270 lines
16 KiB
Plaintext
270 lines
16 KiB
Plaintext
|
|
|
|
The Night of the Hackers
|
|
________________________
|
|
|
|
|
|
. As you are surveying the dark and misty swamp you come across what
|
|
appears to be a small cave. You light a torch and enter. You
|
|
have walked several hundred feet when you stumble into a bright
|
|
blue portal. . . With a sudden burst of light and a loud
|
|
explosion you are swept into . . . DRAGONFIRE . . . Press Any Key
|
|
if You Dare."
|
|
|
|
. You have programmed your personal computer to dial into
|
|
Dragonfire, a computer bulletin board in Gainesville, Texas. But
|
|
before you get any information, Dragonfire demands your name, home
|
|
city and phone number. So, for tonight's tour of the electronic
|
|
wilderness you become Montana Wildhack of San Francisco.
|
|
|
|
. Dragonfire, Sherwood Forest (sic), Forbidden Zone,
|
|
Blottoland, Plovernet, The Vault, Shadowland, PHBI and scores of
|
|
other computer bulletin boards are hangouts of a new generation of
|
|
vandals. These precocious teenagers use their electronic skills to
|
|
play hide-and-seek with computer and telephone security forces.
|
|
Many computer bulletin boards are perfectly legitimate: they
|
|
resemble electronic versions of the familiar cork boards in
|
|
supermarkets and school corridors, listing services and providing
|
|
information someone out there is bound to find useful. But this
|
|
is a walk on the wild side, a trip into the world of underground
|
|
bulletin boards dedicated to encouraging -- and making --
|
|
mischief.
|
|
|
|
. The phone number for these boards are as closely guarded as a
|
|
psychiatrist's home telephone number. Some numbers are posted on
|
|
underground boards; others are exchanged over the telephone. A
|
|
friendly hacker provided Dragonfire's number. Hook up and you see
|
|
a broad choice of topics offered. For Phone Phreaks -- who delight
|
|
in stealing service from AT&T and other phone networks .
|
|
Phreakenstein's Lair is a potpourri of phone numbers, access codes
|
|
and technical information. For computer hackers -- who dial into
|
|
other people's computers -- Ranger's Lodge is chock-full of phone
|
|
numbers and passwords for government, university and corporate
|
|
computers. Moving through Dragonfire's offerings, you can only
|
|
marvel at how conversant these teen-agers are with the technical
|
|
esoterica of today's electronic age. Obviously they have spent a
|
|
great deal of time studying computers, though their grammar and
|
|
spelling indicate they haven't been diligent in other subjects.
|
|
You are constantly reminded of how young they are.
|
|
|
|
. "Well it's that time of year again. School is back in session
|
|
so let's get those high school computer phone numbers rolling in.
|
|
Time to get straight A's, have perfect attendance (except when
|
|
you've been up all night hacking school passwords), and messing up
|
|
you worst teacher's paycheck."
|
|
|
|
. Forbidden Zone, in Detroit, is offering ammunition for hacker
|
|
civil war -- tips on crashing the most popular bulletin-board
|
|
software. There also are plans for building black, red and blue
|
|
boxes to mimic operator tones and get free phone service. And he
|
|
re are the details for "the safest and best way to make and use
|
|
nitroglycerine," compliments of Doctor Hex, who says he got it
|
|
"from my chemistry teacher."
|
|
|
|
. Flip through the "pages." You have to wonder if this
|
|
information is accurate. Can this really be the phone number and
|
|
password for Taco Bell's computer? Do these kids really have the
|
|
dial-up numbers for dozens of university computers? The temptation
|
|
is too much. You sign off and have your computer dial the number
|
|
for the Yale computer. Bingo -- the words Yale University appear
|
|
on your screen. You enter the password. A menu appears. You hang
|
|
up in a sweat. You are now a hacker.
|
|
|
|
. Punch in another number and your modem zips off the touch
|
|
tones. Here comes the tedious side of all of this. Bulletin boards
|
|
are popular. No vacancy in Bates Motel (named for Anthony Perkin's
|
|
creepy motel in the movie "Psycho"); the line is busy. So are 221
|
|
B. Baker Street, PHBI, Shadowland and The Vault, Caesar's Palace
|
|
rings and connects. This is different breed of board. Caesar's
|
|
Palace is a combination Phreak board and computer store in Miami.
|
|
This is the place to learn ways to mess up a department store's
|
|
anti-shoplifting system, or make free calls on telephones with
|
|
locks on the dial. Pure capitalism accompanies such anarchy,
|
|
Caesar's Palace is offering good deals on disc drives, software,
|
|
computers and all sorts of hardware. Orders are placed through
|
|
electronic mail messages.
|
|
|
|
. 'Tele-Trial': Bored by Caesar's Palace, you enter the number
|
|
for Blottoland, the board operated by one of the nation's most
|
|
notorious computer phreaks -- King Blotto. This one has been busy
|
|
all night, but it's now pretty late in Cleveland. The phone rings
|
|
and you connect. To get past the blank screen, type the secondary
|
|
password "S-L-I-M-E." King Blotto obliges, listing his rules: he
|
|
must have your real name, phone number, address, occupation and
|
|
interests. He will call and disclose the primary password, "if you
|
|
belong on this board." If admitted, do not reveal the phone number
|
|
or the secondary password, lest you face "tele-trial," the King
|
|
warns as he dismisses you by hanging up. You expected heavy
|
|
security, but this teenager's security is, as they say, awesome.
|
|
Computers at the Defense Department and hundreds of businesses let
|
|
you know when you've reached them. Here you need a password just
|
|
to find out what system answered the phone. Then King Blotto asks
|
|
questions -- and hangs up. Professional computer-security experts
|
|
could learn something from this kid. He knows that ever since the
|
|
414 computer hackers were arrested in August 1982, law-enforcement
|
|
officers have been searching for leads on computer bulletin
|
|
boards.
|
|
|
|
. "Do you have any ties to or connections with any law
|
|
enforcement agency or any agency which would inform such a law
|
|
enforcement agency of this bulletin board?"
|
|
|
|
. Such is the welcoming message from Plovernet, a Florida board
|
|
known for its great hacker/phreak files. There amid a string of
|
|
valid VISA and MasterCard numbers are dozens of computer phone
|
|
numbers and passwords. Here you also learn what Blotto means by
|
|
tele-trial. "As some of you may or may not know, a session of the
|
|
conference court was held and the Wizard was found guilty of some
|
|
miscellaneous charges, and sentenced to four months without
|
|
bulletin boards." If Wizard calls, system operators like King
|
|
Blotto disconnect him. Paging through bulletin boards is a test of
|
|
your patience. Each board has different commands. Few are easy to
|
|
follow, leaving you to hunt and peck your way around. So far you
|
|
haven't had the nerve to type "C," which summons the system
|
|
operator for a live, computer-to-computer conversation. The time,
|
|
however, however has come for you to ask a few questions of the
|
|
"sysop." You dial a computer in Boston. It answers and you begin
|
|
working your way throughout the menus. You scan a handful of dial-
|
|
up numbers, including one for Arpanet, the Defense Department's
|
|
research computer. Bravely tap C and in seconds the screen blanks
|
|
and your cursor dances across the screen.
|
|
|
|
. Hello . . . What kind of computer do you have?
|
|
|
|
. Contact. The sysop is here. You exchange amenities and get
|
|
"talking." How much hacking does he do? Not much, too busy. Is he
|
|
afraid of being busted, having his computer confiscated like the
|
|
Los Angeles man facing criminal changes because his computer
|
|
bulletin board contained a stolen telephone-credit-card number?
|
|
"Hmmmm . . . No," he replies. Finally, he asks the dreaded
|
|
question: "How old are you?" "How old are YOU," you reply,
|
|
stalling. "15," he types. Once you confess and he knows you're
|
|
old enough to be his father, the conversation gets very serious.
|
|
You fear each new question; he probably thinks you're a cop. But
|
|
all he wants to know is your choice for president. The chat
|
|
continues, until he asks, "What time is it there?" Just past
|
|
midnight, you reply. Expletive. "it's 3:08 here," Sysop types. "I
|
|
must be going to sleep. I've got school tomorrow." The cursor
|
|
dances "*********** Thank you for Calling." The screen goes blank.
|
|
|
|
Epilog:
|
|
|
|
. A few weeks after this reporter submitted this article to
|
|
Newsweek, he found that his credit had been altered, his drivers'
|
|
licence revoked, and EVEN HIS Social Security records changed!
|
|
Just in case you all might like to construe this as a 'Victimless'
|
|
crime. The next time a computer fouls up your billing on some
|
|
matter, and COSTS YOU, think about it!
|
|
_______________________________
|
|
|
|
. This the follow-up to the previous article concerning the
|
|
Newsweek reporter. It spells out SOME of the REAL dangers to ALL
|
|
of us, due to this type of activity!
|
|
|
|
_______________________________
|
|
The REVENGE of the Hackers
|
|
_______________________________
|
|
|
|
. In the mischievous fraternity of computer hackers, few things
|
|
are prized more than the veil of secrecy. As NEWSWEEK San
|
|
Francisco correspondent Richard Sandza found out after writing a
|
|
story on the electronic underground's (DISPATCHES, Nov. 12, 198\
|
|
ability to exact revenge can be unnerving. Also severe....
|
|
Sandza's report:
|
|
|
|
. "Conference!" someone yelled as I put the phone to my ear.
|
|
Then came a mind-piercing "beep," and suddenly my kitchen seemed
|
|
full of hyperactive 15-year-olds. "You the guy who wrote the
|
|
article in NEWSWEEK?" someone shouted from the depths of static,
|
|
and giggles. "We're going disconnect your phone," one shrieked.
|
|
"We're going to blow up your house," called another. I hung up.
|
|
|
|
. Some irate readers write letters to the editor. A few call
|
|
their lawyers. Hackers, however, use the computer and the
|
|
telephone, and for more than simple comment. Within days, computer
|
|
"bulletin boards" around the country were lit up with attacks on
|
|
NEWSWEEK's "Montana Wildhack" (a name I took from a Kurt Vonnegut
|
|
character), questioning everything from my manhood to my prose
|
|
style. "Until we get real good revenge," said one message from
|
|
Unknown Warrior, "I would like to suggest that everyone with an
|
|
auto-l modem call Montana Butthack then hang up when he answers."
|
|
Since then the hackers of America have called my home at least
|
|
2000 times. My harshest critics communicate on Dragonfire, a
|
|
Gainesville, Texas, bulletin board where I am on teletrial, a
|
|
video-lynching in which a computer user with grievance dials the
|
|
board and presses charges against the offending party. Other
|
|
hackers -- including the defendant --post concurrences or
|
|
rebuttals. Despite the mealtime interruptions, all this was at
|
|
most a minor nuisance; some was amusing, even fun.
|
|
|
|
. FRAUD: The fun stopped with a call from a man who identified
|
|
himself only as Joe. "I'm calling to warn you," he said. When I
|
|
barked back, he said, "Wait, I'm on your side. Someone has broken
|
|
into TRW and obtained a list of all your credit-card numbers, your
|
|
home address, social-security number and wife's name and is
|
|
posting it on bulletin boards around the country." He named the
|
|
charge cards in my wallet.
|
|
|
|
. Credit-card numbers are a very hot commodity among some
|
|
hackers. To get one from a computer system and post it is the
|
|
hacker equivalent of making the team. After hearing from Joe I
|
|
visited the local office of the TRW credit bureau and got a copy
|
|
of my credit record. Sure enough, it showed a Nov. 13 inquiry by
|
|
the Lenox (Mass.) Savings Bank, an institution with no reason
|
|
whatever to ask about me. Clearly some hacker had used Lenox's
|
|
password to the TRW computers to get to my files (the bank has
|
|
since changed the password).
|
|
|
|
. It wasn't long before I found out what was being done with my
|
|
credit-card numbers, thanks to another friendly hacker who tipped
|
|
me to Pirate 80, a bulletin board in Charleston, W.Va., where I
|
|
found this: "I'm sure you guys have heard about Richard Stza or
|
|
Montana Wildhack. He's the guy who wrote the obscene story about
|
|
phreaking in NewsWeek Well, my friend did a credit card check on
|
|
TRW . . . try this number, it' a VISA . . . Please nail this guy
|
|
bad . . . Captain Quieg.
|
|
|
|
. Captain Quieg may himself be nailed. He has violated the
|
|
Credit Card Fraud Act of 1984 signed by President Reagan on Oct.
|
|
12. The law provides a $10,000 fine and up to a 15-year prison
|
|
term for "trafficking" in illegally obtained credit-card account
|
|
numbers. His "friend" has committed a felony violation of the
|
|
California computer-crime law. TRW spokeswoman Delia Fernandex
|
|
said that TRW would "be more than happy to prosecute" both of
|
|
them.
|
|
|
|
. TRW has good reason for concern. Its computers contain the
|
|
credit histories of 120 million people. Last year TRW sold 50
|
|
million credit reports on their customers. But these highly
|
|
confidential personal records are so poorly guarded that
|
|
computerized teenagers can ransack the files and depart
|
|
undetected. TRW passwords -- unlike many others -- often print out
|
|
when entered by TRW's customers. Hackers then look for discarded
|
|
printouts. A good source: the trash of banks and automobile
|
|
dealerships, which routinely do credit checks. "Everybody hacks
|
|
TRW," says Cleveland hacker King Blotto, whose bulletin board has
|
|
security system the Pentagon would envy. "It's the easiest." For
|
|
her her part, Fernandez insists that TRW "does everything it can
|
|
to keep the system secure.
|
|
|
|
. In my case, however, that was not enough. My credit limits
|
|
would hardly support big-time fraud, but victimization takes many
|
|
forms. Another hacker said it was likely that merchandise would be
|
|
ordered in my name and shipped to me -- just to harass me. I used
|
|
to use credit-card numbers against someone I didn't like," the
|
|
hacker said. "I'd call Sears and have a dozen toilets shipped to
|
|
his house."
|
|
|
|
. Meanwhile, back on Dragonfire, my teletrial was going strong.
|
|
The charges, as pressed my Unknown Warrior, include "endangering
|
|
all phreaks and hacks." The judge in this case is a hacker with
|
|
the apt name of Ax Murderer. Possible sentences range from exile
|
|
from the entire planet" to "kill the dude." King Blotto has taken
|
|
up my defense, using hacker power to make his first pleading: he
|
|
dialed up Dragonfire, broke into its operating system and
|
|
"crashed" the bulletin board, destroying all of its messages
|
|
naming me. The board is back up now, with a retrial in full swing.
|
|
But then, exile from the electronic underground looks better all
|
|
the time.
|
|
|