Voices from the Net ------------------- Compiled by Adam L. Penenberg Mention Kevin Mitnick and you're likely to get an earful. Some see him as the victim of a government-led conspiracy to intimidate hackers. Others believe he should be strung up by his digital thumbs. Here is a cross-sampling of opinions from computer security experts. "The entire Kevin Mitnick saga is possibly the most misunderstood legal situation of the 1990s. At every turn, the government denied Kevin basic rights. Prosecutors withheld evidence until the day of his plea, and a government agent, Tsutomu Shimomura, took on a personal agenda of revenge for profit, illegally collecting "evidence" against Mitnick. More importantly, Shimomura engaged in suspect situations that question the real events surrounding the Christmas '94 hack that started this whole thing. And let's not fail to mention the unethical dealings of New York Times reporter John Markoff, who cowrote Takedown with Shimomura. Events like these and the injustice perpetrated against Kevin are blatant warnings of ill doings by the government designed to protect us. -Brian Martin, computer security consultant hired by Mitnick's defense attorney to go through the electronic evidence As the Mitnick case clearly illustrates, hackers are criminals and should be regarded as antisocial miscreants. Unfortunately, Hollywood and the media have romanticized hackers, and many hackers believe themselves to be modern day Robin Hoods. The truth is Mitnick caused millions of dollars in damage to the companies whose computer systems he compromised and caused significant damage just by being there. He also created many wannabe hackers. Organizations spend billions reacting to problems caused by this whole cultural revolution. Even with a trivial breach an organization must work hard to see what problems, losses and potential lasting effects resulted from the hack. Corporations need to be proactive in protecting their assets and confidential information and in managing their risk. Not only is it a bad idea to hire hackers, security countermeasures need to consistently be updated and tested to be sure they are ready for emerging threats. Hackers cannot be trusted. Mitnick proved this when he was given a chance at freedom via a supervised release, but was given another 14 months when he broke the terms of his supervision. -Peter Trippet, president and CEO of ICSA, a computer security company I think there are a couple of lessons to be learned from the Kevin Mitnick case. First off, innocent until proven guilty is a concept lost on the current legal system. Four years of incarceration without the benefit of a bail/bond hearing is inexcusable. Truth in reporting? Not John Markoff's New York Times articles, which were filled with inaccuracies and cause Kevin to live in infamy. Most of the mainstream press continues to take Markoff's word as gospel and abuse these same inaccuracies in high-profile articles about Kevin. To this day not one reporter has ever printed a retraction. As a result of this, it was impossible for Kevin ever to receive a fair shot at defending himself. -Dale Coddington, a computer security consultant hired by Mitnick's defense attorney to go through the electronic evidence Mitnick pleaded. He's as guilty as sin. Everyone knew it. Him and OJ belong behind bars as far as I'm concerned. You play with fire and you get burned. He just wasn't good enough. -RSnake, webmaster of WebFringe and founder of EHAP Corp. Although Mitnick's crime is interesting, his case is perhaps most useful as a spotlight on our nation's criminal justice system. His high-profile case has shown that people charged with nonviolent crimes, whether held for hacking or phreaking or, more commonly, drug possession are being forced to stay in prison for months or years prior to their trial. It's a shame that Mitnick is known as a hacker rather than as a political prisoner. -Waldo L. Jaquith, bigwig, WAM!design There are two important facets to the Kevin Mitnick case. The first is how he was captured, and how this was later reported. I don't think the real truth will ever be told in this regard. Tsutomu Shimomura was involved, but how and why? Was he a government agent or not? Was Kevin's civil and constitutional right violated? Why are The Well and Novell now not saying anything in regards to the recent plea agreement? Since this will never come to trial it is doubtful we will ever know. The other important issue that people should be aware of and familiarize themselves with is how the U.S. Government can manipulate the "justice" system. By overwhelming Kevin with numerous legal obstacles and an army of lawyers, they were able to wear down his resolve and drain his bank account leaving him no choice but to sign the plea agreement. -Space Rogue, editor of Hacker News Network and a member of L0pht Heavy Industries, a hacking think-tank In light of the recent plea bargain announcement in the Kevin Mitnick case, one must pause and reflect on what contribution, if any, this event has made. One of the key issues is the revelation that the world, and in this case the U.S., has little, if any understanding on how to prepare, prosecute and punish crimes like those for which Mr. Mitnick is being held accountable. From the very onset, this should have gone directly to trial to allow the court systems to establish a precedent and some history. Instead, the event has been, in most cases, erroneously represented in the media and subjectively glorified by people who are too distant from the truth to comment accurately. Had this not been the case, and had action been taken immediately, Mr. Mitnick would now be either incarcerated or free--not both. -Mark Fabro, worldwide director of assessment services, Secure Computing Corporation.