Dan,
On 7/13/09, you accused David and me of libel and threatened legal action if
we did not remove specific verbiage from the email thread "Dan Tentler's
script kiddie antics last night" beginning 12/27/08.
In response to your email, David and I would like to confirm the following
set of events and remind you of what went on on the evening of 12/27/08 at
It's a Grind coffee shop in Murrieta, CA.
On 12/27/08,
--you attended a SoCal Linux user group ("LUG") meeting at It's a Grind
Coffee in Murrieta, CA.
--you interfered with the regular and expected usage of the wireless router
provided by It's A Grind Coffee with full knowledge that LUG members (and
other It's A Grind patrons who were not LUG members) were connected to and
using the wireless router.
--you issued false ARP update statements, for the purpose of spoofing all
users of the router to use your Macbook as the router, and you did not
disclose to the users of the wireless network that you were doing this
spoofing
--since your Macbook was the proverbial "man in the middle" of all
communications at that point, you used a program, such as ettercap plus
additional tools, to capture TCP packets which were passing through the
spoofed network, and you did not disclose to the users of the wireless
network that you were capturing their information contained in the TCP
packets.
--you ran a program, such as ettercap plus additional tools which were
designed to intercept connections on the spoofed network and interfered with
the operation of secure socket layer (SSL) communications by issuing fake
SSL certificates to the requester, and you did not inform the users of the
wireless network that you were issuing fake SSL certificates to them.
--you used these software programs and tools to issue a LUG member a fake
SSL certificate for talk.google.com, and you did not inform this LUG member
that you were responsible for issuing a false SSL certificate for
talk.google.com.
--by impersonating the secure site 'talk.google.com' (by issuing a false SSL
certificate for talk.google.com), you obtained and stored information,
including a password from a person whose system was signing on to
talk.google.com, and you did not immediately disclose to this person that
you had intercepted his personal information
--you ran a program, Nessus, which is designed to find exploitable openings
in a remote system, and targeted this Nessus program against customers in
It's A Grind coffee shop, including LUG members, and you did not inform
anyone that you were running Nessus scans against their laptops.
--From 12/28/08 until 7/13/09 (the date you emailed David Kaiser and me and
threatened legal action), you did not publicly address the LUG's collective
concerns about capturing members' (and possibly nonmembers') private and
personal information.
Please be advised that...
--we discuss many issues publicly on the Socallinux.org listserv. This is
typical for a LUG to do, as one of the purposes of a LUG is to provide
educational value for its members, and to communicate with openness and
transparency.
--listserv discussions may be searchable via search engines, such as Google,
as we do not block search engines with robots.txt
--discussions regarding security are often done online. LUG members use the
listserv to exchange information and learn about all issues regarding their
computers, including discussions in areas of security.
--SoCal Linux has freely discussed the events which happened when you
visited It's A Grind Coffee on the night of 12/27/08.
--SoCal Linux has freely discussed the ethics of your actions on the night
of 12/27/08.
--SoCal Linux members, in general, have not considered your actions on the
night of 12/27/08 a joke.
Once again, we invite you to respond publicly to what several of us consider
(at best) rude and (at worst) illegal. You are, in your words, a security
expert, and as a security expert, we fully expect openness and transparency
when dealing with our group (something many of us do not feel that you did
on the evening of 12/27/08).
You claim that we have committed libel, yet you have failed to demonstrate
the untruthfulness of our claims or explain how you are justified to seize
someone else's password without their permission and not expect us to talk
about it openly. Talking openly about this, we believe, helps others in our
group understand the mechanics of your MITM attack (as what you did was not
for the edification of the group), as well as the legal and ethical
implications of performing this procedure without the express permission of
your target.
Regards,
Roger and David
On Mon, Jul 13, 2009 at 12:54 PM, Dan Tentler <[email protected]> wrote:
> Hi David, Roger,
>
> It's been 3 days and I haven't heard from you at all.
>
> I wanted to inform you that portions of whats posted on
> socallinux.orglegally qualify as libel:
>
> Rogers comments:
>
> (a) Not formally and publicly disclosing that he was using Backtrack to
> sniff other members' traffic.
> (b) Not immediately getting rid of another member's gmail password once
> he handed out a fake certificate and sniffed it with Ethereal.
> (c) Doing what he was doing secretly, rather than for the edification of
> the group
>
>
>
> And your comments:
>
> When Dan set out to steal people's passwords...
>
>
> Both of these blocks of text contain statements made by yourself and Roger
> which are both untrue, and at best are speculation.
> This libel has come up in my day-to-day business. It has already cost me
> one client.
>
> As such I am giving you one week from today to remove the libel from your
> site.
>
> If after one week I am still able to access these threads publically I'll
> be coming back with with an attourney and taking this as far as the law will
> let me.
>
> If this matter is not resolved by 7/20, my next communication will be to
> the both of you, via registered mail.
>
> -Dan Tentler
> CEO, AtenLabs
>
>
