When a Journalist and a Prosecutor Lie to the Public

When a Journalist and a Prosecutor Lie to the Public

These series of e-mail's were sent to me from a concerned reader
who ran across this news article while browsing through Hack Canada.

"After reading the statements made by Keith Gerein and Steve Bilodeau,
I can't help but feel a deeper sense of dislike towards the media, especially
the ones controlled by CanWest Global Communications who amount to
virtually all the major media outlets in Canada. I felt I needed to express
my feelings on this and so I passed it on to Nettwerked and Hack Canada.
This goes to show that people shouldn't believe anything they read in the
newspaper. Infact I recommend you try and get news from various sources,
and of course alternative media. Don't forget to do your homework because
you never know when you'll be flat out lied to. The crap that was published
on Friday by the Edmonton Journal was a joke, and a complete farce" said
'Anonymous Hero', who requested we keep their real name private.

Here are the e-mail messages sent between Anonymous Hero and
Keith Gerein. You decide what is truth and what is made up bullshit.

Date: Sat, 1 Mar 2003 14:55:24 -0500 (EST)
From: anonymous@domain.com
To: kgerein@thejournal.canwest.com
Subject: "Wreaking havoc on the Net will bring down wrath of the law"

 Keith Gerein,

I don't know where to start. I've never read a technology article filled
with such mis-information in my life. This e-mail isn't meant to offend,
but when you write articles on subjects such as computer crimes, you should
probably consider doing research and communicating with people who have
real knowledge on these technical subjects.

"Computer and Internet crime is a growing global problem, he said, noting
that the proceeds from Internet fraud around the world in 2001 amounted to
more than $1 billion Cdn. Since then, it has likely gone up."

- On the contrary, according to Fraud.org:

'The amount of money consumers are losing to Internet fraud is increasing.
 Losses overall are $6,152,070, up from $3,387,530 in 2000.'

'The average loss per person rose from $427 in 2000 to $518 in 2001.'

(Proof: http://www.fraud.org/internet/2001stats.htm)

--

"Bilodeau said his interest in high-tech crime was piqued when he heard
about a case in the United States. A teen in Massachusetts who wanted free
long distance calls decided to tap into the phone switch box at the end of
his block. In the process, he knocked out power to an entire grid, including
the system that controlled the runway lights at the local airport."

- Again no references to this ever even happening. If someone claimed this
happened, it was an outright lie. The teen in Massachusetts who was trying
to get free telephone calls was likely doing what the hacker (more
specifically the 'phreaking') community calls "Beige Boxing". Where they
take a regular telephone handset, strip the wires and attach alligator
clips to the red and green wires. By hooking this device to a telecom TNI
box, it is possible to use the phone services of a resident or business
for toll-fraud purposes.

If you talk to a switchman with Telus, they'll tell you that taking out
power to the grid through the beige-boxing method is completely impossible.

For one, power grid's are not even connected to the phone switches, and
neither are systems that control runway lights at local airports. These
systems are completely separate and are not even controlled by telecomm-
unications switching equipment such as DMS-100's, GTD 3/5's, EAX's that 
Telus, and the companies in the states such as Verizon Bell, Qwest, and 
Sprint use.

Incumbent Local Exchange Carriers and Competitive Local Exchange Carriers
around the world have never had such systems in place where a phone
switch is connected to critical infrastructure such as airports and power
grids. Even in areas of the world where countries still use old Crossbar
and Step-By-Step switching, beige boxing a TNI Box will give the same
results; free telephone calls, nothing more.

--

"Bilodeau, 37, said he's been involved with computer technology since
grade school but has had little formal training. He's done some work for
Microsoft and has written technology articles for The Journal, mostly
video game reviews. As a prosecutor he's spent the last 11 years working
in Edmonton, including two years at the Court of Appeal."

- Somebody with so little formal security training and experience now has
the ability to prosecute people for cyber-crimes - this really doesn't fit
well in my stomach. Perhaps what Mr.Bilodeau should do is visit SANS.org
and register for a formal information security course, or two, or three
before taking on the task as an Internet Crime Czar.

Because if all Steve Bilodeau has for is experience is writing some video
game reviews for the Edmonton Journal, non-cyber crime related court work,
and unknown work with Microsoft, then what he has on his nicely shined
resume isn't what I feel qualifies him to take on the tasks of finding
criminals on the Internet. By coordinating with law-enforcement, security
experts, and good intentioned hackers, tracking down online criminal
activity on the 'net can be done with efficiency and integrity.

Regards,

Anonymous Hero

From: "Gerein, Keith (Edm Journal)" 
To: anonymous@domain.com>
Subject: RE: "Wreaking havoc on the Net will bring down wrath of the law"
Date: Mon, 3 Mar 2003 10:56:04 -0700
X-Mailer: Internet Mail Service (5.5.2653.19)

Anonymous, thanks for your note.
My article was intended to be a profile of the new prosecutor and not
technical expose on the world of computer crime. That's probably a
worthwhile subject for an article, but it wasn't what I set out to do.

As for Mr. Bilodeau's qualifications, I can't really comment. Alberta
Justice felt strongly enough to hire him.  I don't think he ever claimed to
be a technical guru. His job title is prosecutor, meaning his primary area
of expertise is the law surrounding computer crimes.

As for the statistic quoted in the story, I got that from Mr. Bilodeau.
There are likely several reputable organizations that have tried to measure
the gross value of Internet fraud. I'm not sure why you think fraud.org's
numbers are better than anyone else's. Perhaps I'll look into this a little
further.

Anyway, if you truly believe the figure quoted in the story is wrong, and if
you believe the tale about the Massachusetts kid is false, then I suggest
you also take these things up with Mr. Bilodeau. He works in the Special
Prosecutions Branch for Alberta Justice. Hopefully you can track him down
that way.

Date: Mon, 3 Mar 2003 22:19:47 -0500 (EST)
From: anonymous@domain.com
To: kgerein@thejournal.canwest.com
Subject: RE: "Wreaking havoc on the Net will bring down wrath of the law"

I don't think it matters whether your intention was to profile a new
prosecutor or not, because any real journalist would certainly try and
do some research into a subject that they know nothing about.

I suppose I should of remembered that mass media is a money and deadline
driven industry where facts are irrelevant. Sensationalizing is what really
sells newspapers, right Keith? Geez, this is worse than the garbage that
the Edmonton Sun's Shane Holladay publishes. How embarrassing.

By taking Steve Bilodeau's statements as 100% fact, you've shown that
you're nothing more than a broadcaster who lacks any real journalistic
integrity. If you were a real journalist you would have done your homework
and actually discovered that many (if not all) of Mr.Bilodeu's statements
are inaccurate.

If you don't think that the numbers fraud.org indicated were accurate,
then perhaps this whitepaper by the National White Collar Crime Centre
and the Federal Bureau of Investigation will be more to your liking:

http://www1.ifccfbi.gov/strategy/IFCC_2001_AnnualReport.pdf

You see with a little bit of research on a popular search engine such as
Google, you'll see that even though the numbers on Internet fraud are
often times different, they do not even come close to the one billion
dollars that Steve claimed. Talk about blowing numbers out of proportion!

And of course the TALE of the Massachusetts kid is false. I plan on
contacting Steve Bilodeau personally to discuss where he got this
so-called information, or if he did like a lot of people in his (and your)
profession and simply made that all up. If you wish to contact Telus's
Network Operations Centre directly, you're welcome to do that to verify
if using a handset on a TNI box may cause the power to an entire grid
to be knocked out including systems that control the runway lights
at airports. Hit the 'ol 0 button on your touch tone phone.

Don't worry, it won't cause you to launch a nuke against Iraq. ;-)

Anonymous Hero