Underground: Tales of Hacking, Madness and Obsession from the Electronic Frontier (31 page)
Read Underground: Tales of Hacking, Madness and Obsession from the Electronic Frontier Online
Authors: Suelette Dreyfus
Just another incredible scene
There’s no doubt about it
-- from ‘Read About It’, on 10, 9, 8, 7, 6, 5, 4, 3, 2, 1 by Midnight Oil
Pad had an important warning for the Australian hackers: the computer security community was closing in on them. It was the end of February 1990, not long after Phoenix and Electron had captured Zardoz and just missed out on Deszip. Pad didn’t scream or shout the warning, that wasn’t his style. But Electron took in the import of the warning loud and clear.
‘Feen, they know you did over Spaf’s machine,’ Pad told Phoenix. ‘They know it’s been you in other systems also. They’ve got your handle.’
Eugene Spafford was the kind of computer security expert who loses a lot of face when a hacker gets into his machine, and a wounded bull is a dangerous enemy.
The security people had been able to connect and link up a series of break-ins with the hacker who called himself Phoenix because his style was so distinctive. For example, whenever he was creating a root shell--root access--for himself, he would always save it in the same filename and in the same location on the
computer. In some instances, he even created accounts called ‘Phoenix’
for himself. It was this consistency of style which had made things so much easier for admins to trace his movements.
In his typical understated fashion, Pad suggested a change of style.
And maybe, he added, it wasn’t such a bad idea for the Australians to tone down their activities a bit. The undercurrent of the message was serious.
‘They said that some security people had contacted Australian law enforcement, who were supposed to be "dealing with it",’ Pad said.
‘Do they know my real name?’ Phoenix asked, worried. Electron was also watching this conversation with some concern.
‘Don’t know. Got it from Shatter. He’s not always reliable, but ...’
Pad was trying to soften the news by playing down Shatter’s importance as a source. He didn’t trust his fellow British hacker but Shatter had some good, if mysterious, connections. An enigmatic figure who seemed to keep one foot in the computer underworld and the other in the upright computer security industry, Shatter leaked information to Pad and Gandalf, and occasionally to the Australians.
While the two British hackers sometimes discounted Shatter’s advice, they also took the time to talk to him. Once, Electron had intercepted email showing Pengo had turned to Shatter for advice about his situation after the raid in Germany. With some spare time prior to his trial, Pengo asked Shatter whether it was safe to travel to the US on a summer holiday in 1989. Shatter asked for Pengo’s birthdate and other details. Then he returned with an unequivocal answer: Under no circumstances was Pengo to travel to the US.
Subsequently, it was reported that officials in the US Justice Department had been examining ways to secretly coax Pengo onto American soil, where they could seize him. They would then force him to face trial in their own courts.
Had Shatter known this? Or had he just told Pengo not to go to the US
because it was good commonsense? No-one was quite sure, but people took note of what Shatter told them.
‘Shatter definitely got the info right about Spaf’s machine. 100%
right,’ Pad continued. ‘He knew exactly how you hacked it. I couldn’t believe it. Be careful if you’re still hacking m8, especially on the Inet.’ The ‘Inet’ was shorthand for the Internet.
The Altos hackers went quiet.
‘It’s not just you,’ Pad tried to reassure the Australians. ‘Two security people from the US are coming to the UK to try and find out something about someone named Gandalf. Oh, and Gand’s mate, who might be called Patrick.’
Pad had indeed based his handle on the name Patrick, or Paddy, but that wasn’t his real name. No intelligent hacker would use his real name for his handle. Paddy was the name of one of his favourite university lecturers, an Irishman who laughed a good deal. Like Par’s name, Pad’s handle had coincidentally echoed a second meaning when the British hacker moved into exploring X.25 networks. An X.25 PAD is a packet assembler disassembler, the interface between the X.25 network and a modem or terminal server. Similarly, Gandalf, while being first and foremost the wizard from The Lord of The Rings, also happened to be a terminal server brand name.
Despite the gravity of the news that the security community was closing the net around them, none of the hackers lost their wicked sense of humour.
‘You know,’ Pad went on, ‘Spaf was out of the country when his machine got hacked.’
‘Was he? Where?’ asked Gandalf, who had just joined the conversation.
‘In Europe.’
Electron couldn’t resist. ‘Where was Spaf, Gandalf asks as he hears a knock on his door ...’
‘Haha,’ Gandalf laughed.
‘
‘Oh! Hello there, Mr Spafford,’ Gandalf typed, playing along.
‘Hello, I’m Gene and I’m mean!’
Alone in their separate homes on different corners of the globe, the four hackers chuckled to themselves.
‘Hello, and is this the man called Patrick?’ Pad jumped in.
‘Well, Mr Spafford, it seems you’re a right fucking idiot for not patching your FTP!’ Gandalf proclaimed.
‘Not to mention the CHFN bug--saved by a Sequent! Or you’d be very fucking embarrassed,’ Phoenix added.
Phoenix was laughing too, but he was a little nervous about Pad’s warning and he turned the conversation back to a serious note.
‘So, Pad, what else did Shatter tell you?’ Phoenix asked anxiously.
‘Not much. Except that some of the security investigations might be partly because of UCB.’
UCB was the University of California at Berkeley. Phoenix had been visiting machines at both Berkeley and LLNL so much recently that the admins seemed to have not only noticed him, but they had pinpointed his handle. One day he had telnetted into dewey.soe.berkeley.edu--the Dewey machine as it was known--and had been startled to find the following message of the day staring him in the face: Phoenix,
Get out of Dewey NOW!
Also, do not use any of the ‘soe’ machines.
Thank you,
Daniel Berger
Phoenix did a double take when he saw this public warning. Having been in and out of the system so many times, he just zoomed past the words on the login screen. Then, in a delayed reaction, he realised the login message was addressed to him.
Ignoring the warning, he proceeded to get root on the Berkeley machine and look through Berger’s files. Then he sat back, thinking about the best way to deal with the problem. Finally, he decided to send the admin a note saying he was leaving the system for good.
Within days, Phoenix was back in the Dewey machine, weaving in and out of it as if nothing had happened. After all, he had broken into the system, and managed to get root through his own wit. He had earned the right to be in the computer. He might send the admin a note to put him at ease, but Phoenix wasn’t going to give up accessing Berkeley’s computers just because it upset Daniel Berger.
‘See,’ Pad continued, ‘I think the UCB people kept stuff on their systems that wasn’t supposed to be there. Secret things.’
Classified military material wasn’t supposed to be stored on non-classified network computers. However, Pad guessed that sometimes researchers broke rules and took short cuts because they were busy thinking about their research and not the security implications.
‘Some of the stuff might have been illegal,’ Pad told his captive audience. ‘And then they find out some of you guys have been in there
...’
‘Shit,’ Phoenix said.
‘So, well, if it APPEARED like someone was inside trying to get at those secrets ...’ Pad paused. ‘Then you can guess what happened. It seems they really want to get whoever was inside their machines.’
There was momentary silence while the other hackers digested all that Pad had told them. As a personality on Altos, Pad remained ever so slightly withdrawn from the other hackers, even the Australians whom he considered mates. This reserved quality gave his warning a certain sobriety, which seeped into the very fabric of Altos that day.
Eventually, Electron responded to Pad’s warning by typing a comment directed at Phoenix: ‘I told you talking to security guys is nothing but trouble.’
It irritated Electron more and more that Phoenix felt compelled to talk to white hats in the security industry. In Electron’s view, drawing attention to yourself was just a bad idea all around and he was increasingly annoyed at watching Phoenix feed his ego. He had made veiled references to Phoenix’s bragging on Altos many times, saying things like ‘I wish people wouldn’t talk to security guys’.
Phoenix responded to Electron on-line somewhat piously. ‘Well, I will never talk to security guys seriously again.’
Electron had heard it all before. It was like listening to an alcoholic swear he would never touch another drink. Bidding the others goodbye, Electron logged off. He didn’t care to listen to Phoenix any more.
Others did, however. Hundreds of kilometres away, in a special room secreted away inside a bland building in Canberra, Sergeant Michael Costello and Constable William Apro had been methodically capturing each and every electronic boast as it poured from Phoenix’s phone. The two officers recorded the data transmissions passing in and out of his computer. They then played this recording into their own modem and computer and created a text file they could save and use as evidence in court.
Both police officers had travelled north from Melbourne, where they worked with the AFP’s Computer Crime Unit. Settling into their temporary desks with their PC and laptop, the officers began their secret eavesdropping work on 1 February 1990.
It was the first time the AFP had done a datatap. They were happy to
bide their time, to methodically record Phoenix hacking into Berkeley,
into Texas, into NASA, into a dozen computers around the world. The phone tap warrant was good for 60 days, which was more than enough time to secrete away a mountain of damning evidence against the egotistical Realm hacker. Time was on their side.
The officers worked the Operation Dabble job in shifts. Constable Apro arrived at the Telecommunications Intelligence Branch of the AFP at 8
p.m. Precisely ten hours later, at 6 the next morning, Sergeant Costello relieved Apro, who knocked off for a good sleep. Apro returned again at 8 p.m. to begin the night shift.
They were there all the time. Twenty-four hours a day. Seven days a week. Waiting and listening.
It was too funny. Erik Bloodaxe in Austin, Texas, couldn’t stop laughing. In Melbourne, Phoenix’s side hurt from laughing so much.
Phoenix loved to talk on the phone. He often called Erik, sometimes every day, and they spoke for ages. Phoenix didn’t worry about cost; he wasn’t paying for it. The call would appear on some poor sod’s bill and he could sort it out with the phone company.
Sometimes Erik worried a little about whether Phoenix wasn’t going to get himself in a jam making all these international calls. Not that he didn’t like talking to the Australian; it was a hoot. Still, the concern sat there, unsettled, in the back of his mind. A few times he asked Phoenix about it.
‘No prob. Hey, AT&T isn’t an Australian company,’ Phoenix would say.
‘They can’t do anything to me.’ And Erik had let it rest at that.
For his part, Erik didn’t dare call Phoenix, especially not since his little visit from the US Secret Service. On 1 March 1990, they burst into his home, with guns drawn, in a dawn raid. The agents searched everywhere, tearing the student house apart, but they didn’t find anything incriminating. They did take Erik’s $59 keyboard terminal with its chintzy little 300 baud modem, but they didn’t get his main computer, because Erik knew they were coming.
The Secret Service had subpoenaed his academic records, and Erik had heard about it before the raid. So when the Secret Service arrived, Erik’s stuff just wasn’t there. It hadn’t been there for a few weeks, but for Erik, they had been hard weeks. The hacker found himself suffering withdrawal symptoms, so he bought the cheapest home computer and modem he could find to tide him over.
That equipment was the only computer gear the Secret Service discovered, and they were not happy special agents. But without evidence, their hands were tied. No charges were laid.
Still, Erik thought he was probably being watched. The last thing he wanted was for Phoenix’s number to appear on his home phone bill. So he let Phoenix call him, which the Australian did all the time. They often talked for hours when Erik was working nights. It was a slack job, just changing the back-up tapes on various computers and making sure they didn’t jam. Perfect for a student. It left Erik hours of free time.
Erik frequently reminded Phoenix that his phone was probably tapped, but Phoenix just laughed. ‘Yeah, well don’t worry about it, mate. What are they going to do? Come and get me?’
After Erik put a hold on his own hacking activities, he lived vicariously, listening to Phoenix’s exploits. The Australian called him with a technical problem or an interesting system, and then they discussed various strategies for getting into the machine. However, unlike Electron’s talks with Phoenix, conversations with Erik weren’t only about hacking. They chatted about life, about what Australia was like, about girls, about what was in the newspaper that day. It was easy to talk to Erik. He had a big ego, like most hackers, but it was inoffensive, largely couched in his self-effacing humour.
Phoenix often made Erik laugh. Like the time he got Clifford Stoll, an astronomer, who wrote The Cuckoo’s Egg. The book described his pursuit of a German hacker who had broken into the computer system Stoll managed at Lawrence Berkeley Labs near San Francisco. The hacker had been part of the same hacking ring as Pengo. Stoll took a hard line on hacking, a position which did not win him popularity in the underground. Both Phoenix and Erik had read Stoll’s book, and one day they were sitting around chatting about it.
‘You know, it’s really stupid that Cliffy put his email address in his book,’ Phoenix said. ‘Hmm, why don’t I go check?’
