Book Read Free

The Hacker Crackdown

Page 6

by Bruce Sterling


  Stranded passengers in New York and New Jersey were further infuriated to discover that they could not even manage to make a long distance phone call, to explain their delay to loved ones or business associates. Thanks to the crash, about four and a half million domestic calls, and half a million international calls, failed to get through.

  The September 17 NYC Crash, unlike the previous ones, involved not a whisper of "hacker" misdeeds. On the contrary, by 1991, AT&T itself was suffering much of the vilification that had formerly been directed at hackers. Congressmen were grumbling. So were state and federal regulators. And so was the press. For their part, ancient rival MCI took out snide full- page newspaper ads in New York, offering their own long- distance services for the "next time that AT&T goes down."

  "You wouldn't find a classy company like AT&T using such advertising," protested AT&T Chairman Robert Allen, unconvincingly. Once again, out came the full-page AT&T apologies in newspapers, apologies for "an inexcusable culmination of both human and mechanical failure." (This time, however, AT&T offered no discount on later calls. Unkind critics suggested that AT&T were worried about setting any precedent for refunding the financial losses caused by telephone crashes.)

  Industry journals asked publicly if AT&T was "asleep at the switch." The telephone network, America's purported marvel of high-tech reliability, had gone down three times in 18 months. *Fortune* magazine listed the Crash of September 17 among the "Biggest Business Goofs of 1991," cruelly parodying AT&T's ad campaign in an article entitled "AT&T Wants You Back (Safely On the Ground, God Willing)."

  Why had those New York switching systems simply run out of power? Because no human being had attended to the alarm system. Why did the alarm systems blare automatically, without any human being noticing? Because the three telco technicians who *should* have been listening were absent from their stations in the power-room, on another floor of the building -- attending a training class. A training class about the alarm systems for the power room!

  "Crashing the System" was no longer "unprecedented" by late 1991. On the contrary, it no longer even seemed an oddity. By 1991, it was clear that all the policemen in the world could no longer "protect" the phone system from crashes. By far the worst crashes the system had ever had, had been inflicted, by the system, upon *itself.* And this time nobody was making cocksure statements that this was an anomaly, something that would never happen again. By 1991 the System's defenders had met their nebulous Enemy, and the Enemy was -- the System.

  PART TWO: THE DIGITAL UNDERGROUND

  The date was May 9, 1990. The Pope was touring Mexico City. Hustlers from the Medellin Cartel were trying to buy black-market Stinger missiles in Florida. On the comics page, Doonesbury character Andy was dying of AIDS. And then.... a highly unusual item whose novelty and calculated rhetoric won it headscratching attention in newspapers all over America.

  The US Attorney's office in Phoenix, Arizona, had issued a press release announcing a nationwide law enforcement crackdown against "illegal computer hacking activities." The sweep was officially known as "Operation Sundevil."

  Eight paragraphs in the press release gave the bare facts: twenty-seven search warrants carried out on May 8, with three arrests, and a hundred and fifty agents on the prowl in "twelve" cities across America. (Different counts in local press reports yielded "thirteen," "fourteen," and "sixteen" cities.) Officials estimated that criminal losses of revenue to telephone companies "may run into millions of dollars." Credit for the Sundevil investigations was taken by the US Secret Service, Assistant US Attorney Tim Holtzen of Phoenix, and the Assistant Attorney General of Arizona, Gail Thackeray.

  The prepared remarks of Garry M. Jenkins, appearing in a U.S. Department of Justice press release, were of particular interest. Mr. Jenkins was the Assistant Director of the US Secret Service, and the highest-ranking federal official to take any direct public role in the hacker crackdown of 1990.

  "Today, the Secret Service is sending a clear message to those computer hackers who have decided to violate the laws of this nation in the mistaken belief that they can successfully avoid detection by hiding behind the relative anonymity of their computer terminals.(...) "Underground groups have been formed for the purpose of exchanging information relevant to their criminal activities. These groups often communicate with each other through message systems between computers called 'bulletin boards.' "Our experience shows that many computer hacker suspects are no longer misguided teenagers, mischievously playing games with their computers in their bedrooms. Some are now high tech computer operators using computers to engage in unlawful conduct."

  Who were these "underground groups" and "high- tech operators?" Where had they come from? What did they want? Who *were* they? Were they "mischievous?" Were they dangerous? How had "misguided teenagers" managed to alarm the United States Secret Service? And just how widespread was this sort of thing? Of all the major players in the Hacker Crackdown: the phone companies, law enforcement, the civil libertarians, and the "hackers" themselves -- the "hackers" are by far the most mysterious, by far the hardest to understand, by far the *weirdest.* Not only are "hackers" novel in their activities, but they come in a variety of odd subcultures, with a variety of languages, motives and values. The earliest proto-hackers were probably those unsung mischievous telegraph boys who were summarily fired by the Bell Company in 1878.

  Legitimate "hackers," those computer enthusiasts who are independent-minded but law-abiding, generally trace their spiritual ancestry to elite technical universities, especially M.I.T. and Stanford, in the 1960s.

  But the genuine roots of the modern hacker *underground* can probably be traced most successfully to a now much-obscured hippie anarchist movement known as the Yippies. The Yippies, who took their name from the largely fictional "Youth International Party," carried out a loud and lively policy of surrealistic subversion and outrageous political mischief. Their basic tenets were flagrant sexual promiscuity, open and copious drug use, the political overthrow of any powermonger over thirty years of age, and an immediate end to the war in Vietnam, by any means necessary, including the psychic levitation of the Pentagon.

  The two most visible Yippies were Abbie Hoffman and Jerry Rubin. Rubin eventually became a Wall Street broker. Hoffman, ardently sought by federal authorities, went into hiding for seven years, in Mexico, France, and the United States. While on the lam, Hoffman continued to write and publish, with help from sympathizers in the American anarcho-leftist underground. Mostly, Hoffman survived through false ID and odd jobs. Eventually he underwent facial plastic surgery and adopted an entirely new identity as one "Barry Freed." After surrendering himself to authorities in 1980, Hoffman spent a year in prison on a cocaine conviction. Hoffman's worldview grew much darker as the glory days of the 1960s faded. In 1989, he purportedly committed suicide, under odd and, to some, rather suspicious circumstances.

  Abbie Hoffman is said to have caused the Federal Bureau of Investigation to amass the single largest investigation file ever opened on an individual American citizen. (If this is true, it is still questionable whether the FBI regarded Abbie Hoffman a serious public threat -- quite possibly, his file was enormous simply because Hoffman left colorful legendry wherever he went). He was a gifted publicist, who regarded electronic media as both playground and weapon. He actively enjoyed manipulating network TV and other gullible, image- hungry media, with various weird lies, mindboggling rumors, impersonation scams, and other sinister distortions, all absolutely guaranteed to upset cops, Presidential candidates, and federal judges. Hoffman's most famous work was a book self-reflexively known as *Steal This Book,* which publicized a number of methods by which young, penniless hippie agitators might live off the fat of a system supported by humorless drones. *Steal This Book,* whose title urged readers to damage the very means of distribution which had put it into their hands, might be described as a spiritual ancestor of a computer virus. Hoffman, like many a later conspirator, made extensive use of pay-phones for
his agitation work -- in his case, generally through the use of cheap brass washers as coin-slugs.

  During the Vietnam War, there was a federal surtax imposed on telephone service; Hoffman and his cohorts could, and did, argue that in systematically stealing phone service they were engaging in civil disobedience: virtuously denying tax funds to an illegal and immoral war.

  But this thin veil of decency was soon dropped entirely. Ripping-off the System found its own justification in deep alienation and a basic outlaw contempt for conventional bourgeois values. Ingenious, vaguely politicized varieties of rip-off, which might be described as "anarchy by convenience," became very popular in Yippie circles, and because rip-off was so useful, it was to survive the Yippie movement itself. In the early 1970s, it required fairly limited expertise and ingenuity to cheat payphones, to divert "free" electricity and gas service, or to rob vending machines and parking meters for handy pocket change. It also required a conspiracy to spread this knowledge, and the gall and nerve actually to commit petty theft, but the Yippies had these qualifications in plenty. In June 1971, Abbie Hoffman and a telephone enthusiast sarcastically known as "Al Bell" began publishing a newsletter called *Youth International Party Line.* This newsletter was dedicated to collating and spreading Yippie rip-off techniques, especially of phones, to the joy of the freewheeling underground and the insensate rage of all straight people. As a political tactic, phone-service theft ensured that Yippie advocates would always have ready access to the long-distance telephone as a medium, despite the Yippies' chronic lack of organization, discipline, money, or even a steady home address. *Party Line* was run out of Greenwich Village for a couple of years, then "Al Bell" more or less defected from the faltering ranks of Yippiedom, changing the newsletter's name to *TAP* or *Technical Assistance Program.* After the Vietnam War ended, the steam began leaking rapidly out of American radical dissent. But by this time, "Bell" and his dozen or so core contributors had the bit between their teeth, and had begun to derive tremendous gut-level satisfaction from the sensation of pure *technical power.* *TAP* articles, once highly politicized, became pitilessly jargonized and technical, in homage or parody to the Bell System's own technical documents, which *TAP* studied closely, gutted, and reproduced without permission. The *TAP* elite revelled in gloating possession of the specialized knowledge necessary to beat the system.

  "Al Bell" dropped out of the game by the late 70s, and "Tom Edison" took over; TAP readers (some 1400 of them, all told) now began to show more interest in telex switches and the growing phenomenon of computer systems. In 1983, "Tom Edison" had his computer stolen and his house set on fire by an arsonist. This was an eventually mortal blow to *TAP* (though the legendary name was to be resurrected in 1990 by a young Kentuckian computer- outlaw named "Predat0r.")

  #

  Ever since telephones began to make money, there have been people willing to rob and defraud phone companies. The legions of petty phone thieves vastly outnumber those "phone phreaks" who "explore the system" for the sake of the intellectual challenge. The New York metropolitan area (long in the vanguard of American crime) claims over 150,000 physical attacks on pay telephones every year! Studied carefully, a modern payphone reveals itself as a little fortress, carefully designed and redesigned over generations, to resist coin- slugs, zaps of electricity, chunks of coin-shaped ice, prybars, magnets, lockpicks, blasting caps. Public pay- phones must survive in a world of unfriendly, greedy people, and a modern payphone is as exquisitely evolved as a cactus.

  Because the phone network pre-dates the computer network, the scofflaws known as "phone phreaks" pre-date the scofflaws known as "computer hackers." In practice, today, the line between "phreaking" and "hacking" is very blurred, just as the distinction between telephones and computers has blurred. The phone system has been digitized, and computers have learned to "talk" over phone-lines. What's worse -- and this was the point of the Mr. Jenkins of the Secret Service -- some hackers have learned to steal, and some thieves have learned to hack.

  Despite the blurring, one can still draw a few useful behavioral distinctions between "phreaks" and "hackers." Hackers are intensely interested in the "system" per se, and enjoy relating to machines. "Phreaks" are more social, manipulating the system in a rough-and-ready fashion in order to get through to other human beings, fast, cheap and under the table.

  Phone phreaks love nothing so much as "bridges," illegal conference calls of ten or twelve chatting conspirators, seaboard to seaboard, lasting for many hours -- and running, of course, on somebody else's tab, preferably a large corporation's. As phone-phreak conferences wear on, people drop out (or simply leave the phone off the hook, while they sashay off to work or school or babysitting), and new people are phoned up and invited to join in, from some other continent, if possible. Technical trivia, boasts, brags, lies, head-trip deceptions, weird rumors, and cruel gossip are all freely exchanged.

  The lowest rung of phone-phreaking is the theft of telephone access codes. Charging a phone call to somebody else's stolen number is, of course, a pig-easy way of stealing phone service, requiring practically no technical expertise. This practice has been very widespread, especially among lonely people without much money who are far from home. Code theft has flourished especially in college dorms, military bases, and, notoriously, among roadies for rock bands. Of late, code theft has spread very rapidly among Third Worlders in the US, who pile up enormous unpaid long-distance bills to the Caribbean, South America, and Pakistan.

  The simplest way to steal phone-codes is simply to look over a victim's shoulder as he punches-in his own code-number on a public payphone. This technique is known as "shoulder-surfing," and is especially common in airports, bus terminals, and train stations. The code is then sold by the thief for a few dollars. The buyer abusing the code has no computer expertise, but calls his Mom in New York, Kingston or Caracas and runs up a huge bill with impunity. The losses from this primitive phreaking activity are far, far greater than the monetary losses caused by computer-intruding hackers.

  In the mid-to-late 1980s, until the introduction of sterner telco security measures, *computerized* code theft worked like a charm, and was virtually omnipresent throughout the digital underground, among phreaks and hackers alike. This was accomplished through programming one's computer to try random code numbers over the telephone until one of them worked. Simple programs to do this were widely available in the underground; a computer running all night was likely to come up with a dozen or so useful hits. This could be repeated week after week until one had a large library of stolen codes. Nowadays, the computerized dialling of hundreds of numbers can be detected within hours and swiftly traced. If a stolen code is repeatedly abused, this too can be detected within a few hours. But for years in the 1980s, the publication of stolen codes was a kind of elementary etiquette for fledgling hackers. The simplest way to establish your bona-fides as a raider was to steal a code through repeated random dialling and offer it to the "community" for use. Codes could be both stolen, and used, simply and easily from the safety of one's own bedroom, with very little fear of detection or punishment.

  Before computers and their phone-line modems entered American homes in gigantic numbers, phone phreaks had their own special telecommunications hardware gadget, the famous "blue box." This fraud device (now rendered increasingly useless by the digital evolution of the phone system) could trick switching systems into granting free access to long-distance lines. It did this by mimicking the system's own signal, a tone of 2600 hertz. Steven Jobs and Steve Wozniak, the founders of Apple Computer, Inc., once dabbled in selling blue-boxes in college dorms in California. For many, in the early days of phreaking, blue-boxing was scarcely perceived as "theft," but rather as a fun (if sneaky) way to use excess phone capacity harmlessly. After all, the long-distance lines were *just sitting there*.... Whom did it hurt, really? If you're not *damaging* the system, and you're not *using up any tangible resource,* and if nobody *finds out* what you did, then what real har
m have you done? What exactly *have* you "stolen," anyway? If a tree falls in the forest and nobody hears it, how much is the noise worth? Even now this remains a rather dicey question.

  Blue-boxing was no joke to the phone companies, however. Indeed, when *Ramparts* magazine, a radical publication in California, printed the wiring schematics necessary to create a mute box in June 1972, the magazine was seized by police and Pacific Bell phone- company officials. The mute box, a blue-box variant, allowed its user to receive long-distance calls free of charge to the caller. This device was closely described in a *Ramparts* article wryly titled "Regulating the Phone Company In Your Home." Publication of this article was held to be in violation of Californian State Penal Code section 502.7, which outlaws ownership of wire-fraud devices and the selling of "plans or instructions for any instrument, apparatus, or device intended to avoid telephone toll charges." Issues of *Ramparts* were recalled or seized on the newsstands, and the resultant loss of income helped put the magazine out of business. This was an ominous precedent for free-expression issues, but the telco's crushing of a radical-fringe magazine passed without serious challenge at the time. Even in the freewheeling California 1970s, it was widely felt that there was something sacrosanct about what the phone company knew; that the telco had a legal and moral right to protect itself by shutting off the flow of such illicit information. Most telco information was so "specialized" that it would scarcely be understood by any honest member of the public. If not published, it would not be missed. To print such material did not seem part of the legitimate role of a free press.

 

‹ Prev