs, Frank Darden and Adam Grant. They have hacker
handles. These hacker handles sometimes seem to get to be a little
on the colorful side, a little bit like "CB" handles.
          You are going to be hearing the testimony of the hackers.
You're going to be hearing the testimony of Robert Riggs who will
testify that Mr. Neidorf had been after him to give him information
to put into PHRACK, this hacker newsletter. That when Riggs had
broken into the AIMS-X computer in BellSouth, he saw on that AIMX-X
computer at BellSouth the 911 text file. You're going to hear that
he contacted Neidorf in advance, that in that advance conversation or
communication, he advised Neidorf that he had the text file, he was
sending him the text file to put in PHRACK, that he had gotten it
>from an unauthorized account that he had on the BellSouth computer.
Essentially, what he told Neidorf is, "This is a stolen piece of
material you're getting".
          He indicated to Neidorf and Neidorf agreed...first, he
agreed to take the stolen property, and he agreed to disguise the
identity of the stolen property to some degree so that it wouldn't
run off on Riggs. Riggs' name wouldn't appear on the file when it was
published in PHRACK. He would try to disguise some of the
- 23 -
Cook -- opening testimony
indiations that it was stolen from the BellSouth area...Neidorf
would. You will hear evidence that that is exactly what Neidorf did
to some degree or another.
          You will hear evidence bout Neidorf seeing and noting the
proprietary warnings that made it clear that this was stolen
property belonging to BellSouth. He even made a joke of it. He put a
little, "Whoops"next to it when he sent it back to Riggs because he
didn't want BellSouth to know that he was inside their computers.
          You're also going to hear evidence that Riggs was never
satisfied with the final result that Neidorf had because it always
contained too much information even for Riggs. But the E911 system,
the text file and the road map, was published by Neidorf all the
          You are going to be hearing from Agent Foley who will
testify that he talked to Neidorf about this at his fraternity house
at the University of Missouri. Neidorf said he has freedom of
expression. That was his response to Foley: Freedom of expression
to publish it in PHRACK.
     The First Amendment can't be used as a defense to theft.
When you steal something, you can't claim that coming up the back
door, the First Amendment protected you.
     You will be hearing from Agent Foley though that as part
of this discussion with Mr. Neidorf, Mr. Neidorf, in fact, admitted
that he knew the file was stolen, the text file was stolen, and he
published it in PHRACK.
- 24 -
Cook -- opening statement
          He also turns over to Foley a hacker tutorial, a hacker
lesson to other hackers on how to break into the ESS switches. He
turns that over.
          The evidence will also indicate that in addition to that
stolen information was information about a stolen AT&T source code
document. Here he goes again...source code! The source code program
had a Trojan horse in it. It made it clear right on the face
of it that it was a Trojan horse, a way of stealing passwords from a
          I am going to have to pause here for a second to make
sure that I reassure you again on the descriptions and the items
we'll talk about.
          The source code is a type of language. It is kind of a way
human beings write things down as a first step toward communicating
with computers. They write it down in source code, which is
directions. A rough analogy would be if I'm going to give you
directions on how to get to my house. The source code for that kind
of program might be something like:
"Go to the door.
          "Open the door.
          "Go through the door.
          "Go forward to the sidewalk.
          "Go the the sidewalk and stop.
          "Stop at the sidewalk. Turn left.
          "After you turn left, start walking.
- 25 -
Cook -- opening statement
Step by step by step progression along the way. That is kind of what
the source code is about. You will hear, fortunately, a much better
description of this from the witnesses on the stand.
          The source code program that was stolen here that
Mr. Neidorf received, again, basically was clear from the face of the
document that it was stolen. And, again, Mr. Neidorf transferred it
out to somebody else. Again, stolen property was received and
distributed in interstate commerce.
          The nature of this source code was that it would act a lot
like a false front door to a computer, where you walk up to the
false front door of the computer, you knock on the door, and somebody
inside the door or inside the house says, "Who is it?" The person
knocking on the door uses their secret word, or their name or an
identifier, or it's recognized by the person inside the house:
          "My name is Joe Jones."
          "My name is Bill Cook."
          "My name is Colleen Coughlin."
          "My name is Tim Foley."
Except with this door, it was a false door, and what it had the
capability to do is it would record the information. It would
record, "Bill Cook," "Joe Jones," "Colleen Coughlin," "Tim Foley".
Those are the passwords to get into the house that a legitimate user
of the house would use.
          But this Trojan horse, what it would do is it would store
those, and after it had stored all that information, it would
- 26 -
Cook -- opening statement
essentially disappear. And the person trying to get in the house would
all of a sudden get a communication from the other side that would
say, "I didn't hear you. Try it again".
          It would steal those passwords, and it would then put them
in a private place where the hacker would come back whenever he
wanted to, and just pick up the bucketful of passwords and log-ons,
and use them to break into the same computer systems again and
again, kind of an elaborate piced of scientific perversion but that
is what it is about. That was the document that Mr. Neidorf also
trafficked in as part of this fraud scheme.
          The final expert that you will probably hear from on the
government's side is going to be a man from inside the phone
company, a man who was with bell laboratories before he was with the
phone company. His name is Mr. Williamson. Mr. Williamson will talk
to you about the property, the property being the text file, and
the way in which and the reason that the phone company protects
this kind of property, this information.
          He will testify, we anticipate, to the obligations of the
phone company, to the significance of the text file, along with
other people, and the fact that the theft was the theft of critical
information for the operation of that system, and that the
proprietary markings made it clear to anyone who took it that that
was stolen and that they didn't have authorization for that document.
          No matter what other information floating around about 911
that might be out there, this document was proprietary and contained
the inside information about what this system was all about, and how
an emergency call is driven from the point of someone picking up
the receiver to the time when the help is actually generated from
the fire, police and ambulance stations.
          As I've said before, it's that text file that Mr. Neidorf
deliberately compromised into the hacker community. At the
conclusion of this case, we are going to be coming back here and
asing you to find a guilty verdict against Mr. Neidorf for the
interstate transportation of that stolen text file both from the time
he got it from Riggs, and it was sent from Rigs in Georgia to the
bulletin-board in Lockport down to Neidorf at the University of
Missouri, that's one interstate transportation of stolen property,
and the interstate transportation of stolen property, that same
stolen information back from Neidorf to Riggs in Lockport. In this
situation, it was reviewing the stolen property to make sure that
they could disguise themselves. And then the final interstate
transportation of that stolen property when Mr. Neidorf compromised
the text file into the hacker community.
          I appreciate your attention. That concludees my remarks.
I ask you to pay as much attention to Mr. Zenner as he makes his
remarks to you this morning.
          Thank you.
     THE COURT: Thank you, Mr. Cook. Mr. Zenner, are you prepared
to make your opening statement?
                  <End of Cook -- Opening Comments>

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH