◆ SpookStack

Internet policy thinker Larry Lessig, and thespian activist Robert Redford, who last May authored an op-ed on President . Bush's environmental policies. Entries with home telephone numbers include Lawrence Walsh, William F, Buckley Jr., Jeanne Kirkpatrick, Rush . . Limbaugh, Vint Cerf, Warren Beatty and former president Jimmy Carter. The database includes details on contributors’ areas of expertise and what books they've written, and the odd note on how easily they succumb to editing or how much they were paid. Lamo notified the Times of the vulnerabilities Tuesday through a reporter, and provided them with a list of the open proxies. In a statement, a spokesperson for the paper said the Times takes security “very seriously.” “We are actively investigating a potential security breach,” wrote Times spokesperson Christine Mohan. "Based on the results of this investigation we will take appropriate steps to ensure the security of our network." Hacker's Helpful History Adrian Lamo has built an unusual reputation exposing security holes at large corporations, then voluntarily helping them fix the vulnerabilities he exptoited -- sometimes visiting their offices or signing non-disclosure agreements in the process. In December, Lamo was praised by communications giant WorldCom after he discovered, then helped close, security holes in their intranet that threatened to expose the private networks of Bank of America, CitiCorp, JP Morgan, and others. 'n September, the hacker used a vulnerable Web-based production tool to tamper with a wire service story on Yahoo! News, deliberately choosing an old story to minimize the impact. The hacker professes relief at discovering that the Times intranet afforded him no similar opportunity to modify stories in the paper's print edition, without clearing human hurdles in the Times editorial process. "it's really better for everybody if the New York Times has the ability te runs something unusually every now and then without people checking it for my writing style," says Lamo. The newspaper's public Web site -- the target of a high-profile defacement in 1998 -- is outsourced, and wasn't affected by the vuinerabilities. Privacy Concerns Lamo says he began his excursion at a proxy in the Times home delivery department and scanned the newspaper's IP address range for Web servers. “The proxy was on a different network, dealing with 2 . FBI{19-cv-1495)-1608 a |