Trashing
TECHHACK.ZIP 5063 06-11-91 Technical Hacking B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
8 7
The files above are do-it-yourself manuals about computer intrusion.
The above is only a small section of a much larger library of hacking and phreaking techniques and history. We now move into a different and perhaps surprising area.
+------------+
| Anarchy |
+------------+
ANARC.ZIP 3641 06-11-91 Anarchy Files
ANARCHST.ZIP 63703 06-11-91 Anarchist Book
ANARCHY.ZIP 2076 06-11-91 Anarchy At Home
ANARCHY3.ZIP 6982 06-11-91 Anarchy No 3
ANARCTOY.ZIP 2361 06-11-91 Anarchy Toys
ANTIMODM.ZIP 2877 06-11-91 Anti-modem Weapons ATOM.ZIP 4494 06-11-91 How To Make An Atom Bomb
BARBITUA.ZIP 3982 06-11-91 Barbiturate Formula BLCKPWDR.ZIP 2810 06-11-91 Black Powder Formulas BOMB.ZIP 3765 06-11-91 How To Make Bombs BOOM.ZIP 2036 06-11-91 Things That Go Boom CHLORINE.ZIP 1926 06-11-91 Chlorine Bomb
COOKBOOK.ZIP 1500 06-11-91 Anarchy Cook Book DESTROY.ZIP 3947 06-11-91 Destroy Stuff
DUSTBOMB.ZIP 2576 06-11-91 Dust Bomb
ELECTERR.ZIP 3230 06-11-91 Electronic Terror EXPLOS1.ZIP 2598 06-11-91 Explosives 1
EXPLOSIV.ZIP 18051 06-11-91 More Explosives
EZSTEAL.ZIP 4521 06-11-91 Ez-stealing
FLAME.ZIP 2240 06-11-91 Flame Thrower
FLASHLT.ZIP 2533 06-11-91 Flashlight Bomb
FMBUG.ZIP 2906 06-11-91 How To Make An Fm Bug OMEEXPL.ZIP 2139 06-11-91 Home Explosives
HOW2BRK.ZIP 3332 06-11-91 How To Break In
LETTER.ZIP 2990 06-11-91 Letter Bomb
LOCK.ZIP 2199 06-11-91 How To Pick Locks MRSHIN.ZIP 3991 06-11-91 Briefcase Locks
NAPALM.ZIP 3563 06-11-91 Napalm At Home
NITRO.ZIP 3158 06-11-91 Fun With Nitro
PARAMIL.ZIP 2962 06-11-91 Paramilitary Info PICKING.ZIP 3398 06-11-91 Picking Locks
PIPEBOMB.ZIP 2137 06-11-91 Pipe Bomb
POTASS.ZIP 3987 06-11-91 Formulas With Potassium PRANK.TXT 11074 08-03-90 More Pranks To Pull On Idiots!
REVENGE.ZIP 4447 06-11-91 Revenge Tactics
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
8 8
ROCKET.ZIP 2590 06-11-91 Rockets For Fun
SMUGGLE.ZIP 3385 06-11-91 How To Smuggle
Holy Cow! The damned thing is full of stuff about bombs!
What are we to make of this?
First, it should be acknowledged that spreading knowledge about demoli-tions to teenagers is a highly and deliberately antisocial act. It is not, however, illegal.
Second, it should be recognized that most of these philes were in fact
written by teenagers. Most adult American males who can remember their teenage years will recognize that the notion of building a flamethrower in your garage is an incredibly neat-o idea. Actually
building a flamethrower in your garage, however, is fraught with discouraging difficulty. Stuffing gunpowder into a booby-trapped flashlight, so as to blow the arm off your high-school vice-principal, can be a thing of dark beauty to contemplate. Actually committing assault by explosives will earn you the sustained attention of the federal Bureau of Alcohol, Tobacco and Firearms.
Some people, however, will actually try these plans. A determinedly murderous American teenager can probably buy or steal a handgun far more easily than he can brew fake "napalm" in the kitchen sink.
Nevertheless, if temptation is spread before people a certain number will succumb, and a small minority will actually attempt these stunts.
A large minority of that small minority will either fail or, quite likely, maim themselves, since these "philes" have not been checked for accu-racy, are not the product of professional experience, and are often highly fanciful. But the gloating menace of these philes is not to be entirely dismissed.
Hackers may not be "serious" about bombing; if they were, we would hear far more about exploding flashlights, homemade bazookas, and gym teachers poisoned by chlorine and potassium. However, hackers are
very serious about forbidden knowledge. They are possessed not merely by curiosity, but by a positive lust to know. The desire to know what others don't is scarcely new. But the intensity of this B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
8 9
desire, as manifested by these young technophilic denizens of the Information Age, may in fact be new, and may represent some basic shift in social values — a harbinger of what the world may come to, as society lays more and more value on the possession, assimilation and retailing of information as a basic commodity of daily life.
There have always been young men with obsessive interests in these topics. Never before, however, have they been able to network so extensively and easily, and to propagandize their interests with impunity to random passers-by. High-school teachers will recognize that there's always one in a crowd, but when the one in a crowd escapes control by jumping into the phonelines, and becomes a hundred such kids all together on a board, then trouble is brewing visibly. The urge of authority to do something, even something drastic, is hard to resist. And in 1990, authority did something. In fact authority did a great deal.
_____
The process by which boards create hackers goes something like this. A youngster becomes interested in computers — usually, computer games.
He hears from friends that "bulletin boards" exist where games can be obtained for free. (Many computer games are "freeware," not copyrighted — invented simply for the love of it and given away to the public; some of these games are quite good.) He bugs his parents for a modem, or quite often, uses his parents' modem.
The world of boards suddenly opens up. Computer games can be quite expensive, real budget-breakers for a kid, but pirated games, stripped of copy protection, are cheap or free. They are also illegal, but it is very rare, almost unheard of, for a small-scale software pirate to be prosecuted. Once "cracked" of its copy protection, the program, being digital data, becomes infinitely reproducible. Even the instructions to the game, any manuals that accompany it, can be reproduced as text files, or photocopied from legitimate sets. Other users on boards can give many useful hints in game-playing tactics. And a youngster with an infinite supply of free computer games can certainly cut quite a swath among his modem-less friends.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
9 0
And boards are pseudonymous. No one need know that you're fourteen years old — with a little practice at subterfuge, you can talk to adults about adult things, and be accepted and taken seriously! You can even pretend to be a girl, or an old man, or anybody you can imagine. If you find this kind of deception gratifying, there is ample opportunity to hone your ability on boards.
But local boards can grow stale. And almost every board maintains a list of phone-numbers to other boards, some in distant, tempting, exotic locales. Who knows what they're up to, in Oregon or Alaska or Florida or California? It's very easy to find out — just order the modem to call through its software — nothing to this, just typing on a keyboard, the same thing you would do for most any computer game. The machine reacts swiftly and in a few seconds you are talking to a bunch of interesting people on another seaboard.
And yet the bills for this trivial action can be staggering! Just by going tippety-tap with your fingers, you may have saddled your parents with four hundred bucks in long-distance charges, and gotten chewed out but good. That hardly seems fair.
How horrifying to have made friends in another state and to be deprived of their company — and their software — just because telephone companies demand absurd amounts of money! How painful, to be restricted to boards in one's own area code — what the heck is an "area code"
anyway, and what makes it so special? A few grumbles, complaints, and innocent questions of this sort will often elicit a sympathetic reply from another board user — someone with some stolen codes to hand.
You dither a while, knowing this isn't quite right, then you make up your mind to try them anyhow — and they work! Suddenly you're doing something even your parents can't do. Six months ago you were just some kid — now, you're the Crimson Flash of Area Code 512!
You're bad — you're nationwide!
Maybe you'll stop at a few abused codes. Maybe you'll decide that boards aren't all that interesting after all, that it's wrong, not worth the risk
— but maybe you won't. The next step is to pick up your own repeat-dialling program — to learn to generate your own stolen codes. (This B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
9 1
was dead easy five years ago, much harder to get away with nowadays, but not yet impossible.) And these dialling programs are not complex or intimidating — some are as small as twenty lines of software.
Now, you too can share codes. You can trade codes to learn other techniques. If you're smart enough to catch on, and obsessive enough to want to bother, and ruthless enough to start seriously bending rules, then you'll get better, fast. You start to develop a rep. You move up to a heavier class of board — a board with a bad attitude, the kind of board that naive dopes like your classmates and your former self have never even heard of! You pick up the jargon of phreaking and hacking from the board. You read a few of those anarchy philes — and man, you never realized you could be a real outlaw without ever leaving your bedroom.
You still play other computer games, but now you have a new and bigger game. This one will bring you a different kind of status than destroying even eight zillion lousy space invaders.
Hacking is perceived by hackers as a "game." This is not an entirely unreasonable or sociopathic perception. You can win or lose at hacking, succeed or fail, but it never feels "real." It's not simply that imaginative youngsters sometimes have a hard time telling "make-believe"
from "real life." Cyberspace is not real! "Real" things are physical objects like trees and shoes and cars. Hacking takes place on a screen.
Words aren't physical, numbers (even telephone numbers and credit card numbers) aren't physical. Sticks and stones may break my bones, but data will never hurt me. Computers simulate reality, like computer games that simulate tank battles or dogfights or spaceships.
Simulations are just make-believe, and the stuff in computers is not real.
Consider this: if "hacking" is supposed to be so serious and real-life and dangerous, then how come nine-year-old kids have computers and modems? You wouldn't give a nine year old his own car, or his own rifle, or his own chainsaw — those things are "real."
People underground are perfectly aware that the "game" is frowned upon B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
9 2
by the powers that be. Word gets around about busts in the underground. Publicizing busts is one of the primary functions of pirate boards, but they also promulgate an attitude about them, and their own idiosyncratic ideas of justice. The users of underground boards won't complain if some guy is busted for crashing systems, spreading viruses, or stealing money by wire-fraud. They may shake their heads with a sneaky grin, but they won't openly defend these practices. But when a kid is charged with some theoretical amount of theft: $233,846.14, for instance, because he sneaked into a computer and copied something, and kept it in his house on a floppy disk — this is regarded as a sign of near-insanity from prosecutors, a sign that they've drastically mistaken the immaterial game of computing for their real and boring everyday world of fatcat corporate money.
It's as if big companies and their suck-up lawyers think that computing belongs to them, and they can retail it with price stickers, as if it were boxes of laundry soap! But pricing "information" is like trying to price air or price dreams. Well, anybody on a pirate board knows that computing can be, and ought to be, free. Pirate boards are little independent worlds in cyberspace, and they don't belong to anybody but the underground. Underground boards aren't "brought to you by Procter & Gamble."
To log on to an underground board can mean to experience liberation, to enter a world where, for once, money isn't everything and adults don't have all the answers.
Let's sample another vivid hacker manifesto. Here are some excerpts from "The Conscience of a Hacker," by "The Mentor," from Phrack
Volume One, Issue 7, Phile 3.
"I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me.(...) "And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from day-to-day incompetencies is sought... a board is found.
'This is it... this is where I belong...' "I know everyone here... even if B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
9 3
I've never met them, never talked to them, may never hear from them again... I know you all...(...) "This is our world now.... the world of the electron and the switch, the beauty of the baud. We make use of a service already existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons, and you call us criminals. We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat and lie to us and try to make us believe that it's for our own good, yet we're the criminals. "Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for."
_____
There have been underground boards almost as long as there have been boards. One of the first was 8BBS, which became a stronghold of the West Coast phone-phreak elite. After going on-line in March 1980, 8BBS sponsored "Susan Thunder," and "Tuc," and, most notoriously,
"the Condor." "The Condor" bore the singular distinction of becoming the most vilified American phreak and hacker ever. Angry underground associates, fed up with Condor's peevish behavior, turned him in to police, along with a heaping double-helping of outrageous hacker legendry. As a result, Condor was kept in solitary confinement for seven months, for fear that he might start World War Three by triggering missile silos from the prison payphone. (Having served his time, Condor is now walking around loose; WWIII has thus far conspicuously failed to occur.)
The sysop of 8BBS was an ardent free-speech enthusiast who simply felt that any attempt to restrict the expression of his users was unconstitutional and immoral. Swarms of the technically curious entered 8BBS and emerged as phreaks and hackers, until, in 1982, a friendly 8BBS alumnus passed the sysop a new modem which had been purchased by credit-card fraud. Police took this opportunity to seize the entire board and remove what they considered an attractive nuisance.
Plovernet was a powerful East Coast pirate board that operated in both B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
9 4
New York and Florida. Owned and operated by teenage hacker "Quasi Moto," Plovernet attracted five hundred eager users in 1983.
"Emmanuel Goldstein" was one-time co-sysop of Plovernet, along with
"Lex Luthor," founder of the "Legion of Doom" group. Plovernet bore the signal honor of being the original home of the "Legion of Doom,"
about which the reader will be hearing a great deal, soon.
"Pirate-80," or "P-80," run by a sysop known as "Scan-Man," got into the game very early in Charleston, and continued steadily for years.
P-80 flourished so flagrantly that even its most hardened users became nervous, and some slanderously speculated that "Scan Man" must have ties to corporate security, a charge he vigorously denied.
"414 Private" was the home board for the first group to attract conspicuous trouble, the teenage "414 Gang," whose intrusions into Sloan-Kettering Cancer Center and Los Alamos military computers were to be a nine-days- wonder in 1982.
At about this time, the first software piracy boards began to open up, trading cracked games for the Atari 800 and the Commodore C64.
Naturally these boards were heavily frequented by teenagers. And with the 1983 release of the hacker-thriller movie War Games, the scene exploded. It seemed that every kid in America had demanded and gotten a modem for Christmas. Most of these dabbler wannabes put their modems in the attic after a few weeks, and most of the remainder minded their P's and Q's and stayed well out of hot water. But some stubborn and talented diehards had this hacker kid in War Games figured for a happening dude. They simply could not rest until they had contacted the underground — or, failing that, created their own.
In the mid-80s, underground boards sprang up like digital fungi.
ShadowSpawn Elite. Sherwood Forest I, II, and III. Digital Logic Data Service in Florida, sysoped by no less a man than "Digital Logic" himself; Lex Luthor of the Legion of Doom was prominent on this board, since it was in his area code. Lex's own board, "Legion of Doom," started in 1984. The Neon Knights ran a network of Apple-hacker boards: Neon Knights North, South, East and West. Free World II was run by
"Major Havoc." Lunatic Labs is still in operation as of this writing.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
9 5
Dr. Ripco in Chicago, an anything-goes anarchist board with an extensive and raucous history, was seized by Secret Service agents in 1990
on Sundevil day, but up again almost immediately, with new machines and scarcely diminished vigor.
The St. Louis scene was not to rank with major centers of American hacking such as New York and L.A. But St. Louis did rejoice in possession of "Knight Lightning" and "Taran King," two of the foremost
journalists native to the underground. Missouri boards like Metal Shop, Metal Shop Private, Metal Shop Brewery, may not have been the heaviest boards around in terms of illicit expertise. But they became boards where hackers could exchange social gossip and try to figure out what the heck was going on nationally — and internationally. Gossip from Metal Shop was put into the form of news files, then assembled into a general electronic publication, Phrack, a portmanteau title coined from "phreak" and "hack." The Phrack editors were as obsessively curious about other hackers as hackers were about machines.
Phrack, being free of charge and lively reading, began to circulate throughout the underground. As Taran King and Knight Lightning left high school for college, Phrack began to appear on mainframe machines linked to BITNET, and, through BITNET to the "Internet," that loose but extremely potent not-for-profit network where academic, governmental and corporate machines trade data through the UNIX
TCP/IP protocol. (The "Internet Worm" of November 2-3,1988, created by Cornell grad student Robert Morris, was to be the largest and best-publicized computer-intrusion scandal to date. Morris claimed that his ingenious "worm" program was meant to harmlessly explore the Internet, but due to bad programming, the Worm replicated out of control and crashed some six thousand Internet computers.
Smaller-scale and less ambitious Internet hacking was a standard for the underground elite.)
Most any underground board not hopelessly lame and out-of-it would feature a complete run of Phrack — and, possibly, the lesser-known standards of the underground: the Legion of Doom Technical Journal,
the obscene and raucous Cult of the Dead Cow files, P/HUN magazine, Pirate, the Syndicate Reports, and perhaps the highly B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
9 6
anarcho-political Activist Times Incorporated.
Possession of Phrack on one's board was prima facie evidence of a bad attitude. Phrack was seemingly everywhere, aiding, abetting, and spreading the underground ethos. And this did not escape the attention of corporate security or the police.
We now come to the touchy subject of police and boards. Police, do, in fact, own boards. In 1989, there were police-sponsored boards in California, Colorado, Florida, Georgia, Idaho, Michigan, Missouri, Texas, and Virginia: boards such as "Crime Bytes," "Crimestoppers,"
"All Points" and "Bullet-N-Board." Police officers, as private computer enthusiasts, ran their own boards in Arizona, California, Colorado, Connecticut, Florida, Missouri, Maryland, New Mexico, North Carolina, Ohio, Tennessee and Texas. Police boards have often proved helpful in community relations. Sometimes crimes are reported on police boards.
Sometimes crimes are committed on police boards. This has sometimes happened by accident, as naive hackers blunder onto police boards and blithely begin offering telephone codes. Far more often, however, it occurs through the now almost-traditional use of "sting boards." The first police sting-boards were established in 1985: "Underground Tunnel" in Austin, Texas, whose sysop Sgt. Robert Ansley called himself
"Pluto" — "The Phone Company" in Phoenix, Arizona, run by Ken MacLeod of the Maricopa County Sheriff's office — and Sgt. Dan Pasquale's board in Fremont, California. Sysops posed as hackers, and swiftly garnered coteries of ardent users, who posted codes and loaded pirate software with abandon, and came to a sticky end.
Sting boards, like other boards, are cheap to operate, very cheap by the standards of undercover police operations. Once accepted by the local underground, sysops will likely be invited into other pirate boards, where they can compile more dossiers. And when the sting is announced and the worst offenders arrested, the publicity is generally gratifying.
The resultant paranoia in the underground — perhaps more justly described as a "deterrence effect" — tends to quell local lawbreaking for quite a while.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
9 7
Obviously police do not have to beat the underbrush for hackers. On the contrary, they can go trolling for them. Those caught can be grilled.
Some become useful informants. They can lead the way to pirate boards all across the country.
And boards all across the country showed the sticky fingerprints of
Phrack, and of that loudest and most flagrant of all underground groups, the "Legion of Doom."
The term "Legion of Doom" came from comic books. The Legion of Doom, a conspiracy of costumed super-villains headed by the chrome-domed criminal ultra-mastermind Lex Luthor, gave Superman a lot of four-color graphic trouble for a number of decades. Of course, Superman, that exemplar of Truth, Justice, and the American Way, always won in the long run. This didn't matter to the hacker Doomsters — "Legion of Doom" was not some thunderous and evil Satanic reference, it was not meant to be taken seriously. "Legion of Doom" came from funny-books and was supposed to be funny.
"Legion of Doom" did have a good mouthfilling ring to it, though. It sounded really cool. Other groups, such as the "Farmers of Doom,"
closely allied to LoD, recognized this grandiloquent quality, and made fun of it. There was even a hacker group called "Justice League of America,"
named after Superman's club of true-blue crimefighting superheros.
But they didn't last; the Legion did.
The original Legion of Doom, hanging out on Quasi Moto's Plovernet board, were phone phreaks. They weren't much into computers. "Lex Luthor" himself (who was under eighteen when he formed the Legion) was a COSMOS expert, COSMOS being the "Central System for Mainframe Operations," a telco internal computer network. Lex would eventually become quite a dab hand at breaking into IBM mainframes, but although everyone liked Lex and admired his attitude, he was not considered a truly accomplished computer intruder. Nor was he the "mastermind" of the Legion of Doom — LoD were never big on formal leadership. As a regular on Plovernet and sysop of his "Legion of Doom BBS," Lex was B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
9 8
the Legion's cheerleader and recruiting officer.
Legion of Doom began on the ruins of an earlier phreak group, The Knights of Shadow. Later, LoD was to subsume the personnel of the hacker group "Tribunal of Knowledge." People came and went constantly in LoD; groups split up or formed offshoots.
Early on, the LoD phreaks befriended a few computer-intrusion enthusiasts, who became the associated "Legion of Hackers." Then the two groups conflated into the "Legion of Doom/Hackers," or LoD/H. When the original "hacker" wing, Messrs. "Compu-Phreak" and "Phucked Agent 04," found other matters to occupy their time, the extra "/H"
slowly atrophied out of the name; but by this time the phreak wing, Messrs. Lex Luthor, "Blue Archer," "Gary Seven," "Kerrang Khan,"
"Master of Impact," "Silver Spy," "The Marauder," and "The Videosmith," had picked up a plethora of intrusion expertise and had become a force to be reckoned with.
LoD members seemed to have an instinctive understanding that the way to real power in the underground lay through covert publicity. LoD
were flagrant. Not only was it one of the earliest groups, but the members took pains to widely distribute their illicit knowledge. Some LoD
members, like "The Mentor," were close to evangelical about it.
Legion of Doom Technical Journal began to show up on boards throughout the underground.
LoD Technical Journal was named in cruel parody of the ancient and honored AT&T Technical Journal. The material in these two publications was quite similar — much of it, adopted from public journals and discussions in the telco community. And yet, the predatory attitude of LoD made even its most innocuous data seem deeply sinister; an outrage; a clear and present danger.
To see why this should be, let's consider the following (invented) paragraphs, as a kind of thought experiment.
(A) "W. Fred Brown, AT&T Vice President for Advanced Technical Development, testified May 8 at a Washington hearing of the National B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
9 9
Telecommunications and Information Administration (NTIA), regarding Bellcore's GARDEN project. GARDEN (Generalized Automatic Remote Distributed Electronic Network) is a telephone-switch programming tool that makes it possible to develop new telecom services, including hold-on-hold and customized message transfers, from any keypad terminal, within seconds. The GARDEN prototype combines centrex lines with a minicomputer using UNIX operating system software."
(B) "Crimson Flash 512 of the Centrex Mobsters reports: D00dz, you wouldn't believe this GARDEN bullshit Bellcore's just come up with!
Now you don't even need a lousy Commodore to reprogram a switch —
just log on to GARDEN as a technician, and you can reprogram switches right off the keypad in any public phone booth! You can give yourself hold-on-hold and customized message transfers, and best of all, the thing is run off (notoriously insecure) centrex lines using — get this —
standard UNIX software! Ha ha ha ha!"
Message (A), couched in typical techno-bureaucratese, appears tedious and almost unreadable. (A) scarcely seems threatening or menacing.
Message (B), on the other hand, is a dreadful thing, prima facie evidence of a dire conspiracy, definitely not the kind of thing you want your teenager reading.
The information, however, is identical. It is public information, presented before the federal government in an open hearing. It is not
"secret." It is not "proprietary." It is not even "confidential." On the contrary, the development of advanced software systems is a matter of great public pride to Bellcore.
However, when Bellcore publicly announces a project of this kind, it expects a certain attitude from the public — something along the lines of
gosh wow, you guys are great, keep that up, whatever it is — certainly not cruel mimickry, one-upmanship and outrageous speculations about possible security holes.
Now put yourself in the place of a policeman confronted by an outraged parent, or telco official, with a copy of Version (B). This well-meaning citizen, to his horror, has discovered a local bulletin-board carrying B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 0 0
outrageous stuff like (B), which his son is examining with a deep and unhealthy interest. If (B) were printed in a book or magazine, you, as an American law enforcement officer, would know that it would take a hell of a lot of trouble to do anything about it; but it doesn't take technical genius to recognize that if there's a computer in your area harboring stuff like (B), there's going to be trouble.
In fact, if you ask around, any computer-literate cop will tell you straight out that boards with stuff like (B) are the source of trouble.
And the worst source of trouble on boards are the ringleaders inventing and spreading stuff like (B). If it weren't for these jokers, there wouldn't be any trouble.
And Legion of Doom were on boards like nobody else. Plovernet. The Legion of Doom Board. The Farmers of Doom Board. Metal Shop. OSUNY.
Blottoland. Private Sector. Atlantis. Digital Logic. Hell Phrozen Over.
LoD members also ran their own boards. "Silver Spy" started his own board, "Catch-22," considered one of the heaviest around. So did
"Mentor," with his "Phoenix Project." When they didn't run boards themselves, they showed up on other people's boards, to brag, boast, and strut. And where they themselves didn't go, their philes went, carrying evil knowledge and an even more evil attitude.
As early as 1986, the police were under the vague impression that
everyone in the underground was Legion of Doom. LoD was never that large — considerably smaller than either "Metal Communications"
or "The Administration," for instance — but LoD got tremendous press.
Especially in Phrack, which at times read like an LoD fan magazine; and Phrack was everywhere, especially in the offices of telco security. You couldn't get busted as a phone phreak, a hacker, or even a lousy codes kid or warez dood, without the cops asking if you were LoD.
This was a difficult charge to deny, as LoD never distributed membership badges or laminated ID cards. If they had, they would likely have died out quickly, for turnover in their membership was considerable.
LoD was less a high-tech street-gang than an ongoing state-of- mind.
LoD was the Gang That Refused to Die. By 1990, LoD had ruled for B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 0 1
ten years, and it seemed weird to police that they were continually busting people who were only sixteen years old. All these teenage small-timers were pleading the tiresome hacker litany of "just curious, no criminal intent." Somewhere at the center of this conspiracy there had to be some serious adult masterminds, not this seemingly endless supply of myopic suburban white kids with high SATs and funny haircuts.
There was no question that most any American hacker arrested would
"know" LoD. They knew the handles of contributors to LoD Tech Journal, and were likely to have learned their craft through LoD
boards and LoD activism. But they'd never met anyone from LoD. Even some of the rotating cadre who were actually and formally "in LoD"
knew one another only by board-mail and pseudonyms. This was a highly unconventional profile for a criminal conspiracy. Computer networking, and the rapid evolution of the digital underground, made the situation very diffuse and confusing.
Furthermore, a big reputation in the digital underground did not coincide with one's willingness to commit "crimes." Instead, reputation was based on cleverness and technical mastery. As a result, it often seemed that the heavier the hackers were, the less likely they were to have committed any kind of common, easily prosecutable crime.
There were some hackers who could really steal. And there were hackers who could really hack. But the two groups didn't seem to overlap much, if at all. For instance, most people in the underground looked up to "Emmanuel Goldstein" of 2600 as a hacker demigod. But Goldstein's publishing activities were entirely legal — Goldstein just printed dodgy stuff and talked about politics, he didn't even hack. When you came right down to it, Goldstein spent half his time complaining that computer security wasn't strong enough and ought to be drastically improved across the board!
Truly heavy-duty hackers, those with serious technical skills who had earned the respect of the underground, never stole money or abused credit cards. Sometimes they might abuse phone-codes — but often, they seemed to get all the free phone-time they wanted without leaving a trace of any kind.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 0 2
The best hackers, the most powerful and technically accomplished, were not professional fraudsters. They raided computers habitually, but wouldn't alter anything, or damage anything. They didn't even steal computer equipment — most had day-jobs messing with hardware, and could get all the cheap secondhand equipment they wanted. The hottest hackers, unlike the teenage wannabes, weren't snobs about fancy or expensive hardware. Their machines tended to be raw secondhand digital hot-rods full of custom add-ons that they'd cobbled together out of chickenwire, memory chips and spit. Some were adults, computer software writers and consultants by trade, and making quite good livings at it. Some of them actually worked for the phone company — and for those, the "hackers" actually found under the skirts of Ma Bell, there would be little mercy in 1990.
It has long been an article of faith in the underground that the "best"
hackers never get caught. They're far too smart, supposedly. They never get caught because they never boast, brag, or strut. These demigods may read underground boards (with a condescending smile), but they never say anything there. The "best" hackers, according to legend, are adult computer professionals, such as mainframe system administrators, who already know the ins and outs of their particular brand of security. Even the "best" hacker can't break in to just any computer at random: the knowledge of security holes is too specialized, varying widely with different software and hardware. But if people are employed to run, say, a UNIX mainframe or a VAX/VMS machine, then they tend to learn security from the inside out. Armed with this knowledge, they can look into most anybody else's UNIX or VMS without much trouble or risk, if they want to. And, according to hacker legend, of course they want to, so of course they do. They just don't make a big deal of what they've done. So nobody ever finds out.
It is also an article of faith in the underground that professional telco people "phreak" like crazed weasels. Of course they spy on Madonna's phone calls — I mean, wouldn't you? Of course they give themselves free long-distance — why the hell should they pay, they're running the whole shebang!
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 0 3
It has, as a third matter, long been an article of faith that any hacker caught can escape serious punishment if he confesses how he did it.
Hackers seem to believe that governmental agencies and large corporations are blundering about in cyberspace like eyeless jellyfish or cave salamanders. They feel that these large but pathetically stupid organizations will proffer up genuine gratitude, and perhaps even a security post and a big salary, to the hot-shot intruder who will deign to reveal to them the supreme genius of his modus operandi.
In the case of longtime LoD member "Control-C," this actually happened, more or less. Control-C had led Michigan Bell a merry chase, and when captured in 1987, he turned out to be a bright and apparently physically harmless young fanatic, fascinated by phones. There was no chance in hell that Control-C would actually repay the enormous and largely theoretical sums in long-distance service that he had accumulated from Michigan Bell. He could always be indicted for fraud or computer-intrusion, but there seemed little real point in this — he hadn't physically damaged any computer. He'd just plead guilty, and he'd likely get the usual slap-on-the-wrist, and in the meantime it would be a big hassle for Michigan Bell just to bring up the case. But if kept on the payroll, he might at least keep his fellow hackers at bay.
There were uses for him. For instance, a contrite Control-C was featured on Michigan Bell internal posters, sternly warning employees to shred their trash. He'd always gotten most of his best inside info from
"trashing" — raiding telco dumpsters, for useful data indiscreetly thrown away. He signed these posters, too. Control-C had become something like a Michigan Bell mascot. And in fact, Control-C did
keep other hackers at bay. Little hackers were quite scared of Control-C and his heavy-duty Legion of Doom friends. And big hackers were
his friends and didn't want to screw up his cushy situation.
No matter what one might say of LoD, they did stick together. When
"Wasp," an apparently genuinely malicious New York hacker, began crashing Bellcore machines, Control-C received swift volunteer help from "the Mentor" and the Georgia LoD wing made up of "The Prophet,"
"Urvile," and "Leftist." Using Mentor's Phoenix Project board to coor-dinate, the Doomsters helped telco security to trap Wasp, by luring him B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 0 4
into a machine with a tap and line-trace installed. Wasp lost. LoD won!
And my, did they brag.
Urvile, Prophet and Leftist were well-qualified for this activity, probably more so even than the quite accomplished Control-C. The Georgia boys knew all about phone switching-stations. Though relative johnny-come- latelies in the Legion of Doom, they were considered some of LoD's heaviest guys, into the hairiest systems around. They had the good fortune to live in or near Atlanta, home of the sleepy and apparently tolerant BellSouth RBOC.
As RBOC security went, BellSouth were "cake." US West (of Arizona, the Rockies and the Pacific Northwest) were tough and aggressive, probably the heaviest RBOC around. Pacific Bell, California's PacBell, were sleek, high-tech, and longtime veterans of the LA phone-phreak wars. NYNEX had the misfortune to run the New York City area, and were warily prepared for most anything. Even Michigan Bell, a division of the Ameritech RBOC, at least had the elementary sense to hire their own hacker as a useful scarecrow. But BellSouth, even though their corporate P.R. proclaimed them to have "Everything You Expect From a Leader," were pathetic.
When rumor about LoD's mastery of Georgia's switching network got around to BellSouth through Bellcore and telco security scuttlebutt, they at first refused to believe it. If you paid serious attention to every rumor out and about these hacker kids, you would hear all kinds of wacko saucer-nut nonsense: that the National Security Agency monitored all American phone calls, that the CIA and DEA tracked traffic on bulletin-boards with word-analysis programs, that the Condor could start World War III from a payphone.
If there were hackers into BellSouth switching-stations, then how come nothing had happened? Nothing had been hurt. BellSouth's machines weren't crashing. BellSouth wasn't suffering especially badly from fraud. BellSouth's customers weren't complaining. BellSouth was headquartered in Atlanta, ambitious metropolis of the new high-tech Sunbelt; and BellSouth was upgrading its network by leaps and bounds, digitizing the works left right and center. They could hardly be consid-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 0 5
ered sluggish or naive. BellSouth's technical expertise was second to none, thank you kindly.
But then came the Florida business.
On June 13, 1989, callers to the Palm Beach County Probation Department, in Delray Beach, Florida, found themselves involved in a remarkable discussion with a phonesex worker named "Tina" in New York State. Somehow, any call to this probation office near Miami was instantly and magically transported across state lines, at no extra charge to the user, to a pornographic phonesex hotline hundreds of miles away!
This practical joke may seem utterly hilarious at first hearing, and indeed there was a good deal of chuckling about it in phone phreak circles, including the Autumn 1989 issue of 2600. But for Southern Bell (the division of the BellSouth RBOC supplying local service for Florida, Georgia, North Carolina and South Carolina), this was a smoking gun. For the first time ever, a computer intruder had broken into a BellSouth central office switching station and reprogrammed it!
Or so BellSouth thought in June 1989. Actually, LoD members had been frolicking harmlessly in BellSouth switches since September 1987.
The stunt of June 13 — call-forwarding a number through manipulation of a switching station — was child's play for hackers as accomplished as the Georgia wing of LoD. Switching calls interstate sounded like a big deal, but it took only four lines of code to accomplish this. An easy, yet more discreet, stunt, would be to call-forward another number to your own house. If you were careful and considerate, and changed the software back later, then not a soul would know. Except you. And whoever you had bragged to about it.
As for BellSouth, what they didn't know wouldn't hurt them.
Except now somebody had blown the whole thing wide open, and BellSouth knew.
A now alerted and considerably paranoid BellSouth began searching B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 0 6
switches right and left for signs of impropriety, in that hot summer of 1989. No fewer than forty-two BellSouth employees were put on 12-hour shifts, twenty-four hours a day, for two solid months, poring over records and monitoring computers for any sign of phony access. These forty-two overworked experts were known as BellSouth's "Intrusion Task Force."
What the investigators found astounded them. Proprietary telco databases had been manipulated: phone numbers had been created out of thin air, with no users' names and no addresses. And perhaps worst of all, no charges and no records of use. The new digital ReMOB (Remote Observation) diagnostic feature had been extensively tampered with —
hackers had learned to reprogram ReMOB software, so that they could listen in on any switch-routed call at their leisure! They were using telco property to spy!
The electrifying news went out throughout law enforcement in 1989. It had never really occurred to anyone at BellSouth that their prized and brand-new digital switching-stations could be reprogrammed.
People seemed utterly amazed that anyone could have the nerve. Of course these switching stations were "computers," and everybody knew hackers liked to "break into computers:" but telephone people's computers were different from normal people's computers.
The exact reason why these computers were "different" was rather ill-defined. It certainly wasn't the extent of their security. The security on these BellSouth computers was lousy; the AIMSX computers, for instance, didn't even have passwords. But there was no question that BellSouth strongly felt that their computers were very different indeed. And if there were some criminals out there who had not gotten that message, BellSouth was determined to see that message taught.
After all, a 5ESS switching station was no mere bookkeeping system for some local chain of florists. Public service depended on these stations.
Public safety depended on these stations.
And hackers, lurking in there call-forwarding or ReMobbing, could spy on anybody in the local area! They could spy on telco officials! They B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 0 7
could spy on police stations! They could spy on local offices of the Secret Service....
In 1989, electronic cops and hacker-trackers began using scrambler-phones and secured lines. It only made sense. There was no telling who was into those systems. Whoever they were, they sounded scary. This was some new level of antisocial daring. Could be West German hackers, in the pay of the KGB. That too had seemed a weird and farfetched notion, until Clifford Stoll had poked and prodded a sluggish Washington law-enforcement bureaucracy into investigating a computer intrusion that turned out to be exactly that — hackers, in the pay of the KGB!
Stoll, the systems manager for an Internet lab in Berkeley California, had ended up on the front page of the New York Times, proclaimed a national hero in the first true story of international computer espionage. Stoll's counterspy efforts, which he related in a bestselling book,
The Cuckoo's Egg, in 1989, had established the credibility of 'hacking' as a possible threat to national security. The United States Secret Service doesn't mess around when it suspects a possible action by a foreign intelligence apparat.
The Secret Service scrambler-phones and secured lines put a tremendous kink in law enforcement's ability to operate freely; to get the word out, cooperate, prevent misunderstandings. Nevertheless, 1989
scarcely seemed the time for half-measures. If the police and Secret Service themselves were not operationally secure, then how could they reasonably demand measures of security from private enterprise? At least, the inconvenience made people aware of the seriousness of the threat.
If there was a final spur needed to get the police off the dime, it came in the realization that the emergency 911 system was vulnerable. The 911 system has its own specialized software, but it is run on the same digital switching systems as the rest of the telephone network. 911 is not physically different from normal telephony. But it is certainly culturally different, because this is the area of telephonic cyberspace reserved for the police and emergency services.
Your average policeman may not know much about hackers or phone-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 0 8
phreaks. Computer people are weird; even computer cops are rather weird; the stuff they do is hard to figure out. But a threat to the 911
system is anything but an abstract threat. If the 911 system goes, people can die.
Imagine being in a car-wreck, staggering to a phone-booth, punching 911 and hearing "Tina" pick up the phonesex line somewhere in New York! The situation's no longer comical, somehow.
And was it possible? No question. Hackers had attacked 911 systems before. Phreaks can max-out 911 systems just by siccing a bunch of computer-modems on them in tandem, dialling them over and over until they clog. That's very crude and low-tech, but it's still a serious business.
The time had come for action. It was time to take stern measures with the underground. It was time to start picking up the dropped threads, the loose edges, the bits of braggadocio here and there; it was time to get on the stick and start putting serious casework together. Hackers weren't "invisible." They thought they were invisible; but the truth was, they had just been tolerated too long.
Under sustained police attention in the summer of '89, the digital underground began to unravel as never before.
The first big break in the case came very early on: July 1989, the following month. The perpetrator of the "Tina" switch was caught, and confessed. His name was "Fry Guy," a 16-year-old in Indiana. Fry Guy had been a very wicked young man.
Fry Guy had earned his handle from a stunt involving French fries. Fry Guy had filched the log-in of a local MacDonald's manager and had logged-on to the MacDonald's mainframe on the Sprint Telenet system.
Posing as the manager, Fry Guy had altered MacDonald's records, and given some teenage hamburger-flipping friends of his, generous raises.
He had not been caught.
Emboldened by success, Fry Guy moved on to credit-card abuse. Fry B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 0 9
Guy was quite an accomplished talker; with a gift for "social engineering." If you can do "social engineering" — fast-talk, fake-outs, impersonation, conning, scamming — then card abuse comes easy.
(Getting away with it in the long run is another question).
Fry Guy had run across "Urvile" of the Legion of Doom on the ALTOS Chat board in Bonn, Germany. ALTOS Chat was a sophisticated board, accessible through globe-spanning computer networks like BITnet, Tymnet, and Telenet. ALTOS was much frequented by members of Germany's Chaos Computer Club. Two Chaos hackers who hung out on ALTOS,
"Jaeger" and "Pengo," had been the central villains of Clifford Stoll's CUCKOO'S EGG case: consorting in East Berlin with a spymaster from the KGB, and breaking into American computers for hire, through the Internet.
When LoD members learned the story of Jaeger's depredations from Stoll's book, they were rather less than impressed, technically speaking. On LoD's own favorite board of the moment, "Black Ice," LoD members bragged that they themselves could have done all the Chaos breakins in a week flat! Nevertheless, LoD were grudgingly impressed by the Chaos rep, the sheer hairy-eyed daring of hash-smoking anarchist hackers who had rubbed shoulders with the fearsome big-boys of international Communist espionage. LoD members sometimes traded bits of knowledge with friendly German hackers on ALTOS — phone numbers for vulnerable VAX/VMS computers in Georgia, for instance. Dutch and British phone phreaks, and the Australian clique of "Phoenix," "Nom,"
and "Electron," were ALTOS regulars, too. In underground circles, to hang out on ALTOS was considered the sign of an elite dude, a sophisticated hacker of the international digital jet-set.
Fry Guy quickly learned how to raid information from credit-card consumer-reporting agencies. He had over a hundred stolen credit-card numbers in his notebooks, and upwards of a thousand swiped long-distance access codes. He knew how to get onto Altos, and how to talk the talk of the underground convincingly. He now wheedled knowledge of switching-station tricks from Urvile on the ALTOS system.
Combining these two forms of knowledge enabled Fry Guy to bootstrap B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 1 0
his way up to a new form of wire-fraud. First, he'd snitched credit card numbers from credit-company computers. The data he copied included names, addresses and phone numbers of the random card-holders.
Then Fry Guy, impersonating a card-holder, called up Western Union and asked for a cash advance on "his" credit card. Western Union, as a security guarantee, would call the customer back, at home, to verify the transaction.
But, just as he had switched the Florida probation office to "Tina" in New York, Fry Guy switched the card-holder's number to a local payphone. There he would lurk in wait, muddying his trail by routing and re-routing the call, through switches as far away as Canada. When the call came through, he would boldly "social-engineer," or con, the Western Union people, pretending to be the legitimate card-holder.
Since he'd answered the proper phone number, the deception was not very hard. Western Union's money was then shipped to a confederate of Fry Guy's in his home town in Indiana.
Fry Guy and his cohort, using LoD techniques, stole six thousand dollars from Western Union between December 1988 and July 1989. They also dabbled in ordering delivery of stolen goods through card-fraud. Fry Guy was intoxicated with success. The sixteen-year-old fantasized wildly to hacker rivals, boasting that he'd used rip-off money to hire himself a big limousine, and had driven out-of-state with a groupie from his favorite heavy-metal band, Motley Crue.
Armed with knowledge, power, and a gratifying stream of free money, Fry Guy now took it upon himself to call local representatives of Indiana Bell security, to brag, boast, strut, and utter tormenting warnings that his powerful friends in the notorious Legion of Doom could crash the national telephone network. Fry Guy even named a date for the scheme: the Fourth of July, a national holiday.
This egregious example of the begging-for-arrest syndrome was shortly followed by Fry Guy's arrest. After the Indiana telephone company figured out who he was, the Secret Service had DNRs — Dialed Number B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 1 1
Recorders — installed on his home phone lines. These devices are not taps, and can't record the substance of phone calls, but they do record the phone numbers of all calls going in and out. Tracing these numbers showed Fry Guy's long-distance code fraud, his extensive ties to pirate bulletin boards, and numerous personal calls to his LoD friends in Atlanta. By July 11, 1989, Prophet, Urvile and Leftist also had Secret Service DNR "pen registers" installed on their own lines.
The Secret Service showed up in force at Fry Guy's house on July 22, 1989, to the horror of his unsuspecting parents. The raiders were led by a special agent from the Secret Service's Indianapolis office.
However, the raiders were accompanied and advised by Timothy M. Foley of the Secret Service's Chicago office (a gentleman about whom we will soon be hearing a great deal).
Following federal computer-crime techniques that had been standard since the early 1980s, the Secret Service searched the house thoroughly, and seized all of Fry Guy's electronic equipment and notebooks. All Fry Guy's equipment went out the door in the custody of the Secret Service, which put a swift end to his depredations.
The USSS interrogated Fry Guy at length. His case was put in the charge of Deborah Daniels, the federal US Attorney for the Southern District of Indiana. Fry Guy was charged with eleven counts of computer fraud, unauthorized computer access, and wire fraud. The evidence was thorough and irrefutable. For his part, Fry Guy blamed his corruption on the Legion of Doom and offered to testify against them.
Fry Guy insisted that the Legion intended to crash the phone system on a national holiday. And when AT&T crashed on Martin Luther King Day, 1990, this lent a credence to his claim that genuinely alarmed telco security and the Secret Service.
Fry Guy eventually pled guilty on May 31, 1990. On September 14, he was sentenced to forty-four months' probation and four hundred hours'
community service. He could have had it much worse; but it made sense to prosecutors to take it easy on this teenage minor, while zeroing in on the notorious kingpins of the Legion of Doom.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 1 2
But the case against LoD had nagging flaws. Despite the best effort of investigators, it was impossible to prove that the Legion had crashed the phone system on January 15, because they, in fact, hadn't done so. The investigations of 1989 did show that certain members of the Legion of Doom had achieved unprecedented power over the telco switching stations, and that they were in active conspiracy to obtain more power yet.
Investigators were privately convinced that the Legion of Doom intended to do awful things with this knowledge, but mere evil intent was not enough to put them in jail.
And although the Atlanta Three — Prophet, Leftist, and especially Urvile
— had taught Fry Guy plenty, they were not themselves credit-card fraudsters. The only thing they'd "stolen" was long-distance service —
and since they'd done much of that through phone-switch manipulation, there was no easy way to judge how much they'd "stolen," or whether this practice was even "theft" of any easily recognizable kind.
Fry Guy's theft of long-distance codes had cost the phone companies plenty. The theft of long-distance service may be a fairly theoretical
"loss," but it costs genuine money and genuine time to delete all those stolen codes, and to re-issue new codes to the innocent owners of those corrupted codes. The owners of the codes themselves are victimized, and lose time and money and peace of mind in the hassle. And then there were the credit-card victims to deal with, too, and Western Union.
When it came to rip-off, Fry Guy was far more of a thief than LoD. It was only when it came to actual computer expertise that Fry Guy was small potatoes.
The Atlanta Legion thought most "rules" of cyberspace were for rodents and losers, but they did have rules. They never crashed anything, and they never took money. These were rough rules-of-thumb, and rather dubious principles when it comes to the ethical subtleties of cyberspace, but they enabled the Atlanta Three to operate with a relatively clear conscience (though never with peace of mind).
If you didn't hack for money, if you weren't robbing people of actual funds — money in the bank, that is — then nobody really got hurt, in B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 1 3
LoD's opinion. "Theft of service" was a bogus issue, and "intellectual property" was a bad joke. But LoD had only elitist contempt for rip-off artists, "leechers," thieves. They considered themselves clean. In their opinion, if you didn't smash-up or crash any systems — (well, not on purpose, anyhow — accidents can happen, just ask Robert Morris) then it was very unfair to call you a "vandal" or a "cracker."
When you were hanging out on-line with your "pals" in telco security, you could face them down from the higher plane of hacker morality. And you could mock the police from the supercilious heights of your hacker's quest for pure knowledge.
But from the point of view of law enforcement and telco security, however, Fry Guy was not really dangerous. The Atlanta Three were dangerous. It wasn't the crimes they were committing, but the danger,
the potential hazard, the sheer technical power LoD had accumulated, that had made the situation untenable.
Fry Guy was not LoD. He'd never laid eyes on anyone in LoD; his only contacts with them had been electronic. Core members of the Legion of Doom tended to meet physically for conventions every year or so, to get drunk, give each other the hacker high-sign, send out for pizza and rav-age hotel suites. Fry Guy had never done any of this. Deborah Daniels assessed Fry Guy accurately as "an LoD wannabe."
Nevertheless Fry Guy's crimes would be directly attributed to LoD in much future police propaganda. LoD would be described as "a closely knit group" involved in "numerous illegal activities" including "stealing and modifying individual credit histories," and "fraudulently obtaining money and property." Fry Guy did this, but the Atlanta Three didn't; they simply weren't into theft, but rather intrusion. This caused a strange kink in the prosecution's strategy. LoD were accused of "dis-seminating information about attacking computers to other computer hackers in an effort to shift the focus of law enforcement to those other hackers and away from the Legion of Doom."
This last accusation (taken directly from a press release by the Chicago Computer Fraud and Abuse Task Force) sounds particularly farfetched.
One might conclude at this point that investigators would have been B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 1 4
well-advised to go ahead and "shift their focus" from the "Legion of Doom." Maybe they should concentrate on "those other hackers" —
the ones who were actually stealing money and physical objects.
But the Hacker Crackdown of 1990 was not a simple policing action. It wasn't meant just to walk the beat in cyberspace — it was a crackdown, a deliberate attempt to nail the core of the operation, to send a dire and potent message that would settle the hash of the digital underground for good.
By this reasoning, Fry Guy wasn't much more than the electronic equivalent of a cheap streetcorner dope dealer. As long as the masterminds of LoD were still flagrantly operating, pushing their mountains of illicit knowledge right and left, and whipping up enthusiasm for blatant lawbreaking, then there would be an infinite supply of Fry Guys.
Because LoD were flagrant, they had left trails everywhere, to be picked up by law enforcement in New York, Indiana, Florida, Texas, Arizona, Missouri, even Australia. But 1990's war on the Legion of Doom was led out of Illinois, by the Chicago Computer Fraud and Abuse Task Force.
_____
The Computer Fraud and Abuse Task Force, led by federal prosecutor William J. Cook, had started in 1987 and had swiftly become one of the most aggressive local "dedicated computer-crime units." Chicago was a natural home for such a group. The world's first computer bulletin-board system had been invented in Illinois. The state of Illinois had some of the nation's first and sternest computer crime laws. Illinois State Police were markedly alert to the possibilities of white-collar crime and electronic fraud.
And William J. Cook in particular was a rising star in electronic crimebusting. He and his fellow federal prosecutors at the U.S.
Attorney's office in Chicago had a tight relation with the Secret Service, especially go-getting Chicago-based agent Timothy Foley. While Cook and his Department of Justice colleagues plotted strategy, Foley was their man on the street.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 1 5
Throughout the 1980s, the federal government had given prosecutors an armory of new, untried legal tools against computer crime. Cook and his colleagues were pioneers in the use of these new statutes in the real-life cut-and-thrust of the federal courtroom.
On October 2, 1986, the US Senate had passed the "Computer Fraud and Abuse Act" unanimously, but there were pitifully few convictions under this statute. Cook's group took their name from this statute, since they were determined to transform this powerful but rather theoretical Act of Congress into a real-life engine of legal destruction against computer fraudsters and scofflaws.
It was not a question of merely discovering crimes, investigating them, and then trying and punishing their perpetrators. The Chicago unit, like most everyone else in the business, already knew who the bad guys were: the Legion of Doom and the writers and editors of Phrack.
The task at hand was to find some legal means of putting these characters away.
This approach might seem a bit dubious, to someone not acquainted with the gritty realities of prosecutorial work. But prosecutors don't put people in jail for crimes they have committed; they put people in jail for crimes they have committed that can be proved in court. Chicago federal police put Al Capone in prison for income-tax fraud. Chicago is a big town, with a rough-and-ready bare-knuckle tradition on both sides of the law.
Fry Guy had broken the case wide open and alerted telco security to the scope of the problem. But Fry Guy's crimes would not put the Atlanta Three behind bars — much less the wacko underground journalists of
Phrack. So on July 22, 1989, the same day that Fry Guy was raided in Indiana, the Secret Service descended upon the Atlanta Three.
This was likely inevitable. By the summer of 1989, law enforcement were closing in on the Atlanta Three from at least six directions at once.
First, there were the leads from Fry Guy, which had led to the DNR registers being installed on the lines of the Atlanta Three. The DNR evidence alone would have finished them off, sooner or later.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 1 6
But second, the Atlanta lads were already well-known to Control-C and his telco security sponsors. LoD's contacts with telco security had made them overconfident and even more boastful than usual; they felt that they had powerful friends in high places, and that they were being openly tolerated by telco security. But BellSouth's Intrusion Task Force were hot on the trail of LoD and sparing no effort or expense.
The Atlanta Three had also been identified by name and listed on the extensive anti-hacker files maintained, and retailed for pay, by private security operative John Maxfield of Detroit. Maxfield, who had extensive ties to telco security and many informants in the underground, was a bete noire of the Phrack crowd, and the dislike was mutual.
The Atlanta Three themselves had written articles for Phrack. This boastful act could not possibly escape telco and law enforcement attention.
"Knightmare," a high-school age hacker from Arizona, was a close friend and disciple of Atlanta LoD, but he had been nabbed by the formidable Arizona Organized Crime and Racketeering Unit. Knightmare was on some of LoD's favorite boards — "Black Ice" in particular — and was privy to their secrets. And to have Gail Thackeray, the Assistant Attorney General of Arizona, on one's trail was a dreadful peril for any hacker.
And perhaps worst of all, Prophet had committed a major blunder by passing an illicitly copied BellSouth computer-file to Knight Lightning, who had published it in Phrack. This, as we will see, was an act of dire consequence for almost everyone concerned.
On July 22, 1989, the Secret Service showed up at the Leftist's house, where he lived with his parents. A massive squad of some twenty officers surrounded the building: Secret Service, federal marshals, local police, possibly BellSouth telco security; it was hard to tell in the crush. Leftist's dad, at work in his basement office, first noticed a mus-cular stranger in plain clothes crashing through the back yard with a drawn pistol. As more strangers poured into the house, Leftist's dad B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 1 7
naturally assumed there was an armed robbery in progress.
Like most hacker parents, Leftist's mom and dad had only the vaguest notions of what their son had been up to all this time. Leftist had a day-job repairing computer hardware. His obsession with computers seemed a bit odd, but harmless enough, and likely to produce a well-paying career. The sudden, overwhelming raid left Leftist's parents traumatized.
The Leftist himself had been out after work with his co-workers, surrounding a couple of pitchers of margaritas. As he came trucking on tequila-numbed feet up the pavement, toting a bag full of floppy-disks, he noticed a large number of unmarked cars parked in his driveway. All the cars sported tiny microwave antennas.
The Secret Service had knocked the front door off its hinges, almost flattening his Mom.
Inside, Leftist was greeted by Special Agent James Cool of the US Secret Service, Atlanta office. Leftist was flabbergasted. He'd never met a Secret Service agent before. He could not imagine that he'd ever done anything worthy of federal attention. He'd always figured that if his activities became intolerable, one of his contacts in telco security would give him a private phone-call and tell him to knock it off.
But now Leftist was pat-searched for weapons by grim professionals, and his bag of floppies was quickly seized. He and his parents were all shepherded into separate rooms and grilled at length as a score of officers scoured their home for anything electronic.
Leftist was horrified as his treasured IBM AT personal computer with its forty-meg hard disk, and his recently purchased 80386 IBM-clone with a whopping hundred-meg hard disk, both went swiftly out the door in Secret Service custody. They also seized all his disks, all his notebooks, and a tremendous booty in dogeared telco documents that Leftist had snitched out of trash dumpsters.
Leftist figured the whole thing for a big misunderstanding. He'd never B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 1 8
been into military computers. He wasn't a spy or a Communist.
He was just a good ol' Georgia hacker, and now he just wanted all these people out of the house. But it seemed they wouldn't go until he made some kind of statement.
And so, he levelled with them.
And that, Leftist said later from his federal prison camp in Talladega, Alabama, was a big mistake.
The Atlanta area was unique, in that it had three members of the Legion of Doom who actually occupied more or less the same physical locality.
Unlike the rest of LoD, who tended to associate by phone and computer, Atlanta LoD actually were "tightly knit." It was no real surprise that the Secret Service agents apprehending Urvile at the computer-labs at Georgia Tech, would discover Prophet with him as well.
Urvile, a 21-year-old Georgia Tech student in polymer chemistry, posed quite a puzzling case for law enforcement. Urvile — also known as "Necron 99," as well as other handles, for he tended to change his cover-alias about once a month — was both an accomplished hacker and a fanatic simulation-gamer.
Simulation games are an unusual hobby; but then hackers are unusual people, and their favorite pastimes tend to be somewhat out of the ordi-nary. The best-known American simulation game is probably
"Dungeons & Dragons," a multi-player parlor entertainment played with paper, maps, pencils, statistical tables and a variety of oddly-shaped dice. Players pretend to be heroic characters exploring a whol-ly-invented fantasy world. The fantasy worlds of simulation gaming are commonly pseudo-medieval, involving swords and sorcery — spell-casting wizards, knights in armor, unicorns and dragons, demons and goblins.
Urvile and his fellow gamers preferred their fantasies highly technological. They made use of a game known as "G.U.R.P.S.," the "Generic Universal Role Playing System," published by a company called Steve Jackson Games (SJG).
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 1 9
"G.U.R.P.S." served as a framework for creating a wide variety of artificial fantasy worlds. Steve Jackson Games published a smorgasboard of books, full of detailed information and gaming hints, which were used to flesh-out many different fantastic backgrounds for the basic GURPS
framework. Urvile made extensive use of two SJG books called GURPS
High-Tech and GURPS Special Ops.
In the artificial fantasy-world of GURPS Special Ops, players entered a modern fantasy of intrigue and international espionage. On beginning the game, players started small and powerless, perhaps as minor-league CIA agents or penny-ante arms dealers. But as players persisted through a series of game sessions (game sessions generally lasted for hours, over long, elaborate campaigns that might be pursued for months on end) then they would achieve new skills, new knowledge, new power. They would acquire and hone new abilities, such as marks-manship, karate, wiretapping, or Watergate burglary. They could also win various kinds of imaginary booty, like Berettas, or martini shak-ers, or fast cars with ejection seats and machine-guns under the head-lights.
As might be imagined from the complexity of these games, Urvile's gaming notes were very detailed and extensive. Urvile was a "dungeon-master," inventing scenarios for his fellow gamers, giant simulated adventure-puzzles for his friends to unravel. Urvile's game notes covered dozens of pages with all sorts of exotic lunacy, all about ninja raids on Libya and breakins on encrypted Red Chinese supercomputers. His notes were written on scrap-paper and kept in loose-leaf binders.
The handiest scrap paper around Urvile's college digs were the many pounds of BellSouth printouts and documents that he had snitched out of telco dumpsters. His notes were written on the back of misappropriated telco property. Worse yet, the gaming notes were chaotically inter-spersed with Urvile's hand-scrawled records involving actual computer intrusions that he had committed.
Not only was it next to impossible to tell Urvile's fantasy game-notes from cyberspace "reality," but Urvile himself barely made this disB R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 2 0
tinction. It's no exaggeration to say that to Urvile it was all a game.
Urvile was very bright, highly imaginative, and quite careless of other people's notions of propriety. His connection to "reality" was not something to which he paid a great deal of attention.
Hacking was a game for Urvile. It was an amusement he was carrying out, it was something he was doing for fun. And Urvile was an obsessive young man. He could no more stop hacking than he could stop in the middle of a jigsaw puzzle, or stop in the middle of reading a Stephen Donaldson fantasy trilogy. (The name "Urvile" came from a bestselling Donaldson novel.)
Urvile's airy, bulletproof attitude seriously annoyed his interrogators.
First of all, he didn't consider that he'd done anything wrong. There was scarcely a shred of honest remorse in him. On the contrary, he seemed privately convinced that his police interrogators were operating in a demented fantasy-world all their own. Urvile was too polite and well-behaved to say this straight-out, but his reactions were askew and disquieting.
For instance, there was the business about LoD's ability to monitor phone-calls to the police and Secret Service. Urvile agreed that this was quite possible, and posed no big problem for LoD. In fact, he and his friends had kicked the idea around on the "Black Ice" board, much as they had discussed many other nifty notions, such as building personal flamethrowers and jury-rigging fistfulls of blasting-caps. They had hundreds of dial-up numbers for government agencies that they'd gotten through scanning Atlanta phones, or had pulled from raided VAX/VMS
mainframe computers.
Basically, they'd never gotten around to listening in on the cops because the idea wasn't interesting enough to bother with. Besides, if they'd been monitoring Secret Service phone calls, obviously they'd never have been caught in the first place. Right?
The Secret Service was less than satisfied with this rapier-like hacker logic.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 2 1
Then there was the issue of crashing the phone system. No problem, Urvile admitted sunnily. Atlanta LoD could have shut down phone service all over Atlanta any time they liked. Even the 911 service?
Nothing special about that, Urvile explained patiently. Bring the switch to its knees, with say the UNIX "makedir" bug, and 911 goes down too as a matter of course. The 911 system wasn't very interesting, frankly. It might be tremendously interesting to cops (for odd reasons of their own), but as technical challenges went, the 911 service was yawnsville.
So of course the Atlanta Three could crash service. They probably could have crashed service all over BellSouth territory, if they'd worked at it for a while. But Atlanta LoD weren't crashers. Only losers and rodents were crashers. LoD were elite.
Urvile was privately convinced that sheer technical expertise could win him free of any kind of problem. As far as he was concerned, elite status in the digital underground had placed him permanently beyond the intellectual grasp of cops and straights. Urvile had a lot to learn.
Of the three LoD stalwarts, Prophet was in the most direct trouble.
Prophet was a UNIX programming expert who burrowed in and out of the Internet as a matter of course. He'd started his hacking career at around age 14, meddling with a UNIX mainframe system at the University of North Carolina.
Prophet himself had written the handy Legion of Doom file "UNIX Use and Security From the Ground Up." UNIX (pronounced "you-nicks") is a powerful, flexible computer operating-system, for multi-user, multi-tasking computers. In 1969, when UNIX was created in Bell Labs, such computers were exclusive to large corporations and universities, but today UNIX is run on thousands of powerful home machines.
UNIX was particularly well-suited to telecommunications programming, and had become a standard in the field. Naturally, UNIX also became a standard for the elite hacker and phone phreak.
Lately, Prophet had not been so active as Leftist and Urvile, but Prophet was a recidivist. In 1986, when he was eighteen, Prophet had been B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 2 2
convicted of "unauthorized access to a computer network" in North Carolina. He'd been discovered breaking into the Southern Bell Data Network, a UNIX-based internal telco network supposedly closed to the public. He'd gotten a typical hacker sentence: six months suspended, 120 hours community service, and three years' probation.
After that humiliating bust, Prophet had gotten rid of most of his ton-nage of illicit phreak and hacker data, and had tried to go straight. He was, after all, still on probation. But by the autumn of 1988, the temptations of cyberspace had proved too much for young Prophet, and he was shoulder-to-shoulder with Urvile and Leftist into some of the hairiest systems around.
In early September 1988, he'd broken into BellSouth's centralized automation system, AIMSX or "Advanced Information Management System." AIMSX was an internal business network for BellSouth, where telco employees stored electronic mail, databases, memos, and calendars, and did text processing. Since AIMSX did not have public dialups, it was considered utterly invisible to the public, and was not well-secured — it didn't even require passwords. Prophet abused an account known as "waa1," the personal account of an unsuspecting telco employee. Disguised as the owner of waa1, Prophet made about ten visits to AIMSX.
Prophet did not damage or delete anything in the system. His presence in AIMSX was harmless and almost invisible. But he could not rest content with that.
One particular piece of processed text on AIMSX was a telco document known as "Bell South Standard Practice 660-225-104SV Control Office Administration of Enhanced 911 Services for Special Services and Major Account Centers dated March 1988."
Prophet had not been looking for this document. It was merely one among hundreds of similar documents with impenetrable titles.
However, having blundered over it in the course of his illicit wander-ings through AIMSX, he decided to take it with him as a trophy. It might prove very useful in some future boasting, bragging, and strutting ses-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 2 3
sion. So, some time in September 1988, Prophet ordered the AIMSX
mainframe computer to copy this document (henceforth called simply called "the E911 Document") and to transfer this copy to his home computer.
No one noticed that Prophet had done this. He had "stolen" the E911
Document in some sense, but notions of property in cyberspace can be tricky. BellSouth noticed nothing wrong, because BellSouth still had their original copy. They had not been "robbed" of the document itself.
Many people were supposed to copy this document — specifically, people who worked for the nineteen BellSouth "special services and major account centers," scattered throughout the Southeastern United States.
That was what it was for, why it was present on a computer network in the first place: so that it could be copied and read — by telco employees.
But now the data had been copied by someone who wasn't supposed to look at it.
Prophet now had his trophy. But he further decided to store yet another copy of the E911 Document on another person's computer. This unwitting person was a computer enthusiast named Richard Andrews who lived near Joliet, Illinois. Richard Andrews was a UNIX programmer by trade, and ran a powerful UNIX board called "Jolnet," in the basement of his house.
Prophet, using the handle "Robert Johnson," had obtained an account on Richard Andrews' computer. And there he stashed the E911 Document, by storing it in his own private section of Andrews' computer.
Why did Prophet do this? If Prophet had eliminated the E911 Document from his own computer, and kept it hundreds of miles away, on another machine, under an alias, then he might have been fairly safe from discovery and prosecution — although his sneaky action had certainly put the unsuspecting Richard Andrews at risk.
But, like most hackers, Prophet was a pack-rat for illicit data. When it came to the crunch, he could not bear to part from his trophy. When Prophet's place in Decatur, Georgia was raided in July 1989, there was the E911 Document, a smoking gun. And there was Prophet in the hands B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 2 4
of the Secret Service, doing his best to "explain."
Our story now takes us away from the Atlanta Three and their raids of the Summer of 1989. We must leave Atlanta Three "cooperating fully"
with their numerous investigators. And all three of them did cooperate, as their Sentencing Memorandum from the US District Court of the Northern Division of Georgia explained — just before all three of them were sentenced to various federal prisons in November 1990.
We must now catch up on the other aspects of the war on the Legion of Doom. The war on the Legion was a war on a network — in fact, a network of three networks, which intertwined and interrelated in a complex fashion. The Legion itself, with Atlanta LoD, and their hanger-on Fry Guy, were the first network. The second network was Phrack
magazine, with its editors and contributors.
The third network involved the electronic circle around a hacker known as "Terminus."
The war against these hacker networks was carried out by a law enforcement network. Atlanta LoD and Fry Guy were pursued by USSS
agents and federal prosecutors in Atlanta, Indiana, and Chicago.
"Terminus" found himself pursued by USSS and federal prosecutors from Baltimore and Chicago. And the war against Phrack was almost entirely a Chicago operation.
The investigation of Terminus involved a great deal of energy, mostly from the Chicago Task Force, but it was to be the least-known and least-publicized of the Crackdown operations. Terminus, who lived in Maryland, was a UNIX programmer and consultant, fairly well-known (under his given name) in the UNIX community, as an acknowledged expert on AT&T minicomputers. Terminus idolized AT&T, especially Bellcore, and longed for public recognition as a UNIX expert; his highest ambition was to work for Bell Labs.
But Terminus had odd friends and a spotted history. Terminus had once been the subject of an admiring interview in Phrack (Volume II, Issue 14, Phile 2 — dated May 1987). In this article, Phrack co-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 2 5
editor Taran King described "Terminus" as an electronics engineer, 5'9", brown-haired, born in 1959 — at 28 years old, quite mature for a hacker.
Terminus had once been sysop of a phreak/hack underground board called "MetroNet," which ran on an Apple II. Later he'd replaced
"MetroNet" with an underground board called "MegaNet," specializing in IBMs. In his younger days, Terminus had written one of the very first and most elegant code-scanning programs for the IBM-PC. This program had been widely distributed in the underground. Uncounted legions of PC-owning phreaks and hackers had used Terminus's scanner program to rip-off telco codes. This feat had not escaped the attention of telco security; it hardly could, since Terminus's earlier handle,
"Terminal Technician," was proudly written right on the program.
When he became a full-time computer professional (specializing in telecommunications programming), he adopted the handle Terminus, meant to indicate that he had "reached the final point of being a profi-cient hacker." He'd moved up to the UNIX-based "Netsys" board on an AT&T computer, with four phone lines and an impressive 240 megs of storage. "Netsys" carried complete issues of Phrack, and Terminus was quite friendly with its publishers, Taran King and Knight Lightning.
In the early 1980s, Terminus had been a regular on Plovernet, Pirate-80, Sherwood Forest and Shadowland, all well-known pirate boards, all heavily frequented by the Legion of Doom. As it happened, Terminus was never officially "in LoD," because he'd never been given the official LoD high-sign and back-slap by Legion maven Lex Luthor. Terminus had never physically met anyone from LoD. But that scarcely mattered much — the Atlanta Three themselves had never been officially vetted by Lex, either.
As far as law enforcement was concerned, the issues were clear.
Terminus was a full-time, adult computer professional with particular skills at AT&T software and hardware — but Terminus reeked of the Legion of Doom and the underground.
On February 1, 1990 — half a month after the Martin Luther King Day B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 2 6
Crash — USSS agents Tim Foley from Chicago, and Jack Lewis from the Baltimore office, accompanied by AT&T security officer Jerry Dalton, travelled to Middle Town, Maryland. There they grilled Terminus in his home (to the stark terror of his wife and small children), and, in their customary fashion, hauled his computers out the door.
The Netsys machine proved to contain a plethora of arcane UNIX software
— proprietary source code formally owned by AT&T. Software such as: UNIX System Five Release 3.2; UNIX SV Release 3.1; UUCP communications software; KORN SHELL; RFS; IWB; WWB; DWB; the C++ programming language; PMON; TOOL CHEST; QUEST; DACT, and S FIND.
In the long-established piratical tradition of the underground, Terminus had been trading this illicitly-copied software with a small circle of fellow UNIX programmers. Very unwisely, he had stored seven years of his electronic mail on his Netsys machine, which documented all the friendly arrangements he had made with his various colleagues.
Terminus had not crashed the AT&T phone system on January 15. He was, however, blithely running a not-for-profit AT&T software-piracy ring. This was not an activity AT&T found amusing. AT&T security officer Jerry Dalton valued this "stolen" property at over three hundred thousand dollars.
AT&T's entry into the tussle of free enterprise had been complicated by the new, vague groundrules of the information economy. Until the breakup of Ma Bell, AT&T was forbidden to sell computer hardware or software. Ma Bell was the phone company; Ma Bell was not allowed to use the enormous revenue from telephone utilities, in order to finance any entry into the computer market.
AT&T nevertheless invented the UNIX operating system. And somehow AT&T managed to make UNIX a minor source of income. Weirdly, UNIX
was not sold as computer software, but actually retailed under an obscure regulatory exemption allowing sales of surplus equipment and scrap. Any bolder attempt to promote or retail UNIX would have aroused angry legal opposition from computer companies. Instead, UNIX was B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 2 7
licensed to universities, at modest rates, where the acids of academic freedom ate away steadily at AT&T's proprietary rights.
Come the breakup, AT&T recognized that UNIX was a potential gold-mine. By now, large chunks of UNIX code had been created that were not AT&T's, and were being sold by others. An entire rival UNIX-based operating system had arisen in Berkeley, California (one of the world's great founts of ideological hackerdom). Today, "hackers" commonly consider "Berkeley UNIX" to be technically superior to AT&T's "System V
UNIX," but AT&T has not allowed mere technical elegance to intrude on the real-world business of marketing proprietary software. AT&T has made its own code deliberately incompatible with other folks' UNIX, and has written code that it can prove is copyrightable, even if that code happens to be somewhat awkward — "kludgey." AT&T UNIX user licens-es are serious business agreements, replete with very clear copyright statements and nondisclosure clauses.
AT&T has not exactly kept the UNIX cat in the bag, but it kept a grip on its scruff with some success. By the rampant, explosive standards of software piracy, AT&T UNIX source code is heavily copyrighted, well-guarded, well-licensed. UNIX was traditionally run only on mainframe machines, owned by large groups of suit-and- tie professionals, rather than on bedroom machines where people can get up to easy mischief.
And AT&T UNIX source code is serious high-level programming. The number of skilled UNIX programmers with any actual motive to swipe UNIX source code is small. It's tiny, compared to the tens of thousands prepared to rip-off, say, entertaining PC games like "Leisure Suit Larry."
But by 1989, the warez-d00d underground, in the persons of Terminus and his friends, was gnawing at AT&T UNIX. And the property in question was not sold for twenty bucks over the counter at the local branch of Babbage's or Egghead's; this was massive, sophisticated, multi-line, multi-author corporate code worth tens of thousands of dollars.
It must be recognized at this point that Terminus's purported ring of UNIX software pirates had not actually made any money from their sus-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 2 8
pected crimes. The $300,000 dollar figure bandied about for the contents of Terminus's computer did not mean that Terminus was in actual illicit possession of three hundred thousand of AT&T's dollars.
Terminus was shipping software back and forth, privately, person to person, for free. He was not making a commercial business of piracy.
He hadn't asked for money; he didn't take money. He lived quite modestly.
AT&T employees — as well as freelance UNIX consultants, like Terminus
— commonly worked with "proprietary" AT&T software, both in the office and at home on their private machines. AT&T rarely sent security officers out to comb the hard disks of its consultants. Cheap freelance UNIX contractors were quite useful to AT&T; they didn't have health insurance or retirement programs, much less union membership in the Communication Workers of America. They were humble digital drudges, wandering with mop and bucket through the Great Technological Temple of AT&T; but when the Secret Service arrived at their homes, it seemed they were eating with company silverware and sleeping on company sheets! Outrageously, they behaved as if the things they worked with every day belonged to them!
And these were no mere hacker teenagers with their hands full of trash-paper and their noses pressed to the corporate windowpane. These guys were UNIX wizards, not only carrying AT&T data in their machines and their heads, but eagerly networking about it, over machines that were far more powerful than anything previously imagined in private hands.
How do you keep people disposable, yet assure their awestruck respect for your property? It was a dilemma.
Much UNIX code was public-domain, available for free. Much "proprietary" UNIX code had been extensively re-written, perhaps altered so much that it became an entirely new product — or perhaps not.
Intellectual property rights for software developers were, and are, extraordinarily complex and confused. And software "piracy," like the private copying of videos, is one of the most widely practiced "crimes"
in the world today.
The USSS were not experts in UNIX or familiar with the customs of its B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 2 9
use. The United States Secret Service, considered as a body, did not have one single person in it who could program in a UNIX environment
— no, not even one. The Secret Service were making extensive use of expert help, but the "experts" they had chosen were AT&T and Bellcore security officials, the very victims of the purported crimes under investigation, the very people whose interest in AT&T's "proprietary"
software was most pronounced.
On February 6, 1990, Terminus was arrested by Agent Lewis.
Eventually, Terminus would be sent to prison for his illicit use of a piece of AT&T software.
The issue of pirated AT&T software would bubble along in the background during the war on the Legion of Doom. Some half-dozen of Terminus's on-line acquaintances, including people in Illinois, Texas and California, were grilled by the Secret Service in connection with the illicit copying of software. Except for Terminus, however, none were charged with a crime. None of them shared his peculiar prominence in the hacker underground.
But that did not meant that these people would, or could, stay out of trouble. The transferral of illicit data in cyberspace is hazy and ill-defined business, with paradoxical dangers for everyone concerned: hackers, signal carriers, board owners, cops, prosecutors, even random passers-by. Sometimes, well-meant attempts to avert trouble or punish wrongdoing bring more trouble than would simple ignorance, indifference or impropriety.
Terminus's "Netsys" board was not a common-or- garden bulletin board system, though it had most of the usual functions of a board. Netsys was not a stand-alone machine, but part of the globe-spanning "UUCP"
cooperative network. The UUCP network uses a set of Unix software programs called "Unix-to-Unix Copy," which allows Unix systems to throw data to one another at high speed through the public telephone network. UUCP is a radically decentralized, not-for-profit network of UNIX computers. There are tens of thousands of these UNIX machines.
Some are small, but many are powerful and also link to other networks.
UUCP has certain arcane links to major networks such as JANET, B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 3 0
EasyNet, BITNET, JUNET, VNET, DASnet, PeaceNet and FidoNet, as well as the gigantic Internet. (The so-called "Internet" is not actually a network itself, but rather an "internetwork" connections standard that allows several globe-spanning computer networks to communicate with one another. Readers fascinated by the weird and intricate tangles of modern computer networks may enjoy John S. Quarterman's authorita-tive 719-page explication, The Matrix, Digital Press, 1990.) A skilled user of Terminus' UNIX machine could send and receive electronic mail from almost any major computer network in the world.
Netsys was not called a "board" per se, but rather a "node." "Nodes"
were larger, faster, and more sophisticated than mere "boards," and for hackers, to hang out on internationally-connected "nodes" was quite the step up from merely hanging out on local "boards."
Terminus's Netsys node in Maryland had a number of direct links to other, similar UUCP nodes, run by people who shared his interests and at least something of his freewheeling attitude. One of these nodes was Jolnet, owned by Richard Andrews, who, like Terminus, was an independent UNIX consultant. Jolnet also ran UNIX, and could be contacted at high speed by mainframe machines from all over the world. Jolnet was quite a sophisticated piece of work, technically speaking, but it was still run by an individual, as a private, not-for-profit hobby. Jolnet was mostly used by other UNIX programmers — for mail, storage, and access to networks. Jolnet supplied access network access to about two hundred people, as well as a local junior college.
Among its various features and services, Jolnet also carried Phrack
magazine.
For reasons of his own, Richard Andrews had become suspicious of a new user called "Robert Johnson." Richard Andrews took it upon himself to have a look at what "Robert Johnson" was storing in Jolnet. And Andrews found the E911 Document.
"Robert Johnson" was the Prophet from the Legion of Doom, and the E911 Document was illicitly copied data from Prophet's raid on the BellSouth computers.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 3 1
The E911 Document, a particularly illicit piece of digital property, was about to resume its long, complex, and disastrous career.
It struck Andrews as fishy that someone not a telephone employee should have a document referring to the "Enhanced 911 System." Besides, the document itself bore an obvious warning.
"WARNING: NOT FOR USE OR DISCLOSURE OUTSIDE BELLSOUTH OR ANY
OF ITS SUBSIDIARIES EXCEPT UNDER WRITTEN AGREEMENT."
These standard nondisclosure tags are often appended to all sorts of corporate material. Telcos as a species are particularly notorious for stamping most everything in sight as "not for use or disclosure." Still, this particular piece of data was about the 911 System. That sounded bad to Rich Andrews.
Andrews was not prepared to ignore this sort of trouble. He thought it would be wise to pass the document along to a friend and acquaintance on the UNIX network, for consultation. So, around September 1988, Andrews sent yet another copy of the E911 Document electronically to an AT&T employee, one Charles Boykin, who ran a UNIX-based node called "attctc" in Dallas, Texas.
"Attctc" was the property of AT&T, and was run from AT&T's Customer Technology Center in Dallas, hence the name "attctc." "Attctc" was better-known as "Killer," the name of the machine that the system was running on. "Killer" was a hefty, powerful, AT&T 3B2 500 model, a multi-user, multi-tasking UNIX platform with 32 meg of memory and a mindboggling 3.2 Gigabytes of storage. When Killer had first arrived in Texas, in 1985, the 3B2 had been one of AT&T's great white hopes for going head-to-head with IBM for the corporate computer-hardware market. "Killer" had been shipped to the Customer Technology Center in the Dallas Infomart, essentially a high-technology mall, and there it sat, a demonstration model.
Charles Boykin, a veteran AT&T hardware and digital communications expert, was a local technical backup man for the AT&T 3B2 system. As B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 3 2
a display model in the Infomart mall, "Killer" had little to do, and it seemed a shame to waste the system's capacity. So Boykin ingeniously wrote some UNIX bulletin-board software for "Killer," and plugged the machine in to the local phone network. "Killer's" debut in late 1985
made it the first publicly available UNIX site in the state of Texas.
Anyone who wanted to play was welcome.
The machine immediately attracted an electronic community. It joined the UUCP network, and offered network links to over eighty other computer sites, all of which became dependent on Killer for their links to the greater world of cyberspace. And it wasn't just for the big guys; personal computer users also stored freeware programs for the Amiga, the Apple, the IBM and the Macintosh on Killer's vast 3,200 meg archives. At one time, Killer had the largest library of public-domain Macintosh software in Texas.
Eventually, Killer attracted about 1,500 users, all busily communicat-ing, uploading and downloading, getting mail, gossipping, and linking to arcane and distant networks.
Boykin received no pay for running Killer. He considered it good publicity for the AT&T 3B2 system (whose sales were somewhat less than stellar), but he also simply enjoyed the vibrant community his skill had created. He gave away the bulletin-board UNIX software he had written, free of charge.
In the UNIX programming community, Charlie Boykin had the reputation of a warm, open-hearted, level-headed kind of guy. In 1989, a group of Texan UNIX professionals voted Boykin "System Administrator of the Year." He was considered a fellow you could trust for good advice.
In September 1988, without warning, the E911 Document came plung-ing into Boykin's life, forwarded by Richard Andrews. Boykin immediately recognized that the Document was hot property. He was not a voice-communications man, and knew little about the ins and outs of the Baby Bells, but he certainly knew what the 911 System was, and he was angry to see confidential data about it in the hands of a nogoodnik. This was clearly a matter for telco security. So, on September 21, 1988, B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 3 3
Boykin made yet another copy of the E911 Document and passed this one along to a professional acquaintance of his, one Jerome Dalton, from AT&T Corporate Information Security. Jerry Dalton was the very fellow who would later raid Terminus's house.
From AT&T's security division, the E911 Document went to Bellcore.
Bellcore (or BELL COmmunications REsearch) had once been the central laboratory of the Bell System. Bell Labs employees had invented the UNIX operating system. Now Bellcore was a quasi-independent, jointly owned company that acted as the research arm for all seven of the Baby Bell RBOCs. Bellcore was in a good position to co-ordinate security technology and consultation for the RBOCs, and the gentleman in charge of this effort was Henry M. Kluepfel, a veteran of the Bell System who had worked there for twenty-four years.
On October 13, 1988, Dalton passed the E911 Document to Henry Kluepfel. Kluepfel, a veteran expert witness in telecommunications fraud and computer-fraud cases, had certainly seen worse trouble than this. He recognized the document for what it was: a trophy from a hacker breakin.
However, whatever harm had been done in the intrusion was presumably old news. At this point there seemed little to be done. Kluepfel made a careful note of the circumstances and shelved the problem for the time being.
Whole months passed.
February 1989 arrived. The Atlanta Three were living it up in Bell South's switches, and had not yet met their comeuppance. The Legion was thriving. So was Phrack magazine. A good six months had passed since Prophet's AIMSX breakin. Prophet, as hackers will, grew weary of sitting on his laurels. "Knight Lightning" and "Taran King," the editors of Phrack, were always begging Prophet for material they could publish. Prophet decided that the heat must be off by this time, and that he could safely brag, boast, and strut.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 3 4
So he sent a copy of the E911 Document — yet another one — from Rich Andrews' Jolnet machine to Knight Lightning's BITnet account at the University of Missouri.
Let's review the fate of the document so far.
0. The original E911 Document. This in the AIMSX system on a mainframe computer in Atlanta, available to hundreds of people, but all of them, presumably, BellSouth employees. An unknown number of them may have their own copies of this document, but they are all professionals and all trusted by the phone company.
1. Prophet's illicit copy, at home on his own computer in Decatur, Georgia.
2. Prophet's back-up copy, stored on Rich Andrew's Jolnet machine in the basement of Rich Andrews' house near Joliet Illinois.
3. Charles Boykin's copy on "Killer" in Dallas, Texas, sent by Rich Andrews from Joliet.
4. Jerry Dalton's copy at AT&T Corporate Information Security in New Jersey, sent from Charles Boykin in Dallas.
5. Henry Kluepfel's copy at Bellcore security headquarters in New Jersey, sent by Dalton.
6. Knight Lightning's copy, sent by Prophet from Rich Andrews'
machine, and now in Columbia, Missouri.
We can see that the "security" situation of this proprietary document, once dug out of AIMSX, swiftly became bizarre. Without any money changing hands, without any particular special effort, this data had been reproduced at least six times and had spread itself all over the continent.
By far the worst, however, was yet to come.
In February 1989, Prophet and Knight Lightning bargained electronically over the fate of this trophy. Prophet wanted to boast, but, at the B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 3 5
same time, scarcely wanted to be caught.
For his part, Knight Lightning was eager to publish as much of the document as he could manage. Knight Lightning was a fledgling political-science major with a particular interest in freedom-of-information issues. He would gladly publish most anything that would reflect glory on the prowess of the underground and embarrass the telcos. However, Knight Lightning himself had contacts in telco security, and sometimes consulted them on material he'd received that might be too dicey for publication.
Prophet and Knight Lightning decided to edit the E911 Document so as to delete most of its identifying traits. First of all, its large "NOT FOR
USE OR DISCLOSURE" warning had to go. Then there were other matters.
For instance, it listed the office telephone numbers of several BellSouth 911 specialists in Florida. If these phone numbers were published in
Phrack, the BellSouth employees involved would very likely be hassled by phone phreaks, which would anger BellSouth no end, and pose a definite operational hazard for both Prophet and Phrack.
So Knight Lightning cut the Document almost in half, removing the phone numbers and some of the touchier and more specific information.
He passed it back electronically to Prophet; Prophet was still nervous, so Knight Lightning cut a bit more. They finally agreed that it was ready to go, and that it would be published in Phrack under the pseudonym,
"The Eavesdropper."
And this was done on February 25, 1989.
The twenty-fourth issue of Phrack featured a chatty interview with co-ed phone-phreak "Chanda Leir," three articles on BITNET and its links to other computer networks, an article on 800 and 900 numbers by "Unknown User," "VaxCat's" article on telco basics (slyly entitled
"Lifting Ma Bell's Veil of Secrecy,)" and the usual "Phrack World News."
The News section, with painful irony, featured an extended account of the sentencing of "Shadowhawk," an eighteen-year-old Chicago hacker B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 3 6
who had just been put in federal prison by William J. Cook himself.
And then there were the two articles by "The Eavesdropper." The first was the edited E911 Document, now titled "Control Office Administration Of Enhanced 911 Services for Special Services and Major Account Centers." Eavesdropper's second article was a glossary of terms explaining the blizzard of telco acronyms and buzzwords in the E911 Document.
The hapless document was now distributed, in the usual Phrack routine, to a good one hundred and fifty sites. Not a hundred and fifty people, mind you — a hundred and fifty sites, some of these sites linked to UNIX nodes or bulletin board systems, which themselves had readerships of tens, dozens, even hundreds of people.
This was February 1989. Nothing happened immediately. Summer came, and the Atlanta crew were raided by the Secret Service. Fry Guy was apprehended. Still nothing whatever happened to Phrack. Six more issues of Phrack came out, 30 in all, more or less on a monthly schedule. Knight Lightning and co-editor Taran King went untouched.
Phrack tended to duck and cover whenever the heat came down.
During the summer busts of 1987 — (hacker busts tended to cluster in summer, perhaps because hackers were easier to find at home than in college) — Phrack had ceased publication for several months, and laid low. Several LoD hangers-on had been arrested, but nothing had happened to the Phrack crew, the premiere gossips of the underground.
In 1988, Phrack had been taken over by a new editor, "Crimson Death," a raucous youngster with a taste for anarchy files.
1989, however, looked like a bounty year for the underground. Knight Lightning and his co-editor Taran King took up the reins again, and
Phrack flourished throughout 1989. Atlanta LoD went down hard in the summer of 1989, but Phrack rolled merrily on. Prophet's E911 Document seemed unlikely to cause Phrack any trouble. By January 1990, it had been available in Phrack for almost a year.
Kluepfel and Dalton, officers of Bellcore and AT&T security, had possessed the document for sixteen months — in fact, they'd had it even B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 3 7
before Knight Lightning himself, and had done nothing in particular to stop its distribution. They hadn't even told Rich Andrews or Charles Boykin to erase the copies from their UNIX nodes, Jolnet and Killer.
But then came the monster Martin Luther King Day Crash of January 15, 1990.
A flat three days later, on January 18, four agents showed up at Knight Lightning's fraternity house. One was Timothy Foley, the second Barbara Golden, both of them Secret Service agents from the Chicago office. Also along was a University of Missouri security officer, and Reed Newlin, a security man from Southwestern Bell, the RBOC having jurisdiction over Missouri.
Foley accused Knight Lightning of causing the nationwide crash of the phone system.
Knight Lightning was aghast at this allegation. On the face of it, the suspicion was not entirely implausible — though Knight Lightning knew that he himself hadn't done it. Plenty of hot-dog hackers had bragged that they could crash the phone system, however. "Shadowhawk," for instance, the Chicago hacker whom William Cook had recently put in jail, had several times boasted on boards that he could "shut down AT&T's public switched network."
And now this event, or something that looked just like it, had actually taken place. The Crash had lit a fire under the Chicago Task Force. And the former fence-sitters at Bellcore and AT&T were now ready to roll.
The consensus among telco security — already horrified by the skill of the BellSouth intruders — was that the digital underground was out of hand. LoD and Phrack must go.
And in publishing Prophet's E911 Document, Phrack had provided law enforcement with what appeared to be a powerful legal weapon.
Foley confronted Knight Lightning about the E911 Document.
Knight Lightning was cowed. He immediately began "cooperating fully"
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 3 8
in the usual tradition of the digital underground.
He gave Foley a complete run of Phrack,printed out in a set of three-ring binders. He handed over his electronic mailing list of Phrack
subscribers. Knight Lightning was grilled for four hours by Foley and his cohorts. Knight Lightning admitted that Prophet had passed him the E911 Document, and he admitted that he had known it was stolen booty from a hacker raid on a telephone company. Knight Lightning signed a statement to this effect, and agreed, in writing, to cooperate with investigators.
Next day — January 19, 1990, a Friday — the Secret Service returned with a search warrant, and thoroughly searched Knight Lightning's upstairs room in the fraternity house. They took all his floppy disks, though, interestingly, they left Knight Lightning in possession of both his computer and his modem. (The computer had no hard disk, and in Foley's judgement was not a store of evidence.) But this was a very minor bright spot among Knight Lightning's rapidly multiplying troubles. By this time, Knight Lightning was in plenty of hot water, not only with federal police, prosecutors, telco investigators, and university security, but with the elders of his own campus fraternity, who were outraged to think that they had been unwittingly harboring a federal computer-criminal.
On Monday, Knight Lightning was summoned to Chicago, where he was further grilled by Foley and USSS veteran agent Barbara Golden, this time with an attorney present. And on Tuesday, he was formally indicted by a federal grand jury.
The trial of Knight Lightning, which occurred on July 24-27, 1990, was the crucial show-trial of the Hacker Crackdown. We will examine the trial at some length in Part Four of this book.
In the meantime, we must continue our dogged pursuit of the E911
Document.
It must have been clear by January 1990 that the E911 Document, in the form Phrack had published it back in February 1989, had gone B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 3 9
off at the speed of light in at least a hundred and fifty different directions. To attempt to put this electronic genie back in the bottle was flatly impossible.
And yet, the E911 Document was still stolen property, formally and legally speaking. Any electronic transference of this document, by anyone unauthorized to have it, could be interpreted as an act of wire fraud.
Interstate transfer of stolen property, including electronic property, was a federal crime.
The Chicago Computer Fraud and Abuse Task Force had been assured that the E911 Document was worth a hefty sum of money. In fact, they had a precise estimate of its worth from BellSouth security personnel: $79,449. A sum of this scale seemed to warrant vigorous prosecution.
Even if the damage could not be undone, at least this large sum offered a good legal pretext for stern punishment of the thieves. It seemed likely to impress judges and juries. And it could be used in court to mop up the Legion of Doom.
The Atlanta crowd was already in the bag, by the time the Chicago Task Force had gotten around to Phrack. But the Legion was a hydra-headed thing. In late 89, a brand-new Legion of Doom board, "Phoenix Project," had gone up in Austin, Texas. Phoenix Project was sysoped by no less a man than the Mentor himself, ably assisted by University of Texas student and hardened Doomster "Erik Bloodaxe."
As we have seen from his Phrack manifesto, the Mentor was a hacker zealot who regarded computer intrusion as something close to a moral duty. Phoenix Project was an ambitious effort, intended to revive the digital underground to what Mentor considered the full flower of the early 80s. The Phoenix board would also boldly bring elite hackers face-to-face with the telco "opposition." On "Phoenix," America's cleverest hackers would supposedly shame the telco squareheads out of their stickin-the-mud attitudes, and perhaps convince them that the Legion of Doom elite were really an all-right crew. The premiere of
"Phoenix Project" was heavily trumpeted by Phrack, and "Phoenix Project" carried a complete run of Phrack issues, including the E911 Document as Phrack had published it.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 4 0
Phoenix Project was only one of many — possibly hundreds — of nodes and boards all over America that were in guilty possession of the E911
Document. But Phoenix was an outright, unashamed Legion of Doom board. Under Mentor's guidance, it was flaunting itself in the face of telco security personnel. Worse yet, it was actively trying to win them over as sympathizers for the digital underground elite. "Phoenix" had no cards or codes on it. Its hacker elite considered Phoenix at least technically legal. But Phoenix was a corrupting influence, where hacker anarchy was eating away like digital acid at the underbelly of corporate propriety.
The Chicago Computer Fraud and Abuse Task Force now prepared to descend upon Austin, Texas.
Oddly, not one but two trails of the Task Force's investigation led toward Austin. The city of Austin, like Atlanta, had made itself a bul-wark of the Sunbelt's Information Age, with a strong university research presence, and a number of cutting-edge electronics companies, including Motorola, Dell, CompuAdd, IBM, Sematech and MCC.
Where computing machinery went, hackers generally followed. Austin boasted not only "Phoenix Project," currently LoD's most flagrant underground board, but a number of UNIX nodes.
One of these nodes was "Elephant," run by a UNIX consultant named Robert Izenberg. Izenberg, in search of a relaxed Southern lifestyle and a lowered cost-of-living, had recently migrated to Austin from New Jersey. In New Jersey, Izenberg had worked for an independent contracting company, programming UNIX code for AT&T itself. "Terminus"
had been a frequent user on Izenberg's privately owned Elephant node.
Having interviewed Terminus and examined the records on Netsys, the Chicago Task Force were now convinced that they had discovered an underground gang of UNIX software pirates, who were demonstrably guilty of interstate trafficking in illicitly copied AT&T source code.
Izenberg was swept into the dragnet around Terminus, the self-proclaimed ultimate UNIX hacker.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 4 1
Izenberg, in Austin, had settled down into a UNIX job with a Texan branch of IBM. Izenberg was no longer working as a contractor for AT&T, but he had friends in New Jersey, and he still logged on to AT&T
UNIX computers back in New Jersey, more or less whenever it pleased him. Izenberg's activities appeared highly suspicious to the Task Force.
Izenberg might well be breaking into AT&T computers, swiping AT&T
software, and passing it to Terminus and other possible confederates, through the UNIX node network. And this data was worth, not merely $79,499, but hundreds of thousands of dollars!
On February 21, 1990, Robert Izenberg arrived home from work at IBM to find that all the computers had mysteriously vanished from his Austin apartment. Naturally he assumed that he had been robbed. His
"Elephant" node, his other machines, his notebooks, his disks, his tapes, all gone! However, nothing much else seemed disturbed — the place had not been ransacked.
The puzzle becaming much stranger some five minutes later. Austin U.
S. Secret Service Agent Al Soliz, accompanied by University of Texas campus-security officer Larry Coutorie and the ubiquitous Tim Foley, made their appearance at Izenberg's door. They were in plain clothes: slacks, polo shirts. They came in, and Tim Foley accused Izenberg of belonging to the Legion of Doom.
Izenberg told them that he had never heard of the "Legion of Doom." And what about a certain stolen E911 Document, that posed a direct threat to the police emergency lines? Izenberg claimed that he'd never heard of that, either.
His interrogators found this difficult to believe. Didn't he know Terminus?
Who?
They gave him Terminus's real name. Oh yes, said Izenberg. He knew
that guy all right — he was leading discussions on the Internet about AT&T computers, especially the AT&T 3B2.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 4 2
AT&T had thrust this machine into the marketplace, but, like many of AT&T's ambitious attempts to enter the computing arena, the 3B2 project had something less than a glittering success. Izenberg himself had been a contractor for the division of AT&T that supported the 3B2. The entire division had been shut down.
Nowadays, the cheapest and quickest way to get help with this fractious piece of machinery was to join one of Terminus's discussion groups on the Internet, where friendly and knowledgeable hackers would help you for free. Naturally the remarks within this group were less than flattering about the Death Star.... was that the problem?
Foley told Izenberg that Terminus had been acquiring hot software through his, Izenberg's, machine.
Izenberg shrugged this off. A good eight megabytes of data flowed through his UUCP site every day. UUCP nodes spewed data like fire hoses. Elephant had been directly linked to Netsys — not surprising, since Terminus was a 3B2 expert and Izenberg had been a 3B2 contractor. Izenberg was also linked to "attctc" and the University of Texas.
Terminus was a well-known UNIX expert, and might have been up to all manner of hijinks on Elephant. Nothing Izenberg could do about that.
That was physically impossible. Needle in a haystack.
In a four-hour grilling, Foley urged Izenberg to come clean and admit that he was in conspiracy with Terminus, and a member of the Legion of Doom.
Izenberg denied this. He was no weirdo teenage hacker — he was thirty-two years old, and didn't even have a "handle." Izenberg was a former TV
technician and electronics specialist who had drifted into UNIX consulting as a full-grown adult. Izenberg had never met Terminus, physically. He'd once bought a cheap high-speed modem from him, though.
Foley told him that this modem (a Telenet T2500 which ran at 19.2
kilobaud, and which had just gone out Izenberg's door in Secret Service custody) was likely hot property. Izenberg was taken aback to hear B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 4 3
this; but then again, most of Izenberg's equipment, like that of most freelance professionals in the industry, was discounted, passed hand-to-hand through various kinds of barter and gray-market. There was no proof that the modem was stolen, and even if it was, Izenberg hardly saw how that gave them the right to take every electronic item in his house.
Still, if the United States Secret Service figured they needed his computer for national security reasons — or whatever — then Izenberg would not kick. He figured he would somehow make the sacrifice of his twenty thousand dollars' worth of professional equipment, in the spirit of full cooperation and good citizenship.
Robert Izenberg was not arrested. Izenberg was not charged with any crime. His UUCP node — full of some 140 megabytes of the files, mail, and data of himself and his dozen or so entirely innocent users — went out the door as "evidence." Along with the disks and tapes, Izenberg had lost about 800 megabytes of data.
Six months would pass before Izenberg decided to phone the Secret Service and ask how the case was going. That was the first time that Robert Izenberg would ever hear the name of William Cook. As of January 1992, a full two years after the seizure, Izenberg, still not charged with any crime, would be struggling through the morass of the courts, in hope of recovering his thousands of dollars' worth of seized equipment.
In the meantime, the Izenberg case received absolutely no press coverage. The Secret Service had walked into an Austin home, removed a UNIX bulletin-board system, and met with no operational difficulties whatsoever.
Except that word of a crackdown had percolated through the Legion of Doom. "The Mentor" voluntarily shut down "The Phoenix Project." It seemed a pity, especially as telco security employees had, in fact, shown up on Phoenix, just as he had hoped — along with the usual motley crowd of LoD heavies, hangers-on, phreaks, hackers and wannabes. There was
"Sandy" Sandquist from US SPRINT security, and some guy named Henry B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 4 4
Kluepfel, from Bellcore itself! Kluepfel had been trading friendly ban-ter with hackers on Phoenix since January 30th (two weeks after the Martin Luther King Day Crash). The presence of such a stellar telco official seemed quite the coup for Phoenix Project.
Still, Mentor could judge the climate. Atlanta in ruins, Phrack in deep trouble, something weird going on with UNIX nodes — discretion was advisable. Phoenix Project went off-line.
Kluepfel, of course, had been monitoring this LoD bulletin board for his own purposes — and those of the Chicago unit. As far back as June 1987, Kluepfel had logged on to a Texas underground board called
"Phreak Klass 2600." There he'd discovered an Chicago youngster named "Shadowhawk," strutting and boasting about rifling AT&T computer files, and bragging of his ambitions to riddle AT&T's Bellcore computers with trojan horse programs. Kluepfel had passed the news to Cook in Chicago, Shadowhawk's computers had gone out the door in Secret Service custody, and Shadowhawk himself had gone to jail.
Now it was Phoenix Project's turn. Phoenix Project postured about
"legality" and "merely intellectual interest," but it reeked of the underground. It had Phrack on it. It had the E911 Document. It had a lot of dicey talk about breaking into systems, including some bold and reckless stuff about a supposed "decryption service" that Mentor and friends were planning to run, to help crack encrypted passwords off of hacked systems.
Mentor was an adult. There was a bulletin board at his place of work, as well. Kleupfel logged onto this board, too, and discovered it to be called "Illuminati." It was run by some company called Steve Jackson Games.
On March 1, 1990, the Austin crackdown went into high gear.
On the morning of March 1 — a Thursday — 21-year- old University of Texas student "Erik Bloodaxe," co-sysop of Phoenix Project and an avowed member of the Legion of Doom, was wakened by a police revolver levelled at his head.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 4 5
Bloodaxe watched, jittery, as Secret Service agents appropriated his 300 baud terminal and, rifling his files, discovered his treasured source-code for Robert Morris's notorious Internet Worm. But Bloodaxe, a wily operator, had suspected that something of the like might be coming. All his best equipment had been hidden away elsewhere. The raiders took everything electronic, however, including his telephone. They were stymied by his hefty arcade-style Pac-Man game, and left it in place, as it was simply too heavy to move.
Bloodaxe was not arrested. He was not charged with any crime. A good two years later, the police still had what they had taken from him, however.
The Mentor was less wary. The dawn raid rousted him and his wife from bed in their underwear, and six Secret Service agents, accompanied by an Austin policeman and Henry Kluepfel himself, made a rich haul. Off went the works, into the agents' white Chevrolet minivan: an IBM PC-AT clone with 4 meg of RAM and a 120-meg hard disk; a Hewlett-Packard LaserJet II printer; a completely legitimate and highly expensive SCO-Xenix 286 operating system; Pagemaker disks and documentation; and the Microsoft Word word-processing program. Mentor's wife had her incomplete academic thesis stored on the hard-disk; that went, too, and so did the couple's telephone. As of two years later, all this property remained in police custody.
Mentor remained under guard in his apartment as agents prepared to raid Steve Jackson Games. The fact that this was a business headquarters and not a private residence did not deter the agents. It was still very early; no one was at work yet. The agents prepared to break down the door, but Mentor, eavesdropping on the Secret Service walkie-talkie traffic, begged them not to do it, and offered his key to the building.
The exact details of the next events are unclear. The agents would not let anyone else into the building. Their search warrant, when produced, was unsigned. Apparently they breakfasted from the local
"Whataburger," as the litter from hamburgers was later found inside.
They also extensively sampled a bag of jellybeans kept by an SJG
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 4 6
employee. Someone tore a "Dukakis for President" sticker from the wall.
SJG employees, diligently showing up for the day's work, were met at the door and briefly questioned by U.S. Secret Service agents. The employees watched in astonishment as agents wielding crowbars and screwdrivers emerged with captive machines. They attacked outdoor storage units with boltcutters. The agents wore blue nylon windbreak-ers with "SECRET SERVICE" stencilled across the back, with running-shoes and jeans.
Jackson's company lost three computers, several hard-disks, hundred of floppy disks, two monitors, three modems, a laser printer, various powercords, cables, and adapters (and, oddly, a small bag of screws, bolts and nuts). The seizure of Illuminati BBS deprived SJG of all the programs, text files, and private e-mail on the board. The loss of two other SJG computers was a severe blow as well, since it caused the loss of electronically stored contracts, financial projections, address directories, mailing lists, personnel files, business correspondence, and, not least, the drafts of forthcoming games and gaming books.
No one at Steve Jackson Games was arrested. No one was accused of any crime. No charges were filed. Everything appropriated was officially kept as "evidence" of crimes never specified.
After the Phrack show-trial, the Steve Jackson Games scandal was the most bizarre and aggravating incident of the Hacker Crackdown of 1990. This raid by the Chicago Task Force on a science-fiction gaming publisher was to rouse a swarming host of civil liberties issues, and gave rise to an enduring controversy that was still re-complicating itself, and growing in the scope of its implications, a full two years later.
The pursuit of the E911 Document stopped with the Steve Jackson Games raid. As we have seen, there were hundreds, perhaps thousands of computer users in America with the E911 Document in their possession.
Theoretically, Chicago had a perfect legal right to raid any of these people, and could have legally seized the machines of anybody who sub-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 4 7
scribed to Phrack. However, there was no copy of the E911 Document on Jackson's Illuminati board. And there the Chicago raiders stopped dead; they have not raided anyone since.
It might be assumed that Rich Andrews and Charlie Boykin, who had brought the E911 Document to the attention of telco security, might be spared any official suspicion. But as we have seen, the willingness to
"cooperate fully" offers little, if any, assurance against federal anti-hacker prosecution.
Richard Andrews found himself in deep trouble, thanks to the E911
Document. Andrews lived in Illinois, the native stomping grounds of the Chicago Task Force. On February 3 and 6, both his home and his place of work were raided by USSS. His machines went out the door, too, and he was grilled at length (though not arrested). Andrews proved to be in purportedly guilty possession of: UNIX SVR 3.2; UNIX SVR 3.1; UUCP; PMON; WWB; IWB; DWB; NROFF; KORN SHELL '88; C++; and QUEST, among other items. Andrews had received this proprietary code —
which AT&T officially valued at well over $250,000 — through the UNIX network, much of it supplied to him as a personal favor by Terminus. Perhaps worse yet, Andrews admitted to returning the favor, by passing Terminus a copy of AT&T proprietary STARLAN source code.
Even Charles Boykin, himself an AT&T employee, entered some very hot water. By 1990, he'd almost forgotten about the E911 problem he'd reported in September 88; in fact, since that date, he'd passed two more security alerts to Jerry Dalton, concerning matters that Boykin considered far worse than the E911 Document.
But by 1990, year of the crackdown, AT&T Corporate Information Security was fed up with "Killer." This machine offered no direct income to AT&T, and was providing aid and comfort to a cloud of suspicious yokels from outside the company, some of them actively malicious toward AT&T, its property, and its corporate interests. Whatever goodwill and publicity had been won among Killer's 1,500 devoted users was considered no longer worth the security risk. On February 20, 1990, Jerry Dalton arrived in Dallas and simply unplugged the phone jacks, to the puzzled alarm of Killer's many Texan users. Killer went B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 4 8
permanently off-line, with the loss of vast archives of programs and huge quantities of electronic mail; it was never restored to service.
AT&T showed no particular regard for the "property" of these 1,500
people. Whatever "property" the users had been storing on AT&T's computer simply vanished completely.
Boykin, who had himself reported the E911 problem, now found himself under a cloud of suspicion. In a weird private-security replay of the Secret Service seizures, Boykin's own home was visited by AT&T
Security and his own machines were carried out the door.
However, there were marked special features in the Boykin case.
Boykin's disks and his personal computers were swiftly examined by his corporate employers and returned politely in just two days — (unlike Secret Service seizures, which commonly take months or years).
Boykin was not charged with any crime or wrongdoing, and he kept his job with AT&T (though he did retire from AT&T in September 1991, at the age of 52).
It's interesting to note that the US Secret Service somehow failed to seize Boykin's "Killer" node and carry AT&T's own computer out the door. Nor did they raid Boykin's home. They seemed perfectly willing to take the word of AT&T Security that AT&T's employee, and AT&T's
"Killer" node, were free of hacker contraband and on the up-and-up.
It's digital water-under-the-bridge at this point, as Killer's 3,200
megabytes of Texan electronic community were erased in 1990, and
"Killer" itself was shipped out of the state.
But the experiences of Andrews and Boykin, and the users of their systems, remained side issues. They did not begin to assume the social, political, and legal importance that gathered, slowly but inexorably, around the issue of the raid on Steve Jackson Games.
_____
We must now turn our attention to Steve Jackson Games itself, and explain what SJG was, what it really did, and how it had managed to attract this particularly odd and virulent kind of trouble. The reader B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 4 9
may recall that this is not the first but the second time that the company has appeared in this narrative; a Steve Jackson game called GURPS was a favorite pastime of Atlanta hacker Urvile, and Urvile's science-fictional gaming notes had been mixed up promiscuously with notes about his actual computer intrusions.
First, Steve Jackson Games, Inc., was not a publisher of "computer games." SJG published "simulation games," parlor games that were played on paper, with pencils, and dice, and printed guidebooks full of rules and statistics tables. There were no computers involved in the games themselves. When you bought a Steve Jackson Game, you did not receive any software disks. What you got was a plastic bag with some cardboard game tokens, maybe a few maps or a deck of cards. Most of their products were books.
However, computers were deeply involved in the Steve Jackson Games business. Like almost all modern publishers, Steve Jackson and his fifteen employees used computers to write text, to keep accounts, and to run the business generally. They also used a computer to run their official bulletin board system for Steve Jackson Games, a board called Illuminati. On Illuminati, simulation gamers who happened to own computers and modems could associate, trade mail, debate the theory and practice of gaming, and keep up with the company's news and its product announcements.
Illuminati was a modestly popular board, run on a small computer with limited storage, only one phoneline, and no ties to large-scale computer networks. It did, however, have hundreds of users, many of them dedicated gamers willing to call from out-of-state.
Illuminati was not an "underground" board. It did not feature hints on computer intrusion, or "anarchy files," or illicitly posted credit card numbers, or long-distance access codes. Some of Illuminati's users, however, were members of the Legion of Doom. And so was one of Steve Jackson's senior employees — the Mentor. The Mentor wrote for Phrack, and also ran an underground board, Phoenix Project —
but the Mentor was not a computer professional. The Mentor was the managing editor of Steve Jackson Games and a professional game design-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 5 0
er by trade. These LoD members did not use Illuminati to help their
hacking activities. They used it to help their game-playing activities — and they were even more dedicated to simulation gaming than they were to hacking.
"Illuminati" got its name from a card-game that Steve Jackson himself, the company's founder and sole owner, had invented. This multi-player card-game was one of Mr Jackson's best-known, most successful, most technically innovative products. "Illuminati" was a game of paranoiac conspiracy in which various antisocial cults warred covertly to dominate the world. "Illuminati" was hilarious, and great fun to play, involving flying saucers, the CIA, the KGB, the phone companies, the Ku Klux Klan, the South American Nazis, the cocaine cartels, the Boy Scouts, and dozens of other splinter groups from the twisted depths of Mr. Jackson's professionally fervid imagination. For the uninitiated, any public discussion of the "Illuminati" card-game sounded, by turns, utterly menacing or completely insane.
And then there was SJG's "Car Wars," in which souped-up armored hot-rods with rocket-launchers and heavy machine-guns did battle on the American highways of the future. The lively Car Wars discussion on the Illuminati board featured many meticulous, painstaking discussions of the effects of grenades, land-mines, flamethrowers and napalm. It sounded like hacker anarchy files run amuck.
Mr Jackson and his co-workers earned their daily bread by supplying people with make-believe adventures and weird ideas. The more far-out, the better.
Simulation gaming is an unusual pastime, but gamers have not generally had to beg the permission of the Secret Service to exist. Wargames and roleplaying adventures are an old and honored pastime, much favored by professional military strategists. Once little-known, these games are now played by hundreds of thousands of enthusiasts throughout North America, Europe and Japan. Gaming-books, once restricted to hobby outlets, now commonly appear in chain-stores like B. Dalton's and Waldenbooks, and sell vigorously.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 5 1
Steve Jackson Games, Inc., of Austin, Texas, was a games company of the middle rank. In 1989, SJG grossed about a million dollars. Jackson himself had a good reputation in his industry as a talented and innovative designer of rather unconventional games, but his company was something less than a titan of the field — certainly not like the multimillion-dollar TSR Inc., or Britain's gigantic "Games Workshop."
SJG's Austin headquarters was a modest two-story brick office-suite, cluttered with phones, photocopiers, fax machines and computers. It bustled with semi-organized activity and was littered with glossy promotional brochures and dogeared science-fiction novels. Attached to the offices was a large tin-roofed warehouse piled twenty feet high with cardboard boxes of games and books. Despite the weird imaginings that went on within it, the SJG headquarters was quite a quotidian, everyday sort of place. It looked like what it was: a publishers' digs.
Both "Car Wars" and "Illuminati" were well-known, popular games.
But the mainstay of the Jackson organization was their Generic Universal RolePlaying System, "G.U.R.P.S." The GURPS system was considered solid and well-designed, an asset for players. But perhaps the most popular feature of the GURPS system was that it allowed gaming-masters to design scenarios that closely resembled well-known books, movies, and other works of fantasy. Jackson had licensed and adapted works from many science fiction and fantasy authors. There was
GURPS Conan, GURPS Riverworld, GURPS Horseclans, GURPS
Witch World, names eminently familiar to science-fiction readers.
And there was GURPS Special Ops, from the world of espionage fantasy and unconventional warfare.
And then there was GURPS Cyberpunk.
"Cyberpunk" was a term given to certain science fiction writers who had entered the genre in the 1980s. "Cyberpunk," as the label implies, had two general distinguishing features. First, its writers had a compelling interest in information technology, an interest closely akin to science fiction's earlier fascination with space travel. And second, these writers were "punks," with all the distinguishing features that that implies: Bohemian artiness, youth run wild, an air of deliberate rebel-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 5 2
lion, funny clothes and hair, odd politics, a fondness for abrasive rock and roll; in a word, trouble.
The "cyberpunk" SF writers were a small group of mostly college-educated white middle-class litterateurs, scattered through the US and Canada. Only one, Rudy Rucker, a professor of computer science in Silicon Valley, could rank with even the humblest computer hacker.
But, except for Professor Rucker, the "cyberpunk" authors were not programmers or hardware experts; they considered themselves artists (as, indeed, did Professor Rucker). However, these writers all owned computers, and took an intense and public interest in the social ramifi-cations of the information industry.
The cyberpunks had a strong following among the global generation that had grown up in a world of computers, multinational networks, and cable television. Their outlook was considered somewhat morbid, cynical, and dark, but then again, so was the outlook of their generational peers. As that generation matured and increased in strength and influence, so did the cyberpunks. As science-fiction writers went, they were doing fairly well for themselves. By the late 1980s, their work had attracted attention from gaming companies, including Steve Jackson Games, which was planning a cyberpunk simulation for the flourishing GURPS gaming-system.
The time seemed ripe for such a product, which had already been proven in the marketplace. The first games-company out of the gate, with a product boldly called "Cyberpunk" in defiance of possible infringement-of- copyright suits, had been an upstart group called R. Talsorian.
Talsorian's Cyberpunk was a fairly decent game, but the mechanics of the simulation system left a lot to be desired. Commercially, however, the game did very well.
The next cyberpunk game had been the even more successful
Shadowrun by FASA Corporation. The mechanics of this game were fine, but the scenario was rendered moronic by sappy fantasy elements like elves, trolls, wizards, and dragons — all highly ideologically-incorrect, according to the hard-edged, high-tech standards of cyberpunk science fiction.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 5 3
Other game designers were champing at the bit. Prominent among them was the Mentor, a gentleman who, like most of his friends in the Legion of Doom, was quite the cyberpunk devotee. Mentor reasoned that the time had come for a real cyberpunk gaming-book — one that the princes of computer-mischief in the Legion of Doom could play without laughing themselves sick. This book, GURPS Cyberpunk, would reek of culturally on-line authenticity.
Mentor was particularly well-qualified for this task. Naturally, he knew far more about computer-intrusion and digital skullduggery than any previously published cyberpunk author. Not only that, but he was good at his work. A vivid imagination, combined with an instinctive feeling for the working of systems and, especially, the loopholes within them, are excellent qualities for a professional game designer.
By March 1st, GURPS Cyberpunk was almost complete, ready to print and ship. Steve Jackson expected vigorous sales for this item, which, he hoped, would keep the company financially afloat for several months. GURPS Cyberpunk, like the other GURPS "modules," was not a "game" like a Monopoly set, but a book: a bound paperback book the size of a glossy magazine, with a slick color cover, and pages full of text, illustrations, tables and footnotes. It was advertised as a game, and was used as an aid to game-playing, but it was a book, with an ISBN number, published in Texas, copyrighted, and sold in bookstores.
And now, that book, stored on a computer, had gone out the door in the custody of the Secret Service.
The day after the raid, Steve Jackson visited the local Secret Service headquarters with a lawyer in tow. There he confronted Tim Foley (still in Austin at that time) and demanded his book back. But there was trouble. GURPS Cyberpunk, alleged a Secret Service agent to astonished businessman Steve Jackson, was "a manual for computer crime."
"It's science fiction," Jackson said.
"No, this is real." This statement was repeated several times, by sev-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 5 4
eral agents. Jackson's ominously accurate game had passed from pure, obscure, small-scale fantasy into the impure, highly publicized, large-scale fantasy of the Hacker Crackdown.
No mention was made of the real reason for the search. According to their search warrant, the raiders had expected to find the E911
Document stored on Jackson's bulletin board system. But that warrant was sealed; a procedure that most law enforcement agencies will use only when lives are demonstrably in danger. The raiders' true motives were not discovered until the Jackson search-warrant was unsealed by his lawyers, many months later. The Secret Service, and the Chicago Computer Fraud and Abuse Task Force, said absolutely nothing to Steve Jackson about any threat to the police 911 System. They said nothing about the Atlanta Three, nothing about Phrack or Knight Lightning, nothing about Terminus.
Jackson was left to believe that his computers had been seized because he intended to publish a science fiction book that law enforcement considered too dangerous to see print.
This misconception was repeated again and again, for months, to an ever-widening public audience. It was not the truth of the case; but as months passed, and this misconception was publicly printed again and again, it became one of the few publicly known "facts" about the mysterious Hacker Crackdown. The Secret Service had seized a computer to stop the publication of a cyberpunk science fiction book.
The second section of this book, "The Digital Underground," is almost finished now. We have become acquainted with all the major figures of this case who actually belong to the underground milieu of computer intrusion. We have some idea of their history, their motives, their general modus operandi. We now know, I hope, who they are, where they came from, and more or less what they want. In the next section of this book, "Law and Order," we will leave this milieu and directly enter the world of America's computer-crime police.
At this point, however, I have another figure to introduce: myself.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 5 5
My name is Bruce Sterling. I live in Austin, Texas, where I am a science fiction writer by trade: specifically, a cyberpunk science fiction writer.
Like my "cyberpunk" colleagues in the U.S. and Canada, I've never been entirely happy with this literary label — especially after it became a synonym for computer criminal. But I did once edit a book of stories by my colleagues, called MIRRORSHADES: the Cyberpunk Anthology,
and I've long been a writer of literary-critical cyberpunk manifestos.
I am not a "hacker" of any description, though I do have readers in the digital underground.
When the Steve Jackson Games seizure occurred, I naturally took an intense interest. If "cyberpunk" books were being banned by federal police in my own home town, I reasonably wondered whether I myself might be next. Would my computer be seized by the Secret Service? At the time, I was in possession of an aging Apple IIe without so much as a hard disk. If I were to be raided as an author of computer-crime manuals, the loss of my feeble word-processor would likely provoke more snickers than sympathy.
I'd known Steve Jackson for many years. We knew one another as colleagues, for we frequented the same local science-fiction conventions.
I'd played Jackson games, and recognized his cleverness; but he certainly had never struck me as a potential mastermind of computer crime.
I also knew a little about computer bulletin-board systems. In the mid-1980s I had taken an active role in an Austin board called "SMOF-BBS,"
one of the first boards dedicated to science fiction. I had a modem, and on occasion I'd logged on to Illuminati, which always looked entertainly wacky, but certainly harmless enough.
At the time of the Jackson seizure, I had no experience whatsoever with underground boards. But I knew that no one on Illuminati talked about breaking into systems illegally, or about robbing phone companies.
Illuminati didn't even offer pirated computer games. Steve Jackson, like many creative artists, was markedly touchy about theft of intellectual property.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 5 6
It seemed to me that Jackson was either seriously suspected of some crime — in which case, he would be charged soon, and would have his day in court — or else he was innocent, in which case the Secret Service would quickly return his equipment, and everyone would have a good laugh. I rather expected the good laugh. The situation was not without its comic side. The raid, known as the "Cyberpunk Bust" in the science fiction community, was winning a great deal of free national publicity both for Jackson himself and the "cyberpunk" science fiction writers generally.
Besides, science fiction people are used to being misinterpreted.
Science fiction is a colorful, disreputable, slipshod occupation, full of unlikely oddballs, which, of course, is why we like it. Weirdness can be an occupational hazard in our field. People who wear Halloween costumes are sometimes mistaken for monsters.
Once upon a time — back in 1939, in New York City — science fiction and the U.S. Secret Service collided in a comic case of mistaken identity.
This weird incident involved a literary group quite famous in science fiction, known as "the Futurians," whose membership included such future genre greats as Isaac Asimov, Frederik Pohl, and Damon Knight.
The Futurians were every bit as offbeat and wacky as any of their spiritual descendants, including the cyberpunks, and were given to communal living, spontaneous group renditions of light opera, and midnight fenc-ing exhibitions on the lawn. The Futurians didn't have bulletin board systems, but they did have the technological equivalent in 1939 —
mimeographs and a private printing press. These were in steady use, producing a stream of science-fiction fan magazines, literary manifestos, and weird articles, which were picked up in ink-sticky bundles by a succession of strange, gangly, spotty young men in fedoras and overcoats.
The neighbors grew alarmed at the antics of the Futurians and reported them to the Secret Service as suspected counterfeiters. In the winter of 1939, a squad of USSS agents with drawn guns burst into "Futurian House," prepared to confiscate the forged currency and illicit printing presses. There they discovered a slumbering science fiction fan named B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 5 7
George Hahn, a guest of the Futurian commune who had just arrived in New York. George Hahn managed to explain himself and his group, and the Secret Service agents left the Futurians in peace henceforth. (Alas, Hahn died in 1991, just before I had discovered this astonishing historical parallel, and just before I could interview him for this book.) But the Jackson case did not come to a swift and comic end. No quick answers came his way, or mine; no swift reassurances that all was right in the digital world, that matters were well in hand after all.
Quite the opposite. In my alternate role as a sometime pop-science journalist, I interviewed Jackson and his staff for an article in a British magazine. The strange details of the raid left me more concerned than ever. Without its computers, the company had been financially and operationally crippled. Half the SJG workforce, a group of entirely innocent people, had been sorrowfully fired, deprived of their livelihoods by the seizure. It began to dawn on me that authors —
American writers — might well have their computers seized, under sealed warrants, without any criminal charge; and that, as Steve Jackson had discovered, there was no immediate recourse for this. This was no joke; this wasn't science fiction; this was real.
I determined to put science fiction aside until I had discovered what had happened and where this trouble had come from. It was time to enter the purportedly real world of electronic free expression and computer crime. Hence, this book. Hence, the world of the telcos; and the world of the digital underground; and next, the world of the police.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 5 8
P A R T T H R E E
LAW AND ORDER
Of the various anti-hacker activities of 1990, "Operation Sundevil" had by far the highest public profile. The sweeping, nationwide computer seizures of May 8, 1990 were unprecedented in scope and highly, if rather selectively, publicized.
Unlike the efforts of the Chicago Computer Fraud and Abuse Task Force,
"Operation Sundevil" was not intended to combat "hacking" in the sense of computer intrusion or sophisticated raids on telco switching stations.
Nor did it have anything to do with hacker misdeeds with AT&T's software, or with Southern Bell's proprietary documents.
Instead, "Operation Sundevil" was a crackdown on those traditional scourges of the digital underground: credit-card theft and telephone code abuse. The ambitious activities out of Chicago, and the somewhat lesser-known but vigorous anti-hacker actions of the New York State Police in 1990, were never a part of "Operation Sundevil" per se, which was based in Arizona.
Nevertheless, after the spectacular May 8 raids, the public, misled by police secrecy, hacker panic, and a puzzled national press-corps, conflated all aspects of the nationwide crackdown in 1990 under the blanket term "Operation Sundevil." "Sundevil" is still the best-known synonym for the crackdown of 1990. But the Arizona organizers of "Sundevil"
did not really deserve this reputation — any more, for instance, than all hackers deserve a reputation as "hackers."
There was some justice in this confused perception, though. For one thing, the confusion was abetted by the Washington office of the Secret Service, who responded to Freedom of Information Act requests on
"Operation Sundevil" by referring investigators to the publicly known cases of Knight Lightning and the Atlanta Three. And "Sundevil" was certainly the largest aspect of the Crackdown, the most deliberate and the best-organized. As a crackdown on electronic fraud, "Sundevil"
lacked the frantic pace of the war on the Legion of Doom; on the con-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 5 9
trary, Sundevil's targets were picked out with cool deliberation over an elaborate investigation lasting two full years.
And once again the targets were bulletin board systems.
Boards can be powerful aids to organized fraud. Underground boards carry lively, extensive, detailed, and often quite flagrant "discussions"
of lawbreaking techniques and lawbreaking activities. "Discussing"
crime in the abstract, or "discussing" the particulars of criminal cases, is not illegal — but there are stern state and federal laws against cold-bloodedly conspiring in groups in order to commit crimes.
In the eyes of police, people who actively conspire to break the law are not regarded as "clubs," "debating salons," "users' groups," or "free speech advocates." Rather, such people tend to find themselves formally indicted by prosecutors as "gangs," "racketeers," "corrupt organizations" and "organized crime figures."
What's more, the illicit data contained on outlaw boards goes well beyond mere acts of speech and/or possible criminal conspiracy. As we have seen, it was common practice in the digital underground to post purloined telephone codes on boards, for any phreak or hacker who cared to abuse them. Is posting digital booty of this sort supposed to be protected by the First Amendment? Hardly — though the issue, like most issues in cyberspace, is not entirely resolved. Some theorists argue that to merely recite a number publicly is not illegal — only its use is illegal. But anti-hacker police point out that magazines and newspapers (more traditional forms of free expression) never publish stolen telephone codes (even though this might well raise their circulation).
Stolen credit card numbers, being riskier and more valuable, were less often publicly posted on boards — but there is no question that some underground boards carried "carding" traffic, generally exchanged through private mail.
Underground boards also carried handy programs for "scanning" telephone codes and raiding credit card companies, as well as the usual obnoxious galaxy of pirated software, cracked passwords, blue-box B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 6 0
schematics, intrusion manuals, anarchy files, porn files, and so forth.
But besides their nuisance potential for the spread of illicit knowledge, bulletin boards have another vitally interesting aspect for the professional investigator. Bulletin boards are cram-full of evidence. All that busy trading of electronic mail, all those hacker boasts, brags and struts, even the stolen codes and cards, can be neat, electronic, realtime recordings of criminal activity.
As an investigator, when you seize a pirate board, you have scored a coup as effective as tapping phones or intercepting mail. However, you have not actually tapped a phone or intercepted a letter. The rules of evidence regarding phone-taps and mail interceptions are old, stern and well-understood by police, prosecutors and defense attorneys alike.
The rules of evidence regarding boards are new, waffling, and understood by nobody at all.
Sundevil was the largest crackdown on boards in world history. On May 7, 8, and 9, 1990, about forty-two computer systems were seized. Of those forty-two computers, about twenty-five actually were running boards. (The vagueness of this estimate is attributable to the vagueness of (a) what a "computer system" is, and (b) what it actually means to
"run a board" with one — or with two computers, or with three.) About twenty-five boards vanished into police custody in May 1990. As we have seen, there are an estimated 30,000 boards in America today.
If we assume that one board in a hundred is up to no good with codes and cards (which rather flatters the honesty of the board-using community), then that would leave 2,975 outlaw boards untouched by Sundevil.
Sundevil seized about one tenth of one percent of all computer bulletin boards in America. Seen objectively, this is something less than a comprehensive assault. In 1990, Sundevil's organizers — the team at the Phoenix Secret Service office, and the Arizona Attorney General's office
— had a list of at least three hundred boards that they considered fully deserving of search and seizure warrants. The twenty-five boards actually seized were merely among the most obvious and egregious of this much larger list of candidates. All these boards had been examined beforehand — either by informants, who had passed printouts B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 6 1
to the Secret Service, or by Secret Service agents themselves, who not only come equipped with modems but know how to use them.
There were a number of motives for Sundevil. First, it offered a chance to get ahead of the curve on wire-fraud crimes. Tracking back credit-card ripoffs to their perpetrators can be appallingly difficult. If these miscreants have any kind of electronic sophistication, they can snarl their tracks through the phone network into a mindboggling, untraceable mess, while still managing to "reach out and rob someone." Boards, however, full of brags and boasts, codes and cards, offer evidence in the handy congealed form.
Seizures themselves — the mere physical removal of machines — tends to take the pressure off. During Sundevil, a large number of code kids, warez d00dz, and credit card thieves would be deprived of those boards
— their means of community and conspiracy — in one swift blow. As for the sysops themselves (commonly among the boldest offenders) they would be directly stripped of their computer equipment, and rendered digitally mute and blind.
And this aspect of Sundevil was carried out with great success.
Sundevil seems to have been a complete tactical surprise — unlike the fragmentary and continuing seizures of the war on the Legion of Doom, Sundevil was precisely timed and utterly overwhelming. At least forty
"computers" were seized during May 7, 8 and 9, 1990, in Cincinnati, Detroit, Los Angeles, Miami, Newark, Phoenix, Tucson, Richmond, San Diego, San Jose, Pittsburgh and San Francisco. Some cities saw multiple raids, such as the five separate raids in the New York City environs.
Plano, Texas (essentially a suburb of the Dallas/Fort Worth metroplex, and a hub of the telecommunications industry) saw four computer seizures. Chicago, ever in the forefront, saw its own local Sundevil raid, briskly carried out by Secret Service agents Timothy Foley and Barbara Golden.
Many of these raids occurred, not in the cities proper, but in associated white-middle class suburbs — places like Mount Lebanon, Pennsylvania and Clark Lake, Michigan. There were a few raids on offices; most took place in people's homes, the classic hacker basements and bedrooms.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 6 2
The Sundevil raids were searches and seizures, not a group of mass arrests. There were only four arrests during Sundevil. "Tony the Trashman," a longtime teenage bete noire of the Arizona Racketeering unit, was arrested in Tucson on May 9. "Dr. Ripco," sysop of an outlaw board with the misfortune to exist in Chicago itself, was also arrested
— on illegal weapons charges. Local units also arrested a 19-year-old female phone phreak named "Electra" in Pennsylvania, and a male juvenile in California. Federal agents however were not seeking arrests, but computers.
Hackers are generally not indicted (if at all) until the evidence in their seized computers is evaluated — a process that can take weeks, months
— even years. When hackers are arrested on the spot, it's generally an arrest for other reasons. Drugs and/or illegal weapons show up in a good third of anti-hacker computer seizures (though not during Sundevil).
That scofflaw teenage hackers (or their parents) should have marijuana in their homes is probably not a shocking revelation, but the surprisingly common presence of illegal firearms in hacker dens is a bit disquieting. A Personal Computer can be a great equalizer for the techno-cowboy — much like that more traditional American "Great Equalizer,"
the Personal Sixgun. Maybe it's not all that surprising that some guy obsessed with power through illicit technology would also have a few illicit high-velocity-impact devices around. An element of the digital underground particularly dotes on those "anarchy philes," and this element tends to shade into the crackpot milieu of survivalists, gun-nuts, anarcho-leftists and the ultra-libertarian right-wing.
This is not to say that hacker raids to date have uncovered any major crack-dens or illegal arsenals; but Secret Service agents do not regard
"hackers" as "just kids." They regard hackers as unpredictable people, bright and slippery. It doesn't help matters that the hacker himself has been "hiding behind his keyboard" all this time. Commonly, police have no idea what he looks like. This makes him an unknown quantity, someone best treated with proper caution.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 6 3
To date, no hacker has come out shooting, though they do sometimes brag on boards that they will do just that. Threats of this sort are taken seriously. Secret Service hacker raids tend to be swift, comprehensive, well-manned (even over-manned); and agents generally burst through every door in the home at once, sometimes with drawn guns.
Any potential resistance is swiftly quelled. Hacker raids are usually raids on people's homes. It can be a very dangerous business to raid an American home; people can panic when strangers invade their sanctum.
Statistically speaking, the most dangerous thing a policeman can do is to enter someone's home. (The second most dangerous thing is to stop a car in traffic.) People have guns in their homes. More cops are hurt in homes than are ever hurt in biker bars or massage parlors.
But in any case, no one was hurt during Sundevil, or indeed during any part of the Hacker Crackdown.
Nor were there any allegations of any physical mistreatment of a suspect. Guns were pointed, interrogations were sharp and prolonged; but no one in 1990 claimed any act of brutality by any crackdown raider.
In addition to the forty or so computers, Sundevil reaped floppy disks in particularly great abundance — an estimated 23,000 of them, which naturally included every manner of illegitimate data: pirated games, stolen codes, hot credit card numbers, the complete text and software of entire pirate bulletin-boards. These floppy disks, which remain in police custody today, offer a gigantic, almost embarrassingly rich source of possible criminal indictments. These 23,000 floppy disks also include a thus-far unknown quantity of legitimate computer games, legitimate software, purportedly "private" mail from boards, business records, and personal correspondence of all kinds.
Standard computer-crime search warrants lay great emphasis on seizing written documents as well as computers — specifically including photocopies, computer printouts, telephone bills, address books, logs, notes, memoranda and correspondence. In practice, this has meant that diaries, gaming magazines, software documentation, nonfiction books on hacking and computer security, sometimes even science fiction novels, have all vanished out the door in police custody. A wide variety of elec-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 6 4
tronic items have been known to vanish as well, including telephones, televisions, answering machines, Sony Walkmans, desktop printers, compact disks, and audiotapes.
No fewer than 150 members of the Secret Service were sent into the field during Sundevil. They were commonly accompanied by squads of local and/or state police. Most of these officers — especially the locals
— had never been on an anti-hacker raid before. (This was one good reason, in fact, why so many of them were invited along in the first place.) Also, the presence of a uniformed police officer assures the raidees that the people entering their homes are, in fact, police. Secret Service agents wear plain clothes. So do the telco security experts who commonly accompany the Secret Service on raids (and who make no particular effort to identify themselves as mere employees of telephone companies).
A typical hacker raid goes something like this. First, police storm in rapidly, through every entrance, with overwhelming force, in the assumption that this tactic will keep casualties to a minimum. Second, possible suspects are immediately removed from the vicinity of any and all computer systems, so that they will have no chance to purge or destroy computer evidence. Suspects are herded into a room without computers, commonly the living room, and kept under guard — not
armed guard, for the guns are swiftly holstered, but under guard nevertheless. They are presented with the search warrant and warned that anything they say may be held against them. Commonly they have a great deal to say, especially if they are unsuspecting parents.
Somewhere in the house is the "hot spot" — a computer tied to a phone line (possibly several computers and several phones). Commonly it's a teenager's bedroom, but it can be anywhere in the house; there may be several such rooms. This "hot spot" is put in charge of a two-agent team, the "finder" and the "recorder." The "finder" is computer-trained, commonly the case agent who has actually obtained the search warrant from a judge. He or she understands what is being sought, and actually carries out the seizures: unplugs machines, opens drawers, desks, files, floppy-disk containers, etc. The "recorder" photographs all the equipment, just as it stands — especially the tangle of wired con-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 6 5
nections in the back, which can otherwise be a real nightmare to restore. The recorder will also commonly photograph every room in the house, lest some wily criminal claim that the police had robbed him during the search. Some recorders carry videocams or tape recorders; however, it's more common for the recorder to simply take written notes. Objects are described and numbered as the finder seizes them, generally on standard preprinted police inventory forms.
Even Secret Service agents were not, and are not, expert computer users. They have not made, and do not make, judgements on the fly about potential threats posed by various forms of equipment. They may exercise discretion; they may leave Dad his computer, for instance, but they don't have to. Standard computer-crime search warrants, which date back to the early 80s, use a sweeping language that targets computers, most anything attached to a computer, most anything used to operate a computer — most anything that remotely resembles a computer —
plus most any and all written documents surrounding it. Computer-crime investigators have strongly urged agents to seize the works.
In this sense, Operation Sundevil appears to have been a complete success. Boards went down all over America, and were shipped en masse to the computer investigation lab of the Secret Service, in Washington DC, along with the 23,000 floppy disks and unknown quantities of printed material.
But the seizure of twenty-five boards, and the multimegabyte mountains of possibly useful evidence contained in these boards (and in their owners' other computers, also out the door), were far from the only motives for Operation Sundevil. An unprecedented action of great ambition and size, Sundevil's motives can only be described as political.
It was a public-relations effort, meant to pass certain messages, meant to make certain situations clear: both in the mind of the general public, and in the minds of various constituencies of the electronic community.
First — and this motivation was vital — a "message" would be sent from law enforcement to the digital underground. This very message was recited in so many words by Garry M. Jenkins, the Assistant Director of the US Secret Service, at the Sundevil press conference in Phoenix on B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 6 6
May 9, 1990, immediately after the raids. In brief, hackers were mistaken in their foolish belief that they could hide behind the "relative anonymity of their computer terminals." On the contrary, they should fully understand that state and federal cops were actively patrolling the beat in cyberspace — that they were on the watch everywhere, even in those sleazy and secretive dens of cybernetic vice, the underground boards.
This is not an unusual message for police to publicly convey to crooks.
The message is a standard message; only the context is new.
In this respect, the Sundevil raids were the digital equivalent of the standard vice-squad crackdown on massage parlors, porno bookstores, head-shops, or floating crap-games. There may be few or no arrests in a raid of this sort; no convictions, no trials, no interrogations. In cases of this sort, police may well walk out the door with many pounds of sleazy magazines, X-rated videotapes, sex toys, gambling equipment, baggies of marijuana....
Of course, if something truly horrendous is discovered by the raiders, there will be arrests and prosecutions. Far more likely, however, there will simply be a brief but sharp disruption of the closed and secretive world of the nogoodniks. There will be "street hassle."
"Heat." "Deterrence." And, of course, the immediate loss of the seized goods. It is very unlikely that any of this seized material will ever be returned. Whether charged or not, whether convicted or not, the perpetrators will almost surely lack the nerve ever to ask for this stuff to be given back.
Arrests and trials — putting people in jail — may involve all kinds of formal legalities; but dealing with the justice system is far from the only task of police. Police do not simply arrest people. They don't simply put people in jail. That is not how the police perceive their jobs.
Police "protect and serve." Police "keep the peace," they "keep public order." Like other forms of public relations, keeping public order is not an exact science. Keeping public order is something of an art-form.
If a group of tough-looking teenage hoodlums was loitering on a street-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 6 7
corner, no one would be surprised to see a street-cop arrive and sternly order them to "break it up." On the contrary, the surprise would come if one of these ne'er-do-wells stepped briskly into a phone-booth, called a civil rights lawyer, and instituted a civil suit in defense of his Constitutional rights of free speech and free assembly. But something much along this line was one of the many anomolous outcomes of the Hacker Crackdown.
Sundevil also carried useful "messages" for other constituents of the electronic community. These messages may not have been read aloud from the Phoenix podium in front of the press corps, but there was little mistaking their meaning. There was a message of reassurance for the primary victims of coding and carding: the telcos, and the credit companies. Sundevil was greeted with joy by the security officers of the electronic business community. After years of high-tech harassment and spiralling revenue losses, their complaints of rampant outlawry were being taken seriously by law enforcement. No more headscratching or dismissive shrugs; no more feeble excuses about "lack of computer-trained officers" or the low priority of "victimless" white-collar telecommunication crimes.
Computer-crime experts have long believed that computer-related offenses are drastically under-reported. They regard this as a major open scandal of their field. Some victims are reluctant to come forth, because they believe that police and prosecutors are not computer-literate, and can and will do nothing. Others are embarrassed by their vulnerabilities, and will take strong measures to avoid any publicity; this is especially true of banks, who fear a loss of investor confidence should an embezzlement-case or wire-fraud surface. And some victims are so helplessly confused by their own high technology that they never even realize that a crime has occurred — even when they have been fleeced to the bone.
The results of this situation can be dire. Criminals escape apprehension and punishment. The computer-crime units that do exist, can't get work.
The true scope of computer-crime: its size, its real nature, the scope of its threats, and the legal remedies for it — all remain obscured.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 6 8
Another problem is very little publicized, but it is a cause of genuine concern. Where there is persistent crime, but no effective police protection, then vigilantism can result. Telcos, banks, credit companies, the major corporations who maintain extensive computer networks vulnerable to hacking — these organizations are powerful, wealthy, and politically influential. They are disinclined to be pushed around by crooks (or by most anyone else, for that matter). They often maintain well-organized private security forces, commonly run by experienced veterans of military and police units, who have left public service for the greener pastures of the private sector. For police, the corporate security manager can be a powerful ally; but if this gentleman finds no allies in the police, and the pressure is on from his board-of-directors, he may quietly take certain matters into his own hands.
Nor is there any lack of disposable hired-help in the corporate security business. Private security agencies — the 'security business' generally
— grew explosively in the 1980s. Today there are spooky gumshoed armies of "security consultants," "rent-a- cops," "private eyes,"
"outside experts" — every manner of shady operator who retails in
"results" and discretion. Or course, many of these gentlemen and ladies may be paragons of professional and moral rectitude. But as anyone who has read a hard-boiled detective novel knows, police tend to be less than fond of this sort of private-sector competition.
Companies in search of computer-security have even been known to hire hackers. Police shudder at this prospect.
Police treasure good relations with the business community. Rarely will you see a policeman so indiscreet as to allege publicly that some major employer in his state or city has succumbed to paranoia and gone off the rails. Nevertheless, police — and computer police in particular
— are aware of this possibility. Computer-crime police can and do spend up to half of their business hours just doing public relations: seminars, "dog and pony shows," sometimes with parents' groups or computer users, but generally with their core audience: the likely victims of hacking crimes. These, of course, are telcos, credit card companies and large computer-equipped corporations. The police strongly urge these people, as good citizens, to report offenses and press crimi-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 6 9
nal charges; they pass the message that there is someone in authority who cares, understands, and, best of all, will take useful action should a computer-crime occur.
But reassuring talk is cheap. Sundevil offered action.
The final message of Sundevil was intended for internal consumption by law enforcement. Sundevil was offered as proof that the community of American computer-crime police had come of age. Sundevil was proof that enormous things like Sundevil itself could now be accomplished.
Sundevil was proof that the Secret Service and its local law-enforcement allies could act like a well-oiled machine — (despite the hamper-ing use of those scrambled phones). It was also proof that the Arizona Organized Crime and Racketeering Unit — the sparkplug of Sundevil —
ranked with the best in the world in ambition, organization, and sheer conceptual daring.
And, as a final fillip, Sundevil was a message from the Secret Service to their longtime rivals in the Federal Bureau of Investigation. By Congressional fiat, both USSS and FBI formally share jurisdiction over federal computer-crimebusting activities. Neither of these groups has ever been remotely happy with this muddled situation. It seems to suggest that Congress cannot make up its mind as to which of these groups is better qualified. And there is scarcely a G-man or a Special Agent anywhere without a very firm opinion on that topic.
_____
For the neophyte, one of the most puzzling aspects of the crackdown on hackers is why the United States Secret Service has anything at all to do with this matter.
The Secret Service is best known for its primary public role: its agents protect the President of the United States. They also guard the President's family, the Vice President and his family, former Presidents, and Presidential candidates. They sometimes guard foreign dignitaries who are visiting the United States, especially foreign heads of state, and have been known to accompany American officials on diplomatic missions overseas.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 7 0
Special Agents of the Secret Service don't wear uniforms, but the Secret Service also has two uniformed police agencies. There's the former White House Police (now known as the Secret Service Uniformed Division, since they currently guard foreign embassies in Washington, as well as the White House itself). And there's the uniformed Treasury Police Force.
The Secret Service has been charged by Congress with a number of little-known duties. They guard the precious metals in Treasury vaults.
They guard the most valuable historical documents of the United States: originals of the Constitution, the Declaration of Independence, Lincoln's Second Inaugural Address, an American-owned copy of the Magna Carta, and so forth. Once they were assigned to guard the Mona Lisa, on her American tour in the 1960s.
The entire Secret Service is a division of the Treasury Department.
Secret Service Special Agents (there are about 1,900 of them) are bodyguards for the President et al, but they all work for the Treasury.
And the Treasury (through its divisions of the U.S. Mint and the Bureau of Engraving and Printing) prints the nation's money.
As Treasury police, the Secret Service guards the nation's currency; it is the only federal law enforcement agency with direct jurisdiction over counterfeiting and forgery. It analyzes documents for authenticity, and its fight against fake cash is still quite lively (especially since the skilled counterfeiters of Medellin, Columbia have gotten into the act).
Government checks, bonds, and other obligations, which exist in untold millions and are worth untold billions, are common targets for forgery, which the Secret Service also battles. It even handles forgery of postage stamps.
But cash is fading in importance today as money has become electronic.
As necessity beckoned, the Secret Service moved from fighting the counterfeiting of paper currency and the forging of checks, to the protection of funds transferred by wire.
From wire-fraud, it was a simple skip-and-jump to what is formally B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 7 1
known as "access device fraud." Congress granted the Secret Service the authority to investigate "access device fraud" under Title 18 of the United States Code (U.S.C. Section 1029).
The term "access device" seems intuitively simple. It's some kind of high-tech gizmo you use to get money with. It makes good sense to put this sort of thing in the charge of counterfeiting and wire-fraud experts.
However, in Section 1029, the term "access device" is very generously defined. An access device is: "any card, plate, code, account number, or other means of account access that can be used, alone or in conjunction with another access device, to obtain money, goods, services, or any other thing of value, or that can be used to initiate a transfer of funds."
"Access device" can therefore be construed to include credit cards themselves (a popular forgery item nowadays). It also includes credit card account numbers, those standards of the digital underground. The same goes for telephone charge cards (an increasingly popular item with telcos, who are tired of being robbed of pocket change by phone-booth thieves). And also telephone access codes, those other standards of the digital underground. (Stolen telephone codes may not
"obtain money," but they certainly do obtain valuable "services," which is specifically forbidden by Section 1029.)
We can now see that Section 1029 already pits the United States Secret Service directly against the digital underground, without any mention at all of the word "computer."
Standard phreaking devices, like "blue boxes," used to steal phone service from old-fashioned mechanical switches, are unquestionably
"counterfeit access devices." Thanks to Sec.1029, it is not only illegal to use counterfeit access devices, but it is even illegal to build
them. "Producing," "designing" "duplicating" or "assembling" blue boxes are all federal crimes today, and if you do this, the Secret Service has been charged by Congress to come after you.
Automatic Teller Machines, which replicated all over America during B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 7 2
the 1980s, are definitely "access devices," too, and an attempt to tamper with their punchin codes and plastic bank cards falls directly under Sec. 1029.
Section 1029 is remarkably elastic. Suppose you find a computer password in somebody's trash. That password might be a "code" — it's certainly a "means of account access." Now suppose you log on to a computer and copy some software for yourself. You've certainly obtained "service" (computer service) and a "thing of value" (the software).
Suppose you tell a dozen friends about your swiped password, and let them use it, too. Now you're "trafficking in unauthorized access devices." And when the Prophet, a member of the Legion of Doom, passed a stolen telephone company document to Knight Lightning at Phrack
magazine, they were both charged under Sec. 1029!
There are two limitations on Section 1029. First, the offense must
"affect interstate or foreign commerce" in order to become a matter of federal jurisdiction. The term "affecting commerce" is not well defined; but you may take it as a given that the Secret Service can take an interest if you've done most anything that happens to cross a state line. State and local police can be touchy about their jurisdictions, and can sometimes be mulish when the feds show up. But when it comes to computer-crime, the local police are pathetically grateful for federal help —
in fact they complain that they can't get enough of it. If you're stealing long-distance service, you're almost certainly crossing state lines, and you're definitely "affecting the interstate commerce" of the telcos. And if you're abusing credit cards by ordering stuff out of glossy catalogs from, say, Vermont, you're in for it.
The second limitation is money. As a rule, the feds don't pursue penny-ante offenders. Federal judges will dismiss cases that appear to waste their time. Federal crimes must be serious; Section 1029 specifies a minimum loss of a thousand dollars.
We now come to the very next section of Title 18, which is Section 1030, "Fraud and related activity in connection with computers." This statute gives the Secret Service direct jurisdiction over acts of computer intrusion. On the face of it, the Secret Service would now seem to B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 7 3
command the field. Section 1030, however, is nowhere near so ductile as Section 1029.
The first annoyance is Section 1030(d), which reads:
"(d) The United States Secret Service shall, in addition to any other agency having such authority, have the authority to investigate offenses under this section. Such authority of the United States Secret Service shall be exercised in accordance with an agreement which shall be entered into by the Secretary of the Treasury and the Attorney General." (Author's italics.)
The Secretary of the Treasury is the titular head of the Secret Service, while the Attorney General is in charge of the FBI. In Section (d), Congress shrugged off responsibility for the computer-crime turf-battle between the Service and the Bureau, and made them fight it out all by themselves. The result was a rather dire one for the Secret Service, for the FBI ended up with exclusive jurisdiction over computer breakins having to do with national security, foreign espionage, federally insured banks, and U.S. military bases, while retaining joint jurisdiction over all the other computer intrusions. Essentially, when it comes to Section 1030, the FBI not only gets the real glamor stuff for itself, but can peer over the shoulder of the Secret Service and barge in to meddle whenever it suits them.
The second problem has to do with the dicey term "Federal interest computer." Section 1030(a)(2) makes it illegal to "access a computer without authorization" if that computer belongs to a financial institution or an issuer of credit cards (fraud cases, in other words). Congress was quite willing to give the Secret Service jurisdiction over money-transferring computers, but Congress balked at letting them investigate any and all computer intrusions. Instead, the USSS had to settle for the money machines and the "Federal interest computers." A "Federal interest computer" is a computer which the government itself owns, or is using. Large networks of interstate computers, linked over state lines, are also considered to be of "Federal interest." (This notion of
"Federal interest" is legally rather foggy and has never been clearly defined in the courts. The Secret Service has never yet had its hand B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 7 4
slapped for investigating computer breakins that were not of
"Federal interest," but conceivably someday this might happen.) So the Secret Service's authority over "unauthorized access" to computers covers a lot of territory, but by no means the whole ball of cyberspatial wax. If you are, for instance, a local computer retail-er, or the owner of a local bulletin board system, then a malicious
local intruder can break in, crash your system, trash your files and scatter viruses, and the U.S. Secret Service cannot do a single thing about it.
At least, it can't do anything directly. But the Secret Service will do plenty to help the local people who can.
The FBI may have dealt itself an ace off the bottom of the deck when it comes to Section 1030; but that's not the whole story; that's not the street. What's Congress thinks is one thing, and Congress has been known to change its mind. The real turf-struggle is out there in the streets where it's happening. If you're a local street-cop with a computer problem, the Secret Service wants you to know where you can find the real expertise. While the Bureau crowd are off having their favorite shoes polished — (wing-tips) — and making derisive fun of the Service's favorite shoes — ("pansy-ass tassels") — the tassel-toting Secret Service has a crew of ready-and-able hacker-trackers installed in the capital of every state in the Union. Need advice?
They'll give you advice, or at least point you in the right direction. Need training? They can see to that, too.
If you're a local cop and you call in the FBI, the FBI (as is widely and slanderously rumored) will order you around like a coolie, take all the credit for your busts, and mop up every possible scrap of reflected glory. The Secret Service, on the other hand, doesn't brag a lot. They're the quiet types. Very quiet. Very cool. Efficient. High-tech.
Mirrorshades, icy stares, radio ear-plugs, an Uzi machine-pistol tucked somewhere in that well-cut jacket. American samurai, sworn to give their lives to protect our President. "The granite agents." Trained in martial arts, absolutely fearless. Every single one of 'em has a top-secret security clearance. Something goes a little wrong, you're not B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 7 5
gonna hear any whining and moaning and political buck-passing out of these guys.
The facade of the granite agent is not, of course, the reality. Secret Service agents are human beings. And the real glory in Service work is not in battling computer crime — not yet, anyway — but in protecting the President. The real glamour of Secret Service work is in the White House Detail. If you're at the President's side, then the kids and the wife see you on television; you rub shoulders with the most powerful people in the world. That's the real heart of Service work, the number one priority. More than one computer investigation has stopped dead in the water when Service agents vanished at the President's need.
There's romance in the work of the Service. The intimate access to circles of great power; the esprit-de-corps of a highly trained and disciplined elite; the high responsibility of defending the Chief Executive; the fulfillment of a patriotic duty. And as police work goes, the pay's not bad. But there's squalor in Service work, too. You may get spat upon by protesters howling abuse — and if they get violent, if they get too close, sometimes you have to knock one of them down — discreetly.
The real squalor in Service work is drudgery such as "the quarterlies,"
traipsing out four times a year, year in, year out, to interview the various pathetic wretches, many of them in prisons and asylums, who have seen fit to threaten the President's life. And then there's the grinding stress of searching all those faces in the endless bustling crowds, looking for hatred, looking for psychosis, looking for the tight, nervous face of an Arthur Bremer, a Squeaky Fromme, a Lee Harvey Oswald. It's watching all those grasping, waving hands for sudden movements, while your ears strain at your radio headphone for the long-rehearsed cry of
"Gun!"
It's poring, in grinding detail, over the biographies of every rotten loser who ever shot at a President. It's the unsung work of the Protective Research Section, who study scrawled, anonymous death threats with all the meticulous tools of anti-forgery techniques.
And it's maintaining the hefty computerized files on anyone who ever B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 7 6
threatened the President's life. Civil libertarians have become increasingly concerned at the Government's use of computer files to track American citizens — but the Secret Service file of potential Presidential assassins, which has upward of twenty thousand names, rarely causes a peep of protest. If you ever state that you intend to kill the President, the Secret Service will want to know and record who you are, where you are, what you are, and what you're up to. If you're a serious threat — if you're officially considered "of protective interest" — then the Secret Service may well keep tabs on you for the rest of your natural life.
Protecting the President has first call on all the Service's resources.
But there's a lot more to the Service's traditions and history than standing guard outside the Oval Office.
The Secret Service is the nation's oldest general federal law-enforcement agency. Compared to the Secret Service, the FBI are new-hires and the CIA are temps. The Secret Service was founded 'way back in 1865, at the suggestion of Hugh McCulloch, Abraham Lincoln's Secretary of the Treasury. McCulloch wanted a specialized Treasury police to combat counterfeiting. Abraham Lincoln agreed that this seemed a good idea, and, with a terrible irony, Abraham Lincoln was shot that very night by John Wilkes Booth.
The Secret Service originally had nothing to do with protecting Presidents. They didn't take this on as a regular assignment until after the Garfield assassination in 1881. And they didn't get any Congressional money for it until President McKinley was shot in 1901.
The Service was originally designed for one purpose: destroying counterfeiters.
_____
There are interesting parallels between the Service's nineteenth-century entry into counterfeiting, and America's twentieth-century entry into computer-crime.
In 1865, America's paper currency was a terrible muddle. Security was drastically bad. Currency was printed on the spot by local banks in B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 7 7
literally hundreds of different designs. No one really knew what the heck a dollar bill was supposed to look like. Bogus bills passed easily. If some joker told you that a one-dollar bill from the Railroad Bank of Lowell, Massachusetts had a woman leaning on a shield, with a locomo-tive, a cornucopia, a compass, various agricultural implements, a railroad bridge, and some factories, then you pretty much had to take his word for it. (And in fact he was telling the truth!)
Sixteen hundred local American banks designed and printed their own paper currency, and there were no general standards for security. Like a badly guarded node in a computer network, badly designed bills were easy to fake, and posed a security hazard for the entire monetary system.
No one knew the exact extent of the threat to the currency. There were panicked estimates that as much as a third of the entire national currency was faked. Counterfeiters — known as "boodlers" in the underground slang of the time — were mostly technically skilled printers who had gone to the bad. Many had once worked printing legitimate currency. Boodlers operated in rings and gangs. Technical experts engraved the bogus plates — commonly in basements in New York City.
Smooth confidence men passed large wads of high-quality, high-denom-ination fakes, including the really sophisticated stuff — government bonds, stock certificates, and railway shares. Cheaper, botched fakes were sold or sharewared to low-level gangs of boodler wannabes. (The really cheesy lowlife boodlers merely upgraded real bills by altering face values, changing ones to fives, tens to hundreds, and so on.) The techniques of boodling were little-known and regarded with a certain awe by the mid-nineteenth-century public. The ability to manipulate the system for rip-off seemed diabolically clever. As the skill and daring of the boodlers increased, the situation became intolerable. The federal government stepped in, and began offering its own federal currency, which was printed in fancy green ink, but only on the back — the original "greenbacks." And at first, the improved security of the well-designed, well-printed federal greenbacks seemed to solve the problem; but then the counterfeiters caught on. Within a few years things were worse than ever: a centralized system where all security was bad!
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 7 8
The local police were helpless. The Government tried offering blood money to potential informants, but this met with little success. Banks, plagued by boodling, gave up hope of police help and hired private security men instead. Merchants and bankers queued up by the thousands to buy privately-printed manuals on currency security, slim little books like Laban Heath's Infallible Government Counterfeit Detector. The back of the book offered Laban Heath's patent microscope for five bucks.
Then the Secret Service entered the picture. The first agents were a rough and ready crew. Their chief was one William P. Wood, a former guerilla in the Mexican War who'd won a reputation busting contractor fraudsters for the War Department during the Civil War. Wood, who was also Keeper of the Capital Prison, had a sideline as a counterfeiting expert, bagging boodlers for the federal bounty money.
Wood was named Chief of the new Secret Service in July 1865. There were only ten Secret Service agents in all: Wood himself, a handful who'd worked for him in the War Department, and a few former private investigators — counterfeiting experts — whom Wood had won over to public service. (The Secret Service of 1865 was much the size of the Chicago Computer Fraud Task Force or the Arizona Racketeering Unit of 1990.) These ten "Operatives" had an additional twenty or so "Assistant Operatives" and "Informants." Besides salary and per diem, each Secret Service employee received a whopping twenty-five dollars for each boodler he captured.
Wood himself publicly estimated that at least half of America's currency was counterfeit, a perhaps pardonable perception. Within a year the Secret Service had arrested over 200 counterfeiters. They busted about two hundred boodlers a year for four years straight.
Wood attributed his success to travelling fast and light, hitting the bad-guys hard, and avoiding bureaucratic baggage. "Because my raids were made without military escort and I did not ask the assistance of state officers, I surprised the professional counterfeiter."
Wood's social message to the once-impudent boodlers bore an eerie ring B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 7 9
of Sundevil: "It was also my purpose to convince such characters that it would no longer be healthy for them to ply their vocation without being handled roughly, a fact they soon discovered."
William P. Wood, the Secret Service's guerilla pioneer, did not end well.
He succumbed to the lure of aiming for the really big score. The notorious Brockway Gang of New York City, headed by William E. Brockway, the "King of the Counterfeiters," had forged a number of government bonds. They'd passed these brilliant fakes on the prestigious Wall Street investment firm of Jay Cooke and Company. The Cooke firm were frantic and offered a huge reward for the forgers' plates.
Laboring diligently, Wood confiscated the plates (though not Mr.
Brockway) and claimed the reward. But the Cooke company treacherously reneged. Wood got involved in a down-and-dirty lawsuit with the Cooke capitalists. Wood's boss, Secretary of the Treasury McCulloch, felt that Wood's demands for money and glory were unseemly, and even when the reward money finally came through, McCulloch refused to pay Wood anything. Wood found himself mired in a seemingly endless round of federal suits and Congressional lobbying.
Wood never got his money. And he lost his job to boot. He resigned in 1869.
Wood's agents suffered, too. On May 12, 1869, the second Chief of the Secret Service took over, and almost immediately fired most of Wood's pioneer Secret Service agents: Operatives, Assistants and Informants alike. The practice of receiving $25 per crook was abolished. And the Secret Service began the long, uncertain process of thorough profes-sionalization.
Wood ended badly. He must have felt stabbed in the back. In fact his entire organization was mangled.
On the other hand, William P. Wood was the first head of the Secret Service. William Wood was the pioneer. People still honor his name.
Who remembers the name of the second head of the Secret Service?
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 8 0
As for William Brockway (also known as "Colonel Spencer"), he was finally arrested by the Secret Service in 1880. He did five years in prison, got out, and was still boodling at the age of seventy-four.
_____
Anyone with an interest in Operation Sundevil — or in American computer-crime generally — could scarcely miss the presence of Gail Thackeray, Assistant Attorney General of the State of Arizona.
Computer-crime training manuals often cited Thackeray's group and her work; she was the highest-ranking state official to specialize in computer-related offenses. Her name had been on the Sundevil press release (though modestly ranked well after the local federal prosecuting attorney and the head of the Phoenix Secret Service office).
As public commentary, and controversy, began to mount about the Hacker Crackdown, this Arizonan state official began to take a higher and higher public profile. Though uttering almost nothing specific about the Sundevil operation itself, she coined some of the most striking sound-bites of the growing propaganda war: "Agents are operating in good faith, and I don't think you can say that for the hacker community," was one. Another was the memorable "I am not a mad dog prosecutor"
(*Houston Chronicle,* Sept 2, 1990.) In the meantime, the Secret Service maintained its usual extreme discretion; the Chicago Unit, smarting from the backlash of the Steve Jackson scandal, had gone completely to earth.
As I collated my growing pile of newspaper clippings, Gail Thackeray ranked as a comparative fount of public knowledge on police operations.
I decided that I had to get to know Gail Thackeray. I wrote to her at the Arizona Attorney General's Office. Not only did she kindly reply to me, but, to my astonishment, she knew very well what "cyberpunk" science fiction was.
Shortly after this, Gail Thackeray lost her job. And I temporarily mis-placed my own career as a science-fiction writer, to become a full-time computer-crime journalist. In early March, 1991, I flew to Phoenix, Arizona, to interview Gail Thackeray for my book on the hacker crack-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 8 1
down.
_____
"Credit cards didn't used to cost anything to get," says Gail Thackeray.
"Now they cost forty bucks — and that's all just to cover the costs from
rip-off artists."
Electronic nuisance criminals are parasites. One by one they're not much harm, no big deal. But they never come just one by one. They come in swarms, heaps, legions, sometimes whole subcultures. And they bite. Every time we buy a credit card today, we lose a little financial vitality to a particular species of bloodsucker.
What, in her expert opinion, are the worst forms of electronic crime, I ask, consulting my notes. Is it — credit card fraud? Breaking into ATM
bank machines? Phone-phreaking? Computer intrusions? Software viruses? Access-code theft? Records tampering? Software piracy?
Pornographic bulletin boards? Satellite TV piracy? Theft of cable service? It's a long list. By the time I reach the end of it I feel rather depressed.
"Oh no," says Gail Thackeray, leaning forward over the table, her whole body gone stiff with energetic indignation, "the biggest damage is telephone fraud. Fake sweepstakes, fake charities. Boiler-room con operations. You could pay off the national debt with what these guys steal....
They target old people, they get hold of credit ratings and demographics, they rip off the old and the weak." The words come tumbling out of her.
It's low-tech stuff, your everyday boiler-room fraud. Grifters, conning people out of money over the phone, have been around for decades.
This is where the word "phony" came from!
It's just that it's so much easier now, horribly facilitated by advances in technology and the byzantine structure of the modern phone system. The same professional fraudsters do it over and over, Thackeray tells me, they hide behind dense onion-shells of fake companies.... fake holding corporations nine or ten layers deep, registered all over the map. They get a phone installed under a false name in an empty safe-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 8 2
house. And then they call-forward everything out of that phone to yet another phone, a phone that may even be in another state. And they don't even pay the charges on their phones; after a month or so, they just split. Set up somewhere else in another Podunkville with the same seedy crew of veteran phone-crooks. They buy or steal commercial credit card reports, slap them on the PC, have a program pick out people over sixty-five who pay a lot to charities. A whole subculture living off this, merciless folks on the con.
"The 'lightbulbs for the blind' people," Thackeray muses, with a special loathing. "There's just no end to them."
We're sitting in a downtown diner in Phoenix, Arizona. It's a tough town, Phoenix. A state capital seeing some hard times. Even to a Texan like myself, Arizona state politics seem rather baroque. There was, and remains, endless trouble over the Martin Luther King holiday, the sort of stiff-necked, foot-shooting incident for which Arizona politics seem famous. There was Evan Mecham, the eccentric Republican millionaire governor who was impeached, after reducing state government to a ludi-crous shambles. Then there was the national Keating scandal, involving Arizona savings and loans, in which both of Arizona's U.S. senators, DeConcini and McCain, played sadly prominent roles.
And the very latest is the bizarre AzScam case, in which state legislators were videotaped, eagerly taking cash from an informant of the Phoenix city police department, who was posing as a Vegas mobster.
"Oh," says Thackeray cheerfully. "These people are amateurs here, they thought they were finally getting to play with the big boys. They don't have the least idea how to take a bribe! It's not institutional corruption.
It's not like back in Philly."
Gail Thackeray was a former prosecutor in Philadelphia. Now she's a former assistant attorney general of the State of Arizona. Since moving to Arizona in 1986, she had worked under the aegis of Steve Twist, her boss in the Attorney General's office. Steve Twist wrote Arizona's pioneering computer crime laws and naturally took an interest in seeing them enforced. It was a snug niche, and Thackeray's Organized Crime and B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 8 3
Racketeering Unit won a national reputation for ambition and technical knowledgeability.... Until the latest election in Arizona. Thackeray's boss ran for the top job, and lost. The victor, the new Attorney General, apparently went to some pains to eliminate the bureaucratic traces of his rival, including his pet group — Thackeray's group. Twelve people got their walking papers.
Now Thackeray's painstakingly assembled computer lab sits gathering dust somewhere in the glass-and-concrete Attorney General's HQ on 1275 Washington Street. Her computer-crime books, her painstakingly garnered back issues of phreak and hacker zines, all bought at her own expense — are piled in boxes somewhere. The State of Arizona is simply not particularly interested in electronic racketeering at the moment.
At the moment of our interview, Gail Thackeray, officially unemployed, is working out of the county sheriff's office, living on her savings, and prosecuting several cases — working 60-hour weeks, just as always —
for no pay at all. "I'm trying to train people," she mutters.
Half her life seems to be spent training people — merely pointing out, to the naive and incredulous (such as myself) that this stuff is actually going on out there. It's a small world, computer crime. A young world.
Gail Thackeray, a trim blonde Baby-Boomer who favors Grand Canyon white-water rafting to kill some slow time, is one of the world's most senior, most veteran "hacker-trackers." Her mentor was Donn Parker, the California think-tank theorist who got it all started 'way back in the mid-70s, the "grandfather of the field," "the great bald eagle of computer crime."
And what she has learned, Gail Thackeray teaches. Endlessly. Tirelessly.
To anybody. To Secret Service agents and state police, at the Glynco, Georgia federal training center. To local police, on "roadshows" with her slide projector and notebook. To corporate security personnel. To journalists. To parents.
Even crooks look to Gail Thackeray for advice. Phone-phreaks call her at the office. They know very well who she is. They pump her for B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 8 4
information on what the cops are up to, how much they know. Sometimes whole crowds of phone phreaks, hanging out on illegal conference calls, will call Gail Thackeray up. They taunt her. And, as always, they boast. Phone-phreaks, real stone phone-phreaks, simply cannot shut up. They natter on for hours.
Left to themselves, they mostly talk about the intricacies of ripping-off phones; it's about as interesting as listening to hot-rodders talk about suspension and distributor-caps. They also gossip cruelly about each other. And when talking to Gail Thackeray, they incriminate themselves. "I have tapes," Thackeray says coolly.
Phone phreaks just talk like crazy. "Dial-Tone" out in Alabama has been known to spend half-an- hour simply reading stolen phone-codes aloud into voice-mail answering machines. Hundreds, thousands of numbers, recited in a monotone, without a break — an eerie phenomenon. When arrested, it's a rare phone phreak who doesn't inform at endless length on everybody he knows.
Hackers are no better. What other group of criminals, she asks rhetor-ically, publishes newsletters and holds conventions? She seems deeply nettled by the sheer brazenness of this behavior, though to an outsider, this activity might make one wonder whether hackers should be considered "criminals" at all. Skateboarders have magazines, and they trespass a lot. Hot rod people have magazines and they break speed limits and sometimes kill people....
I ask her whether it would be any loss to society if phone phreaking and computer hacking, as hobbies, simply dried up and blew away, so that nobody ever did it again.
She seems surprised. "No," she says swiftly. "Maybe a little... in the old days... the MIT stuff... But there's a lot of wonderful, legal stuff you can do with computers now, you don't have to break into somebody else's just to learn. You don't have that excuse. You can learn all you like."
Did you ever hack into a system? I ask.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 8 5
The trainees do it at Glynco. Just to demonstrate system vulnerabilities.
She's cool to the notion. Genuinely indifferent.
"What kind of computer do you have?"
"A Compaq 286LE," she mutters.
"What kind do you wish you had?"
At this question, the unmistakable light of true hackerdom flares in Gail Thackeray's eyes. She becomes tense, animated, the words pour out:
"An Amiga 2000 with an IBM card and Mac emulation! The most common hacker machines are Amigas and Commodores. And Apples." If she had the Amiga, she enthuses, she could run a whole galaxy of seized computer-evidence disks on one convenient multifunctional machine. A cheap one, too. Not like the old Attorney General lab, where they had an ancient CP/M machine, assorted Amiga flavors and Apple flavors, a couple IBMS, all the utility software... but no Commodores. The worksta-tions down at the Attorney General's are Wang dedicated word-processors. Lame machines tied in to an office net — though at least they get on-line to the Lexis and Westlaw legal data services.
I don't say anything. I recognize the syndrome, though. This computer-fever has been running through segments of our society for years now.
It's a strange kind of lust: K-hunger, Meg-hunger; but it's a shared dis-ease; it can kill parties dead, as conversation spirals into the deepest and most deviant recesses of software releases and expensive peripherals.... The mark of the hacker beast. I have it too. The whole "electronic community," whatever the hell that is, has it. Gail Thackeray has it.
Gail Thackeray is a hacker cop. My immediate reaction is a strong rush of indignant pity: why doesn't somebody buy this woman her Amiga?!
It's not like she's asking for a Cray X-MP supercomputer mainframe; an Amiga's a sweet little cookie-box thing. We're losing zillions in organized fraud; prosecuting and defending a single hacker case in court can cost a hundred grand easy. How come nobody can come up with four lousy grand so this woman can do her job? For a hundred grand we could buy every computer cop in America an Amiga. There aren't that many of
'em.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 8 6
Computers. The lust, the hunger, for computers. The loyalty they inspire, the intense sense of possessiveness. The culture they have bred. I myself am sitting in downtown Phoenix, Arizona because it suddenly occurred to me that the police might — just might — come and take away my computer. The prospect of this, the mere implied threat, was unbearable. It literally changed my life. It was changing the lives of many others. Eventually it would change everybody's life.
Gail Thackeray was one of the top computer-crime people in America.
And I was just some novelist, and yet I had a better computer than hers.
Practically everybody I knew had a better computer than Gail Thackeray and her feeble laptop 286. It was like sending the sheriff in to clean up Dodge City and arming her with a slingshot cut from an old rubber tire.
But then again, you don't need a howitzer to enforce the law. You can do a lot just with a badge. With a badge alone, you can basically wreak havoc, take a terrible vengeance on wrongdoers. Ninety percent of "computer crime investigation" is just "crime investigation:" names, places, dossiers, modus operandi, search warrants, victims, complainants, informants...
What will computer crime look like in ten years? Will it get better?
Did "Sundevil" send 'em reeling back in confusion?
It'll be like it is now, only worse, she tells me with perfect conviction.
Still there in the background, ticking along, changing with the times: the criminal underworld. It'll be like drugs are. Like our problems with alcohol. All the cops and laws in the world never solved our problems with alcohol. If there's something people want, a certain percentage of them are just going to take it. Fifteen percent of the populace will never steal. Fifteen percent will steal most anything not nailed down. The battle is for the hearts and minds of the remaining seventy percent.
And criminals catch on fast. If there's not "too steep a learning curve"
— if it doesn't require a baffling amount of expertise and practice —
then criminals are often some of the first through the gate of a new B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 8 7
technology. Especially if it helps them to hide. They have tons of cash, criminals. The new communications tech — like pagers, cellular phones, faxes, Federal Express — were pioneered by rich corporate people, and by criminals. In the early years of pagers and beepers, dope dealers were so enthralled this technology that owing a beeper was practically prima facie evidence of cocaine dealing. CB radio exploded when the speed limit hit 55 and breaking the highway law became a national pastime. Dope dealers send cash by Federal Express, despite, or perhaps because of, the warnings in FedEx offices that tell you never to try this. Fed Ex uses X-rays and dogs on their mail, to stop drug shipments. That doesn't work very well.
Drug dealers went wild over cellular phones. There are simple methods of faking ID on cellular phones, making the location of the call mobile, free of charge, and effectively untraceable. Now victimized cellular companies routinely bring in vast toll-lists of calls to Colombia and Pakistan.
Judge Greene's fragmentation of the phone company is driving law enforcement nuts. Four thousand telecommunications companies. Fraud skyrocketing. Every temptation in the world available with a phone and a credit card number. Criminals untraceable. A galaxy of "new neat rotten things to do."
If there were one thing Thackeray would like to have, it would be an effective legal end-run through this new fragmentation minefield.
It would be a new form of electronic search warrant, an "electronic letter of marque" to be issued by a judge. It would create a new category of
"electronic emergency." Like a wiretap, its use would be rare, but it would cut across state lines and force swift cooperation from all concerned. Cellular, phone, laser, computer network, PBXes, AT&T, Baby Bells, long-distance entrepreneurs, packet radio. Some document, some mighty court-order, that could slice through four thousand separate forms of corporate red-tape, and get her at once to the source of calls, the source of email threats and viruses, the sources of bomb threats, kidnapping threats. "From now on," she says, "the Lindberg baby will always die."
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 8 8
Something that would make the Net sit still, if only for a moment.
Something that would get her up to speed. Seven league boots. That's what she really needs. "Those guys move in nanoseconds and I'm on the Pony Express."
And then, too, there's the coming international angle. Electronic crime has never been easy to localize, to tie to a physical jurisdiction. And phone-phreaks and hackers loathe boundaries, they jump them whenever they can. The English. The Dutch. And the Germans, especially the ubiquitous Chaos Computer Club. The Australians. They've all learned phone-phreaking from America. It's a growth mischief industry. The multinational networks are global, but governments and the police simply aren't. Neither are the laws. Or the legal frameworks for citizen protection.
One language is global, though — English. Phone phreaks speak English; it's their native tongue even if they're Germans. English may have started in England but now it's the Net language; it might as well be called "CNNese."
Asians just aren't much into phone phreaking. They're the world masters at organized software piracy. The French aren't into phone-phreaking either. The French are into computerized industrial espionage.
In the old days of the MIT righteous hackerdom, crashing systems didn't hurt anybody. Not all that much, anyway. Not permanently. Now the players are more venal. Now the consequences are worse. Hacking will begin killing people soon. Already there are methods of stacking calls onto 911 systems, annoying the police, and possibly causing the death of some poor soul calling in with a genuine emergency. Hackers in Amtrak computers, or air-traffic control computers, will kill somebody someday. Maybe a lot of people. Gail Thackeray expects it.
And the viruses are getting nastier. The "Scud" virus is the latest one out. It wipes hard-disks.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 8 9
According to Thackeray, the idea that phone-phreaks are Robin Hoods is a fraud. They don't deserve this repute. Basically, they pick on the weak. AT&T now protects itself with the fearsome ANI (Automatic Number Identification) trace capability. When AT&T wised up and tightened security generally, the phreaks drifted into the Baby Bells.
The Baby Bells lashed out in 1989 and 1990, so the phreaks switched to smaller long-distance entrepreneurs. Today, they are moving into locally owned PBXes and voice-mail systems, which are full of security holes, dreadfully easy to hack. These victims aren't the moneybags Sheriff of Nottingham or Bad King John, but small groups of innocent people who find it hard to protect themselves, and who really suffer from these depredations. Phone phreaks pick on the weak. They do it for power. If it were legal, they wouldn't do it. They don't want service, or knowledge, they want the thrill of power-tripping. There's plenty of knowledge or service around, if you're willing to pay. Phone phreaks don't pay, they steal. It's because it is illegal that it feels like power, that it gratifies their vanity.
I leave Gail Thackeray with a handshake at the door of her office building
— a vast International-Style office building downtown. The Sheriff's office is renting part of it. I get the vague impression that quite a lot of the building is empty — real estate crash.
In a Phoenix sports apparel store, in a downtown mall, I meet the "Sun Devil" himself. He is the cartoon mascot of Arizona State University, whose football stadium, "Sundevil," is near the local Secret Service HQ
— hence the name Operation Sundevil. The Sun Devil himself is named
"Sparky." Sparky the Sun Devil is maroon and bright yellow, the school colors. Sparky brandishes a three-tined yellow pitchfork. He has a small mustache, pointed ears, a barbed tail, and is dashing forward jab-bing the air with the pitchfork, with an expression of devilish glee.
Phoenix was the home of Operation Sundevil. The Legion of Doom ran a hacker bulletin board called "The Phoenix Project." An Australian hacker named "Phoenix" once burrowed through the Internet to attack Cliff Stoll, then bragged and boasted about it to The New York Times.
This net of coincidence is both odd and meaningless.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 9 0
The headquarters of the Arizona Attorney General, Gail Thackeray's former workplace, is on 1275 Washington Avenue. Many of the downtown streets in Phoenix are named after prominent American presidents: Washington, Jefferson, Madison....
After dark, all the employees go home to their suburbs. Washington, Jefferson and Madison — what would be the Phoenix inner city, if there were an inner city in this sprawling automobile-bred town — become the haunts of transients and derelicts. The homeless. The sidewalks along Washington are lined with orange trees. Ripe fallen fruit lies scattered like croquet balls on the sidewalks and gutters. No one seems to be eating them. I try a fresh one. It tastes unbearably bitter.
The Attorney General's office, built in 1981 during the Babbitt administration, is a long low two-story building of white cement and wall-sized sheets of curtain-glass. Behind each glass wall is a lawyer's office, quite open and visible to anyone strolling by. Across the street is a dour government building labelled simply ECONOMIC SECURITY, something that has not been in great supply in the American Southwest lately.
The offices are about twelve feet square. They feature tall wooden cases full of red-spined lawbooks; Wang computer monitors; telephones; Post-it notes galore. Also framed law diplomas and a general excess of bad Western landscape art. Ansel Adams photos are a big favorite, perhaps to compensate for the dismal specter of the parking-lot, two acres of striped black asphalt, which features gravel landscaping and some sickly-looking barrel cacti.
It has grown dark. Gail Thackeray has told me that the people who work late here, are afraid of muggings in the parking lot. It seems cruelly ironic that a woman tracing electronic racketeers across the interstate labyrinth of Cyberspace should fear an assault by a homeless derelict in the parking lot of her own workplace.
Perhaps this is less than coincidence. Perhaps these two seemingly disparate worlds are somehow generating one another. The poor and disen-franchised take to the streets, while the rich and computer-equipped, B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 9 1
safe in their bedrooms, chatter over their modems. Quite often the derelicts kick the glass out and break in to the lawyers' offices, if they see something they need or want badly enough.
I cross the parking lot to the street behind the Attorney General's office.
A pair of young tramps are bedding down on flattened sheets of cardboard, under an alcove stretching over the sidewalk. One tramp wears a glitter-covered T-shirt reading "CALIFORNIA" in Coca-Cola cursive.
His nose and cheeks look chafed and swollen; they glisten with what seems to be Vaseline. The other tramp has a ragged long-sleeved shirt and lank brown hair parted in the middle. They both wear blue jeans coated in grime. They are both drunk.
"You guys crash here a lot?" I ask them.
They look at me warily. I am wearing black jeans, a black pinstriped suit jacket and a black silk tie. I have odd shoes and a funny haircut.
"It's our first time here," says the red-nosed tramp unconvincingly.
There is a lot of cardboard stacked here. More than any two people could use.
"We usually stay at the Vinnie's down the street," says the brown-haired tramp, puffing a Marlboro with a meditative air, as he sprawls with his head on a blue nylon backpack. "The Saint Vincent's."
"You know who works in that building over there?" I ask, pointing.
The brown-haired tramp shrugs. "Some kind of attorneys, it says."
` We urge one another to take it easy. I give them five bucks.
A block down the street I meet a vigorous workman who is wheeling along some kind of industrial trolley; it has what appears to be a tank of propane on it.
We make eye contact. We nod politely. I walk past him. "Hey! Excuse me sir!" he says.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 9 2
"Yes?" I say, stopping and turning.
"Have you seen," the guy says rapidly, "a black guy, about 6'7", scars on both his cheeks like this —" he gestures — "wears a black baseball cap on backwards, wandering around here anyplace?"
"Sounds like I don't much want to meet him," I say.
"He took my wallet," says my new acquaintance. "Took it this morning.
Y'know, some people would be scared of a guy like that. But I'm not scared. I'm from Chicago. I'm gonna hunt him down. We do things like that in Chicago."
"Yeah?"
"I went to the cops and now he's got an APB out on his ass," he says with satisfaction. "You run into him, you let me know."
"Okay," I say. "What is your name, sir?"
"Stanley...."
"And how can I reach you?"
"Oh," Stanley says, in the same rapid voice, "you don't have to reach, uh, me. You can just call the cops. Go straight to the cops." He reaches into a pocket and pulls out a greasy piece of pasteboard. "See, here's my report on him."
I look. The "report," the size of an index card, is labelled PRO-ACT: Phoenix Residents Opposing Active Crime Threat.... or is it Organized Against Crime Threat? In the darkening street it's hard to read. Some kind of vigilante group? Neighborhood watch? I feel very puzzled.
"Are you a police officer, sir?"
He smiles, seems very pleased by the question.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 9 3
"No," he says.
` "But you are a 'Phoenix Resident?'"
"Would you believe a homeless person," Stanley says.
"Really? But what's with the..." For the first time I take a close look at Stanley's trolley. It's a rubber-wheeled thing of industrial metal, but the device I had mistaken for a tank of propane is in fact a water-cooler.
Stanley also has an Army duffel-bag, stuffed tight as a sausage with clothing or perhaps a tent, and, at the base of his trolley, a cardboard box and a battered leather briefcase.
"I see," I say, quite at a loss. For the first time I notice that Stanley has a wallet. He has not lost his wallet at all. It is in his back pocket and chained to his belt. It's not a new wallet. It seems to have seen a lot of wear.
"Well, you know how it is, brother," says Stanley. Now that I know that he is homeless — a possible threat — my entire perception of him has changed in an instant. His speech, which once seemed just bright and enthusiastic, now seems to have a dangerous tang of mania. "I have to do this!" he assures me. "Track this guy down... It's a thing I do... you know... to keep myself together!" He smiles, nods, lifts his trolley by its decaying rubber handgrips.
"Gotta work together, y'know, " Stanley booms, his face alight with cheerfulness, "the police can't do everything!"
The gentlemen I met in my stroll in downtown Phoenix are the only computer illiterates in this book. To regard them as irrelevant, however, would be a grave mistake.
As computerization spreads across society, the populace at large is subjected to wave after wave of future shock. But, as a necessary converse, the "computer community" itself is subjected to wave after wave of incoming computer illiterates. How will those currently enjoying B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 9 4
America's digital bounty regard, and treat, all this teeming refuse yearning to breathe free? Will the electronic frontier be another Land of Opportunity — or an armed and monitored enclave, where the disen-franchised snuggle on their cardboard at the locked doors of our houses of justice?
Some people just don't get along with computers. They can't read. They can't type. They just don't have it in their heads to master arcane instructions in wirebound manuals. Somewhere, the process of computerization of the populace will reach a limit. Some people — quite decent people maybe, who might have thrived in any other situation —
will be left irretrievably outside the bounds. What's to be done with these people, in the bright new shiny electroworld? How will they be regarded, by the mouse-whizzing masters of cyberspace? With contempt? Indifference? Fear?
In retrospect, it astonishes me to realize how quickly poor Stanley became a perceived threat. Surprise and fear are closely allied feelings.
And the world of computing is full of surprises.
I met one character in the streets of Phoenix whose role in those book is supremely and directly relevant. That personage was Stanley's giant thieving scarred phantom. This phantasm is everywhere in this book.
He is the specter haunting cyberspace.
Sometimes he's a maniac vandal ready to smash the phone system for no sane reason at all. Sometimes he's a fascist fed, coldly programming his mighty mainframes to destroy our Bill of Rights. Sometimes he's a telco bureaucrat, covertly conspiring to register all modems in the service of an Orwellian surveillance regime. Mostly, though, this fearsome phantom is a "hacker." He's strange, he doesn't belong, he's not authorized, he doesn't smell right, he's not keeping his proper place, he's not one of us. The focus of fear is the hacker, for much the same reasons that Stanley's fancied assailant is black.
Stanley's demon can't go away, because he doesn't exist. Despite single-minded and tremendous effort, he can't be arrested, sued, jailed, or fired. The only constructive way to do anything about him is to learn B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 9 5
more about Stanley himself. This learning process may be repellent, it may be ugly, it may involve grave elements of paranoiac confusion, but it's necessary. Knowing Stanley requires something more than class-crossing condescension. It requires more than steely legal objectivity.
It requires human compassion and sympathy.
To know Stanley is to know his demon. If you know the other guy's demon, then maybe you'll come to know some of your own. You'll be able to separate reality from illusion. And then you won't do your cause, and yourself, more harm than good. Like poor damned Stanley from Chicago did.
_____
The Federal Computer Investigations Committee (FCIC) is the most important and influential organization in the realm of American computer-crime. Since the police of other countries have largely taken their computer-crime cues from American methods, the FCIC might well be called the most important computer crime group in the world.
It is also, by federal standards, an organization of great unorthodoxy.
State and local investigators mix with federal agents. Lawyers, financial auditors and computer-security programmers trade notes with street cops. Industry vendors and telco security people show up to explain their gadgetry and plead for protection and justice. Private investigators, think-tank experts and industry pundits throw in their two cents' worth. The FCIC is the antithesis of a formal bureaucracy.
Members of the FCIC are obscurely proud of this fact; they recognize their group as aberrant, but are entirely convinced that this, for them, outright weird behavior is nevertheless absolutely necessary to get their jobs done.
FCIC regulars — from the Secret Service, the FBI, the IRS, the Department of Labor, the offices of federal attorneys, state police, the Air Force, from military intelligence — often attend meetings, held hither and thither across the country, at their own expense. The FCIC
doesn't get grants. It doesn't charge membership fees. It doesn't have a boss. It has no headquarters — just a mail drop in Washington DC, at the B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 9 6
Fraud Division of the Secret Service. It doesn't have a budget. It doesn't have schedules. It meets three times a year — sort of. Sometimes it issues publications, but the FCIC has no regular publisher, no treasur-er, not even a secretary. There are no minutes of FCIC meetings. Non-federal people are considered "non-voting members," but there's not much in the way of elections. There are no badges, lapel pins or certificates of membership. Everyone is on a first-name basis. There are about forty of them. Nobody knows how many, exactly. People come, people go — sometimes people "go" formally but still hang around anyway. Nobody has ever exactly figured out what "membership" of this
"Committee" actually entails.
Strange as this may seem to some, to anyone familiar with the social world of computing, the "organization" of the FCIC is very recognizable.
For years now, economists and management theorists have speculated that the tidal wave of the information revolution would destroy rigid, pyramidal bureaucracies, where everything is top-down and centrally controlled. Highly trained "employees" would take on much greater autonomy, being self-starting, and self-motivating, moving from place to place, task to task, with great speed and fluidity. "Ad-hocracy" would rule, with groups of people spontaneously knitting together across organizational lines, tackling the problem at hand, applying intense computer-aided expertise to it, and then vanishing whence they came.
This is more or less what has actually happened in the world of federal computer investigation. With the conspicuous exception of the phone companies, which are after all over a hundred years old, practically
every organization that plays any important role in this book functions just like the FCIC. The Chicago Task Force, the Arizona Racketeering Unit, the Legion of Doom, the Phrack crowd, the Electronic Frontier Foundation — they all look and act like "tiger teams" or
"user's groups." They are all electronic ad-hocracies leaping up spontaneously to attempt to meet a need.
Some are police. Some are, by strict definition, criminals. Some are political interest-groups. But every single group has that same quality of apparent spontaneity — "Hey, gang! My uncle's got a barn — let's put B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 9 7
on a show!"
Every one of these groups is embarrassed by this "amateurism," and, for the sake of their public image in a world of non-computer people, they all attempt to look as stern and formal and impressive as possible.
These electronic frontier-dwellers resemble groups of nineteenth-century pioneers hankering after the respectability of statehood. There are however, two crucial differences in the historical experience of these
"pioneers" of the nineteeth and twenty-first centuries.
First, powerful information technology does play into the hands of small, fluid, loosely organized groups. There have always been "pioneers," "hobbyists," "amateurs," "dilettantes," "volunteers," "movements," "users' groups" and "blue-ribbon panels of experts" around.
But a group of this kind — when technically equipped to ship huge amounts of specialized information, at lightning speed, to its members, to government, and to the press — is simply a different kind of animal.
It's like the difference between an eel and an electric eel.
The second crucial change is that American society is currently in a state approaching permanent technological revolution. In the world of computers particularly, it is practically impossible to ever stop being a "pioneer," unless you either drop dead or deliberately jump off the bus. The scene has never slowed down enough to become well-insti-tutionalized. And after twenty, thirty, forty years the "computer revolution" continues to spread, to permeate new corners of society.
Anything that really works is already obsolete.
If you spend your entire working life as a "pioneer," the word "pioneer"
begins to lose its meaning. Your way of life looks less and less like an introduction to "something else" more stable and organized, and more and more like just the way things are. A "permanent revolution" is really a contradiction in terms. If "turmoil" lasts long enough, it simply becomes a new kind of society — still the same game of history, but new players, new rules.
Apply this to the world of late twentieth-century law enforcement, and the implications are novel and puzzling indeed. Any bureaucratic ruleB R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 9 8
book you write about computer-crime will be flawed when you write it, and almost an antique by the time it sees print. The fluidity and fast reactions of the FCIC give them a great advantage in this regard, which explains their success. Even with the best will in the world (which it does not, in fact, possess) it is impossible for an organization the size of the U.S. Federal Bureau of Investigation to get up to speed on the theory and practice of computer crime. If they tried to train all their agents to do this, it would be suicidal, as they would never be able to do anything else.
The FBI does try to train its agents in the basics of electronic crime, at their base in Quantico, Virginia. And the Secret Service, along with many other law enforcement groups, runs quite successful and well-attended training courses on wire fraud, business crime, and computer intrusion at the Federal Law Enforcement Training Center (FLETC, pronounced "fletsy") in Glynco, Georgia. But the best efforts of these bureaucracies does not remove the absolute need for a "cutting-edge mess" like the FCIC.
For you see — the members of FCIC are the trainers of the rest of law enforcement. Practically and literally speaking, they are the Glynco computer-crime faculty by another name. If the FCIC went over a cliff on a bus, the U.S. law enforcement community would be rendered deaf dumb and blind in the world of computer crime, and would swiftly feel a desperate need to reinvent them. And this is no time to go starting from scratch.
On June 11, 1991, I once again arrived in Phoenix, Arizona, for the latest meeting of the Federal Computer Investigations Committee. This was more or less the twentieth meeting of this stellar group. The count was uncertain, since nobody could figure out whether to include the meetings of "the Colluquy," which is what the FCIC was called in the mid-1980s before it had even managed to obtain the dignity of its own acronym.
Since my last visit to Arizona, in May, the local AzScam bribery scandal had resolved itself in a general muddle of humiliation. The Phoenix chief of police, whose agents had videotaped nine state legislators up to B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
1 9 9
no good, had resigned his office in a tussle with the Phoenix city council over the propriety of his undercover operations.
The Phoenix Chief could now join Gail Thackeray and eleven of her closest associates in the shared experience of politically motivated unemployment. As of June, resignations were still continuing at the Arizona Attorney General's office, which could be interpreted as either a New Broom Sweeping Clean or a Night of the Long Knives Part II, depending on your point of view.
The meeting of FCIC was held at the Scottsdale Hilton Resort. Scottsdale is a wealthy suburb of Phoenix, known as "Scottsdull" to scoffing local trendies, but well-equipped with posh shopping-malls and manicured lawns, while conspicuously undersupplied with homeless derelicts. The Scottsdale Hilton Resort was a sprawling hotel in postmodern crypto-Southwestern style. It featured a "mission bell tower" plated in turquoise tile and vaguely resembling a Saudi minaret.
Inside it was all barbarically striped Santa Fe Style decor. There was a health spa downstairs and a large oddly-shaped pool in the patio. A poolside umbrella-stand offered Ben and Jerry's politically correct Peace Pops.
I registered as a member of FCIC, attaining a handy discount rate, then went in search of the Feds. Sure enough, at the back of the hotel grounds came the unmistakable sound of Gail Thackeray holding forth.
Since I had also attended the Computers Freedom and Privacy conference (about which more later), this was the second time I had seen Thackeray in a group of her law enforcement colleagues. Once again I was struck by how simply pleased they seemed to see her. It was natural that she'd get some attention, as Gail was one of two women in a group of some thirty men; but there was a lot more to it than that.
Gail Thackeray personifies the social glue of the FCIC. They could give a damn about her losing her job with the Attorney General. They were sorry about it, of course, but hell, they'd all lost jobs. If they were the kind of guys who liked steady boring jobs, they would never have gotten B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 0 0
into computer work in the first place.
I wandered into her circle and was immediately introduced to five strangers. The conditions of my visit at FCIC were reviewed. I would not quote anyone directly. I would not tie opinions expressed to the agencies of the attendees. I would not (a purely hypothetical example) report the conversation of a guy from the Secret Service talking quite civilly to a guy from the FBI, as these two agencies never talk to each other, and the IRS (also present, also hypothetical) never talks to anybody.
Worse yet, I was forbidden to attend the first conference. And I didn't. I have no idea what the FCIC was up to behind closed doors that afternoon. I rather suspect that they were engaging in a frank and thorough confession of their errors, goof-ups and blunders, as this has been a feature of every FCIC meeting since their legendary Memphis beer-bust of 1986.
Perhaps the single greatest attraction of FCIC is that it is a place where you can go, let your hair down, and completely level with people who actually comprehend what you are talking about. Not only do they understand you, but they really pay attention, they are grateful for your insights, and they forgive you, which in nine cases out of ten is something even your boss can't do, because as soon as you start talking
"ROM," "BBS," or "T-1 trunk," his eyes glaze over.
I had nothing much to do that afternoon. The FCIC were beavering away in their conference room. Doors were firmly closed, windows too dark to peer through. I wondered what a real hacker, a computer intruder, would do at a meeting like this.
The answer came at once. He would "trash" the place. Not reduce the place to trash in some orgy of vandalism; that's not the use of the term in the hacker milieu. No, he would quietly empty the trash baskets
and silently raid any valuable data indiscreetly thrown away.
Journalists have been known to do this. (Journalists hunting information have been known to do almost every single unethical thing that hackers have ever done. They also throw in a few awful techniques all their own.) The legality of 'trashing' is somewhat dubious but it is not B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 0 1
in fact flagrantly illegal. It was, however, absurd to contemplate trashing the FCIC. These people knew all about trashing. I wouldn't last fifteen seconds.
The idea sounded interesting, though. I'd been hearing a lot about the practice lately. On the spur of the moment, I decided I would try trashing the office across the hall from the FCIC, an area which had nothing to do with the investigators.
The office was tiny; six chairs, a table.... Nevertheless, it was open, so I dug around in its plastic trash can.
To my utter astonishment, I came up with the torn scraps of a SPRINT
long-distance phone bill. More digging produced a bank statement and the scraps of a handwritten letter, along with gum, cigarette ashes, candy wrappers and a day-old-issue of USA TODAY.
The trash went back in its receptacle while the scraps of data went into my travel bag. I detoured through the hotel souvenir shop for some Scotch tape and went up to my room.
Coincidence or not, it was quite true. Some poor soul had, in fact, thrown a SPRINT bill into the hotel's trash. Date May 1991, total amount due: $252.36. Not a business phone, either, but a residential bill, in the name of someone called Evelyn (not her real name).
Evelyn's records showed a ## PAST DUE BILL ##! Here was her nine-digit account ID. Here was a stern computer-printed warning:
"TREAT YOUR FONCARD AS YOU WOULD ANY CREDIT CARD. TO SECURE
AGAINST FRAUD, NEVER GIVE YOUR FONCARD NUMBER OVER THE PHONE
UNLESS YOU INITIATED THE CALL. IF YOU RECEIVE SUSPICIOUS CALLS
PLEASE NOTIFY CUSTOMER SERVICE IMMEDIATELY!"
I examined my watch. Still plenty of time left for the FCIC to carry on.
I sorted out the scraps of Evelyn's SPRINT bill and reassembled them with fresh Scotch tape. Here was her ten-digit FONCARD number.
Didn't seem to have the ID number necessary to cause real fraud trouble.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 0 2
I did, however, have Evelyn's home phone number. And the phone numbers for a whole crowd of Evelyn's long-distance friends and acquaintances. In San Diego, Folsom, Redondo, Las Vegas, La Jolla, Topeka, and Northampton Massachusetts. Even somebody in Australia!
I examined other documents. Here was a bank statement. It was Evelyn's IRA account down at a bank in San Mateo California (total balance $1877.20). Here was a charge-card bill for $382.64. She was paying it off bit by bit.
Driven by motives that were completely unethical and prurient, I now examined the handwritten notes. They had been torn fairly thoroughly, so much so that it took me almost an entire five minutes to reassemble them.
They were drafts of a love letter. They had been written on the lined stationery of Evelyn's employer, a biomedical company. Probably written at work when she should have been doing something else.
"Dear Bob," (not his real name) "I guess in everyone's life there comes a time when hard decisions have to be made, and this is a difficult one for me — very upsetting. Since you haven't called me, and I don't understand why, I can only surmise it's because you don't want to. I thought I would have heard from you Friday. I did have a few unusual problems with my phone and possibly you tried, I hope so. "Robert, you asked me to 'let go'..."
The first note ended. Unusual problems with her phone? I looked swiftly at the next note.
"Bob, not hearing from you for the whole weekend has left me very per-plexed..."
Next draft.
"Dear Bob, there is so much I don't understand right now, and I wish I did. I wish I could talk to you, but for some unknown reason you have elected not to call — this is so difficult for me to understand..."
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 0 3
She tried again.
"Bob, Since I have always held you in such high esteem, I had every hope that we could remain good friends, but now one essential ingredient is missing — respect. Your ability to discard people when their purpose is served is appalling to me. The kindest thing you could do for me now is to leave me alone. You are no longer welcome in my heart or home..."
Try again.
"Bob, I wrote a very factual note to you to say how much respect I had lost for you, by the way you treat people, me in particular, so uncaring and cold. The kindest thing you can do for me is to leave me alone entirely, as you are no longer welcome in my heart or home. I would appreciate it if you could retire your debt to me as soon as possible — I wish no link to you in any way. Sincerely, Evelyn."
Good heavens, I thought, the bastard actually owes her money! I turned to the next page.
"Bob: very simple. GOODBYE! No more mind games — no more fascination — no more coldness — no more respect for you! It's over — Finis.
Evie"
There were two versions of the final brushoff letter, but they read about the same. Maybe she hadn't sent it. The final item in my illicit and shameful booty was an envelope addressed to "Bob" at his home address, but it had no stamp on it and it hadn't been mailed.
Maybe she'd just been blowing off steam because her rascal boyfriend had neglected to call her one weekend. Big deal. Maybe they'd kissed and made up, maybe she and Bob were down at Pop's Chocolate Shop now, sharing a malted. Sure.
Easy to find out. All I had to do was call Evelyn up. With a half-clever story and enough brass-plated gall I could probably trick the truth out of her. Phone-phreaks and hackers deceive people over the phone all the B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 0 4
time. It's called "social engineering." Social engineering is a very common practice in the underground, and almost magically effective. Human beings are almost always the weakest link in computer security. The simplest way to learn Things You Are Not Meant To Know is simply to call up and exploit the knowledgeable people. With social engineering, you use the bits of specialized knowledge you already have as a key, to manipulate people into believing that you are legitimate. You can then coax, flatter, or frighten them into revealing almost anything you want to know. Deceiving people (especially over the phone) is easy and fun.
Exploiting their gullibility is very gratifying; it makes you feel very superior to them.
If I'd been a malicious hacker on a trashing raid, I would now have Evelyn very much in my power. Given all this inside data, it wouldn't take much effort at all to invent a convincing lie. If I were ruthless enough, and jaded enough, and clever enough, this momentary indiscretion of hers — maybe committed in tears, who knows — could cause her a whole world of confusion and grief.
I didn't even have to have a malicious motive. Maybe I'd be "on her side," and call up Bob instead, and anonymously threaten to break both his kneecaps if he didn't take Evelyn out for a steak dinner pronto. It was still profoundly none of my business. To have gotten this knowledge at all was a sordid act and to use it would be to inflict a sordid injury.
To do all these awful things would require exactly zero high-tech expertise. All it would take was the willingness to do it and a certain amount of bent imagination.
I went back downstairs. The hardworking FCIC, who had labored forty-five minutes over their schedule, were through for the day, and adjourned to the hotel bar. We all had a beer.
I had a chat with a guy about "Isis," or rather IACIS, the International Association of Computer Investigation Specialists. They're into "computer forensics," the techniques of picking computer-systems apart without destroying vital evidence. IACIS, currently run out of Oregon, is B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 0 5
comprised of investigators in the U.S., Canada, Taiwan and Ireland.
"Taiwan and Ireland?" I said. Are Taiwan and Ireland really in the forefront of this stuff? Well not exactly, my informant admitted.
They just happen to have been the first ones to have caught on by word of mouth. Still, the international angle counts, because this is obviously an international problem. Phonelines go everywhere.
There was a Mountie here from the Royal Canadian Mounted Police. He seemed to be having quite a good time. Nobody had flung this Canadian out because he might pose a foreign security risk. These are cyberspace cops. They still worry a lot about "jurisdictions," but mere geography is the least of their troubles.
NASA had failed to show. NASA suffers a lot from computer intrusions, in particular from Australian raiders and a well-trumpeted Chaos Computer Club case, and in 1990 there was a brief press flurry when it was revealed that one of NASA's Houston branch-exchanges had been systematically ripped off by a gang of phone-phreaks. But the NASA guys had had their funding cut. They were stripping everything.
Air Force OSI, its Office of Special Investigations, is the only federal entity dedicated full-time to computer security. They'd been expected to show up in force, but some of them had cancelled — a Pentagon budget pinch.
As the empties piled up, the guys began joshing around and telling war-stories. "These are cops," Thackeray said tolerantly. "If they're not talking shop they talk about women and beer."
I heard the story about the guy who, asked for "a copy" of a computer disk, photocopied the label on it. He put the floppy disk onto the glass plate of a photocopier. The blast of static when the copier worked completely erased all the real information on the disk.
Some other poor souls threw a whole bag of confiscated diskettes into the squad-car trunk next to the police radio. The powerful radio signal blasted them, too.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 0 6
We heard a bit about Dave Geneson, the first computer prosecutor, a mainframe-runner in Dade County, turned lawyer. Dave Geneson was one guy who had hit the ground running, a signal virtue in making the transition to computer-crime. It was generally agreed that it was easier to learn the world of computers first, then police or prosecutorial work. You could take certain computer people and train 'em to successful police work — but of course they had to have the cop mentality. They had to have street smarts. Patience. Persistence. And discretion.
You've got to make sure they're not hot-shots, show-offs, "cowboys."
Most of the folks in the bar had backgrounds in military intelligence, or drugs, or homicide. It was rudely opined that "military intelligence"
was a contradiction in terms, while even the grisly world of homicide was considered cleaner than drug enforcement. One guy had been 'way undercover doing dope-work in Europe for four years straight. "I'm almost recovered now," he said deadpan, with the acid black humor that is pure cop. "Hey, now I can say fucker without putting mother
in front of it."
"In the cop world," another guy said earnestly, "everything is good and bad, black and white. In the computer world everything is gray."
One guy — a founder of the FCIC, who'd been with the group since it was just the Colluquy — described his own introduction to the field. He'd been a Washington DC homicide guy called in on a "hacker" case. From the word "hacker," he naturally assumed he was on the trail of a knife-wielding marauder, and went to the computer center expecting blood and a body. When he finally figured out what was happening there (after loudly demanding, in vain, that the programmers "speak English"), he called headquarters and told them he was clueless about computers.
They told him nobody else knew diddly either, and to get the hell back to work.
So, he said, he had proceeded by comparisons. By analogy. By metaphor.
"Somebody broke in to your computer, huh?" Breaking and entering; I can understand that. How'd he get in? "Over the phonelines."
Harassing phone-calls, I can understand that! What we need here is a tap and a trace!
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 0 7
It worked. It was better than nothing. And it worked a lot faster when he got hold of another cop who'd done something similar. And then the two of them got another, and another, and pretty soon the Colluquy was a happening thing. It helped a lot that everybody seemed to know Carlton Fitzpatrick, the data-processing trainer in Glynco.
The ice broke big-time in Memphis in '86. The Colluquy had attracted a bunch of new guys — Secret Service, FBI, military, other feds, heavy guys. Nobody wanted to tell anybody anything. They suspected that if word got back to the home office they'd all be fired. They passed an uncomfortably guarded afternoon.
The formalities got them nowhere. But after the formal session was over, the organizers brought in a case of beer. As soon as the participants knocked it off with the bureaucratic ranks and turf-fighting, everything changed. "I bared my soul," one veteran reminisced proudly.
By nightfall they were building pyramids of empty beer-cans and doing everything but composing a team fight song.
FCIC were not the only computer-crime people around. There was DATTA (District Attorneys' Technology Theft Association), though they mostly specialized in chip theft, intellectual property, and black-market cases. There was HTCIA (High Tech Computer Investigators Association), also out in Silicon Valley, a year older than FCIC and featuring brilliant people like Donald Ingraham. There was LEETAC (Law Enforcement Electronic Technology Assistance Committee) in Florida, and computer-crime units in Illinois and Maryland and Texas and Ohio and Colorado and Pennsylvania. But these were local groups. FCIC were the first to really network nationally and on a federal level.
FCIC people live on the phone lines. Not on bulletin board systems —
they know very well what boards are, and they know that boards aren't secure. Everyone in the FCIC has a voice-phone bill like you wouldn't believe. FCIC people have been tight with the telco people for a long time. Telephone cyberspace is their native habitat.
FCIC has three basic sub-tribes: the trainers, the security people, and B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 0 8
the investigators. That's why it's called an "Investigations Committee"
with no mention of the term "computer-crime" — the dreaded "C-word."
FCIC, officially, is "an association of agencies rather than individuals;"
unofficially, this field is small enough that the influence of individuals and individual expertise is paramount. Attendance is by invitation only, and most everyone in FCIC considers himself a prophet without honor in his own house.
Again and again I heard this, with different terms but identical senti-ments. "I'd been sitting in the wilderness talking to myself." "I was totally isolated." "I was desperate." "FCIC is the best thing there is about computer crime in America." "FCIC is what really works." "This is where you hear real people telling you what's really happening out there, not just lawyers picking nits." "We taught each other everything we knew."
The sincerity of these statements convinces me that this is true. FCIC is the real thing and it is invaluable. It's also very sharply at odds with the rest of the traditions and power structure in American law enforcement. There probably hasn't been anything around as loose and go-getting as the FCIC since the start of the U.S. Secret Service in the 1860s.
FCIC people are living like twenty-first- century people in a twentieth-century environment, and while there's a great deal to be said for that, there's also a great deal to be said against it, and those against it happen to control the budgets.
I listened to two FCIC guys from Jersey compare life histories. One of them had been a biker in a fairly heavy-duty gang in the 1960s. "Oh, did you know so-and-so?" said the other guy from Jersey. "Big guy, heavyset?"
"Yeah, I knew him."
"Yeah, he was one of ours. He was our plant in the gang."
"Really? Wow! Yeah, I knew him. Helluva guy."
Thackeray reminisced at length about being tear-gassed blind in the B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 0 9
November 1969 antiwar protests in Washington Circle, covering them for her college paper. "Oh yeah, I was there," said another cop. "Glad to hear that tear gas hit somethin'. Haw haw haw." He'd been so blind himself, he confessed, that later that day he'd arrested a small tree.
FCIC are an odd group, sifted out by coincidence and necessity, and turned into a new kind of cop. There are a lot of specialized cops in the world — your bunco guys, your drug guys, your tax guys, but the only group that matches FCIC for sheer isolation are probably the child-pornography people. Because they both deal with conspirators who are desperate to exchange forbidden data and also desperate to hide; and because nobody else in law enforcement even wants to hear about it.
FCIC people tend to change jobs a lot. They tend not to get the equipment and training they want and need. And they tend to get sued quite often.
As the night wore on and a band set up in the bar, the talk grew darker.
Nothing ever gets done in government, someone opined, until there's a
disaster. Computing disasters are awful, but there's no denying that they greatly help the credibility of FCIC people. The Internet Worm, for instance. "For years we'd been warning about that — but it's nothing compared to what's coming." They expect horrors, these people. They know that nothing will really get done until there is a horror.
_____
Next day we heard an extensive briefing from a guy who'd been a computer cop, gotten into hot water with an Arizona city council, and now installed computer networks for a living (at a considerable rise in pay).
He talked about pulling fiber-optic networks apart.
Even a single computer, with enough peripherals, is a literal "network"
— a bunch of machines all cabled together, generally with a complexity that puts stereo units to shame. FCIC people invent and publicize methods of seizing computers and maintaining their evidence. Simple things, sometimes, but vital rules of thumb for street cops, who nowadays often stumble across a busy computer in the midst of a drug investigation or a white-collar bust. For instance: Photograph the system before you touch it. Label the ends of all the cables before you detach B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 1 0
anything. "Park" the heads on the disk drives before you move them.
Get the diskettes. Don't put the diskettes in magnetic fields. Don't write on diskettes with ballpoint pens. Get the manuals. Get the printouts.
Get the handwritten notes. Copy data before you look at it, and then examine the copy instead of the original.
Now our lecturer distributed copied diagrams of a typical LAN or "Local Area Network", which happened to be out of Connecticut. One hundred and fifty-nine desktop computers, each with its own peripherals.
Three "file servers." Five "star couplers" each with thirty-two ports.
One sixteen-port coupler off in the corner office. All these machines talking to each other, distributing electronic mail, distributing software, distributing, quite possibly, criminal evidence. All linked by high-capacity fiber-optic cable. A bad guy — cops talk a lot about "bad guys" — might be lurking on PC #47 or #123 and distributing his ill doings onto some dupe's "personal" machine in another office — or another floor — or, quite possibly, two or three miles away! Or, conceivably, the evidence might be "data-striped" — split up into meaningless slivers stored, one by one, on a whole crowd of different disk drives.
The lecturer challenged us for solutions. I for one was utterly clueless.
As far as I could figure, the Cossacks were at the gate; there were probably more disks in this single building than were seized during the entirety of Operation Sundevil.
"Inside informant," somebody said. Right. There's always the human angle, something easy to forget when contemplating the arcane recesses of high technology. Cops are skilled at getting people to talk, and computer people, given a chair and some sustained attention, will talk about their computers till their throats go raw. There's a case on record of a single question — "How'd you do it?" — eliciting a forty-five-minute videotaped confession from a computer criminal who not only completely incriminated himself but drew helpful diagrams.
Computer people talk. Hackers brag. Phone-phreaks talk patho-logically — why else are they stealing phone-codes, if not to natter for ten hours straight to their friends on an opposite seaboard? Computer-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 1 1
literate people do in fact possess an arsenal of nifty gadgets and techniques that would allow them to conceal all kinds of exotic skullduggery, and if they could only shut up about it, they could probably get away with all manner of amazing information-crimes. But that's just not how it works — or at least, that's not how it's worked so far.
Most every phone-phreak ever busted has swiftly implicated his mentors, his disciples, and his friends. Most every white-collar computer-criminal, smugly convinced that his clever scheme is bulletproof, swiftly learns otherwise when, for the first time in his life, an actual no-kidding policeman leans over, grabs the front of his shirt, looks him right in the eye and says: "All right, asshole — you and me are going downtown!" All the hardware in the world will not insulate your nerves from these actual real-life sensations of terror and guilt.
Cops know ways to get from point A to point Z without thumbing through every letter in some smart-ass bad-guy's alphabet. Cops know how to cut to the chase. Cops know a lot of things other people don't know.
Hackers know a lot of things other people don't know, too. Hackers know, for instance, how to sneak into your computer through the phonelines. But cops can show up right on your doorstep and carry off
you and your computer in separate steel boxes. A cop interested in hackers can grab them and grill them. A hacker interested in cops has to depend on hearsay, underground legends, and what cops are willing to publicly reveal. And the Secret Service didn't get named "the Secret
Service" because they blab a lot.
Some people, our lecturer informed us, were under the mistaken impression that it was "impossible" to tap a fiber-optic line. Well, he announced, he and his son had just whipped up a fiber-optic tap in his workshop at home. He passed it around the audience, along with a circuit-covered LAN plug-in card so we'd all recognize one if we saw it on a case. We all had a look.
The tap was a classic "Goofy Prototype" — a thumb-length rounded metal cylinder with a pair of plastic brackets on it. From one end dangled three thin black cables, each of which ended in a tiny black plastic cap.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 1 2
When you plucked the safety-cap off the end of a cable, you could see the glass fiber — no thicker than a pinhole.
Our lecturer informed us that the metal cylinder was a "wavelength division multiplexer." Apparently, what one did was to cut the fiber-optic cable, insert two of the legs into the cut to complete the network again, and then read any passing data on the line by hooking up the third leg to some kind of monitor. Sounded simple enough. I wondered why nobody had thought of it before. I also wondered whether this guy's son back at the workshop had any teenage friends.
We had a break. The guy sitting next to me was wearing a giveaway baseball cap advertising the Uzi submachine gun. We had a desultory chat about the merits of Uzis. Long a favorite of the Secret Service, it seems Uzis went out of fashion with the advent of the Persian Gulf War, our Arab allies taking some offense at Americans toting Israeli weapons.
Besides, I was informed by another expert, Uzis jam. The equivalent weapon of choice today is the Heckler & Koch, manufactured in Germany.
The guy with the Uzi cap was a forensic photographer. He also did a lot of photographic surveillance work in computer crime cases. He used to, that is, until the firings in Phoenix. He was now a private investigator and, with his wife, ran a photography salon specializing in weddings and portrait photos. At — one must repeat — a considerable rise in income.
He was still FCIC. If you were FCIC, and you needed to talk to an expert about forensic photography, well, there he was, willing and able. If he hadn't shown up, people would have missed him.
Our lecturer had raised the point that preliminary investigation of a computer system is vital before any seizure is undertaken. It's vital to understand how many machines are in there, what kinds there are, what kind of operating system they use, how many people use them, where the actual data itself is stored. To simply barge into an office demanding
"all the computers" is a recipe for swift disaster.
This entails some discreet inquiries beforehand. In fact, what it entails B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 1 3
is basically undercover work. An intelligence operation. Spying,
not to put too fine a point on it.
In a chat after the lecture, I asked an attendee whether "trashing" might work.
I received a swift briefing on the theory and practice of "trash covers."
Police "trash covers," like "mail covers" or like wiretaps, require the agreement of a judge. This obtained, the "trashing" work of cops is just like that of hackers, only more so and much better organized. So much so, I was informed, that mobsters in Phoenix make extensive use of locked garbage cans picked up by a specialty high-security trash company.
In one case, a tiger team of Arizona cops had trashed a local residence for four months. Every week they showed up on the municipal garbage truck, disguised as garbagemen, and carried the contents of the suspect cans off to a shade tree, where they combed through the garbage — a messy task, especially considering that one of the occupants was under-going kidney dialysis. All useful documents were cleaned, dried and examined. A discarded typewriter-ribbon was an especially valuable source of data, as its long one-strike ribbon of film contained the contents of every letter mailed out of the house. The letters were neatly retyped by a police secretary equipped with a large desk-mounted mag-nifying glass.
There is something weirdly disquieting about the whole subject of
"trashing" — an unsuspected and indeed rather disgusting mode of deep personal vulnerability. Things that we pass by every day, that we take utterly for granted, can be exploited with so little work. Once discovered, the knowledge of these vulnerabilities tend to spread.
Take the lowly subject of manhole covers. The humble manhole cover reproduces many of the dilemmas of computer-security in miniature.
Manhole covers are, of course, technological artifacts, access-points to our buried urban infrastructure. To the vast majority of us, manhole covers are invisible. They are also vulnerable. For many years now, the Secret Service has made a point of caulking manhole covers along all B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 1 4
routes of the Presidential motorcade. This is, of course, to deter terrorists from leaping out of underground ambush or, more likely, plant-ing remote-control car-smashing bombs beneath the street.
Lately, manhole covers have seen more and more criminal exploitation, especially in New York City. Recently, a telco in New York City discovered that a cable television service had been sneaking into telco manholes and installing cable service alongside the phonelines — without paying royalties. New York companies have also suffered a general plague of (a) underground copper cable theft; (b) dumping of garbage, including toxic waste, and (c) hasty dumping of murder victims.
Industry complaints reached the ears of an innovative New England industrial-security company, and the result was a new product known as "the Intimidator," a thick titanium-steel bolt with a precisely machined head that requires a special device to unscrew. All these
"keys" have registered serial numbers kept on file with the manufacturer. There are now some thousands of these "Intimidator" bolts being sunk into American pavements wherever our President passes, like some macabre parody of strewn roses. They are also spreading as fast as steel dandelions around US military bases and many centers of private industry.
Quite likely it has never occurred to you to peer under a manhole cover, perhaps climb down and walk around down there with a flashlight, just to see what it's like. Formally speaking, this might be trespassing, but if you didn't hurt anything, and didn't make an absolute habit of it, nobody would really care. The freedom to sneak under manholes was likely a freedom you never intended to exercise.
You now are rather less likely to have that freedom at all. You may never even have missed it until you read about it here, but if you're in New York City it's gone, and elsewhere it's likely going. This is one of the things that crime, and the reaction to crime, does to us.
The tenor of the meeting now changed as the Electronic Frontier Foundation arrived. The EFF, whose personnel and history will be examined in detail in the next chapter, are a pioneering civil liberties B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 1 5
group who arose in direct response to the Hacker Crackdown of 1990.
Now Mitchell Kapor, the Foundation's president, and Michael Godwin, its chief attorney, were confronting federal law enforcement mano a mano for the first time ever. Ever alert to the manifold uses of publicity, Mitch Kapor and Mike Godwin had brought their own journalist in tow: Robert Draper, from Austin, whose recent well-received book about ROLLING STONE magazine was still on the stands. Draper was on assignment for TEXAS MONTHLY.
The Steve Jackson/EFF civil lawsuit against the Chicago Computer Fraud and Abuse Task Force was a matter of considerable regional interest in Texas. There were now two Austinite journalists here on the case. In fact, counting Godwin (a former Austinite and former journalist) there were three of us. Lunch was like Old Home Week.
Later, I took Draper up to my hotel room. We had a long frank talk about the case, networking earnestly like a miniature freelance-journo version of the FCIC: privately confessing the numerous blunders of journalists covering the story, and trying hard to figure out who was who and what the hell was really going on out there. I showed Draper everything I had dug out of the Hilton trashcan. We pondered the ethics of "trashing" for a while, and agreed that they were dismal. We also agreed that finding a SPRINT bill on your first time out was a heck of a coincidence.
First I'd "trashed" — and now, mere hours later, I'd bragged to someone else. Having entered the lifestyle of hackerdom, I was now, unsurprisingly, following its logic. Having discovered something remarkable through a surreptitious action, I of course had to "brag," and to drag the passing Draper into my iniquities. I felt I needed a witness.
Otherwise nobody would have believed what I'd discovered....
Back at the meeting, Thackeray cordially, if rather tentatively, introduced Kapor and Godwin to her colleagues. Papers were distributed.
Kapor took center stage. The brilliant Bostonian high-tech entrepreneur, normally the hawk in his own administration and quite an effective public speaker, seemed visibly nervous, and frankly admitted as B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 1 6
much. He began by saying he consided computer-intrusion to be morally wrong, and that the EFF was not a "hacker defense fund," despite what had appeared in print. Kapor chatted a bit about the basic motivations of his group, emphasizing their good faith and willingness to listen and seek common ground with law enforcement — when, er, possible.
Then, at Godwin's urging, Kapor suddenly remarked that EFF's own Internet machine had been "hacked" recently, and that EFF did not consider this incident amusing.
After this surprising confession, things began to loosen up quite rapidly.
Soon Kapor was fielding questions, parrying objections, challenging definitions, and juggling paradigms with something akin to his usual gusto.
Kapor seemed to score quite an effect with his shrewd and skeptical analysis of the merits of telco "Caller-ID" services. (On this topic, FCIC and EFF have never been at loggerheads, and have no particular established earthworks to defend.) Caller-ID has generally been promoted as a privacy service for consumers, a presentation Kapor described as a "smokescreen," the real point of Caller-ID being to
allow corporate customers to build extensive commercial databases on everybody who phones or faxes them. Clearly, few people in the room had considered this possibility, except perhaps for two late-arrivals from US WEST RBOC security, who chuckled nervously.
Mike Godwin then made an extensive presentation on "Civil Liberties Implications of Computer Searches and Seizures." Now, at last, we were getting to the real nitty-gritty here, real political horse-trading. The audience listened with close attention, angry mutters rising occasionally: "He's trying to teach us our jobs!" "We've been thinking about this for years! We think about these issues every day!" "If I didn't seize the works, I'd be sued by the guy's victims!" "I'm violating the law if I leave ten thousand disks full of illegal pirated software and stolen codes!" "It's our job to make sure people don't trash the Constitution
— we're the defenders of the Constitution!" "We seize stuff when we know it will be forfeited anyway as restitution for the victim!"
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 1 7
"If it's forfeitable, then don't get a search warrant, get a forfeiture warrant," Godwin suggested coolly. He further remarked that most suspects in computer crime don't want to see their computers vanish out the door, headed God knew where, for who knows how long. They might not mind a search, even an extensive search, but they want their machines searched on-site.
"Are they gonna feed us?" somebody asked sourly.
"How about if you take copies of the data?" Godwin parried.
"That'll never stand up in court."
"Okay, you make copies, give them the copies, and take the originals."
Hmmm.
Godwin championed bulletin-board systems as repositories of First Amendment protected free speech. He complained that federal computer-crime training manuals gave boards a bad press, suggesting that they are hotbeds of crime haunted by pedophiles and crooks, whereas the vast majority of the nation's thousands of boards are completely innocuous, and nowhere near so romantically suspicious.
People who run boards violently resent it when their systems are seized, and their dozens (or hundreds) of users look on in abject horror.
Their rights of free expression are cut short. Their right to associate with other people is infringed. And their privacy is violated as their private electronic mail becomes police property.
Not a soul spoke up to defend the practice of seizing boards. The issue passed in chastened silence. Legal principles aside — (and those principles cannot be settled without laws passed or court precedents) —
seizing bulletin boards has become public-relations poison for American computer police.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 1 8
And anyway, it's not entirely necessary. If you're a cop, you can get
'most everything you need from a pirate board, just by using an inside informant. Plenty of vigilantes — well, concerned citizens — will inform police the moment they see a pirate board hit their area (and will tell the police all about it, in such technical detail, actually, that you kinda wish they'd shut up). They will happily supply police with extensive downloads or printouts. It's impossible to keep this fluid electronic information out of the hands of police.
Some people in the electronic community become enraged at the prospect of cops "monitoring" bulletin boards. This does have touchy aspects, as Secret Service people in particular examine bulletin boards with some regularity. But to expect electronic police to be deaf dumb and blind in regard to this particular medium rather flies in the face of common sense. Police watch television, listen to radio, read newspapers and magazines; why should the new medium of boards be different? Cops can exercise the same access to electronic information as everybody else. As we have seen, quite a few computer police maintain their own bulletin boards, including anti-hacker "sting" boards, which have generally proven quite effective.
As a final clincher, their Mountie friends in Canada (and colleagues in Ireland and Taiwan) don't have First Amendment or American constitutional restrictions, but they do have phone lines, and can call any bulletin board in America whenever they please. The same technological determinants that play into the hands of hackers, phone phreaks and software pirates can play into the hands of police. "Technological determinants" don't have any human allegiances. They're not black or white, or Establishment or Underground, or pro-or-anti anything.
Godwin complained at length about what he called "the Clever Hobbyist hypothesis" — the assumption that the "hacker" you're busting is clearly a technical genius, and must therefore by searched with extreme thoroughness. So: from the law's point of view, why risk missing anything? Take the works. Take the guy's computer. Take his books. Take his notebooks. Take the electronic drafts of his love letters. Take his Walkman. Take his wife's computer. Take his dad's computer. Take his kid sister's computer. Take his employer's computer. Take his compact B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 1 9
disks — they might be CD-ROM disks, cunningly disguised as pop music. Take his laser printer — he might have hidden something vital in the printer's 5meg of memory. Take his software manuals and hardware documentation. Take his science-fiction novels and his simulation-gaming books. Take his Nintendo Game-Boy and his Pac-Man arcade game. Take his answering machine, take his telephone out of the wall.
Take anything remotely suspicious.
Godwin pointed out that most "hackers" are not, in fact, clever genius hobbyists. Quite a few are crooks and grifters who don't have much in the way of technical sophistication; just some rule-of-thumb rip-off techniques. The same goes for most fifteen-year-olds who've downloaded a code-scanning program from a pirate board. There's no real need to seize everything in sight. It doesn't require an entire computer system and ten thousand disks to prove a case in court.
What if the computer is the instrumentality of a crime? someone demanded.
Godwin admitted quietly that the doctrine of seizing the instrumentality of a crime was pretty well established in the American legal system.
The meeting broke up. Godwin and Kapor had to leave. Kapor was testifying next morning before the Massachusetts Department Of Public Utility, about ISDN narrowband wide-area networking.
As soon as they were gone, Thackeray seemed elated. She had taken a great risk with this. Her colleagues had not, in fact, torn Kapor and Godwin's heads off. She was very proud of them, and told them so.
"Did you hear what Godwin said about instrumentality of a crime?"
she exulted, to nobody in particular. "Wow, that means Mitch isn't going to sue me."
_____
America's computer police are an interesting group. As a social phenomenon they are far more interesting, and far more important, than teenage phone phreaks and computer hackers. First, they're older and B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 2 0
wiser; not dizzy hobbyists with leaky morals, but seasoned adult professionals with all the responsibilities of public service. And, unlike hackers, they possess not merely technical power alone, but heavy-duty legal and social authority.
And, very interestingly, they are just as much at sea in cyberspace as everyone else. They are not happy about this. Police are authoritarian by nature, and prefer to obey rules and precedents. (Even those police who secretly enjoy a fast ride in rough territory will soberly disclaim any "cowboy" attitude.) But in cyberspace there are no rules and precedents. They are groundbreaking pioneers, Cyberspace Rangers, whether they like it or not.
In my opinion, any teenager enthralled by computers, fascinated by the ins and outs of computer security, and attracted by the lure of specialized forms of knowledge and power, would do well to forget all about
"hacking" and set his (or her) sights on becoming a fed. Feds can trump hackers at almost every single thing hackers do, including gathering intelligence, undercover disguise, trashing, phone-tapping, building dossiers, networking, and infiltrating computer systems — criminal
computer systems. Secret Service agents know more about phreaking, coding and carding than most phreaks can find out in years, and when it comes to viruses, breakins, software bombs and trojan horses, Feds have direct access to red-hot confidential information that is only vague rumor in the underground.
And if it's an impressive public rep you're after, there are few people in the world who can be so chillingly impressive as a well-trained, well-armed United States Secret Service agent.
Of course, a few personal sacrifices are necessary in order to obtain that power and knowledge. First, you'll have the galling discipline of belonging to a large organization; but the world of computer crime is still so small, and so amazingly fast-moving, that it will remain spectacularly fluid for years to come. The second sacrifice is that you'll have to give up ripping people off. This is not a great loss. Abstaining from the use of illegal drugs, also necessary, will be a boon to your health.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 2 1
A career in computer security is not a bad choice for a young man or woman today. The field will almost certainly expand drastically in years to come. If you are a teenager today, by the time you become a professional, the pioneers you have read about in this book will be the grand old men and women of the field, swamped by their many disciples and successors. Of course, some of them, like William P. Wood of the 1865 Secret Service, may well be mangled in the whirring machinery of legal controversy; but by the time you enter the computer-crime field, it may have stabilized somewhat, while remaining entertainingly challenging.
But you can't just have a badge. You have to win it. First, there's the federal law enforcement training. And it's hard — it's a challenge. A real challenge — not for wimps and rodents.
Every Secret Service agent must complete gruelling courses at the Federal Law Enforcement Training Center. (In fact, Secret Service agents are periodically re-trained during their entire careers.) In order to get a glimpse of what this might be like, I myself travelled to FLETC.
_____
The Federal Law Enforcement Training Center is a 1500-acre facility on Georgia's Atlantic coast. It's a milieu of marshgrass, seabirds, damp, clinging sea-breezes, palmettos, mosquitos, and bats. Until 1974, it was a Navy Air Base, and still features a working runway, and some WWII vintage blockhouses and officers' quarters. The Center has since benefitted by a forty-million-dollar retrofit, but there's still enough forest and swamp on the facility for the Border Patrol to put in tracking practice.
As a town, "Glynco" scarcely exists. The nearest real town is Brunswick, a few miles down Highway 17, where I stayed at the aptly named Marshview Holiday Inn. I had Sunday dinner at a seafood restaurant called "Jinright's," where I feasted on deep-fried alligator tail.
This local favorite was a heaped basket of bite-sized chunks of white, B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 2 2
tender, almost fluffy reptile meat, steaming in a peppered batter crust.
Alligator makes a culinary experience that's hard to forget, especially when liberally basted with homemade cocktail sauce from a Jinright squeeze-bottle.
The crowded clientele were tourists, fishermen, local black folks in their Sunday best, and white Georgian locals who all seemed to bear an uncanny resemblance to Georgia humorist Lewis Grizzard.
The 2,400 students from 75 federal agencies who make up the FLETC
population scarcely seem to make a dent in the low-key local scene. The students look like tourists, and the teachers seem to have taken on much of the relaxed air of the Deep South. My host was Mr. Carlton Fitzpatrick, the Program Coordinator of the Financial Fraud Institute.
Carlton Fitzpatrick is a mustached, sinewy, well-tanned Alabama native somewhere near his late forties, with a fondness for chewing tobacco, powerful computers, and salty, down-home homilies. We'd met before, at FCIC in Arizona.
The Financial Fraud Institute is one of the nine divisions at FLETC.
Besides Financial Fraud, there's Driver & Marine, Firearms, and Physical Training. These are specialized pursuits. There are also five general training divisions: Basic Training, Operations, Enforcement Techniques, Legal Division, and Behavioral Science.
Somewhere in this curriculum is everything necessary to turn green college graduates into federal agents. First they're given ID cards. Then they get the rather miserable-looking blue coveralls known as "smurf suits." The trainees are assigned a barracks and a cafeteria, and immediately set on FLETC's bone-grinding physical training routine. Besides the obligatory daily jogging — (the trainers run up danger flags beside the track when the humidity rises high enough to threaten heat stroke)
— there's the Nautilus machines, the martial arts, the survival skills....
The eighteen federal agencies who maintain on-site academies at FLETC
employ a wide variety of specialized law enforcement units, some of them rather arcane. There's Border Patrol, IRS Criminal Investigation Division, Park Service, Fish and Wildlife, Customs, Immigration, B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 2 3
Secret Service and the Treasury's uniformed subdivisions.... If you're a federal cop and you don't work for the FBI, you train at FLETC. This includes people as apparently obscure as the agents of the Railroad Retirement Board Inspector General. Or the Tennessee Valley Authority Police, who are in fact federal police officers, and can and do arrest criminals on the federal property of the Tennessee Valley Authority.
And then there are the computer-crime people. All sorts, all backgrounds. Mr. Fitzpatrick is not jealous of his specialized knowledge.
Cops all over, in every branch of service, may feel a need to learn what he can teach. Backgrounds don't matter much. Fitzpatrick himself was originally a Border Patrol veteran, then became a Border Patrol instructor at FLETC. His Spanish is still fluent — but he found himself strangely fascinated when the first computers showed up at the Training Center. Fitzpatrick did have a background in electrical engineering, and though he never considered himself a computer hacker, he somehow found himself writing useful little programs for this new and promising gizmo.
He began looking into the general subject of computers and crime, reading Donn Parker's books and articles, keeping an ear cocked for war stories, useful insights from the field, the up-and-coming people of the local computer-crime and high-technology units.... Soon he got a reputation around FLETC as the resident "computer expert," and that reputation alone brought him more exposure, more experience — until one day he looked around, and sure enough he was a federal computer-crime expert.
In fact, this unassuming, genial man may be the federal computer-crime expert. There are plenty of very good computer people, and plenty of very good federal investigators, but the area where these worlds of expertise overlap is very slim. And Carlton Fitzpatrick has been right at the center of that since 1985, the first year of the Colluquy, a group which owes much to his influence.
He seems quite at home in his modest, acoustic-tiled office, with its Ansel Adams-style Western photographic art, a gold-framed Senior Instructor Certificate, and a towering bookcase crammed with three-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 2 4
ring binders with ominous titles such as Datapro Reports on Information Security and CFCA Telecom Security '90.
The phone rings every ten minutes; colleagues show up at the door to chat about new developments in locksmithing or to shake their heads over the latest dismal developments in the BCCI global banking scandal.
Carlton Fitzpatrick is a fount of computer-crime war-stories, related in an acerbic drawl. He tells me the colorful tale of a hacker caught in California some years back. He'd been raiding systems, typing code without a detectable break, for twenty, twenty-four, thirty-six hours straight. Not just logged on — typing. Investigators were baffled.
Nobody could do that. Didn't he have to go to the bathroom? Was it some kind of automatic keyboard-whacking device that could actually type code?
A raid on the suspect's home revealed a situation of astonishing squalor.
The hacker turned out to be a Pakistani computer-science student who had flunked out of a California university. He'd gone completely underground as an illegal electronic immigrant, and was selling stolen phone-service to stay alive. The place was not merely messy and dirty, but in a state of psychotic disorder. Powered by some weird mix of culture shock, computer addiction, and amphetamines, the suspect had in fact been sitting in front of his computer for a day and a half straight, with snacks and drugs at hand on the edge of his desk and a chamber-pot under his chair.
Word about stuff like this gets around in the hacker-tracker community.
Carlton Fitzpatrick takes me for a guided tour by car around the FLETC
grounds. One of our first sights is the biggest indoor firing range in the world. There are federal trainees in there, Fitzpatrick assures me politely, blasting away with a wide variety of automatic weapons: Uzis, Glocks, AK-47s.... He's willing to take me inside. I tell him I'm sure that's really interesting, but I'd rather see his computers. Carlton Fitzpatrick seems quite surprised and pleased. I'm apparently the first journalist he's ever seen who has turned down the shooting gallery in B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 2 5
favor of microchips.
Our next stop is a favorite with touring Congressmen: the three-mile long FLETC driving range. Here trainees of the Driver & Marine Division are taught high-speed pursuit skills, setting and breaking roadblocks, diplomatic security driving for VIP limousines.... A favorite FLETC pastime is to strap a passing Senator into the passenger seat beside a Driver & Marine trainer, hit a hundred miles an hour, then take it right into "the skid-pan," a section of greased track where two tons of Detroit iron can whip and spin like a hockey puck.
Cars don't fare well at FLETC. First they're rifled again and again for search practice. Then they do 25,000 miles of high-speed pursuit training; they get about seventy miles per set of steel-belted radials.
Then it's off to the skid pan, where sometimes they roll and tumble headlong in the grease. When they're sufficiently grease-stained, dented, and creaky, they're sent to the roadblock unit, where they're battered without pity. And finally then they're sacrificed to the Bureau of Alcohol, Tobacco and Firearms, whose trainees learn the ins and outs of car-bomb work by blowing them into smoking wreckage.
There's a railroad box-car on the FLETC grounds, and a large grounded boat, and a propless plane; all training-grounds for searches. The plane sits forlornly on a patch of weedy tarmac next to an eerie blockhouse known as the "ninja compound," where anti-terrorism specialists practice hostage rescues. As I gaze on this creepy paragon of modern low-intensity warfare, my nerves are jangled by a sudden staccato out-burst of automatic weapons fire, somewhere in the woods to my right.
"Nine-millimeter," Fitzpatrick judges calmly.
Even the eldritch ninja compound pales somewhat compared to the truly surreal area known as "the raid-houses." This is a street lined on both sides with nondescript concrete-block houses with flat pebbled roofs.
They were once officers' quarters. Now they are training grounds. The first one to our left, Fitzpatrick tells me, has been specially adapted for computer search-and-seizure practice. Inside it has been wired for video from top to bottom, with eighteen pan-and-tilt remotely controlled videocams mounted on walls and in corners. Every movement of B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 2 6
the trainee agent is recorded live by teachers, for later taped analysis.
Wasted movements, hesitations, possibly lethal tactical mistakes — all are gone over in detail.
Perhaps the weirdest single aspect of this building is its front door, scarred and scuffed all along the bottom, from the repeated impact, day after day, of federal shoe-leather.
Down at the far end of the row of raid-houses some people are practicing a murder. We drive by slowly as some very young and rather nervous-looking federal trainees interview a heavyset bald man on the raid-house lawn. Dealing with murder takes a lot of practice; first you have to learn to control your own instinctive disgust and panic, then you have to learn to control the reactions of a nerve-shredded crowd of civilians, some of whom may have just lost a loved one, some of whom may be murderers — quite possibly both at once.
A dummy plays the corpse. The roles of the bereaved, the morbidly curious, and the homicidal are played, for pay, by local Georgians: waitresses, musicians, most anybody who needs to moonlight and can learn a script. These people, some of whom are FLETC regulars year after year, must surely have one of the strangest jobs in the world.
Something about the scene: "normal" people in a weird situation, standing around talking in bright Georgia sunshine, unsuccessfully pretending that something dreadful has gone on, while a dummy lies inside on faked bloodstains.... While behind this weird masquerade, like a nested set of Russian dolls, are grim future realities of real death, real violence, real murders of real people, that these young agents will really investigate, many times during their careers.... Over and over.... Will those anticipated murders look like this, feel like this — not as "real" as these amateur actors are trying to make it seem, but both as "real," and as numbingly unreal, as watching fake people standing around on a fake lawn? Something about this scene unhinges me. It seems nightmarish to me, Kafkaesque. I simply don't know how to take it; my head is turned around; I don't know whether to laugh, cry, or just shudder.
When the tour is over, Carlton Fitzpatrick and I talk about computers.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 2 7
For the first time cyberspace seems like quite a comfortable place. It seems very real to me suddenly, a place where I know what I'm talking about, a place I'm used to. It's real. "Real." Whatever.
Carlton Fitzpatrick is the only person I've met in cyberspace circles who is happy with his present equipment. He's got a 5 Meg RAM PC with a 112 meg hard disk; a 660 meg's on the way. He's got a Compaq 386
desktop, and a Zenith 386 laptop with 120 meg. Down the hall is a NEC
Multi-Sync 2A with a CD-ROM drive and a 9600 baud modem with four com-lines. There's a training minicomputer, and a 10-meg local mini just for the Center, and a lab-full of student PC clones and half-a-dozen Macs or so. There's a Data General MV 2500 with 8 meg on board and a 370 meg disk.
Fitzpatrick plans to run a UNIX board on the Data General when he's finished beta-testing the software for it, which he wrote himself. It'll have E-mail features, massive files on all manner of computer-crime and investigation procedures, and will follow the computer-security specifics of the Department of Defense "Orange Book." He thinks it will be the biggest BBS in the federal government.
Will it have Phrack on it? I ask wryly.
Sure, he tells me. Phrack, TAP, Computer Underground Digest, all that stuff. With proper disclaimers, of course.
I ask him if he plans to be the sysop. Running a system that size is very time-consuming, and Fitzpatrick teaches two three-hour courses every day.
No, he says seriously, FLETC has to get its money worth out of the instructors. He thinks he can get a local volunteer to do it, a high-school student.
He says a bit more, something I think about an Eagle Scout law-enforcement liaison program, but my mind has rocketed off in disbelief.
"You're going to put a teenager in charge of a federal security BBS?"
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 2 8
I'm speechless. It hasn't escaped my notice that the FLETC Financial Fraud Institute is the ultimate hacker-trashing target; there is stuff in here, stuff of such utter and consummate cool by every standard of the digital underground.... I imagine the hackers of my acquaintance, fainting dead-away from forbidden-knowledge greed-fits, at the mere prospect of cracking the superultra top-secret computers used to train the Secret Service in computer-crime....
"Uhm, Carlton," I babble, "I'm sure he's a really nice kid and all, but that's a terrible temptation to set in front of somebody who's, you know, into computers and just starting out..."
"Yeah," he says, "that did occur to me." For the first time I begin to suspect that he's pulling my leg.
He seems proudest when he shows me an ongoing project called JICC, Joint Intelligence Control Council. It's based on the services provided by EPIC, the El Paso Intelligence Center, which supplies data and intelligence to the Drug Enforcement Administration, the Customs Service, the Coast Guard, and the state police of the four southern border states.
Certain EPIC files can now be accessed by drug-enforcement police of Central America, South America and the Caribbean, who can also trade information among themselves. Using a telecom program called "White Hat," written by two brothers named Lopez from the Dominican Republic, police can now network internationally on inexpensive PCs.
Carlton Fitzpatrick is teaching a class of drug-war agents from the Third World, and he's very proud of their progress. Perhaps soon the sophisticated smuggling networks of the Medellin Cartel will be matched by a sophisticated computer network of the Medellin Cartel's sworn enemies. They'll track boats, track contraband, track the international drug-lords who now leap over borders with great ease, defeating the police through the clever use of fragmented national jurisdictions.
JICC and EPIC must remain beyond the scope of this book. They seem to me to be very large topics fraught with complications that I am not fit to judge. I do know, however, that the international, computer-assisted networking of police, across national boundaries, is something that Carlton Fitzpatrick considers very important, a harbinger of a desir-B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 2 9
able future. I also know that networks by their nature ignore physical boundaries. And I also know that where you put communications you put a community, and that when those communities become self-aware they will fight to preserve themselves and to expand their influence. I make no judgements whether this is good or bad. It's just cyberspace; it's just the way things are.
I asked Carlton Fitzpatrick what advice he would have for a twenty-year-old who wanted to shine someday in the world of electronic law enforcement.
He told me that the number one rule was simply not to be scared of computers. You don't need to be an obsessive "computer weenie," but you mustn't be buffaloed just because some machine looks fancy. The advantages computers give smart crooks are matched by the advantages they give smart cops. Cops in the future will have to enforce the law "with their heads, not their holsters." Today you can make good cases without ever leaving your office. In the future, cops who resist the computer revolution will never get far beyond walking a beat.
I asked Carlton Fitzpatrick if he had some single message for the public; some single thing that he would most like the American public to know about his work.
He thought about it while. "Yes," he said finally. "*Tell* me the rules, and I'll teach those rules!" He looked me straight in the eye. "I do the best that I can."
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 3 0
P A R T F O U R
THE CIVIL LIBERTARIANS
The story of the Hacker Crackdown, as we have followed it thus far, has been technological, subcultural, criminal and legal. The story of the Civil Libertarians, though it partakes of all those other aspects, is profoundly and thoroughly political.
In 1990, the obscure, long-simmering struggle over the ownership and nature of cyberspace became loudly and irretrievably public. People from some of the oddest corners of American society suddenly found themselves public figures. Some of these people found this situation much more than they had ever bargained for. They backpedalled, and tried to retreat back to the mandarin obscurity of their cozy subcultural niches. This was generally to prove a mistake.
But the civil libertarians seized the day in 1990. They found themselves organizing, propagandizing, podium-pounding, persuading, touring, negotiating, posing for publicity photos, submitting to interviews, squinting in the limelight as they tried a tentative, but growingly sophisticated, buck-and-wing upon the public stage.
It's not hard to see why the civil libertarians should have this competitive advantage.
The hackers of the digital underground are an hermetic elite. They find it hard to make any remotely convincing case for their actions in front of the general public. Actually, hackers roundly despise the "ignorant"
public, and have never trusted the judgement of "the system." Hackers do propagandize, but only among themselves, mostly in giddy, badly spelled manifestos of class warfare, youth rebellion or naive techie utopianism. Hackers must strut and boast in order to establish and preserve their underground reputations. But if they speak out too loudly B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 3 1
and publicly, they will break the fragile surface-tension of the underground, and they will be harrassed or arrested. Over the longer term, most hackers stumble, get busted, get betrayed, or simply give up. As a political force, the digital underground is hamstrung.
The telcos, for their part, are an ivory tower under protracted seige.
They have plenty of money with which to push their calculated public image, but they waste much energy and goodwill attacking one another with slanderous and demeaning ad campaigns. The telcos have suffered at the hands of politicians, and, like hackers, they don't trust the public's judgement. And this distrust may be well-founded. Should the general public of the high-tech 1990s come to understand its own best interests in telecommunications, that might well pose a grave threat to the specialized technical power and authority that the telcos have rel-ished for over a century. The telcos do have strong advantages: loyal employees, specialized expertise, influence in the halls of power, tactical allies in law enforcement, and unbelievably vast amounts of money.
But politically speaking, they lack genuine grassroots support; they simply don't seem to have many friends.
Cops know a lot of things other people don't know. But cops willingly reveal only those aspects of their knowledge that they feel will meet their institutional purposes and further public order. Cops have respect, they have responsibilities, they have power in the streets and even power in the home, but cops don't do particularly well in limelight.
When pressed, they will step out in the public gaze to threaten bad-guys, or to cajole prominent citizens, or perhaps to sternly lecture the naive and misguided. But then they go back within their time-honored fortress of the station-house, the courtroom and the rulebook.
The electronic civil libertarians, however, have proven to be born political animals. They seemed to grasp very early on the postmodern truism that communication is power. Publicity is power. Soundbites are power. The ability to shove one's issue onto the public agenda — and
keep it there — is power. Fame is power. Simple personal fluency and eloquence can be power, if you can somehow catch the public's eye and ear.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 3 2
The civil libertarians had no monopoly on "technical power" — though they all owned computers, most were not particularly advanced computer experts. They had a good deal of money, but nowhere near the earth-shaking wealth and the galaxy of resources possessed by telcos or federal agencies. They had no ability to arrest people. They carried out no phreak and hacker covert dirty-tricks.
But they really knew how to network.
Unlike the other groups in this book, the civil libertarians have operated very much in the open, more or less right in the public hurly-burly.
They have lectured audiences galore and talked to countless journalists, and have learned to refine their spiels. They've kept the cameras clicking, kept those faxes humming, swapped that email, run those photocopiers on overtime, licked envelopes and spent small fortunes on airfare and long-distance. In an information society, this open, overt, obvious activity has proven to be a profound advantage.
In 1990, the civil libertarians of cyberspace assembled out of nowhere in particular, at warp speed. This "group" (actually, a networking gaggle of interested parties which scarcely deserves even that loose term) has almost nothing in the way of formal organization. Those formal civil libertarian organizations which did take an interest in cyberspace issues, mainly the Computer Professionals for Social Responsibility and the American Civil Liberties Union, were carried along by events in 1990, and acted mostly as adjuncts, underwriters or launching-pads.
The civil libertarians nevertheless enjoyed the greatest success of any of the groups in the Crackdown of 1990. At this writing, their future looks rosy and the political initiative is firmly in their hands. This should be kept in mind as we study the highly unlikely lives and lifestyles of the people who actually made this happen.
_____
In June 1989, Apple Computer, Inc., of Cupertino, California, had a problem. Someone had illicitly copied a small piece of Apple's proprietary software, software which controlled an internal chip driving the Macintosh screen display. This Color QuickDraw source code was a B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 3 3
closely guarded piece of Apple's intellectual property. Only trusted Apple insiders were supposed to possess it.
But the "NuPrometheus League" wanted things otherwise. This person (or persons) made several illicit copies of this source code, perhaps as many as two dozen. He (or she, or they) then put those illicit floppy disks into envelopes and mailed them to people all over America: people in the computer industry who were associated with, but not directly employed by, Apple Computer.
The NuPrometheus caper was a complex, highly ideological, and very hacker-like crime. Prometheus, it will be recalled, stole the fire of the Gods and gave this potent gift to the general ranks of downtrodden mankind. A similar god-in-the-manger attitude was implied for the corporate elite of Apple Computer, while the "Nu" Prometheus had himself cast in the role of rebel demigod. The illicitly copied data was given away for free.
The new Prometheus, whoever he was, escaped the fate of the ancient Greek Prometheus, who was chained to a rock for centuries by the vengeful gods while an eagle tore and ate his liver. On the other hand, NuPrometheus chickened out somewhat by comparison with his role model. The small chunk of Color QuickDraw code he had filched and replicated was more or less useless to Apple's industrial rivals (or, in fact, to anyone else). Instead of giving fire to mankind, it was more as if NuPrometheus had photocopied the schematics for part of a Bic lighter. The act was not a genuine work of industrial espionage. It was best interpreted as a symbolic, deliberate slap in the face for the Apple corporate heirarchy.
Apple's internal struggles were well-known in the industry. Apple's founders, Jobs and Wozniak, had both taken their leave long since.
Their raucous core of senior employees had been a barnstorming crew of 1960s Californians, many of them markedly less than happy with the new button-down multimillion dollar regime at Apple. Many of the programmers and developers who had invented the Macintosh model in the early 1980s had also taken their leave of the company. It was they, not the current masters of Apple's corporate fate, who had invented the B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 3 4
stolen Color QuickDraw code. The NuPrometheus stunt was well-calculated to wound company morale.
Apple called the FBI. The Bureau takes an interest in high-profile intellectual-property theft cases, industrial espionage and theft of trade secrets. These were likely the right people to call, and rumor has it that the entities responsible were in fact discovered by the FBI, and then quietly squelched by Apple management. NuPrometheus was never publicly charged with a crime, or prosecuted, or jailed. But there were no further illicit releases of Macintosh internal software. Eventually the painful issue of NuPrometheus was allowed to fade.
In the meantime, however, a large number of puzzled bystanders found themselves entertaining surprise guests from the FBI.
One of these people was John Perry Barlow. Barlow is a most unusual man, difficult to describe in conventional terms. He is perhaps best known as a songwriter for the Grateful Dead, for he composed lyrics for
"Hell in a Bucket," "Picasso Moon," "Mexicali Blues," "I Need a Miracle," and many more; he has been writing for the band since 1970.
Before we tackle the vexing question as to why a rock lyricist should be interviewed by the FBI in a computer-crime case, it might be well to say a word or two about the Grateful Dead. The Grateful Dead are perhaps the most successful and long-lasting of the numerous cultural emanations from the Haight-Ashbury district of San Francisco, in the glory days of Movement politics and lysergic transcendance. The Grateful Dead are a nexus, a veritable whirlwind, of applique decals, psychedelic vans, tie-dyed T-shirts, earth-color denim, frenzied danc-ing and open and unashamed drug use. The symbols, and the realities, of Californian freak power surround the Grateful Dead like knotted macrame.
The Grateful Dead and their thousands of Deadhead devotees are radical Bohemians. This much is widely understood. Exactly what this implies in the 1990s is rather more problematic.
The Grateful Dead are among the world's most popular and wealthy B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 3 5
entertainers: number 20, according to Forbes magazine, right between M.C. Hammer and Sean Connery. In 1990, this jeans-clad group of purported raffish outcasts earned seventeen million dollars.
They have been earning sums much along this line for quite some time now.
And while the Dead are not investment bankers or three-piece-suit tax specialists — they are, in point of fact, hippie musicians — this money has not been squandered in senseless Bohemian excess. The Dead have been quietly active for many years, funding various worthy activities in their extensive and widespread cultural community.
The Grateful Dead are not conventional players in the American power establishment. They nevertheless are something of a force to be reckoned with. They have a lot of money and a lot of friends in many places, both likely and unlikely.
The Dead may be known for back-to-the-earth environmentalist rhetoric, but this hardly makes them anti-technological Luddites. On the contrary, like most rock musicians, the Grateful Dead have spent their entire adult lives in the company of complex electronic equipment.
They have funds to burn on any sophisticated tool and toy that might happen to catch their fancy. And their fancy is quite extensive.
The Deadhead community boasts any number of recording engineers, lighting experts, rock video mavens, electronic technicians of all descriptions. And the drift goes both ways. Steve Wozniak, Apple's co-founder, used to throw rock festivals. Silicon Valley rocks out.
These are the 1990s, not the 1960s. Today, for a surprising number of people all over America, the supposed dividing line between Bohemian and technician simply no longer exists. People of this sort may have a set of windchimes and a dog with a knotted kerchief 'round its neck, but they're also quite likely to own a multimegabyte Macintosh running MIDI synthesizer software and trippy fractal simulations. These days, even Timothy Leary himself, prophet of LSD, does virtual-reality computer-graphics demos in his lecture tours.
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 3 6
John Perry Barlow is not a member of the Grateful Dead. He is, however, a ranking Deadhead.
Barlow describes himself as a "techno-crank." A vague term like
"social activist" might not be far from the mark, either. But Barlow might be better described as a "poet" — if one keeps in mind Percy Shelley's archaic definition of poets as "unacknowledged legislators of the world."
Barlow once made a stab at acknowledged legislator status. In 1987, he narrowly missed the Republican nomination for a seat in the Wyoming State Senate. Barlow is a Wyoming native, the third-generation scion of a well-to-do cattle-ranching family. He is in his early forties, married and the father of three daughters.
Barlow is not much troubled by other people's narrow notions of consistency. In the late 1980s, this Republican rock lyricist cattle ranch-er sold his ranch and became a computer telecommunications devotee.
The free-spirited Barlow made this transition with ease. He genuinely enjoyed computers. With a beep of his modem, he leapt from small-town Pinedale, Wyoming, into electronic contact with a large and lively crowd of bright, inventive, technological sophisticates from all over the world. Barlow found the social milieu of computing attractive: its fast-lane pace, its blue-sky rhetoric, its open-endedness. Barlow began dabbling in computer journalism, with marked success, as he was a quick study, and both shrewd and eloquent. He frequently travelled to San Francisco to network with Deadhead friends. There Barlow made extensive contacts throughout the Californian computer community, including friendships among the wilder spirits at Apple.
In May 1990, Barlow received a visit from a local Wyoming agent of the FBI. The NuPrometheus case had reached Wyoming.
Barlow was troubled to find himself under investigation in an area of his interests once quite free of federal attention. He had to struggle to explain the very nature of computer-crime to a headscratching local FBI man who specialized in cattle-rustling. Barlow, chatting helpfully B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 3 7
and demonstrating the wonders of his modem to the puzzled fed, was alarmed to find all "hackers" generally under FBI suspicion as an evil influence in the electronic community. The FBI, in pursuit of a hacker called "NuPrometheus," were tracing attendees of a suspect group called the Hackers Conference.
The Hackers Conference, which had been started in 1984, was a yearly Californian meeting of digital pioneers and enthusiasts. The hackers of the Hackers Conference had little if anything to do with the hackers of the digital underground. On the contrary, the hackers of this conference were mostly well-to-do Californian high-tech CEOs, consultants, journalists and entrepreneurs. (This group of hackers were the exact sort of "hackers" most likely to react with militant fury at any criminal degradation of the term "hacker.")
Barlow, though he was not arrested or accused of a crime, and though his computer had certainly not gone out the door, was very troubled by this anomaly. He carried the word to the Well.
Like the Hackers Conference, "the Well" was an emanation of the Point Foundation. Point Foundation, the inspiration of a wealthy Californian 60s radical named Stewart Brand, was to be a major launch-pad of the civil libertarian effort.
Point Foundation's cultural efforts, like those of their fellow Bay Area Californians the Grateful Dead, were multifaceted and multitudinous.
Rigid ideological consistency had never been a strong suit of the Whole Earth Catalog. This Point publication had enjoyed a strong vogue during the late 60s and early 70s, when it offered hundreds of practical (and not so practical) tips on communitarian living, environmentalism, and getting back-to-the-land. The Whole Earth Catalog, and its sequels, sold two and half million copies and won a National Book Award.
With the slow collapse of American radical dissent, the Whole Earth Catalog had slipped to a more modest corner of the cultural radar; but in its magazine incarnation, CoEvolution Quarterly, the Point Foundation continued to offer a magpie potpourri of "access to tools and ideas."
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 3 8
CoEvolution Quarterly, which started in 1974, was never a widely popular magazine. Despite periodic outbreaks of millenarian fervor,
CoEvolution Quarterly failed to revolutionize Western civilization and replace leaden centuries of history with bright new Californian paradigms. Instead, this propaganda arm of Point Foundation cakewalked a fine line between impressive brilliance and New Age flakiness.
CoEvolution Quarterly carried no advertising, cost a lot, and came out on cheap newsprint with modest black-and-white graphics. It was poorly distributed, and spread mostly by subscription and word of mouth.
It could not seem to grow beyond 30,000 subscribers. And yet — it never seemed to shrink much, either. Year in, year out, decade in, decade out, some strange demographic minority accreted to support the magazine. The enthusiastic readership did not seem to have much in the way of coherent politics or ideals. It was sometimes hard to understand what held them together (if the often bitter debate in the letter-columns could be described as "togetherness").
But if the magazine did not flourish, it was resilient; it got by. Then, in 1984, the birth-year of the Macintosh computer, CoEvolution Quarterly suddenly hit the rapids. Point Foundation had discovered the computer revolution. Out came the Whole Earth Software Catalog of 1984, arousing headscratching doubts among the tie-dyed faithful, and rabid enthusiasm among the nascent "cyberpunk" milieu, present company included. Point Foundation started its yearly Hackers Conference, and began to take an extensive interest in the strange new possibilities of digital counterculture. CoEvolution Quarterly folded its teepee, replaced by Whole Earth Software Review and eventually by Whole Earth Review (the magazine's present incarnation, currently under the editorship of virtual-reality maven Howard Rheingold).
1985 saw the birth of the "WELL" — the "Whole Earth 'Lectronic Link."
The Well was Point Foundation's bulletin board system.
As boards went, the Well was an anomaly from the beginning, and remained one. It was local to San Francisco. It was huge, with multiple B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 3 9
phonelines and enormous files of commentary. Its complex UNIX-based software might be most charitably described as "user-opaque." It was run on a mainframe out of the rambling offices of a nonprofit cultural foundation in Sausalito. And it was crammed with fans of the Grateful Dead.
Though the Well was peopled by chattering hipsters of the Bay Area counterculture, it was by no means a "digital underground" board.
Teenagers were fairly scarce; most Well users (known as
"Wellbeings") were thirty-and forty-something Baby Boomers. They tended to work in the information industry: hardware, software, telecommunications, media, entertainment. Librarians, academics, and journalists were especially common on the Well, attracted by Point Foundation's open-handed distribution of "tools and ideas."
There were no anarchy files on the Well, scarcely a dropped hint about access codes or credit-card theft. No one used handles. Vicious "flame-wars" were held to a comparatively civilized rumble. Debates were sometimes sharp, but no Wellbeing ever claimed that a rival had disconnected his phone, trashed his house, or posted his credit card numbers.
The Well grew slowly as the 1980s advanced. It charged a modest sum for access and storage, and lost money for years — but not enough to hamper the Point Foundation, which was nonprofit anyway. By 1990, the Well had about five thousand users. These users wandered about a gigantic cyberspace smorgasbord of "Conferences", each conference itself consisting of a welter of "topics," each topic containing dozens, sometimes hundreds of comments, in a tumbling, multiperson debate that could last for months or years on end.
In 1991, the Well's list of conferences looked like this: CONFERENCES ON THE WELL
WELL "Screenzine" Digest (g zine)
Best of the WELL - vintage material - (g best)
Index listing of new topics in all conferences - (g new-tops)
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 4 0
Business - Education
----------------------
Apple Library Users Group(g alug)
Agriculture (g agri)
Brainstorming (g brain)
Classifieds (g cla)
Computer Journalism (g cj)
Consultants (g consult)
Consumers (g cons)
Design (g design)
Desktop Publishing (g desk)
Disability (g disability)
Education (g ed)
Energy (g energy91)
Entrepreneurs (g entre)
Homeowners (g home)
Indexing (g indexing)
Investments (g invest)
Kids91 (g kids)
Legal (g legal)
One Person Business (g one)
Periodical/newsletter(g per)
Telecomm Law (g tcl)
The Future (g fut)
Translators (g trans)
Travel (g tra)
Work (g work)
Electronic Frontier Foundation (g eff)
Computers, Freedom & Privacy (g cfp)
Computer Professionals for Social Responsibility (g cpsr) Social - Political - Humanities
---------------------------------
Aging (g gray)
AIDS (g aids)
Amnesty International (g amnesty)
Archives (g arc)
Berkeley (g berk)
Buddhist (g wonderland)
Christian (g cross)
Couples (g couples)
Current Events (g curr)
Dreams (g dream)
Drugs (g dru)
East Coast (g east)
Emotional Health**** (g private)
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 4 1
Erotica (g eros)
Environment (g env)
Firearms (g firearms)
First Amendment (g first)
Fringes of Reason (g fringes)
Gay (g gay)
Gay (Private) # (g gaypriv)
Geography (g geo)
German (g german)
Gulf War (g gulf)
Hawaii (g aloha)
Health (g heal)
History (g hist)
Holistic (g holi)
Interview (g inter)
Italian (g ital)
Jewish (g jew)
Liberty (g liberty)
Mind (g mind)
Miscellaneous (g misc)
Men on the WELL** (g mow)
Network Integration (g origin)
Nonprofits (g non)
North Bay (g north)
Northwest (g nw)
Pacific Rim (g pacrim)
Parenting (g par)
Peace (g pea)
Peninsula (g pen)
Poetry (g poetry)
Philosophy (g phi)
Politics (g pol)
Psychology (g psy)
Psychotherapy (g therapy)
Recovery## (g recovery)
San Francisco (g sanfran)
Scams (g scam)
Sexuality (g sex)
Singles (g singles)
Southern (g south)
Spanish (g spanish)
Spirituality (g spirit)
Tibet (g tibet)
Transportation (g transport)
True Confessions (g tru)
Unclear (g unclear)
WELL Writer's Workshop***(g www)
Whole Earth (g we)
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 4 2
Women on the WELL*(g wow)
Words (g words)
Writers (g wri)
**** Private Conference - mail wooly for entry
***Private conference - mail sonia for entry
** Private conference - mail flash for entry
Private conference - mail reva for entry
# Private Conference - mail hudu for entry
## Private Conference - mail dhawk for entry
Arts - Recreation - Entertainment
-----------------------------------
ArtCom Electronic Net (g acen)
Audio-Videophilia (g aud)
Bicycles (g bike)
Bay Area Tonight*(g bat)
Boating (g wet)
Books (g books)
CD's (g cd)
Comics (g comics)
Cooking (g cook)
Flying (g flying)
Fun (g fun)
Games (g games)
Gardening (g gard)
Kids (g kids)
Nightowls* (g owl)
Jokes (g jokes)
MIDI (g midi)
Movies (g movies)
Motorcycling (g ride)
Motoring (g car)
Music (g mus)
On Stage (g onstage)
Pets (g pets)
Radio (g rad)
Restaurant (g rest)
Science Fiction (g sf)
Sports (g spo)
Star Trek (g trek)
Television (g tv)
Theater (g theater)
Weird (g weird)
Zines/Factsheet Five(g f5)
Open from midnight to 6am
B R U C E S T E R L I N G — T H E H A C K E R C R A C K D O W N
NOT FOR COMMERCIAL USE
2 4 3
* Updated daily