The Hacker Crackdown

Home > Other > The Hacker Crackdown > Page 14
The Hacker Crackdown Page 14

by Bruce Sterling


  But Terminus had odd friends and a spotted history. Terminus had once been the subject of an admiring interview in *Phrack* (Volume II, Issue 14, Phile 2 -- dated May 1987). In this article, *Phrack* co-editor Taran King described "Terminus" as an electronics engineer, 5'9", brown-haired, born in 1959 -- at 28 years old, quite mature for a hacker.

  Terminus had once been sysop of a phreak/hack underground board called "MetroNet," which ran on an Apple II. Later he'd replaced "MetroNet" with an underground board called "MegaNet," specializing in IBMs. In his younger days, Terminus had written one of the very first and most elegant code-scanning programs for the IBM-PC. This program had been widely distributed in the underground. Uncounted legions of PC- owning phreaks and hackers had used Terminus's scanner program to rip-off telco codes. This feat had not escaped the attention of telco security; it hardly could, since Terminus's earlier handle, "Terminal Technician," was proudly written right on the program.

  When he became a full-time computer professional (specializing in telecommunications programming), he adopted the handle Terminus, meant to indicate that he had "reached the final point of being a proficient hacker." He'd moved up to the UNIX-based "Netsys" board on an AT&T computer, with four phone lines and an impressive 240 megs of storage. "Netsys" carried complete issues of *Phrack,* and Terminus was quite friendly with its publishers, Taran King and Knight Lightning.

  In the early 1980s, Terminus had been a regular on Plovernet, Pirate-80, Sherwood Forest and Shadowland, all well-known pirate boards, all heavily frequented by the Legion of Doom. As it happened, Terminus was never officially "in LoD," because he'd never been given the official LoD high-sign and back-slap by Legion maven Lex Luthor. Terminus had never physically met anyone from LoD. But that scarcely mattered much -- the Atlanta Three themselves had never been officially vetted by Lex, either.

  As far as law enforcement was concerned, the issues were clear. Terminus was a full-time, adult computer professional with particular skills at AT&T software and hardware -- but Terminus reeked of the Legion of Doom and the underground.

  On February 1, 1990 -- half a month after the Martin Luther King Day Crash -- USSS agents Tim Foley from Chicago, and Jack Lewis from the Baltimore office, accompanied by AT&T security officer Jerry Dalton, travelled to Middle Town, Maryland. There they grilled Terminus in his home (to the stark terror of his wife and small children), and, in their customary fashion, hauled his computers out the door.

  The Netsys machine proved to contain a plethora of arcane UNIX software -- proprietary source code formally owned by AT&T. Software such as: UNIX System Five Release 3.2; UNIX SV Release 3.1; UUCP communications software; KORN SHELL; RFS; IWB; WWB; DWB; the C++ programming language; PMON; TOOL CHEST; QUEST; DACT, and S FIND.

  In the long-established piratical tradition of the underground, Terminus had been trading this illicitly- copied software with a small circle of fellow UNIX programmers. Very unwisely, he had stored seven years of his electronic mail on his Netsys machine, which documented all the friendly arrangements he had made with his various colleagues.

  Terminus had not crashed the AT&T phone system on January 15. He was, however, blithely running a not- for-profit AT&T software-piracy ring. This was not an activity AT&T found amusing. AT&T security officer Jerry Dalton valued this "stolen" property at over three hundred thousand dollars.

  AT&T's entry into the tussle of free enterprise had been complicated by the new, vague groundrules of the information economy. Until the break-up of Ma Bell, AT&T was forbidden to sell computer hardware or software. Ma Bell was the phone company; Ma Bell was not allowed to use the enormous revenue from telephone utilities, in order to finance any entry into the computer market.

  AT&T nevertheless invented the UNIX operating system. And somehow AT&T managed to make UNIX a minor source of income. Weirdly, UNIX was not sold as computer software, but actually retailed under an obscure regulatory exemption allowing sales of surplus equipment and scrap. Any bolder attempt to promote or retail UNIX would have aroused angry legal opposition from computer companies. Instead, UNIX was licensed to universities, at modest rates, where the acids of academic freedom ate away steadily at AT&T's proprietary rights.

  Come the breakup, AT&T recognized that UNIX was a potential gold-mine. By now, large chunks of UNIX code had been created that were not AT&T's, and were being sold by others. An entire rival UNIX-based operating system had arisen in Berkeley, California (one of the world's great founts of ideological hackerdom). Today, "hackers" commonly consider "Berkeley UNIX" to be technically superior to AT&T's "System V UNIX," but AT&T has not allowed mere technical elegance to intrude on the real-world business of marketing proprietary software. AT&T has made its own code deliberately incompatible with other folks' UNIX, and has written code that it can prove is copyrightable, even if that code happens to be somewhat awkward -- "kludgey." AT&T UNIX user licenses are serious business agreements, replete with very clear copyright statements and non- disclosure clauses.

  AT&T has not exactly kept the UNIX cat in the bag, but it kept a grip on its scruff with some success. By the rampant, explosive standards of software piracy, AT&T UNIX source code is heavily copyrighted, well-guarded, well-licensed. UNIX was traditionally run only on mainframe machines, owned by large groups of suit-and- tie professionals, rather than on bedroom machines where people can get up to easy mischief.

  And AT&T UNIX source code is serious high-level programming. The number of skilled UNIX programmers with any actual motive to swipe UNIX source code is small. It's tiny, compared to the tens of thousands prepared to rip-off, say, entertaining PC games like "Leisure Suit Larry."

  But by 1989, the warez-d00d underground, in the persons of Terminus and his friends, was gnawing at AT&T UNIX. And the property in question was not sold for twenty bucks over the counter at the local branch of Babbage's or Egghead's; this was massive, sophisticated, multi-line, multi-author corporate code worth tens of thousands of dollars.

  It must be recognized at this point that Terminus's purported ring of UNIX software pirates had not actually made any money from their suspected crimes. The $300,000 dollar figure bandied about for the contents of Terminus's computer did not mean that Terminus was in actual illicit possession of three hundred thousand of AT&T's dollars. Terminus was shipping software back and forth, privately, person to person, for free. He was not making a commercial business of piracy. He hadn't asked for money; he didn't take money. He lived quite modestly.

  AT&T employees -- as well as freelance UNIX consultants, like Terminus -- commonly worked with "proprietary" AT&T software, both in the office and at home on their private machines. AT&T rarely sent security officers out to comb the hard disks of its consultants. Cheap freelance UNIX contractors were quite useful to AT&T; they didn't have health insurance or retirement programs, much less union membership in the Communication Workers of America. They were humble digital drudges, wandering with mop and bucket through the Great Technological Temple of AT&T; but when the Secret Service arrived at their homes, it seemed they were eating with company silverware and sleeping on company sheets! Outrageously, they behaved as if the things they worked with every day belonged to them!

  And these were no mere hacker teenagers with their hands full of trash-paper and their noses pressed to the corporate windowpane. These guys were UNIX wizards, not only carrying AT&T data in their machines and their heads, but eagerly networking about it, over machines that were far more powerful than anything previously imagined in private hands. How do you keep people disposable, yet assure their awestruck respect for your property? It was a dilemma.

  Much UNIX code was public-domain, available for free. Much "proprietary" UNIX code had been extensively re-written, perhaps altered so much that it became an entirely new productК-- or perhaps not. Intellectual property rights for software developers were, and are, extraordinarily complex and confused. And software "piracy," like the private copying of videos, is one of the most widely practiced "crimes" in the wor
ld today.

  The USSS were not experts in UNIX or familiar with the customs of its use. The United States Secret Service, considered as a body, did not have one single person in it who could program in a UNIX environment -- no, not even one. The Secret Service *were* making extensive use of expert help, but the "experts" they had chosen were AT&T and Bellcore security officials, the very victims of the purported crimes under investigation, the very people whose interest in AT&T's "proprietary" software was most pronounced.

  On February 6, 1990, Terminus was arrested by Agent Lewis. Eventually, Terminus would be sent to prison for his illicit use of a piece of AT&T software.

  The issue of pirated AT&T software would bubble along in the background during the war on the Legion of Doom. Some half-dozen of Terminus's on-line acquaintances, including people in Illinois, Texas and California, were grilled by the Secret Service in connection with the illicit copying of software. Except for Terminus, however, none were charged with a crime. None of them shared his peculiar prominence in the hacker underground.

  But that did not meant that these people would, or could, stay out of trouble. The transferral of illicit data in cyberspace is hazy and ill-defined business, with paradoxical dangers for everyone concerned: hackers, signal carriers, board owners, cops, prosecutors, even random passers-by. Sometimes, well-meant attempts to avert trouble or punish wrongdoing bring more trouble than would simple ignorance, indifference or impropriety.

  Terminus's "Netsys" board was not a common-or- garden bulletin board system, though it had most of the usual functions of a board. Netsys was not a stand-alone machine, but part of the globe-spanning "UUCP" cooperative network. The UUCP network uses a set of Unix software programs called "Unix-to-Unix Copy," which allows Unix systems to throw data to one another at high speed through the public telephone network. UUCP is a radically decentralized, not-for-profit network of UNIX computers. There are tens of thousands of these UNIX machines. Some are small, but many are powerful and also link to other networks. UUCP has certain arcane links to major networks such as JANET, EasyNet, BITNET, JUNET, VNET, DASnet, PeaceNet and FidoNet, as well as the gigantic Internet. (The so-called "Internet" is not actually a network itself, but rather an "internetwork" connections standard that allows several globe-spanning computer networks to communicate with one another. Readers fascinated by the weird and intricate tangles of modern computer networks may enjoy John S. Quarterman's authoritative 719-page explication, *The Matrix,* Digital Press, 1990.) A skilled user of Terminus' UNIX machine could send and receive electronic mail from almost any major computer network in the world. Netsys was not called a "board" per se, but rather a "node." "Nodes" were larger, faster, and more sophisticated than mere "boards," and for hackers, to hang out on internationally-connected "nodes" was quite the step up from merely hanging out on local "boards."

  Terminus's Netsys node in Maryland had a number of direct links to other, similar UUCP nodes, run by people who shared his interests and at least something of his free-wheeling attitude. One of these nodes was Jolnet, owned by Richard Andrews, who, like Terminus, was an independent UNIX consultant. Jolnet also ran UNIX, and could be contacted at high speed by mainframe machines from all over the world. Jolnet was quite a sophisticated piece of work, technically speaking, but it was still run by an individual, as a private, not-for-profit hobby. Jolnet was mostly used by other UNIX programmers -- for mail, storage, and access to networks. Jolnet supplied access network access to about two hundred people, as well as a local junior college.

  Among its various features and services, Jolnet also carried *Phrack* magazine.

  For reasons of his own, Richard Andrews had become suspicious of a new user called "Robert Johnson." Richard Andrews took it upon himself to have a look at what "Robert Johnson" was storing in Jolnet. And Andrews found the E911 Document.

  "Robert Johnson" was the Prophet from the Legion of Doom, and the E911 Document was illicitly copied data from Prophet's raid on the BellSouth computers.

  The E911 Document, a particularly illicit piece of digital property, was about to resume its long, complex, and disastrous career.

  It struck Andrews as fishy that someone not a telephone employee should have a document referring to the "Enhanced 911 System." Besides, the document itself bore an obvious warning.

  "WARNING: NOT FOR USE OR DISCLOSURE OUTSIDE BELLSOUTH OR ANY OF ITS SUBSIDIARIES EXCEPT UNDER WRITTEN AGREEMENT."

  These standard nondisclosure tags are often appended to all sorts of corporate material. Telcos as a species are particularly notorious for stamping most everything in sight as "not for use or disclosure." Still, this particular piece of data was about the 911 System. That sounded bad to Rich Andrews.

  Andrews was not prepared to ignore this sort of trouble. He thought it would be wise to pass the document along to a friend and acquaintance on the UNIX network, for consultation. So, around September 1988, Andrews sent yet another copy of the E911 Document electronically to an AT&T employee, one Charles Boykin, who ran a UNIX-based node called "attctc" in Dallas, Texas.

  "Attctc" was the property of AT&T, and was run from AT&T's Customer Technology Center in Dallas, hence the name "attctc." "Attctc" was better-known as "Killer," the name of the machine that the system was running on. "Killer" was a hefty, powerful, AT&T 3B2 500 model, a multi-user, multi-tasking UNIX platform with 32 meg of memory and a mind-boggling 3.2 Gigabytes of storage. When Killer had first arrived in Texas, in 1985, the 3B2 had been one of AT&T's great white hopes for going head- to-head with IBM for the corporate computer-hardware market. "Killer" had been shipped to the Customer Technology Center in the Dallas Infomart, essentially a high-technology mall, and there it sat, a demonstration model.

  Charles Boykin, a veteran AT&T hardware and digital communications expert, was a local technical backup man for the AT&T 3B2 system. As a display model in the Infomart mall, "Killer" had little to do, and it seemed a shame to waste the system's capacity. So Boykin ingeniously wrote some UNIX bulletin-board software for "Killer," and plugged the machine in to the local phone network. "Killer's" debut in late 1985 made it the first publicly available UNIX site in the state of Texas. Anyone who wanted to play was welcome.

  The machine immediately attracted an electronic community. It joined the UUCP network, and offered network links to over eighty other computer sites, all of which became dependent on Killer for their links to the greater world of cyberspace. And it wasn't just for the big guys; personal computer users also stored freeware programs for the Amiga, the Apple, the IBM and the Macintosh on Killer's vast 3,200 meg archives. At one time, Killer had the largest library of public-domain Macintosh software in Texas.

  Eventually, Killer attracted about 1,500 users, all busily communicating, uploading and downloading, getting mail, gossipping, and linking to arcane and distant networks.

  Boykin received no pay for running Killer. He considered it good publicity for the AT&T 3B2 system (whose sales were somewhat less than stellar), but he also simply enjoyed the vibrant community his skill had created. He gave away the bulletin-board UNIX software he had written, free of charge.

  In the UNIX programming community, Charlie Boykin had the reputation of a warm, open-hearted, level- headed kind of guy. In 1989, a group of Texan UNIX professionals voted Boykin "System Administrator of the Year." He was considered a fellow you could trust for good advice.

  In September 1988, without warning, the E911 Document came plunging into Boykin's life, forwarded by Richard Andrews. Boykin immediately recognized that the Document was hot property. He was not a voice- communications man, and knew little about the ins and outs of the Baby Bells, but he certainly knew what the 911 System was, and he was angry to see confidential data about it in the hands of a nogoodnik. This was clearly a matter for telco security. So, on September 21, 1988, Boykin made yet *another* copy of the E911 Document and passed this one along to a professional acquaintance of his, one Jerome Dalton, from AT&T Corporate Information Security. Jerry Dalton was th
e very fellow who would later raid Terminus's house.

  From AT&T's security division, the E911 Document went to Bellcore.

  Bellcore (or BELL COmmunications REsearch) had once been the central laboratory of the Bell System. Bell Labs employees had invented the UNIX operating system. Now Bellcore was a quasi-independent, jointly owned company that acted as the research arm for all seven of the Baby Bell RBOCs. Bellcore was in a good position to co-ordinate security technology and consultation for the RBOCs, and the gentleman in charge of this effort was Henry M. Kluepfel, a veteran of the Bell System who had worked there for twenty-four years.

  On October 13, 1988, Dalton passed the E911 Document to Henry Kluepfel. Kluepfel, a veteran expert witness in telecommunications fraud and computer-fraud cases, had certainly seen worse trouble than this. He recognized the document for what it was: a trophy from a hacker break-in.

  However, whatever harm had been done in the intrusion was presumably old news. At this point there seemed little to be done. Kluepfel made a careful note of the circumstances and shelved the problem for the time being.

  Whole months passed.

  February 1989 arrived. The Atlanta Three were living it up in Bell South's switches, and had not yet met their comeuppance. The Legion was thriving. So was *Phrack* magazine. A good six months had passed since Prophet's AIMSX break-in. Prophet, as hackers will, grew weary of sitting on his laurels. "Knight Lightning" and "Taran King," the editors of *Phrack,* were always begging Prophet for material they could publish. Prophet decided that the heat must be off by this time, and that he could safely brag, boast, and strut.

  So he sent a copy of the E911 Document -- yet another one -- from Rich Andrews' Jolnet machine to Knight Lightning's BITnet account at the University of Missouri.

  Let's review the fate of the document so far.

  0. The original E911 Document. This in the AIMSX system on a mainframe computer in Atlanta, available to hundreds of people, but all of them, presumably, BellSouth employees. An unknown number of them may have their own copies of this document, but they are all professionals and all trusted by the phone company.

 

‹ Prev