Report of Detective P. Lazenby.  


On 11/01/93, writer assisted Sr. Deputy Lilley in the preparation of a
search warrant in regards to Randal Schwartz who had been illegally
bypassing computer systems and using a password cracking program to
obtain passwords to a computer system within Intel.

On 11/01/93, writer and other members of the Special Investigations
Unit served a search warrant at 12290 SW Butner Road, the residence of
Randal Schwartz.  Detective Lilley execute the warrant and advised both
the Schwartz brothers of their Miranda rights.  Writer made contact
with Randal Schwartz in the back bedroom where Detective Lilley was
interviewing him.  Writer introduce myself to Randal Schwartz and we
talked about the incident  Randal admitted to writer that he had been
using the crack program to get passwords and had obtained what he
thought was ten to twelve passwords.  He advised that they were on the
"SNOOPY" program at Intel in a subdirectory "PLAY" under "STUFF.TAR".
Writer then asked Randal if he felt he was doing anything wrong.
Randal told writer that he was in fact violating Intel policy and he
also thought that he could be criminally prosecuted for these
incidents.  I advised Randal that this was still under investigation
but under Oregon law, it could possibly be a misdemeanor or felony and
that if had used the phone lines to transfer any of the information out
of state, there could be federal crimes.  I asked Randal if he
understood this and he said that he did.  I asked Randal if he was
still willing to cooperate with us and he said that he was.

I asked Randall when he first got caught doing this and how he had done
it.  Randal advised that he first had the "GATE" program on the "MINK"
computer a while back and he was caught and confronted by supervisors.
Randal said he stopped using "MINK" and that he switched over "GATE" to
"HERMES" and was doing that but "HERMES" was too slow so he went back
to "MINK" again.  He was caught again on "MINK" so he switched "GATE"
over to "BRILLIG".

Randal advised that he was using "MERLIN" as his login on those
systems.  I asked Randal why he was using the "CRACK" program to obtain
passwords and asked if he realized that these passwords would access
the SSD system.  Randal advised that he did realize this and that he
was obtaining the passwords because he wanted to get his E-mail
quicker.  I asked Randal if he ever logged in on SSD using any of the
passwords.  Randal said first that he only logged in and logged out one
time and later, changed it to two or three times.  I asked Randal if he
ever copied anything or looked at anything and he said that he did

I passed this information on to Intel personnel and they checked the
machine under "STUFF.TAR" and found that there were at least forty to
fifty passwords that had been compromised and obtained by Randal.  I
went back and confronted Randal with this because he had told me that
there were only ten to twelve.  Randal then said, "I don't remember how
many exactly because I was just sticking them under the "STUFF.TAR" and
not really using them."

I asked Randal why he would need forty to fifty passwords and he said,
"I needed them in case they caught me doing it and knew they would shut
me down so the more passwords I had, the longer I could continue doing
what I wanted to do."  Randal advised that he had the capability to do
it and he knew he could do it.  I asked Randal if this was wrong and in
violation of Intel policy and Randal said, "Yes it is, but I knew I
could do it anyway."  Randal said that he wanted to do it because he
wanted to be efficient in getting his E-mail very fast and he felt was
important and when they shut him down, he wanted to continue doing what
he was doing and since he had the capability to do it and knew he could
do it, he did it without permission.

Randal then told me that about one or two years ago, he was a SYS
administrator at Intel with SSD and that he would run the "CRACK"
program back then.  Randal advised that this was a tool used to keep
passwords honest.  Randal said that if you can break it with "CRACK",
bad guys can too.  I then told Randal that if he knew this, and it was
a security measure back then, why was he doing it without authorization
now.  Randal advised that he knew it was totally wrong and would get in
trouble if caught doing it.  I then asked Randal if he remembered using
"CRACK" to enter any other systems to obtain passwords.  Randal advised
that he used "CRACK" on the "ORILEY" system which is his publishers
back east and he obtained a password from them.  I asked Randal how he
did this and he said he put "ORILEY" on "SNOOPY", used "CRACK" on it
and obtained the password.  He said he did it just because he was
curious to see if "ORILEY" had any security.  Randal advised that he
only got one password.  I asked him if he ever used that password to go
into the "ORILEY" system and he said no.  I asked Randal if he used it
anywhere else and he said that he used it on "TECHBOOK".  Randal
advised that this is a bulletin board type system and that he used
"CRACK" on that system to obtain their passwords.  Randal advised that
he did get a password and that he wrote to James D. at "TECHBOOK" and
advised him that he had done this as a way of making him aware of his
weak security.

I asked Randal if he remembered any of the passwords that he used to
log into SSD and Randal advised me that he remembers using the RonB
password to log into SSD and then to get out.  Randal advised that he
never looked at anything, just went in and right out.  Randal also
advised writer that at one time, he let Ed Bunch, a SYS administrator
at Intel know he had obtained SSD passwords.  Randal was very vague
about how this had occurred and when asked what Mr. Bunch's reply was,
he advised, "No response, I don't think he really heard me".

Detect Lilley interviewed Randal Schwartz more extensively.  Refer to
his report for more details.