Suelette dreyfus julian assange
Download 6.15 Mb.
|
|
mother quickly slipped into a back lane and the friend leapt from the car. She drove off, taking the police tail with her. The plain-clothed police pulled her over shortly after, searched her car and demanded to know where her friend had gone and what had occurred at the meeting. When she was less than helpful, one officer told her, `You have a child out at 2 in the morning. I think you should get out of politics, lady. It could be said you were an unfit mother'.
A few days after this thinly veiled threat, her friend showed up at Mendax's mother's house, covered in fading bruises. He said the police had beaten him up, then set him up by planting hash on him. `I'm getting out of politics,' he announced. However, she and her husband continued their involvement in theatre. The young Mendax never dreamed of running away to join the circus--he already lived the life of a travelling minstrel. But although the actor-director was a good stepfather, he was also an alcoholic. Not long after Mendax's ninth birthday, his parents separated and then divorced. Mendax's mother then entered a tempestuous relationship with an amateur musician. Mendax was frightened of the man, whom he considered a manipulative and violent psychopath. He had five different identities with plastic in his wallet to match. His whole background was a fabrication, right down to the country of his birth. When the relationship ended, the steady pattern of moving around the countryside began again, but this journey had a very different flavour from the earlier happy-go-lucky odyssey. This time, Mendax and his family were on the run from a physically abusive de facto. Finally, after hiding under assumed names on both sides of the continent, Mendax and his family settled on the outskirts of Melbourne. Mendax left home at seventeen because he had received a tip-off about an impending raid. Mendax wiped his disks, burnt his print-outs and left. A week later, the Victorian CIB turned up and searched his room, but found nothing. He married his girlfriend, an intelligent but introverted and emotionally disturbed sixteen-year-old he had met through a mutual friend in a gifted children's program. A year later they had a child. Mendax made many of his friends through the computer community. He found Trax easy to talk to and they often spent up to five hours on a single phone call. Prime Suspect, on the other hand, was hard work on the phone. Quiet and introverted, Prime Suspect always seemed to run out of conversation after five minutes. Mendax was himself naturally shy, so their talks were often filled with long silences. It wasn't that Mendax didn't like Prime Suspect, he did. By the time the three hackers met in person at Trax's home in mid-1991, he considered Prime Suspect more than just a fellow hacker in the tight-knit IS circle. Mendax considered him a friend. Prime Suspect was a boy of veneers. To most of the world, he appeared to be a studious year 12 student bound for university from his upper middle-class grammar school. The all-boys school never expected less from its students and the possibility of attending a TAFE--a vocational college--was never discussed as an option. University was the object. Any student who failed to make it was quietly swept under the carpet like some sort of distasteful food dropping. Prime Suspect's own family situation did not mirror the veneer of respectability portrayed by his school. His father, a pharmacist, and his mother, a nurse, had been in the midst of an acrimonious divorce battle when his father was diagnosed with terminal cancer. In this bitter, antagonistic environment, the eight-year-old Prime Suspect was delivered to his father's bedside in hospice for a rushed few moments to bid him farewell. Through much of his childhood and adolescence, Prime Suspect's mother remained bitter and angry about life, and particularly her impoverished financial situation. When he was eight, Prime Suspect's older sister left home at sixteen, moved to Perth and refused to speak to her mother. In some ways, Prime Suspect felt he was expected be both child and de facto parent. All of which made him grow up faster in some ways, but remain immature in others. Prime Suspect responded to the anger around him by retreating into his room. When he bought his first computer, an Apple IIe, at age thirteen he found it better company than any of his relatives. The computers at school didn't hold much interest for him, since they weren't connected to the outside world via modem. After reading about BBSes in the Apple Users' Society newsletter, he saved up for his own modem and soon began connecting into various BBSes. School did, however, provide the opportunity to rebel, albeit anonymously, and he conducted extensive pranking campaigns. Few teachers suspected the quiet, clean-cut boy and he was rarely caught. Nature had endowed Prime Suspect with the face of utter innocence. Tall and slender with brown curly hair, his true character only showed in the elfish grin which sometimes passed briefly across his baby face. Teachers told his mother he was underachieving compared to his level of intelligence, but had few complaints otherwise. By year 10, he had become a serious hacker and was spending every available moment at his computer. Sometimes he skipped school, and he often handed assignments in late. He found it difficult to come up with ever more creative excuses and sometimes he imagined telling his teachers the truth. `Sorry I didn't get that 2000-word paper done but I was knee-deep in NASA networks last night.' The thought made him laugh.
He saw girls as a unwanted distraction from hacking. Sometimes, after he chatted with a girl at a party, his friends would later ask him why he hadn't asked her out. Prime Suspect shrugged it off. The real reason was that he would rather get home to his computer, but he never discussed his hacking with anyone at school, not even with Mentat. A friend of Force's and occasional visitor to The Realm, Mentat was two years ahead of Prime Suspect at school and in general couldn't be bothered talking to so junior a hacker as Prime Suspect. The younger hacker didn't mind. He had witnessed other hackers' indiscretions, wanted no part of them and was happy to keep his hacking life private. Before the Realm bust, Phoenix rang him up once at 2 a.m. suggesting that he and Nom come over there and then. Woken by the call, Prime Suspect's mother stood in the doorway to his bedroom, remonstrating with him for letting his `friends' call at such a late hour. With Phoenix goading him in one ear, and his mother chewing him out in the other, Prime Suspect decided the whole thing was a bad idea. He said no thanks to Phoenix, and shut the door on his mother. He did, however, talk to Powerspike on the phone once in a while. The older hacker's highly irreverent attitude and Porky Pig laugh appealed to him. But other than those brief talks, Prime Suspect avoided talking on the phone to people outside the International Subversives, especially when he and Mendax moved into ever more sensitive military computers. Using a program called Sycophant written by Mendax, the IS hackers had been conducting massive attacks on the US military. They divided up Sycophant on eight attack machines, often choosing university systems at places like the Australian National University or the University of Texas. They pointed the eight machines at the targets and fired. Within six hours, the eight machines had assaulted thousands of computers. The hackers sometimes reaped 100000 accounts each night. Using Sycophant, they essentially forced a cluster of Unix machines in a computer network to attack the entire Internet en masse. And that was just the start of what they were into. They had been in so many sites they often couldn't remember if they had actually hacked a particular computer. The places they could recall read like a Who's Who of the American military-industrial complex. The US Airforce 7th Command Group Headquarters in the Pentagon. Stanford Research Institute in California. Naval Surface Warfare Center in Virginia. Lockheed Martin's Tactical Aircraft Systems Air Force Plant in Texas. Unisys Corporation in Blue Bell, Pennsylvania. Goddard Space Flight Center, NASA. Motorola Inc. in Illinois. TRW Inc. in Redondo Beach, California. Alcoa in Pittsburgh. Panasonic Corp in New Jersey. US Naval Undersea Warfare Engineering Station. Siemens-Nixdorf Information Systems in Massachusetts. Securities Industry Automation Corp in New York. Lawrence Livermore National Laboratory in California. Bell Communications Research, New Jersey. Xerox Palo Alto Research Center, California. As the IS hackers reached a level of sophistication beyond anything The Realm had achieved, they realised that progress carried considerable risk and began to withdraw completely from the broader Australian hacking community. Soon they had drawn a tight circle around themselves. They talked only to each other. Watching the Realm hackers go down hadn't deterred the next generation of hackers. It had only driven them further underground. In the spring of 1991, Prime Suspect and Mendax began a race to get root on the US Department of Defense's Network Information Center (NIC) computer--potentially the most important computer on the Internet. As both hackers chatted amiably on-line one night, on a Melbourne University computer, Prime Suspect worked quietly in another screen to penetrate ns.nic.ddn.mil, a US Department of Defense system closely linked to NIC. He believed the sister system and NIC might `trust' each other--a trust he could exploit to get into NIC. And NIC did everything. NIC assigned domain names--the `.com' or `.net' at the end of an email address--for the entire Internet. NIC also controlled the US military's own internal defence data network, known as MILNET. NIC also published the communication protocol standards for all of the Internet. Called RFCs (Request for Comments), these technical specifications allowed one computer on the Internet to talk to another. The Defense Data Network Security Bulletins, the US Department of Defense's equivalent of CERT advisories, came from the NIC machine. Perhaps most importantly, NIC controlled the reverse look-up service on the Internet. Whenever someone connects to another site across the Internet, he or she typically types in the site name--say, ariel.unimelb.edu.au at the University of Melbourne. The computer then translates the alphabetical name into a numerical address--the IP address--in this case 128.250.20.3. All the computers on the Internet need this IP address to relay the packets of data onto the final destination computer. NIC decided how Internet computers would translate the alphabetical name into an IP address, and vice versa. If you controlled NIC, you had phenomenal power on the Internet. You could, for example, simply make Australia disappear. Or you could turn it into Brazil. By pointing all Internet addresses ending in `.au'--the designation for sites in Australia--to Brazil, you could cut Australia's part of the Internet off from the rest of the world and send all Australian Internet traffic to Brazil. In fact, by changing the delegation of all the domain names, you could virtually stop the flow of information between all the countries on the Internet. The only way someone could circumvent this power was by typing in the full numerical IP address instead of a proper alphabetical address. But few people knew the up-to-twelve-digit IP equivalent of their alphabetical addresses, and fewer still actually used them. Controlling NIC offered other benefits as well. Control NIC, and you owned a virtual pass-key into any computer on the Internet which `trusted' another. And most machines trust at least one other system. Whenever one computer connects to another across the Net, both machines go through a special meet-and-greet process. The receiving computer looks over the first machine and asks itself a few questions. What's the name of the incoming machine? Is that name allowed to connect to me? In what ways am I programmed to `trust' that machine--to wave my normal security for connections from that system? The receiving computer answers these questions based in large part on information provided by NIC. All of which means that, by controlling NIC, you could make any computer on the Net `pose' as a machine trusted by a computer you might want to hack. Security often depended on a computer's name, and NIC effectively controlled that name. When Prime Suspect managed to get inside NIC's sister system, he told Mendax and gave him access to the computer. Each hacker then began his own attack on NIC. When Mendax finally got root on NIC, the power was intoxicating. Prime Suspect got root at the same time but using a different method. They were both in. Inside NIC, Mendax began by inserting a backdoor--a method of getting back into the computer at a later date in case an admin repaired the security flaws the hackers had used to get into the machine. From now on, if he telnetted into the system's Data Defense Network (DDN) information server and typed `login 0' he would have instant, invisible root access to NIC. That step completed, he looked around for interesting things to read. One file held what appeared to be a list of satellite and microwave dish coordinates--longitude, latitudes, transponder frequencies. Such coordinates might in theory allow someone to build a complete map of communications devices which were used to move the DOD's computer data around the world. Mendax also penetrated MILNET's Security Coordination Center, which collected reports on every possible security incident on a MILNET computer. Those computers--largely TOPS-20s made by DEC--contained good automatic security programs. Any number of out-of-the-ordinary events would trigger an automatic security report. Someone logging into a machine for too long. A large number of failed login attempts, suggesting password guessing. Two people logging into the same account at the same time. Alarm bells would go off and the local computer would immediately send a security violation report to the MILNET security centre, where it would be added to the `hot list'. Mendax flipped through page after page of MILNET's security reports on his screen. Most looked like nothing--MILNET users accidentally stumbling over a security tripwire--but one notice from a US military site in Germany stood out. It was not computer generated. This was from a real human being. The system admin reported that someone had been repeatedly trying to break into his or her machine, and had eventually managed to get in. The admin was trying, without much luck, to trace back the intruder's connection to its point of origin. Oddly, it appeared to originate in another MILNET system. Riffling through other files, Mendax found mail confirming that the attack had indeed come from inside MILNET. His eyes grew wide as he read on. US military hackers had broken into MILNET systems, using them for target practice, and no-one had bothered to tell the system admin at the target site. Mendax couldn't believe it. The US military was hacking its own computers. This discovery led to another, more disturbing, thought. If the US military was hacking its own computers for practice, what was it doing to other countries' computers? As he quietly backed out of the system, wiping away his footprints as he tip-toed away, Mendax thought about what he had seen. He was deeply disturbed that any hacker would work for the US military. Hackers, he thought, should be anarchists, not hawks. In early October 1991, Mendax rang Trax and gave him the dial-up and account details for NMELH1. Trax wasn't much of a hacker, but Mendax admired his phreaking talents. Trax was the father of phreaking in Australia and Trax's Toolbox, his guide to the art of phreaking, was legendary. Mendax thought Trax might find some interesting detailed information inside the NorTel network on how to control telephone switches. Trax invented multi-frequency code phreaking. By sending special tones--generated by his computer program--down the phone line, he could control certain functions in the telephone exchange. Many hackers had learned how to make free phone calls by charging the cost to someone else or to calling cards, but Trax discovered how to make phone calls which weren't charged to anyone. The calls weren't just free; they were untraceable. Trax wrote 48 pages on his discovery and called it The Australian Phreakers Manual Volumes 1-7. But as he added more and more to the manual, he became worried what would happen if he released it in the underground, so he decided he would only show it to the other two International Subversive hackers. He went on to publish The Advanced Phreaker's Manual,2 a second edition of the manual, in The International Subversive, the underground magazine edited by Mendax: An electronic magazine, The International Subversive had a simple editorial policy. You could only have a copy of the magazine if you wrote an `article'. The policy was a good way of protecting against nappies--sloppy or inexperienced hackers who might accidentally draw police attention. Nappies also tended to abuse good phreaking and hacking techniques, which might cause Telecom to close up security holes. The result was that IS had a circulation of just three people. To a non-hacker, IS looked like gobbledygook--the phone book made more interesting reading. But to a member of the computer underground, IS was a treasure map. A good hacker could follow the trail of modem phone numbers and passwords, then use the directions in IS to disappear through secret entrances into the labyrinth of forbidden computer networks. Armed with the magazine, he could slither out of tight spots, outwit system admins and find the treasure secreted in each computer system. For Prime Suspect and Mendax, who were increasingly paranoid about line traces from the university modems they used as launchpads, Trax's phreaking skills were a gift from heaven. Trax made his great discovery by accident. He was using a phone sprinter, a simple computer program which automatically dialled a range of phone numbers looking for modems. If he turned the volume up on his modem when his computer dialled what seemed to be a dead or non-existent number, he sometimes heard a soft clicking noise after the disconnection message. The noise sounded like faint heartbeats. Curious, he experimented with these strange numbers and soon discovered they were disconnected lines which had not yet been reassigned. He wondered how he could use these odd numbers. After reading a document Mendax had found in Britain and uploaded to The Devil's Playground, another BBS, Trax had an idea. The posting provided information about CCITT #5 signalling tones, CCITT being the international standard--the language spoken by telephone exchanges between countries. When you make an international phone call from Australia to the US, the call passes from the local telephone exchange to an international gateway exchange within Australia. From there, it travels to an exchange in the US. The CCITT signalling tones were the special tones the two international gateway exchanges used to communicate with each other.
Telecom Australia adapted a later version of this standard, called R2, for use on its own domestic exchanges. Telecom called this new standard MFC, or multi-frequency code. When, say, Trax rang Mendax, his exchange asked Mendax's to `talk' to Mendax's phone by using these tones. Mendax's exchange `answered', perhaps saying Mendax's phone was busy or disconnected. The Telecom-adapted tones--pairs of audio frequencies--did not exist in normal telephone keypads and you couldn't make them simply by punching keys on your household telephone. Trax wrote a program which allowed his Amstrad computer to generate the special tones and send them down the phone line. In an act many in the underground later considered to be a stroke of genius, he began to map out exactly what each tone did. It was a difficult task, since one tone could mean several different things at each stage of the `conversation' between two exchanges. Passionate about his new calling, Trax went trashing in Telecom garbage bins, where he found an MFC register list--an invaluable piece of his puzzle. Using the list, along with pieces of overseas phreaking files and a great deal of painstaking hands-on effort, Trax slowly learned the language of the Australian telephone exchanges. Then he taught the language to his computer. Trax tried calling one of the `heartbeat' phone numbers again. He began playing his special, computer-generated tones through an amplifier. In simple terms, he was able to fool other exchanges into thinking he was his local Telecom exchange. More accurately, Trax had made his exchange drop him into the outgoing signalling trunk that had been used to route to the disconnected phone number. Trax could now call out--anywhere--as if he was calling from a point halfway between his own phone and the disconnected number. If he called a modem at Melbourne University, for instance, and the line was being traced, his home phone number would not show up on the trace records. No-one would be charged for the call because Trax's calls were ghosts in the phone system. Trax continued to refine his ability to manipulate both the telephone and the exchange. He took his own telephone apart, piece by piece, countless times, fiddling with the parts until he understood exactly how it worked. Within months, he was able to do far more than just make free phone calls. He could, for instance, make a line trace think Download 6.15 Mb. Share with your friends:
|