Culture

Hacking the hacker's identity

Steven Musil Night Editor / News

Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.

Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.

See full bio

Steven Musil

Feb. 22, 2006 7:05 p.m. PT

Sometimes a photo is worth only a few words--a few very revealing words. That was apparently the case recently when The Washington Post accidentally left clues to the identity of a confidential source in an article about hackers.

The story was about a 21-year-old hacker identified as "0x80" who claimed to have broken into 2,000 PCs around the world and to have used the hacked PCs to send out spam. The article revealed that "0x80" smokes, has a southern accent and lives in a small town in Middle America. "The nearest businesses are a used-car lot, a gas station/convenience store and a strip club," the article said.

Fairly innocuous details unlikely to offer much in leading to the source's identity. But the article ran with a modified photo of 0x80, at which some of the people at Slashdot took a closer look. The metadata inside the photo apparently revealed when and where the photo was taken, who the photographer was and even what kind of camera was used.

According to Slashdot, the photo was taken in December in Roland, Okla., a city of 2.6 square miles and a population of 2,842.

Using the other clues provided in the article makes if awfully easy to narrow down the list of suspects, as Slashdot users pointed out.

"Any flatfoot could find him in an hour," noted one poster.

The photo has since disappeared from the newspaper's Web site.