had been duped by Gill, he retreated into a state of denial and
depression. The PI community had trusted him. He entered his
friendship with Gill a bright-eyed, innocent young man looking for
adventure. He left the friendship betrayed and gun-shy.
Sad-eyed and feeling dark on the world, Craig Bowen turned off PI and
Zen forever.
[ ]
Sitting at his computer sometime in the second half of 1989, Force
stared at his screen without seeing anything, his mind a million miles
away. The situation was bad, very bad, and lost in thought, he toyed
with his mouse absent-mindedly, thinking about how to deal with this
problem.
The problem was that someone in Melbourne was going to be busted.
Force wanted to discount the secret warning, to rack it up as just
another in a long line of rumours which swept through the underground
periodically, but he knew he couldn't do that. The warning was rock
solid; it had come from Gavin.*
The way Force told it, his friend Gavin worked as a contractor to
Telecom by day and played at hacking at night. He was Force's little
secret, who he kept from the other members of The Realm. Gavin was
definitely not part of the hacker BBS scene. He was older, he didn't
even have a handle and he hacked alone, or with Force, because he saw
hacking in groups as risky.
As a Telecom contractor, Gavin had the kind of access to computers and
networks which most hackers could only dream about. He also had good
contacts inside Telecom--the kind who might answer a few tactfully
worded questions about telephone taps and line traces, or might know a
bit about police investigations requiring Telecom's help.
Force had met Gavin while buying some second-hand equipment through
the Trading Post. They hit it off, became friends and soon began
hacking together. Under the cover of darkness, they would creep into
Gavin's office after everyone else had gone home and hack all night.
At dawn, they tidied up and quietly left the building. Gavin went
home, showered and returned to work as if nothing had happened.
Gavin introduced Force to trashing. When they weren't spending the
night in front of his terminal, Gavin crawled through Telecom's
dumpsters looking for pearls of information on crumpled bits of office
paper. Account names, passwords, dial-up modems, NUAs--people wrote
all sorts of things down on scrap paper and then threw it out the next
day when they didn't need it any more.
According to Force, Gavin moved offices frequently, which made it
easier to muddy the trail. Even better, he worked from offices which
had dozens of employees making hundreds of calls each day. Gavin and
Force's illicit activities were buried under a mound of daily
legitimate transactions.
The two hackers trusted each other; in fact Gavin was the only person
to whom Force revealed the exact address of the CitiSaudi machine. Not
even Phoenix, rising star of The Realm and Force's favoured protégé,
was privy to all the secrets of Citibank uncovered during Force's
network explorations.
Force had shared some of this glittering prize with Phoenix, but not
all of it. Just a few of the Citibank cards--token trophies--and
general information about the Citibank network. Believing the
temptation to collect vast numbers of cards and use them would be too
great for the young Phoenix, Force tried to keep the exact location of
the Citibank machine a secret. He knew that Phoenix might eventually
find the Citibank system on his own, and there was little he could do
to stop him. But Force was determined that he wouldn't help Phoenix
get himself into trouble.
The Citibank network had been a rich source of systems--something
Force also kept to himself. The more he explored, the more he found in
the network. Soon after his first discovery of the CitiSaudi system,
he found a machine called CitiGreece which was just as willing to dump
card details as its Saudi-American counterpart. Out of fifteen or so
credit cards Force discovered on the system, only two appeared to be
valid. He figured the others were test cards and that this must be a
new site. Not long after the discovery of the CitiGreece machine, he
discovered similar embryonic sites in two other countries.
Force liked Phoenix and was impressed by the new hacker's enthusiasm
and desire to learn about computer networks.
Force introduced Phoenix to Minerva, just as Craig Bowen had done for
Force some years before. Phoenix learned quickly and came back for
more. He was hungry and, in Force's discerning opinion, very bright.
Indeed, Force saw a great deal of himself in the young hacker. They
were from a similarly comfortable, educated middle-class background.
They were also both a little outside the mainstream. Force's family
were migrants to Australia. Some of Phoenix's family lived in Israel,
and his family was very religious.
Phoenix attended one of the most Orthodox Jewish schools in Victoria,
a place which described itself as a `modern orthodox Zionist'
institution. Nearly half the subjects offered in year 9 were in Jewish
Studies, all the boys wore yarmulkes and the school expected students
to be fluent in Hebrew by the time they graduated.
In his first years at the school, Phoenix had acquired the nickname
`The Egg'. Over the following years he became a master at playing the
game--jumping through hoops to please teachers. He learned that doing
well in religious studies was a good way to ingratiate himself to
teachers, as well as his parents and, in their eyes at least, he
became the golden-haired boy.
Anyone scratching below the surface, however, would find the shine of
the golden-haired boy was merely gilt. Despite his success in school
and his matriculation, Phoenix was having trouble. He had been
profoundly affected by the bitter break-up and divorce of his parents
when he was about fourteen.
After the divorce, Phoenix was sent to boarding school in Israel for
about six months. On his return to Melbourne, he lived with his
younger sister and mother at his maternal grandmother's house. His
brother, the middle child, lived with his father.
School friends sometimes felt awkward visiting Phoenix at home. One of
his best friends found it difficult dealing with Phoenix's mother,
whose vivacity sometimes bordered on the neurotic and shrill. His
grandmother was a chronic worrier, who pestered Phoenix about using
the home phone line during thunderstorms for fear he would be
electrocuted. The situation with Phoenix's father wasn't much better.
A manager at Telecom, he seemed to waver between appearing
disinterested or emotionally cold and breaking into violent outbursts
of anger.
But it was Phoenix's younger brother who seemed to be the problem
child. He ran away from home at around seventeen and dealt in drugs
before eventually finding his feet. Yet, unlike Phoenix, his brother's
problems had been laid bare for all to see. Hitting rock bottom forced
him to take stock of his life and come to terms with his situation.
In contrast, Phoenix found less noticeable ways of expressing his
rebellion. Among them was his enthusiasm for tools of power--the
martial arts, weapons such as swords and staffs, and social
engineering. During his final years of secondary school, while still
living at his grandmother's home, Phoenix took up hacking. He hung
around various Melbourne BBSes, and then he developed an on-line
friendship with Force.
Force watched Phoenix's hacking skills develop with interest and after
a couple of months he invited him to join The Realm. It was the
shortest initiation of any Realm member, and the vote to include the
new hacker was unanimous. Phoenix proved to be a valuable member,
collecting information about new systems and networks for The Realm's
databases. At their peak of hacking activity, Force and Phoenix spoke
on the phone almost every day.
Phoenix's new-found acceptance contrasted with the position of
Electron, who visited The Realm regularly for a few months in 1988. As
Phoenix basked in the warmth of Force's approval, the
eighteen-year-old Electron felt the chill of his increasing scorn.
Force eventually turfed Electron and his friend, Powerspike, out of
his exclusive Melbourne club of hackers. Well, that was how Force told
it. He told the other members of The Realm that Electron had committed
two major sins. The first was that he had been wasting resources by
using accounts on OTC's Minerva system to connect to Altos, which
meant the accounts would be immediately tracked and killed.
Minerva admins such as Michael Rosenberg--sworn enemy of The
Realm--recognised the Altos NUA. Rosenberg was OTC's best defence
against hackers. He had spent so much time trying to weed them out of
Minerva that he knew their habits by heart: hack, then zoom over to
Altos for a chat with fellow hackers, then hack some more.
Most accounts on Minerva were held by corporations. How many
legitimate users from ANZ Bank would visit Altos? None. So when
Rosenberg saw an account connecting to Altos, he silently observed
what the hacker was doing--in case he bragged on the German chat
board--then changed the password and notified the client, in an effort
to lock the hacker out for good.
Electron's second sin, according to Force, was that he had been
withholding hacking information from the rest of the group. Force's
stated view--though it didn't seem to apply to him personally--was one
in, all in.
It was a very public expulsion. Powerspike and Electron told each
other they didn't really care. As they saw it, they might have visited
The Realm BBS now and then but they certainly weren't members of The
Realm. Electron joked with Powerspike, `Who would want to be a member
of a no-talent outfit like The Realm?' Still, it must have hurt.
Hackers in the period 1988-90 depended on each other for information.
They honed their skills in a community which shared intelligence and
they grew to rely on the pool of information.
Months later, Force grudgingly allowing Electron to rejoin The Realm,
but the relationship remained testy. When Electron finally logged in
again, he found a file in the BBS entitled `Scanner stolen from the
Electron'. Force had found a copy of Electron's VMS scanner on an
overseas computer while Electron was in exile and had felt no qualms
about pinching it for The Realm.
Except that it wasn't a scanner. It was a VMS Trojan. And there was a
big difference. It didn't scan for the addresses of computers on a
network. It snagged passwords when people connected from their VMS
computers to another machine over an X.25 network. Powerspike cracked
up laughing when Electron told him. `Well,' he told Powerspike, `Mr
Bigshot Force might know something about Prime computers, but he
doesn't know a hell of a lot about VMS.'
Despite Electron's general fall from grace, Phoenix talked to the
outcast because they shared the obsession. Electron was on a steep
learning curve and, like Phoenix, he was moving fast--much faster than
any of the other Melbourne hackers.
When Phoenix admitted talking to Electron regularly, Force tried to
pull him away, but without luck. Some of the disapproval was born of
Force's paternalistic attitude toward the Australian hacking scene. He
considered himself to be a sort of godfather in the hacking community.
But Force was also increasingly concerned at Phoenix's ever more
flagrant taunting of computer security bigwigs and system admins. In
one incident, Phoenix knew a couple of system admins and security
people were waiting on a system to trap him by tracing his network
connections. He responded by sneaking into the computer unnoticed and
quietly logging off each admin. Force laughed about it at the time,
but privately the story made him more than a little nervous.
Phoenix enjoyed pitting himself against the pinnacles of the computer
security industry. He wanted to prove he was better, and he frequently
upset people because often he was. Strangely, though, Force's protégé
also thought that if he told these experts about a few of the holes in
their systems, he would somehow gain their approval. Maybe they would
even give him inside information, like new penetration techniques,
and, importantly, look after him if things got rough. Force wondered
how Phoenix could hold two such conflicting thoughts in his mind at
the same time without questioning the logic of either.
It was against this backdrop that Gavin came to Force with his urgent
warning in late 1989. Gavin had learned that the Australian Federal
Police were getting complaints about hackers operating out of
Melbourne. The Melbourne hacking community had become very noisy and
was leaving footprints all over the place as its members traversed the
world's data networks.
There were other active hacking communities outside Australia--in the
north of England, in Texas, in New York. But the Melbourne hackers
weren't just noisy--they were noisy inside American computers. It
wasn't just a case of American hackers breaking into American systems.
This was about foreign nationals penetrating American computers. And
there was something else which made the Australian hackers a target.
The US Secret Service knew an Australian named Phoenix had been inside
Citibank, one of the biggest financial institutions in the US.
Gavin didn't have many details to give Force. All he knew was that an
American law enforcement agency--probably the Secret Service--had been
putting enormous pressure on the Australian government to bust these
people.
What Gavin didn't know was that the Secret Service wasn't the only
source of pressure coming from the other side of the Pacific. The FBI
had also approached the Australian Federal Police about the mysterious
but noisy Australian hackers who kept breaking into American systems,5
and the AFP had acted on the information.
In late 1989, Detective Superintendent Ken Hunt of the AFP headed an
investigation into the Melbourne hackers. It was believed to be the
first major investigation of computer crime since the introduction of
Australia's first federal anti-hacking laws. Like most law enforcement
agencies around the world, the AFP were new players in the field of
computer crime. Few officers had expertise in computers, let alone
computer crime, so this case would prove to be an important proving
ground.6
When Gavin broke the news, Force acted immediately. He called Phoenix
on the phone, insisting on meeting him in person as soon as possible.
As their friendship had progressed, they had moved from talking
on-line to telephone conversations and finally to spending time
together in person. Force sat Phoenix down alone and gave him a stern
warning. He didn't tell him how he got his information, but he made it
clear the source was reliable.
The word was that the police felt they had to bust someone. It had
come to the point where an American law enforcement officer had
reportedly told his Australian counterpart, `If you don't do something
about it soon, we'll do something about it ourselves'. The American
hadn't bothered to elaborate on just how they might do something about
it, but it didn't matter.
Phoenix looked suddenly pale. He had certainly been very noisy, and
was breaking into systems virtually all the time now. Many of those
systems were in the US.
He certainly didn't want to end up like the West German hacker
Hagbard, whose petrol-doused, charred remains had been discovered in a
German forest in June 1989.
An associate of Pengo's, Hagbard had been involved in a ring of German
hackers who sold the information they found in American computers to a
KGB agent in East Germany from 1986 to 1988.
In March 1989, German police raided the homes and offices of the
German hacking group and began arresting people. Like Pengo, Hagbard
had secretly turned himself into the German authorities months before
and given full details of the hacking ring's activities in the hope of
gaining immunity from prosecution.
American law enforcement agencies and prosecutors had not been
enthusiastic about showing the hackers any leniency. Several US
agencies, including the CIA and the FBI, had been chasing the German
espionage ring and they wanted stiff sentences, preferably served in
an American prison.
German court proceedings were under way when Hagbard's body was found.
Did he commit suicide or was he murdered? No-one knew for sure, but
the news shook the computer underground around the world. Hackers
discussed the issue in considerable depth. On the one hand, Hagbard
had a long history of mental instability and drug use, having spent
time in psychiatric hospitals and detoxification centres off and on
since the beginning of 1987. On the other hand, if you were going to
kill yourself, would you really want to die in the agony of a petrol
fire? Or would you just take a few too many pills or a quick bullet?
Whether it was murder or suicide, the death of Hagbard loomed large
before Phoenix. Who were the American law enforcement agencies after
in Australia? Did they want him?
No. Force reassured him, they were after Electron. The problem for
Phoenix was that he kept talking to Electron on the phone--in voice
conversations. If Phoenix continued associating with Electron, he too
would be scooped up in the AFP's net.
The message to Phoenix was crystal clear.
Stay away from Electron.
[ ]
`Listen, you miserable scum-sucking pig.'
`Huh?' Phoenix answered, only half paying attention.
`Piece of shit machine. I did all this editing and the damn thing
didn't save the changes,' Electron growled at the Commodore Amiga,
with its 512 k of memory, sitting on the desk in his bedroom.
It was January 1990 and both Phoenix and Electron were at home on
holidays before the start of university.
`Yeah. Wish I could get this thing working. Fucking hell. Work you!'
Phoenix yelled. Electron could hear him typing at the other end of the
phone while he talked. He had been struggling to get AUX, the Apple
version of Unix, running on his Macintosh SE30 for days.
It was difficult to have an uninterrupted conversation with Phoenix.
If it wasn't his machine crashing, it was his grandmother asking him
questions from the doorway of his room.
`You wanna go through the list? How big is your file?' Phoenix asked,
now more focused on the conversation.
`Huh? Which file?'
`The dictionary file. The words to feed into the password cracker,'
Phoenix replied.
Electron pulled up his list of dictionary words and looked
at it. I'm going to have to cut this list down a bit, he thought. The
dictionary was part of the password cracking program.
The larger the dictionary, the longer it took the computer to crack a
list of passwords. If he could weed out obscure words--words that
people were unlikely to pick as passwords--then he could make his
cracker run faster.
An efficient password cracker was a valuable tool. Electron would feed
his home computer a password file from a target computer, say from
Melbourne University, then go to bed. About twelve hours later, he
would check on his machine's progress.
If he was lucky, he would find six or more accounts--user names and
their passwords--waiting for him in a file. The process was completely
automated. Electron could then log into Melbourne University using the
cracked accounts, all of which could be used as jumping-off points for
hacking into other systems for the price of a local telephone call.
Cracking Unix passwords wasn't inordinately difficult,
provided the different components of the program, such as the
dictionary, had been set up properly. However, it was time-consuming.
The principle was simple. Passwords, kept in password files with their
corresponding user names, were encrypted. It was as impossible to
reverse the encryption process as it was to unscramble an omelette.
Instead, you needed to recreate the encryption process and compare the
results.
There were three basic steps. First, target a computer and get a copy
of its password file. Second, take a list of commonly used passwords,
such as users' names from the password file or words from a
dictionary, and encrypt those into a second list. Third, put the two
lists side by side and compare them. When you have a match, you have
found the password.
However, there was one important complication: salts. A salt changed
the way a password was encrypted, subtly modifying the way the DES
encryption algorithm worked. For example, the word `Underground'
encrypts two different ways with two different salts: `kyvbExMcdAOVM'
or `lhFaTmw4Ddrjw'. The first two characters represent the salt, the
others represent the password. The computer chooses a salt randomly
when it encrypts a user's password. Only one is used, and there are
4096 different salts. All Unix computers use salts in their password
encryption process.
Salts were intended to make password cracking far more difficult, so a
hacker couldn't just encrypt a dictionary once and then compare it to
every list of encrypted passwords he came across in his hacking
intrusions. The 4096 salts mean that a hacker would have to use 4096
different dictionaries--each encrypted with a different salt--to
discover any dictionary word passwords.
On any one system penetrated by Electron, there might be only 25
users, and therefore only 25 passwords, most likely using 25 different
salts. Since the salt characters were stored immediately before the
encrypted password, he could easily see which salt was being used for
a particular password. He would therefore only have to encrypt a
dictionary 25 different times.
Still, even encrypting a large dictionary 25 times using different
salts took up too much hard-drive space for a basic home computer. And
that was just the dictionary. The most sophisticated cracking programs
also produced `intelligent guesses' of passwords. For example, the
program might take the user's name and try it in both upper- and
Share with your friends: |