Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker (37 page)

Finally I thought of an avenue I had never explored. Eric had encyclopedic knowledge about the Poulsen case. He claimed to have accompanied Kevin Poulsen on several PacBell break-ins and boasted that the two of them had found SAS together.

Hours and hours online, scouring databases like Westlaw and LexisNexis for newspaper and magazine articles that made any mention of Eric, had yielded nothing. If he had really done the things with Poulsen that he said he had, maybe I could work backward by searching for the names of Poulsen’s other known cohorts.

Eureka! In no time at all, I found an article on LexisNexis that named two Poulsen codefendants, Robert Gilligan and Mark Lottor. Maybe one of
these
guys was the phony Eric Heinz. I got on the phone immediately, hiding my excitement as I called the law enforcement telephone number at the California DMV and ran both codefendants’ driver’s licenses.

Dead end. One guy was too short to be Eric, the other too heavy.

I kept at it. And then one day, on Westlaw, I found an article that had just been published. A small newspaper, the
Daily News
of Los Angeles, had carried a story about Poulsen’s case coming up for trial. The piece gave the names of two others charged as Poulsen coconspirators, Ronald Mark Austin and Justin Tanner Petersen.

I was familiar with Austin and knew what he looked like; he definitely wasn’t Eric. But Petersen? Holding my hopes in check and ready to be disappointed again, I called the DMV and had the clerk read me Petersen’s physical description.

She said he had brown hair and brown eyes, was six feet tall, and weighed 145 pounds. I had always thought of Eric’s hair color as being blond, but otherwise the description fit him to a T.

I had finally cracked his cover. I now knew the real name of the man who called himself Eric Heinz. And he wasn’t a Fed; he was just a snitch, trying to trap me and probably as many other hackers as he could to save his own ass.

After all of that work—all of my thinking and worrying about who and what Eric was—I was smiling from ear to ear. I was elated. The FBI was so proud of its global reputation, but hadn’t been able to protect a snitch from being unmasked by one lone hacker.

With my South Dakota research and my weekend of skiing behind me, it was time for my first day of work at the law firm. I was shown to a desk in an office inside the computer room, adjacent to the desks of two other members of the department’s staff, Liz and Darren. Both made me feel welcome, which I was coming to find was typical of Denver, where the people seemed laid-back, open, and friendly. Ginger, although a coworker, had an office on the other side of the computer room; she, too, was very friendly.

I was starting to get comfortable with my new life, while at the same time never forgetting that at any moment I might be forced to run to avoid being locked up again in the tiny coffin of a cell in solitary. Still, working at a law firm came with some unexpected benefits. The firm occupied five floors near the top in the posh fifty-story skyscraper known as the Cash Register building because the top of the building was curved like a cash register. After hours, I’d log on to the Westlaw account and read law books in the law library, researching how to get out of the scrape I had gotten myself into.

M
y main duties in the Information Technology Department at the law firm fell into the “computer operations” category: solving problems with printers and computer files, converting files from WordPerfect to Word and several other formats, writing scripts to automate procedures, and doing system and network administration tasks. I was also given a couple of major projects: connecting the firm to the Internet (this was just when the Internet was beginning to be much more widely used) and installing and managing a product called SecurID, which provides “two-form-factor” authentication. Authorized users have to provide the six-digit code displayed on the SecurID device in conjunction with a secret PIN for remote access to the firm’s computer systems.

One of my collateral duties—and I couldn’t have designed this better if I had been handing out job assignments myself—was a shared responsibility for supporting the firm’s telephone billing management system. That meant studying the telephone accounting application, on company time, no less. This was how I learned exactly where to add some programming instructions that would turn the application into an early-warning system for me.

I wrote a script that would check every outgoing phone call from the law firm against a hit list of area codes and telephone prefixes. And my list of numbers included, guess what? Right: the FBI and U.S. Attorney’s offices in Los Angeles and Denver. If a call was made to any number
within those agencies, the script I wrote would send a message to my pager with the code “6565”—easy for me to remember because it was the last four digits of the main number assigned to the Los Angeles FBI office.

While I was at the firm, I actually got that code twice, and it scared the crap out of me both times. On each occasion, I waited a few minutes with a knot in my stomach, then looked up the number that had been called and dialed it myself.

Both times the call had been placed to the U.S. Attorney’s Office in Los Angeles… but to the Civil Division, not the Criminal Division. Whew!

In my spare time, I was still working out at the YMCA every day, of course, and still keeping busy with my hacking projects, of course. But I was also finding time to enjoy the variety of activities that Denver had to offer. The planetarium, besides reawakening a childhood interest in astronomy, also offered laser light shows accompanied by rock music, often from favorite bands of mine like Pink Floyd, Journey, and the Doors—a really enjoyable experience.

I was starting to settle into my new cover identity, becoming more sociable. Sometimes I’d go to one of the local dance clubs, just to find people to talk to. I met a girl I dated a few times, but I didn’t think it would be fair to her for us to get more involved: if I got picked up by the Feds, anyone I was close to could be put in a very uncomfortable situation, either being leaned on to give evidence against me or maybe even becoming a suspect herself. And, too, there was always a chance that I’d say something to give myself away, or she might spot some documents identifying me by some other name, or overhear a phone call. Pillow talk can have its dangers. From comments by fellow prisoners while I was in custody, I had learned that most had been ratted out by their significant others. I wasn’t going to make the same mistake.

There was a bookstore in the Cherry Creek area of Denver called the Tattered Cover, where I’d drink my fill of coffee and read computer books one after another. I tried a few of the rock clubs, but they drew a heavy-metal crowd of brawny guys with tats, so I felt more than a little out of place.

Sometimes I’d just go bike riding and enjoy the scenery, the glorious Denver scenery with all those mountains, so beautifully snowcapped in
winter. Or visit a casino on one of the nearby Indian reservations to play a little blackjack.

I always looked forward to my next conversation with my mom, using those prearranged signals where she’d call from one of the casinos. Sometimes Gram would be with her. Those calls were so important to me, making me feel happy inside and giving me strength, though they were a great inconvenience to my family and a huge risk for me, should the Feds decide to step up their surveillance. It was hard not being closer to my mom and grandmother, who had showered me with so much love, caring, and support.

Meanwhile, to change my appearance and maybe also as a natural part of approaching the age of thirty, I let my hair grow long, so it eventually reached shoulder length.

I liked a lot of things about my new life.

After several months in Denver, I was ready for a trip to see my family, traveling this time by Amtrak. Mom and Gram came to the train station to pick me up. Now that my hair was long and my mustache had sprouted, my own mother almost didn’t recognize me. It was a really cool reunion, and I entertained them with stories about my job and my coworkers at the law firm.

I was able to feel more relaxed in Vegas now, thanks to my credentials as Eric Weiss, but I was still cautious. My mom and I would meet in unlikely locations. I’d get into her car in a parking garage and lie down in the backseat until she had driven into her own garage at home and closed the door. She fussed over me and made foods I liked, pressing seconds on me even as she told me how pleased she was that I still looked trim and fit.

I could see how much strain this whole thing had put on Gram, but even more so on my mom. Though she was happy and comforted to see me, having me there in person seemed to make her that much more aware of how much she missed me and how worried she was about my safety in Denver. And I constantly felt her conflict between cherishing my visit and fearing that my being in her company put me in much graver danger.

In the week I was there, we probably got together a dozen times.

Back in Denver, the atmosphere at work soon slid downhill after my boss, the easygoing Lori, left the firm to join her husband in running their own business, Rocky Mountain Snowboards. Her replacement, a thin brunette named Elaine Hill, was not as friendly. Though quite smart, she struck me as calculating and was a schoolteacher type, not a “people person” like Lori.

My coworkers in IT were so different from one another that they seemed almost like the characters in a play. Ginger, who had big teeth and was a bit on the pudgy side, was thirty-one and married. She took something of a liking to me, and we enjoyed a little playful banter at times. Still, I don’t think I did anything to suggest I had any sort of sexual interest in her—and certainly nothing to justify a couple of remarks she made to me around the office. She commented late one evening when we were both in the computer room: “I wonder what would happen if you had me laid out on this table and somebody walked in?”
Huh?

Or maybe those come-ons of hers were actually intended to disarm me, so I wouldn’t become suspicious of her.

Back in LA before I went on the run, one of the people in my social circle with Lewis had been a guy named Joe McGuckin, a doughy guy with a round face and a sizable belly, bespectacled, close-shaven but still looking like he had a day’s growth, his brown hair hanging partway down his forehead in girly bangs. The three of us used to hang out together, so often eating at Sizzler and then going to a movie afterward that Lewis and I nicknamed him “Sizzler and a Movie.”

In a conversation we had while I was living in Denver, Lewis told me that Joe had given him an account on a Sun workstation he had at home. Lewis passed the credentials along to me, with a request. He was hoping I could get root on Joe’s workstation and then tell him how I got in, so he could needle Joe about it. That sounded to me like an interesting opportunity: since Joe was a contractor for Sun Microsystems, he very likely had the ability to remotely access the company’s network, which might be a way for me to hack into Sun.

Whenever we had discussed hacking back in those days in LA, Joe had always insisted that his workstation was as secure as Fort Knox. I thought,
Oh, I’m going to have fun messing with him
. Our love of pulling
pranks was a common trait that had drawn Lewis and me together ever since our pranks with the drive-up windows at McDonald’s. I called Joe’s home phone number first to make sure he wasn’t there, then dialed the modem line at his house. Once I had logged in using Lewis’s account, it took me only a few minutes to discover that Joe hadn’t kept his security patches up to date. So much for Fort Knox. By exploiting a flaw in a program called “rdist,” I popped root on his system.
Let the games begin
. When I listed the processes he was running, I was surprised to see “crack,” the popular program for cracking passwords, written by a guy named Alec Muffett. Why would Joe be running that?

It didn’t take long to find the password file that crack was working on. I stared at the screen, stunned by what I was seeing.

Joe McGuckin, Sun Microsystems contractor, was cracking the passwords of the company’s Engineering Group.

I couldn’t fucking believe this. It was as if I had just taken a walk in the park and found a bag of hundred-dollar bills.

After I copied off the cracked passwords, my next hunt was through Joe’s emails, searching on the keywords
modem
and
dial-up
. Bingo! I found an internal Sun email containing the information I was hoping for. It read, in part:

I also copied the original Sun password files (which contained the encrypted password hashes) that Joe was in the process of cracking, in case I lost access to his machine. Included in the cracked-password list was Joe’s own Sun password, which as I recall was something like “party5.” (Crack had broken that one, too.) A walk in the park.