The computer whiz kid accused of hacking eBay and five other Internet firms
said Friday that the Federal Bureau of Investigation has the wrong man.
“I’m pretty confident they don’t have much of a case. They just want to look
good and find someone who’s the perfect scapegoat,” Jerome Heckenkamp said
in an interview with InternetNews
Radio Friday.
A computer security expert who graduated from college at the age of 18,
Heckenkamp was charged this week with 16 counts of various computer crimes.
Besides eBay, his alleged victims include Qualcomm, Lycos, Exodus and
E-Trade. He faces a maximum sentence of 85 years in prison and fines up to
$4 million, although it’s highly unlikely he’d receive those penalties even
if convicted.
Heckenkamp appeared before a judge in Albuquerque, New Mexico on Thursday
and has been ordered to show up for court hearings in two weeks in
California, which is where some of his alleged victims are headquartered.
Heckenkamp, who has been working as a network security expert for Los Alamos National Labs since
June, was released from jail without bond on the condition that he show up
for his future court dates, find a new job, and stay away from computers.
Although he admits to being a white-hat hacker and publishing information
about software vulnerabilities using the hacker nickname “Sk8,” Heckenkamp
denied that he is MagicFX, the hacker who took credit
for the Ebay defacement which occurred in March of 1999. He similarly denied
any responsibility for the other crimes, which include computer intrusions,
intercepting electronic communications, and witness tampering over a period
of several months in 1999.
FALSE TRAIL OF EVIDENCE
According to Heckenkamp, the FBI followed a false trail of electronic
evidence that pointed to the dorm-room computer he used in 1999 as a
graduate student in computer science at the University of Wisconsin.
The machine, connected to the school’s high-speed network, was running a
default install of Red Hat Linux, which Heckenkamp says way likely
vulnerable to a number of security exploits. He claims he didn’t give much
thought to the machine’s security because his primary computer was in his
graduate school office.
“I didn’t worry about people breaking in. I’d been at the university for
years and never had any problems,” said Heckenkamp, who claims that before
the FBI confiscated the computer last year, he discovered the system’s log
files showed intrusions from numerous unauthorized outsiders — a fact he
says the FBI has ignored.
“When they tried to scare me into confessing, their proof was pathetic. It
did not point to me at all. I told them, ‘go back and trace these back to
where they came from. My computer is not the originating point,'” said
Heckenkamp, who believes his machine may have been targeted randomly by an
attacker who scanned the university’s network. Alternately, he speculates he
might have been targeted by someone who wanted to show him up because he has
posted information about security vulnerabilities on the popular Bugtraq security
mailing list, using the hacker handle “SK8.”
Jim Gast, a 50-year-old former Novell storage architect who’s currently a
Ph.D student in Wisconsin’s computer science program, says he worked with
Heckenkamp on several course projects last year, including a lecture Heckenkamp
gave on internet security. According to Gast, Heckenkamp was “a bright kid,
if a bit of a classic geek.” While Gast says he has no reason to believe
Heckenkamp would be involved in computer crimes, he finds it a bit
incredible that a machine
operated by Heckenkamp could be turned into a
launch pad for attacks by others.
“This is a student who it’s likely was capable of setting up gateways. So
it’s likely he would know not only how to create one but how to protect
against one,” Gast said. “It’s unlikely that someone with his skills would be duped into
becoming a gateway unknowingly.”
Also incriminating Heckenkamp are compressed files containing several
hacking programs and information about victim computers, files which the
FBI said it had found on his machine. But Heckenkamp maintains that because
his machine had been compromised by outsiders, someone else could have
uploaded those files to his computer. In any case, he says any forensic data
is marred by an intrusion from University of Wisconsin officials, who
admitted to him in a letter than they had accessed his computer from over
the network.
“They can’t do that. It’s totally illegal. I’m being accused of unauthorized
access, but the school admitted to doing that to my machine. There are also
other logins from other places, but the bottom line is, if someone’s in my
machine, they can put whatever files they want there,” he said.
Heckenkamp has yet to obtain legal representation, in part because he’s
short on cash, especially now that he’s been laid off by Los Alamos National
Labs as a result of the hacking charges. But Heckenkamp says his co-workers
have been supportive, and he’s optimistic he will be vindicated.
“I was pretty burned out the past few days because the FBI .. kept trying to
get me to confess to something I didn’t do. But yesterday [after the court
hearing] I was flooded with calls and visits from people at work, and I’m
feeling a bit better now.”