This is a live story, with several updates. Please read it all, it takes many turns, and you won’t know what happened unless you do. There are several updates, which are listed at the bottom of this story and are crucial to understanding the context and content of this story.
By now, I’m sure, there are many people who have heard of Christopher Soghoian. Chris is a PhD student at IU, working on a PhD in Informatics, and recently published a PHP-based system that could fake a Northwest Airlines Boarding Page, in an attempt to show how TSA is more “security theatre” than “good security”. It’s no surprise, then, that BoingBoing picked up the ball and ran with it both before and after Soghoian was visited by the FBI and a Congressman had called (wrongfully and idiotically) for his arrest. What’s interesting here, and what’s applicable to our local jurisdiction, is that Brian Krebs, security blogger for the Washington Post picked up the same story, and it reads in similar tone, with similar information.
While I wouldn’t call it “irresponsible journalism,” in the vein of plagiarism, or anything like that, let’s pause for a moment and take a look at Brian Krebs. Back in August, Brian Krebs put out a piece called Hijacking a MacBook in 60 Seconds or Less which, full of Fear, Uncertainty and Doubt, was taken apart handily by Blogger Jon Gruber, including a rehash, or two, or three, in which Krebs’ account is challenged by other writers. Should we be at all surprised if he did take the story from another blogger and repurpose it as his own? Probably not. Hey, those new media bloggers for the Post have to make their shiny nickles somehow, why not do it on the backs of other bloggers?
An Update: After looking at Jardin’s story on BoingBoing, and looking at Krebs’ tale on the Post, I’ve got a major objection here, perhaps someone else can figure this out for me?
The timeline appears odd. BB’s story goes up at 5:30pm on Friday, an hour and forty-five minutes after the form was taken down by the FBI. Krebs wrote in the comments of his post at WaPo: “When I phoned Soghoian Friday evening, he abruptly ended our conversation shortly after it began by saying that two FBI agents were banging on his door asking to speak with him. A short time later, the tool he had posted on his site vanished.” If the timeline holds that the site was offline at 3:45p Eastern Daylight time, how was it that Krebs was still at the site three hours later? That doesn’t fit. The FBI visited Soghoian at 3:45 and the site was taken down around then. If Krebs hears about this at 6:50, calls Soghoian at that instant and only just then is the site taken down, we have a major discrepancy between Krebs’ account and Jardin’s account.
I trust the earlier story. [Further updates cast these stories into interesting light. Read on]
Further Updates Behind the Cut
This post appeared in its original form at DC Metblogs
Another Update: I’ve been sent to Chris Soghoian’s own blog to take a look at his chronology, which seems to fit with Jardin’s account and not Krebs’ account. Chris recounts The FBI at the Door at 3:54pm on Friday, where they are not to return until late in the night with a search warrant. This pretty much debunks Krebs’ whole column as an out and out fabrication. There’s no way that he heard about this story at ten til seven on Friday night and caught Soghoian before the site was taken down. Sorry, Charlie, this doesn’t wash at all. Not with a major 3 hour gap in the time. [Read the third update. There may be truth in here yet. –TB]
Between the iPod Jeer Payola and this, it’s been an ugly week for the Washington Post. Hat Tip to Sean Bonner for talking with me about the timelines.
Update The Third: I’ve now had a personal conversation with Brian Krebs, in which Krebs has demonstrated he did a wget of Soghoian’s site at 5:55pm on Friday, and a conversation via his Treo at 6:51p on Friday with Chris Soghoian. At question still, is Krebs’ contention that Soghoian hung up to deal with further FBI agents when that’s not confirmed by Soghoian’s blog (Visit 1 at 3:54p, Visit 2 some time early Saturday morning, with no intervening visit). So, Either one of two things happened, and these hypotheses are entirely mine: either Soghoian didn’t want to talk with Krebs any further and gave an answer to Krebs that would be plausible (The FBI are here again), or, Krebs’ call to Soghoian was misreported. There’s plenty of reasonable doubt here, plenty of weak links. We won’t know who was right until Chris emerges, which if I were him, would be in early 2096.
Update Four: I’ve now had a conversation with Brian’s editor, Russ, at WPNI. Russ is concerned with a few things in this story that he feels need to be addressed, specifically my treatment of Brian. I use some strong language in this post, including words like Fabrication, which I have left standing only to allow for continuity’s sake, and to preserve the timeline here, but they turned out not to be so. Do I have questions? Yes. Are there (many) answers that aren’t ascribeable to Brian’s reporting? Yes, there are. Perhaps I was unfair to Brian, and for that I apologize. I saw a hole and I reported it zealously using tools at my disposal, but that left out the personal aspect. Next time, I’ll be able to ask Krebs himself, as well as talk with his editor. I apologize to Brian for my mischaracterization of his work. Questions remain, but they’re not his fault.
This post appeared in its original form at DC Metblogs