> Weiner said he was particularly troubled by reports that investigators
> tracked the Melissa suspect with help from both America Online and a unique
> identifying number attached to Microsoft software.
My understanding is that they found the guy by going to Dejanews, finding the
earliest copy of it they could in an alt.sex message posted from a phished
AOL account, then going to AOL to get the session info including CLID or ANI,
then looking up the guy from his phone number. The Windows ID number was a
red herring, it traced back to some other guy who wrote a Word file that the
perp edited the virus into.
To me, this sounds like the way that a legal investigation of a computer
crime should work, with the cops getting the subpoenas they need to retrieve
the minimum information to solve the case. They didn't attempt to get all
records about everyone who called into AOL that week, nor did they attempt to
confiscate Deja News servers.
I also note that other than pointing out that social engineering remains the
most reliable way to crack a code, this ended up with practically no
connection to crypto at all. It also makes you wonder what the guy was doing
using stolen AOL passwords if he didn't have malicious intent.
Regards,
John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
Finger for PGP key, f'print = 3A 5B D0 3F D9 A0 6A A4 2D AC 1E 9E A6 36 A3 47
