Suelette dreyfus julian assange



Download 6.15 Mb.
Page28/43
Date03.05.2017
Size6.15 Mb.
1   ...   24   25   26   27   28   29   30   31   ...   43

mother quickly slipped into a back lane and the friend leapt from the

car. She drove off, taking the police tail with her.

The plain-clothed police pulled her over shortly after, searched her

car and demanded to know where her friend had gone and what had

occurred at the meeting. When she was less than helpful, one officer

told her, `You have a child out at 2 in the morning. I think you

should get out of politics, lady. It could be said you were an unfit

mother'.


A few days after this thinly veiled threat, her friend showed up at

Mendax's mother's house, covered in fading bruises. He said the police

had beaten him up, then set him up by planting hash on him. `I'm

getting out of politics,' he announced.

However, she and her husband continued their involvement in theatre.

The young Mendax never dreamed of running away to join the circus--he

already lived the life of a travelling minstrel. But although the

actor-director was a good stepfather, he was also an alcoholic. Not

long after Mendax's ninth birthday, his parents separated and then

divorced.

Mendax's mother then entered a tempestuous relationship with an

amateur musician. Mendax was frightened of the man, whom he considered

a manipulative and violent psychopath. He had five different

identities with plastic in his wallet to match. His whole background

was a fabrication, right down to the country of his birth. When the

relationship ended, the steady pattern of moving around the

countryside began again, but this journey had a very different flavour

from the earlier happy-go-lucky odyssey. This time, Mendax and his

family were on the run from a physically abusive de facto. Finally,

after hiding under assumed names on both sides of the continent,

Mendax and his family settled on the outskirts of Melbourne.

Mendax left home at seventeen because he had received a tip-off about

an impending raid. Mendax wiped his disks, burnt his print-outs and

left. A week later, the Victorian CIB turned up and searched his room,

but found nothing. He married his girlfriend, an intelligent but

introverted and emotionally disturbed sixteen-year-old he had met

through a mutual friend in a gifted children's program. A year later

they had a child.

Mendax made many of his friends through the computer community. He

found Trax easy to talk to and they often spent up to five hours on a

single phone call. Prime Suspect, on the other hand, was hard work on

the phone.

Quiet and introverted, Prime Suspect always seemed to run out of

conversation after five minutes. Mendax was himself naturally shy, so

their talks were often filled with long silences. It wasn't that

Mendax didn't like Prime Suspect, he did. By the time the three

hackers met in person at Trax's home in mid-1991, he considered Prime

Suspect more than just a fellow hacker in the tight-knit IS circle.

Mendax considered him a friend.

Prime Suspect was a boy of veneers. To most of the world, he appeared

to be a studious year 12 student bound for university from his upper

middle-class grammar school. The all-boys school never expected less

from its students and the possibility of attending a TAFE--a

vocational college--was never discussed as an option. University was

the object. Any student who failed to make it was quietly swept under

the carpet like some sort of distasteful food dropping.

Prime Suspect's own family situation did not mirror the veneer of

respectability portrayed by his school. His father, a pharmacist, and

his mother, a nurse, had been in the midst of an acrimonious divorce

battle when his father was diagnosed with terminal cancer. In this

bitter, antagonistic environment, the eight-year-old Prime Suspect was

delivered to his father's bedside in hospice for a rushed few moments

to bid him farewell.

Through much of his childhood and adolescence, Prime Suspect's mother

remained bitter and angry about life, and particularly her

impoverished financial situation. When he was eight, Prime Suspect's

older sister left home at sixteen, moved to Perth and refused to speak

to her mother. In some ways, Prime Suspect felt he was expected be

both child and de facto parent. All of which made him grow up faster

in some ways, but remain immature in others.

Prime Suspect responded to the anger around him by retreating into his

room. When he bought his first computer, an Apple IIe, at age thirteen

he found it better company than any of his relatives. The computers at

school didn't hold much interest for him, since they weren't connected

to the outside world via modem. After reading about BBSes in the Apple

Users' Society newsletter, he saved up for his own modem and soon

began connecting into various BBSes.

School did, however, provide the opportunity to rebel, albeit

anonymously, and he conducted extensive pranking campaigns. Few

teachers suspected the quiet, clean-cut boy and he was rarely caught.

Nature had endowed Prime Suspect with the face of utter innocence.

Tall and slender with brown curly hair, his true character only showed

in the elfish grin which sometimes passed briefly across his baby

face. Teachers told his mother he was underachieving compared to his

level of intelligence, but had few complaints otherwise.

By year 10, he had become a serious hacker and was spending every

available moment at his computer. Sometimes he skipped school, and he

often handed assignments in late. He found it difficult to come up

with ever more creative excuses and sometimes he imagined telling his

teachers the truth. `Sorry I didn't get that 2000-word paper done but

I was knee-deep in NASA networks last night.' The thought made him

laugh.


He saw girls as a unwanted distraction from hacking. Sometimes, after

he chatted with a girl at a party, his friends would later ask him why

he hadn't asked her out. Prime Suspect shrugged it off. The real

reason was that he would rather get home to his computer, but he never

discussed his hacking with anyone at school, not even with Mentat.

A friend of Force's and occasional visitor to The Realm, Mentat was

two years ahead of Prime Suspect at school and in general couldn't be

bothered talking to so junior a hacker as Prime Suspect. The younger

hacker didn't mind. He had witnessed other hackers' indiscretions,

wanted no part of them and was happy to keep his hacking life private.

Before the Realm bust, Phoenix rang him up once at 2 a.m. suggesting

that he and Nom come over there and then. Woken by the call, Prime

Suspect's mother stood in the doorway to his bedroom, remonstrating

with him for letting his `friends' call at such a late hour. With

Phoenix goading him in one ear, and his mother chewing him out in the

other, Prime Suspect decided the whole thing was a bad idea. He said

no thanks to Phoenix, and shut the door on his mother.

He did, however, talk to Powerspike on the phone once in a while. The

older hacker's highly irreverent attitude and Porky Pig laugh appealed

to him. But other than those brief talks, Prime Suspect avoided

talking on the phone to people outside the International Subversives,

especially when he and Mendax moved into ever more sensitive military

computers.

Using a program called Sycophant written by Mendax, the IS hackers had

been conducting massive attacks on the US military. They divided up

Sycophant on eight attack machines, often choosing university systems

at places like the Australian National University or the University of

Texas. They pointed the eight machines at the targets and fired.

Within six hours, the eight machines had assaulted thousands of

computers. The hackers sometimes reaped 100000 accounts each night.

Using Sycophant, they essentially forced a cluster of Unix machines in

a computer network to attack the entire Internet en masse.

And that was just the start of what they were into. They had been in

so many sites they often couldn't remember if they

had actually hacked a particular computer. The places they could

recall read like a Who's Who of the American military-industrial

complex. The US Airforce 7th Command Group Headquarters in the

Pentagon. Stanford Research Institute in California. Naval Surface

Warfare Center in Virginia. Lockheed Martin's Tactical Aircraft

Systems Air Force Plant in Texas. Unisys Corporation in Blue Bell,

Pennsylvania. Goddard Space Flight Center, NASA. Motorola Inc. in

Illinois. TRW Inc. in Redondo Beach, California. Alcoa in Pittsburgh.

Panasonic Corp in New Jersey. US Naval Undersea Warfare Engineering

Station. Siemens-Nixdorf Information Systems in Massachusetts.

Securities Industry Automation Corp in New York. Lawrence Livermore

National Laboratory in California. Bell Communications Research, New

Jersey. Xerox Palo Alto Research Center, California.

As the IS hackers reached a level of sophistication beyond anything

The Realm had achieved, they realised that progress carried

considerable risk and began to withdraw completely from the broader

Australian hacking community. Soon they had drawn a tight circle

around themselves. They talked only to each other.

Watching the Realm hackers go down hadn't deterred the next generation

of hackers. It had only driven them further underground.

In the spring of 1991, Prime Suspect and Mendax began a race to get

root on the US Department of Defense's Network Information Center

(NIC) computer--potentially the most important computer on the

Internet.

As both hackers chatted amiably on-line one night, on a Melbourne

University computer, Prime Suspect worked quietly in another screen to

penetrate ns.nic.ddn.mil, a US Department of Defense system closely

linked to NIC. He believed the sister system and NIC might `trust'

each other--a trust he could exploit to get into NIC. And NIC did

everything.

NIC assigned domain names--the `.com' or `.net' at the end of an email

address--for the entire Internet. NIC also controlled the US

military's own internal defence data network, known as MILNET.

NIC also published the communication protocol standards for all of the

Internet. Called RFCs (Request for Comments), these technical

specifications allowed one computer on the Internet to talk to

another. The Defense Data Network Security Bulletins, the US

Department of Defense's equivalent of CERT advisories, came from the

NIC machine.

Perhaps most importantly, NIC controlled the reverse look-up service

on the Internet. Whenever someone connects to another site across the

Internet, he or she typically types in the site name--say,

ariel.unimelb.edu.au at the University of Melbourne. The computer then

translates the alphabetical name into a numerical address--the IP

address--in this case 128.250.20.3. All the computers on the Internet

need this IP address to relay the packets of data onto the final

destination computer. NIC decided how Internet computers would

translate the alphabetical name into an IP address, and vice versa.

If you controlled NIC, you had phenomenal power on the Internet. You

could, for example, simply make Australia disappear. Or you could turn

it into Brazil. By pointing all Internet addresses ending in

`.au'--the designation for sites in Australia--to Brazil, you could

cut Australia's part of the Internet off from the rest of the world

and send all Australian Internet traffic to Brazil. In fact, by

changing the delegation of all the domain names, you could virtually

stop the flow of information between all the countries on the

Internet.

The only way someone could circumvent this power was by typing in the

full numerical IP address instead of a proper alphabetical address.

But few people knew the up-to-twelve-digit IP equivalent of their

alphabetical addresses, and fewer still actually used them.

Controlling NIC offered other benefits as well. Control NIC, and you

owned a virtual pass-key into any computer on the Internet which

`trusted' another. And most machines trust at least one other system.

Whenever one computer connects to another across the Net, both

machines go through a special meet-and-greet process. The receiving

computer looks over the first machine and asks itself

a few questions. What's the name of the incoming machine?

Is that name allowed to connect to me? In what ways am I

programmed to `trust' that machine--to wave my normal security for

connections from that system?

The receiving computer answers these questions based in large part on

information provided by NIC. All of which means that, by controlling

NIC, you could make any computer on the Net `pose' as a machine

trusted by a computer you might want to hack. Security often depended

on a computer's name, and NIC effectively controlled that name.

When Prime Suspect managed to get inside NIC's sister system, he told

Mendax and gave him access to the computer. Each hacker then began his

own attack on NIC. When Mendax finally got root on NIC, the power was

intoxicating. Prime Suspect got root at the same time but using a

different method. They were both in.

Inside NIC, Mendax began by inserting a backdoor--a method of getting

back into the computer at a later date in case an admin repaired the

security flaws the hackers had used to get into the machine. From now

on, if he telnetted into the system's Data Defense Network (DDN)

information server and typed `login 0' he would have instant,

invisible root access to NIC.

That step completed, he looked around for interesting things to read.

One file held what appeared to be a list of satellite and microwave

dish coordinates--longitude, latitudes, transponder frequencies. Such

coordinates might in theory allow someone to build a complete map of

communications devices which were used to move the DOD's computer data

around the world.

Mendax also penetrated MILNET's Security Coordination Center, which

collected reports on every possible security incident on a MILNET

computer. Those computers--largely TOPS-20s made by DEC--contained

good automatic security programs. Any number of out-of-the-ordinary

events would trigger an automatic security report. Someone logging

into a machine for too long. A large number of failed login attempts,

suggesting password guessing. Two people logging into the same account

at the same time. Alarm bells would go off and the local computer

would immediately send a security violation report to the MILNET

security centre, where it would be added to the `hot list'.

Mendax flipped through page after page of MILNET's security reports on

his screen. Most looked like nothing--MILNET users accidentally

stumbling over a security tripwire--but one notice from a US military

site in Germany stood out. It was not computer generated. This was

from a real human being. The system admin reported that someone had

been repeatedly trying to break into his or her machine, and had

eventually managed to get in. The admin was trying, without much luck,

to trace back the intruder's connection to its point of origin. Oddly,

it appeared to originate in another MILNET system.

Riffling through other files, Mendax found mail confirming that the

attack had indeed come from inside MILNET. His eyes grew wide as he

read on. US military hackers had broken into MILNET systems, using

them for target practice, and no-one had bothered to tell the system

admin at the target site.

Mendax couldn't believe it. The US military was hacking its own

computers. This discovery led to another, more disturbing, thought. If

the US military was hacking its own computers for practice, what was

it doing to other countries' computers?

As he quietly backed out of the system, wiping away his footprints as

he tip-toed away, Mendax thought about what he had seen. He was deeply

disturbed that any hacker would work for the US military.

Hackers, he thought, should be anarchists, not hawks.

In early October 1991, Mendax rang Trax and gave him the dial-up and

account details for NMELH1.

Trax wasn't much of a hacker, but Mendax admired his phreaking

talents. Trax was the father of phreaking in Australia and Trax's

Toolbox, his guide to the art of phreaking, was

legendary. Mendax thought Trax might find some interesting detailed

information inside the NorTel network on how to

control telephone switches.

Trax invented multi-frequency code phreaking. By sending special

tones--generated by his computer program--down the phone line, he

could control certain functions in the telephone exchange. Many

hackers had learned how to make free phone calls by charging the cost

to someone else or to calling cards, but Trax discovered how to make

phone calls which weren't charged to anyone. The calls weren't just

free; they were untraceable.

Trax wrote 48 pages on his discovery and called it The Australian

Phreakers Manual Volumes 1-7. But as he added more and more to the

manual, he became worried what would happen if he released it in the

underground, so he decided he would only show it to the other two

International Subversive hackers.

He went on to publish The Advanced Phreaker's Manual,2 a second

edition of the manual, in The International Subversive, the

underground magazine edited by Mendax:

An electronic magazine, The International Subversive had a simple

editorial policy. You could only have a copy of the magazine if you

wrote an `article'. The policy was a good way of protecting against

nappies--sloppy or inexperienced hackers who might accidentally draw

police attention. Nappies also tended to abuse good phreaking and

hacking techniques, which might cause Telecom to close up security

holes. The result was that IS had a circulation of just three people.

To a non-hacker, IS looked like gobbledygook--the phone book made more

interesting reading. But to a member of the computer underground, IS

was a treasure map. A good hacker could follow the trail of modem

phone numbers and passwords, then use the directions in IS to

disappear through secret entrances into the labyrinth of forbidden

computer networks. Armed with the magazine, he could slither out of

tight spots, outwit system admins and find the treasure secreted in

each computer system.

For Prime Suspect and Mendax, who were increasingly paranoid about

line traces from the university modems they used as launchpads, Trax's

phreaking skills were a gift from heaven.

Trax made his great discovery by accident. He was using a phone

sprinter, a simple computer program which automatically dialled a

range of phone numbers looking for modems. If he turned the volume up

on his modem when his computer dialled what seemed to be a dead or

non-existent number, he sometimes heard a soft clicking noise after

the disconnection message. The noise sounded like faint heartbeats.

Curious, he experimented with these strange numbers and soon

discovered they were disconnected lines which had not yet been

reassigned. He wondered how he could use these odd numbers. After

reading a document Mendax had found in Britain and uploaded to The

Devil's Playground, another BBS, Trax had an idea. The posting

provided information about CCITT #5 signalling tones, CCITT being the

international standard--the language spoken by telephone exchanges

between countries.

When you make an international phone call from Australia to the US,

the call passes from the local telephone exchange to an international

gateway exchange within Australia. From there, it travels to an

exchange in the US. The CCITT signalling tones were the special tones

the two international gateway exchanges used to communicate with each

other.


Telecom Australia adapted a later version of this standard, called R2,

for use on its own domestic exchanges. Telecom called this new

standard MFC, or multi-frequency code. When, say, Trax rang Mendax,

his exchange asked Mendax's to `talk' to Mendax's phone by using these

tones. Mendax's exchange `answered', perhaps saying Mendax's phone was

busy or disconnected. The Telecom-adapted tones--pairs of audio

frequencies--did not exist in normal telephone keypads and you

couldn't make them simply by punching keys on your household

telephone.

Trax wrote a program which allowed his Amstrad computer to generate the

special tones and send them down the phone line. In an act many in the

underground later considered to be a stroke of genius, he began to map

out exactly what each tone did. It was a difficult task, since one tone

could mean several different things at each stage of the `conversation'

between two exchanges.

Passionate about his new calling, Trax went trashing in Telecom

garbage bins, where he found an MFC register list--an invaluable piece

of his puzzle. Using the list, along with pieces of overseas phreaking

files and a great deal of painstaking hands-on effort, Trax slowly

learned the language of the Australian telephone exchanges. Then he

taught the language to his computer.

Trax tried calling one of the `heartbeat' phone numbers again. He

began playing his special, computer-generated tones through an

amplifier. In simple terms, he was able to fool other exchanges into

thinking he was his local Telecom exchange. More accurately, Trax had

made his exchange drop him into the outgoing signalling trunk that had

been used to route to the disconnected phone number.

Trax could now call out--anywhere--as if he was calling from a point

halfway between his own phone and the disconnected number. If he

called a modem at Melbourne University, for instance, and the line was

being traced, his home phone number would not show up on the trace

records. No-one would be charged for the call because Trax's calls

were ghosts in the phone system.

Trax continued to refine his ability to manipulate both the telephone

and the exchange. He took his own telephone apart, piece by piece,

countless times, fiddling with the parts until he understood exactly

how it worked. Within months, he was able to do far more than just

make free phone calls. He could, for instance, make a line trace think


Directory: ~suelette -> underground

Download 6.15 Mb.

Share with your friends:
1   ...   24   25   26   27   28   29   30   31   ...   43




The database is protected by copyright ©sckool.org 2020
send message

    Main page