As the trial against Ola Bini continues, a leaked evidence photo is compelling the EFF to point out that Telnet is not a crime.
Last June, we reported on how the Ola Bini case was referred to the United Nations. This was in response to the arrest of Bini back in June in Ecuadore.
Essentially, Ola Bini, a Swedish open source developer, was arrested in Ecuador as part of the case against Wikileaks co-founder, Julian Assange. Bini was subsequently charged under vague cybercrime laws for being a Russian hacker. The Electronic Frontier Foundation (EFF) pointed out that Bini is neither Russian, nor a hacker. During the arrest, evidence seized included instruction manuals and USB drives among other things. The lineup of evidence really didn’t show evidence of guilt, but rather, standard possessions of someone of his expertise.
Still, it seems that Ecuadorian authorities are running with anything they can think of. Trial evidence was recently leaked showing a screenshot of Telnet. Evidently, this was part of the prosecution’s effort to attempt to find Bini guilty. The EFF, for its part, had to explain what the screenshot really was and why it’s not evidence of criminal activity. From their analysis:
Cursory examination of the actual screen capture reveals that both the leaker and the media misunderstand what the new evidence shows. Rather than demonstrating that Bini intruded into the Ecuadorean telephone network’s systems, it shows the trail of someone who paid a visit to a publicly accessible server — and then politely obeyed the servers’ warnings about usage and access.
Those knowledgeable about Unix-style command line shells and utilities will recognize this as the photograph of a laptop screen, showing a telnet session (telnet is an insecure communication protocol that has largely been abandoned for public-facing technologies).
Command line interactions generally flow down the page chronologically, from top to bottom, including both textual commands typed by the use, and the responses from the programs the user runs. The image shows, in order, someone – (presumably Bini, given that his local computer prompt shows “/home/olabini”) – requesting a connection, via Tor, to an open telnet service run on a remote computer.
Telnet is a text-only communication system, and the local program echoes the remote service’s warning against unauthorised access. The remote service then asks for a username as authorization. The connection is then closed by the remote system with a “timeout” error, because the person connecting has not responded.
For users with only basic knowledge of more recent operating systems like Windows and Mac, white text on a black screen can look quite scary. The appropriate reaction would be to ask what it’s for rather than assume something awful is going on.
It’s similar to the psychology surrounding the website HackerTyper. All someone has to do is access the website and begin typing complete gibberish. The output for anyone who doesn’t know the code will look suspicious and, of course, typing this at a public WiFi location could theoretically cause concern in the public. Of course, the actual code is just chunks of the Linux Kernal written in C. It’s not only perfectly harmless code, but its also very productive code to boot. It only looks scary because it’s not your standard looking set of windows and it’s possibly a computer language shoulder surfers wouldn’t recognize.
Similarly, we here at Freezenet actually have full guides on an application known as DOSBox. Again, for those who do not know anything about it, it can look intimidating. The software itself allows users to run old programs no longer compatible with modern operating systems. Again, not standard stuff your average user would see, but ultimately, the software in question is quite useful for those wanting to get applications like really old games running again.
These are two reasons why we see something like this and ask, “How is this even evidence of wrongdoing exactly?” If some basic Telnet messages is supposed to be evidence of a crime, let alone something that’s supposed to be sinister and scary, it’s really easy to see how prosecutors are operating on truly flimsy evidence. Given that Bini was arrested for possessing technical manuals, this is far from the first time we’ve seen this on top of it all.
Drew Wilson on Twitter: @icecube85 and Facebook.
