Report of Detective J. Lilley NARRATIVE: On 11/01/93 at 11:40 a.m., I met with the above mentioned Intel employees at the Intel building where I was advised of their discovery that one of their contract employees, Randal Schwartz, had been illegally bypassing access gates to systems and illegally utilizing password cracking programs to crack passwords to computer systems. (Refer to attached report by Mark Morrissey for details). On 11/01/93 at 6:35 p.m., myself and the above named individuals served a search warrant at 12290 SW Butner Road at the residence of Randal Schwartz. At the time of service, I read the search warrant in it's entirety to Mr. Schwartz and his brother, immediately followed by reading them their Miranda rights to which they both acknowledged understanding. While the other Washington County Officers conducted the search warrant, I conducted an interview with Randal Schwartz regarding his activities at Intel and I was variously assisted in the technical aspects of the interview by Mr. Cower, Mr. Stites, and Mr. Pierce. Initially, Mr. Schwartz admitted to me that he had in fact bypassed access gates to Intel systems, explaining that the did this in order to be able to receive "E-mail" messages at his work station in Intel. While Mr. Schwartz admitted that he knew what he was doing was both against department policy and, to use his words, "technically illegal", he stated that his only intent was to make it more convenient for him to correspond through computer mail at his work station rather than having to wait until he got back home. I then asked him about his use of the password cracking program "CRACK" to break passwords that would allow him to access files in Intel computer systems referred to as "BRILLIG" and Intel Supercomputer's Systems Division (SSD). Mr. Schwartz freely admitted to me that he had in fact employed the "CRACK" program to access passwords for both "BRILLIG" and SSD but told me that his only reason for doing so was to test both security systems that should have prevented anyone from using the crack type program to access passwords. I then began to go into these matters with Mr. Schwartz. As a result of questions by me, along with information volunteered to me by Mr. Schwartz, I learned the following from Mr. Schwartz. Schwartz stated that he had been accessing Intel's "MINK" system by a method known as "backdooring" until about April of 1993. Again, he stated that this was in order to enable him to receive electronic mail at his work station at Intel but at this point, Schwartz admitted to me that while conducting this backdooring, he knew it was against Intel policy and could possibly be considered a criminal act. Mr. Schwartz admitted to me that he was confronted by Mark Morrissey and an Intel employee by the name of Dirk Brandewie and advised that what he was doing was not permitted and that he was to reinstall the appropriate gates to the "MINK" system to prevent outside access, Mr. Schwartz told me that he in fact did do that and that for a while, he attempted to use another system known as "HERMES" but found that the Hermes system was too slow for his needs and so he then wrote a new program, different from the first, that enabled him to re-access "MINK" in order to receive electronic mail. Mr. Schwartz admitted to me that he was confronted again by Mr. Morrissey and Mr. Brandewie (about July of 1993) at which time, he was once again told that this activity was not permitted and that he was to cease doing it. Mr. Schwartz then went into some detail as to his activities regarding access the "BRILLIG" system and the SSD system and the using of the Intel "SNOOPY" system to speed up the accessing "CRACK" program to obtain passwords to allow him access to the systems. At this point, Mr. Schwartz readily acknowledged that not only was this activity against Intel policy but there was no doubt in his mind that he could also be found criminally liable for this activity. However, Mr. Schwartz was very adamant that his only purpose in conducting these exercises was to try and find out how hardened these two systems were against attempts to crack their password codes using "CRACK" programming or similar. Mr. Schwartz did acknowledge however that another reason he was attempting to crack a "BRILLIG" password was that his contract with the "BRILLIG" system was soon due to end and he wished to ensure that he would continue to have password access to the "BRILLIG" system after his contract ended and his personal password revoked. In response to our questions, Mr. Schwartz was adamant that at not time did he ever actually access files using any of the cracked passwords that he had obtained using the "CRACK" program. However, on further questioning, Mr. Schwartz did admit to me that about three years ago, while working at "I-WARP" (and Intel subsidiary) that he had, in fact access files in the I-WARP system through a process known as "ROOT" and that at that time, he had taken the further step of actually viewing information from files he had accessed. He admitted to me that when he had done that he had known at the time that what he was doing was both against Intel policy and also illegal. However, again, Mr. Schwartz denied that during his accessing of "BRILLIG" and SSD, he had never at any time either viewed the contents of any file that he had accessed, not had he made any copies of any kind of any of those files. Through conversation with Mr. Schwartz, I learned from him that he had worked for Tektronix between the years of 1978 and 1983 and that at one point (he believed somewhere around 1981) he had actually been suspended at Tektronix for engaging in similar activities. He also went on to admit that he worked for a company called Tandem between the years of 1986 and 1987 and that as an April Fools joke on one of those years, he had also illegally cracked password and accessed files in Tandem's systems. He stated that as a result of this activity, he was actually "technically terminated" for about two hours. Mr. Schwartz stated however that he was immediately reinstated by a supervisor who took the point of view that in fact what Mr. Schwartz had been doing was actually part of his job description which was testing security systems within computer systems for Tandem. Mr. Schwartz stated that in fact, at that point in time, he was writing a book about security systems and that he was doing this in part as research for his book. During the course of our conversation, Mr. Schwartz made mention of the fact that on occasion, he had entertained private fantasies of engaging in computer espionage but explained that they were merely idle daydreaming and that it was not something that he had given any serious consideration to. We began to explore this avenue in greater depth and during further discussion, Mr. Schwartz admitted to me that in the course of his espionage fantasy, he had given thoughts to such matters as what type of information would be the most valuable to competitors, what people or organizations would be most interested in this information who would provide the greatest reward. On urging from me, he admitted that he suspected that the Cray Organization would probably be the biggest competitor who would be the most interested, and pay the most for, any intelligence that he obtained from Intel systems. Mr. Schwartz at first was very vague in his answers as to what information he would obtain and where he would obtain it, etc. However, on further discussions with me, he became more specific about the types of information, how he would access it, and who he would take it to. At one point, I asked Mr. Schwartz if he had ever taken any active steps in carrying out this fantasy and his response to me was, "I never to any steps externally to carry out this fantasy". I then asked him if that meant that he had possibly contacted somebody within the Intel cooperation regarding this fantasy at which point he stated, "No, no, I meant externally beyond the tips of my fingers, outside my mind." Mr. Schwartz also discussed with the Intel personnel in the interview with me more technical aspects of his activities within Intel and outside companies that he had contracts with. These statements were better understood and assessed by the Intel personnel. Refer to their reports on those aspects of our interviews. At 9:00 p.m., we concluded our interviews and the service of the search warrant of Mr. Schwartz's residence and cleared to return to the Washington County Sheriff's Office. On 11/02/93, I served a search warrant at Mr. Schwartz's business address at Stone Hedge Consulting Services, 4470 SW Hall St. #107, Beaverton, Oregon, finding that address was merely a private PO Box service and that Box 107 was a mailbox for Mr. Schwartz. On service of the search warrant at that location, I learned that there was only routing mail in Mr. Schwartz's box and did not see or find anything that was covered by the search warrant issued. It should also be noted that on 11/01/93, while serving the search warrant at Mr. Schwartz's residence, Intel personnel at our direction, shut down Mr. Shcwartz's work station at Intel in order to maintain evidentiary integrity of that work station. On 11/02/93 at 10:00 a.m., I gave Intel personnel the service copy of the search warrant, authorizing the search of Mr. Shcwartz's work station on Intel property. Investigation ongoing. No further action taken to this date.