John Draper Interview with Adrian Lamo at Next HOPE Conference, Pt 1 of 4, 7-18-2010 (TRANSCRIPT AND VIDEO)
John Draper, Captain Crunch, interviewed Adrian Lamo at the Next HOPE Conference on July 18, 2010. Draper writes about Lamo’s presence at Next HOPE here. Transcribed by nedits & sagesse.
Draper (JD): This is agent crunch and here at the beyond hope conference in newyorkcity I’m here talking to Adrian Lamo. And as we all know Adrian has been involved in a little…
Adrian Lamo (AL): Kerfuffle.
JD: Kerfuffle I guess is a good way of putting it — good enough name to call it. And let’s hear what Adrian has to say about the whole thing. So you got to talk to Mr Manning. You were talking to him on the chat. Is there anything like –did you talk to him before that or did it all start from that chat conversation?
JD: Talking about this releasing of the … collateral damage video that was out.
AL: Mr Manning had attempted to send me some emails prior to our internetted conversations but I wasn’t able to read them since he encrypted them to an old PGP key of mine.
JD: OK. And so then you people had a conversation which I understand some of it has been reported in WIRED website. Some of the conversation you had with him — pertained to what he was saying in regards to some of the material that he had where he was working at in the military.
AL: That’s materially accurate, yes.
JD: Yeah, ok. So when exactly was the material — other than the video which is called ‘Collateral Damage’ which had been shown on CNN and other news agencies…
AL: I believe it is colloquially called ‘Collateral Murder.’
JD: Oh, ‘Collateral Murder.’
AL: And, I believe it’s important to say if had just been that video I probably would not have come forward to anyone about it.
JD: He actually volunteered the information to you, right?
AL: It would have been difficult for me to have acquired it any other way. It’s not like I can waterboard him.
JD: True, true. And so you carry on this conversation over several weeks, a month, how long had you been communicating with each other?
AL: Five days.
JD: Five days, only that small amount of time. And then after….
AL: He’s a man that gives easy trust
JD: Apparently. How old you say he was, Nineteen?
JD: Twenty-two. And what inspired you to contact the government after he was doing, y’know after he was telling you all that stuff? Just kind of a patriotic…
AL: IInspired is perhaps uh too strong a word. I felt more impelled …
JD: Compelled? That’s fine…
AL: Based on the fact he had leaked a substantial amount of diplomatic material that I felt could place lives in danger
AL: And I — this is something that’s been kinda shot at by some entities in the press and some bloggers so long … F’r instance in an op-ed piece indicated that they felt that that was a classic neo-conservative defense but I don’t think that anyone who was not in receipt of material that I was in receipt of and who was not looking at it through that lens could really say with any degree of certainty whether or not it was in fact prejuducial to the lives and well-being of the Americans abroad. And y’know…
JD: I’m coming from a military background myself y’know I was exposed to classified information as well. And one thing the military does make very clear to you , y’know is you’re not supposed to divulge that information. And what you did can be determined to be right or wrong it just depends on the person’s attitude. How long have you been involved in the press? I mean, you’ve recently — you were busted a while back, a couple years back with the New York Times thing hacking into their website or whatever and I think most of your hacking was just done on a web browser. Is that correct?
AL: That is correct. In fact the overwhelming majority. And the case in question that you were asking in reference to the New York Times was in 2002 and was prosecuted in 2003 and 2004.
JD: OK. And what was your final sentence on that?
AL: I was sentenced to six months of house arrest, several years of probation —
JD: Excluding work with computers, of course?
AL: No actually,
JD: You could use a computer?
AL: Based on the fact that I was working in journalism at the time it raised substantial first amendment issues that the government wasn’t really willing to confront at the time. So I was able to use computers for school and work.
JD: How did you get to know Kevin Poulsen? Did you already know that he worked for Security Focus as a journalist among other papers and other stuff that he’s published. How’d you get to know him?
AL: Mr Poulsen originally contacted me when in 1999 or 2000 or so….
JD: So that was before the first bust with the New York Times wasn’t it?
AL: Well before.
AL: He contacted me when I found a vulnerability … Not a vulnerability but a quirk in the way a Who Is utility worked. Who Is being a utility for looking up the … that allowed me to change the way that the output of Who Is worked. So instead of providing the domain name record for Microsoft dot. Com., when somebody typed Who Is Microsoft dot com, instead it repeated two lines: Microsftodotcom and microsoftodotcomdotisdotrundotbydotilluminatidotterroristsdotnet.
JD: Yeah, I heard about that hack awhile back when there was more insidious ones. I’ve actually seen a hacker go in and actually go in for a very very short period just like for several minutes make microsoft look like some other website and then switch it back. But yeah, that’s a common one. That’s defiitely a common hack.
AL: However, this was the first time that it was done. It, it actually ended up changing the way Who Is worked on most Unix systems as well as most …
JD: Was that the DNS name or came in later?
AL: Uh, It used uh registered DNS servers. And basically the reason this worked it didn’t use the DNS system itself. But, at the time Who Is would return any object that was registered with the domain name Shared Registration System. So if a domain matched the uh query, it would return the domain. And if a name server which also at the time had to be registered uh matched to the query, yhen it would return that as well. And if there was there was more than one match then it would return them both with the expectation that the user would select which one they wanted.
And since I owned the domain Terrorists dot net at the time, I was able to create a registered domain name server that would match that query and would thus be returned when somebody typed Who Is Microsoft dot com.
AL: So, it, it I didn’t actually gain access …
JD: You didn’t actually (inaudible Lop that A record?) did you ?
AL: No, uh …