Some wanted free copies of the latest software, usually pirated games
from the US. Others wanted to share information and ideas about ways
to break into computers, often those owned by local universities.
Still others wanted to learn about how to manipulate the telephone
system.
The private areas functioned like a royal court, populated by
aristocrats and courtiers with varying seniority, loyalties and
rivalries. The areas involved an intricate social order and respect
was the name of the game. If you wanted admission, you had to walk a
delicate line between showing your superiors that you possessed enough
valuable hacking information to be elite and not showing them so much
they would brand you a blabbermouth. A perfect bargaining chip was an
old password for Melbourne University's dial-out.
The university's dial-out was a valuable thing. A hacker could ring up
the university's computer, login as `modem' and the machine would drop
him into a modem which let him dial out again. He could then dial
anywhere in the world, and the university would foot the phone bill.
In the late 1980s, before the days of cheap, accessible Internet
connections, the university dial-out meant a hacker could access
anything from an underground BBS in Germany to a US military system in
Panama. The password put the world at his fingertips.
A hacker aspiring to move into PI's Inner Sanctum wouldn't give out
the current dial-out password in the public discussion areas. Most
likely, if he was low in the pecking order, he wouldn't have such
precious information. Even if he had managed to stumble across the
current password somehow, it was risky giving it out publicly. Every
wanna-be and his dog would start messing around with the university's
modem account. The system administrator would wise up and change the
password and the hacker would quickly lose his own access to the
university account. Worse, he would lose access for other hackers--the
kind of hackers who ran H.A.C.K., Elite and the Inner Sanctum. They
would be really cross. Hackers hate it when passwords on accounts they
consider their own are changed without warning. Even if the password
wasn't changed, the aspiring hacker would look like a guy who couldn't
keep a good secret.
Posting an old password, however, was quite a different matter. The
information was next to useless, so the hacker wouldn't be giving much
away. But just showing he had access to that sort of information
suggested he was somehow in the know. Other hackers might think he had
had the password when it was still valid. More importantly, by showing
off a known, expired password, the hacker hinted that he might just
have the current password. Voila! Instant respect.
Positioning oneself to win an invite into the Inner Sanctum was a game
of strategy; titillate but never go all the way. After a while,
someone on the inside would probably notice you and put in a word with
Bowen. Then you would get an invitation.
If you were seriously ambitious and wanted to get past the first inner
layer, you then had to start performing for real. You couldn't hide
behind the excuse that the public area might be monitored by the
authorities or was full of idiots who might abuse valuable hacking
information.
The hackers in the most elite area would judge you on how much
information you provided about breaking into computer or phone
systems. They also looked at the accuracy of the information. It was
easy getting out-of-date login names and passwords for a student
account on Monash University's computer system. Posting a valid
account for the New Zealand forestry department's VMS system intrigued
the people who counted considerably more.
The Great Rite of Passage from boy to man in the computer underground
was Minerva. OTC, Australia's then government-owned Overseas
Telecommunications Commission,3 ran Minerva, a system of three Prime
mainframes in Sydney. For hackers such as Mendax, breaking into
Minerva was the test.
Back in early 1988, Mendax was just beginning to explore the world of
hacking. He had managed to break through the barrier from public to
private section of PI, but it wasn't enough. To be recognised as
up-and-coming talent by the aristocracy of hackers such as The Force
and The Wizard, a hacker had to spend time inside the Minerva system.
Mendax set to work on breaking
into it.
Minerva was special for a number of reasons. Although it was in
Sydney, the phone number to its entry computer, called an X.25 pad,
was a free call. At the time Mendax lived in Emerald, a country town
on the outskirts of Melbourne. A call to most Melbourne numbers
incurred a long-distance charge, thus ruling out options such as the
Melbourne University dial-out for breaking into international computer
systems.
Emerald was hardly Emerald City. For a clever sixteen-year-old boy,
the place was dead boring. Mendax lived there with his mother; Emerald
was merely a stopping point, one of dozens, as his mother shuttled her
child around the continent trying to escape from a psychopathic former
de facto. The house was an emergency refuge for families on the run.
It was safe and so, for a time, Mendax and his exhausted family
stopped to rest before tearing off again in search of a new place to
hide.
Sometimes Mendax went to school. Often he didn't. The school system
didn't hold much interest for him. It didn't feed his mind the way
Minerva would. They Sydney computer system was a far more interesting
place to muck around in than the rural high school.
Minerva was a Prime computer, and Primes were in. Force, one of the
more respected hackers in 1987-88 in the Australian computer
underground, specialised in Primos, the special operating system used
on Prime computers. He wrote his own programs--potent hacking tools
which provided current usernames and passwords--and made the systems
fashionable in the computer underground.
Prime computers were big and expensive and no hacker could afford one,
so being able to access the speed and computational grunt of a system
like Minerva was valuable for running a hacker's own programs. For
example, a network scanner, a program which gathered the addresses of
computers on the X.25 network which would be targets for future
hacking adventures, ate up computing resources. But a huge machine
like Minerva could handle that sort of program with ease. Minerva also
allowed users to connect to other computer systems on the X.25 network
around the world. Better still, Minerva had a BASIC interpreter on it.
This allowed people to write programs in the BASIC programming
language--by far the most popular language at the time--and make them
run on Minerva. You didn't have to be a Primos fanatic, like Force, to
write and execute a program on the OTC computer. Minerva suited Mendax
very well.
The OTC system had other benefits. Most major Australian corporations
had accounts on the system. Breaking into an account requires a
username and password; find the username and you have solved half the
equation. Minerva account names were easy picking. Each one was
composed of three letters followed by three numbers, a system which
could have been difficult to crack except for the choice of those
letters and numbers. The first three letters were almost always
obvious acronyms for the company. For example, the ANZ Bank had
accounts named ANZ001, ANZ002 and ANZ002. The numbers followed the
same pattern for most companies. BHP001. CRA001. NAB001. Even OTC007.
Anyone with the IQ of a desk lamp could guess at least a few account
names on Minerva. Passwords were a bit tougher to come by, but Mendax
had some ideas for that. He was going to have a crack at social
engineering. Social engineering means smooth-talking someone in a
position of power into doing something for you. It always involved a
ruse of some sort.
Mendax decided he would social engineer a password out of one of
Minerva's users. He had downloaded a partial list of Minerva users
another PI hacker had generously posted for those talented enough to
make use of it. This list was maybe two years old, and incomplete, but
it contained 30-odd pages of Minerva account usernames, company names,
addresses, contact names and telephone and fax numbers. Some of them
would probably still be valid.
Mendax had a deep voice for his age; it would have been impossible to
even contemplate social engineering without it. Cracking adolescent
male voices were the kiss of death for would-be social engineers. But
even though he had the voice, he didn't have the office or the Sydney
phone number if the intended victim wanted a number to call back on.
He found a way to solve the Sydney phone number by poking around until
he dug up a number with Sydney's 02 area code which was permanently
engaged. One down, one to go.
Next problem: generate some realistic office background noise. He
could hardly call a company posing as an OTC official to cajole a
password when the only background noise was birds tweeting in the
fresh country air.
No, he needed the same background buzz as a crowded office in downtown
Sydney. Mendex had a tape recorder, so he could pre-record the sound
of an office and play it as background when he called companies on the
Minerva list. The only hurdle was finding the appropriate office
noise. Not even the local post office would offer a believable noise
level. With none easily accessible, he decided to make his own audible
office clutter. It wouldn't be easy. With a single track on his
recording device, he couldn't dub in sounds on top of each other: he
had to make all the noises simultaneously.
First, he turned on the TV news, down very low, so it just hummed in
the background. Then he set up a long document to print on his
Commodore MPS 801 printer. He removed the cover from the noisy dot
matrix machine, to create just the right volume of clackity-clack in
the background. Still, he needed something more. Operators' voices
mumbling across a crowded floor. He could mumble quietly to himself,
but he soon discovered his verbal skills had not developed to the
point of being able to stand in the middle of the room talking about
nothing to himself for a quarter of an hour. So he fished out his
volume of Shakespeare and started reading aloud. Loud enough to hear
voices, but not so loud that the intended victim would be able to pick
Macbeth. OTC operators had keyboards, so he began tapping randomly on
his. Occasionally, for a little variation, he walked up to the tape
recorder and asked a question--and then promptly answered it in
another voice. He stomped noisily away from the recorder again, across
the room, and then silently dove back to the keyboard for more
keyboard typing and mumblings of Macbeth.
It was exhausting. He figured the tape had to run for at least fifteen
minutes uninterrupted. It wouldn't look very realistic if the office
buzz suddenly went dead for three seconds at a time in the places
where he paused the tape to rest.
The tapes took a number of attempts. He would be halfway through,
racing through line after line of Shakespeare, rap-tap-tapping on his
keyboard and asking himself questions in authoritative voices when the
paper jammed in his printer. Damn. He had to start all over again.
Finally, after a tiring hour of auditory schizophrenia, he had the
perfect tape of office hubbub.
Mendax pulled out his partial list of Minerva users and began working
through the 30-odd pages. It was discouraging.
`The number you have dialled is not connected. Please check the number
before dialling again.'
Next number.
`Sorry, he is in a meeting at the moment. Can I have him return your
call?' Ah, no thanks.
Another try.
`That person is no longer working with our company. Can I refer you to
someone else?' Uhm, not really.
And another try.
Finally, success.
Mendax reached one of the contact names for a company in Perth. Valid
number, valid company, valid contact name. He cleared his throat to
deepen his voice even further and began.
`This is John Keller, an operator from OTC Minerva in Sydney. One of
our D090 hard drives has crashed. We've pulled across the data on the
back-up tape and we believe we have all your correct information. But
some of it might have been corrupted in the accident and we would just
like to confirm your details. Also the back-up tape is two days old,
so we want to check your information is up to date so your service is
not interrupted. Let me just dig out your details ...' Mendax shuffled
some papers around on the table top.
`Oh, dear. Yes. Let's check it,' the worried manager responded.
Mendax started reading all the information on the Minerva list
obtained from Pacific Island, except for one thing. He changed the fax
number slightly. It worked. The manager jumped right in.
`Oh, no. That's wrong. Our fax number is definitely wrong,' he said
and proceeded to give the correct number.
Mendax tried to sound concerned. `Hmm,' he told the manager. `We may
have bigger problems than we anticipated. Hmm.' He gave another
pregnant pause. Working up the courage to ask the Big Question.
It was hard to know who was sweating more, the fretting Perth manager,
tormented by the idea of loud staff complaints from all over the
company because the Minerva account was faulty, or the gangly kid
trying his hand at social engineering for the first time.
`Well,' Mendax began, trying to keep the sound of authority in his
voice. `Let's see. We have your account number, but we had better
check your password ... what was it?' An arrow shot from the bow.
It hit the target. `Yes, it's L-U-R-C-H--full stop.'
Lurch? Uhuh. An Addams Family fan.
`Can you make sure everything is working? We don't want our service
interrupted.' The Perth manager sounded quite anxious.
Mendax tapped away on the keyboard randomly and then paused. `Well, it
looks like everything is working just fine now,' he quickly reassured
him. Just fine.
`Oh, that's a relief!' the Perth manager exclaimed. `Thank you for
that. Thank you. I just can't thank you enough for calling us!' More
gratitude.
Mendax had to extract himself. This was getting embarrassing.
`Yes, well I'd better go now. More customers to call.' That should
work. The Perth manager wanted a contact telephone number, as
expected, if something went wrong--so Mendax gave him the one which
was permanently busy.
`Thank you again for your courteous service!' Uhuh. Anytime.
Mendax hung up and tried the toll-free Minerva number. The password
worked. He couldn't believe how easy it was to get in.
He had a quick look around, following the pattern of most hackers
breaking into a new machine. First thing to do was to check the
electronic mail of the `borrowed' account. Email often contains
valuable information. One company manager might send another
information about other account names, password changes or even phone
numbers to modems at the company itself. Then it was off to check the
directories available for anyone to read on the main system--another
good source of information. Final stop: Minerva's bulletin board of
news. This included postings from the system operators about planned
downtime or other service issues. He didn't stay long. The first visit
was usually mostly a bit of reconnaissance work.
Minerva had many uses. Most important among these was the fact that
Minerva gave hackers an entry point into various X.25 networks. X.25
is a type of computer communications network, much like the Unix-based
Internet or the VMS-based DECNET. It has different commands and
protocols, but the principle of an extensive worldwide data
communications network is the same. There is, however, one important
difference. The targets for hackers on the X.25 networks are often far
more interesting. For example, most banks are on X.25. Indeed, X.25
underpins many aspects of the world's financial markets. A number of
countries' classified military computer sites only run on X.25. It is
considered by many people to be more secure than the Internet or any
DECNET system.
Minerva allowed incoming callers to pass into the X.25
network--something most Australian universities did not offer at the
time. And Minerva let Australian callers do this without incurring a
long-distance telephone charge.
In the early days of Minerva, the OTC operators didn't seem to care
much about the hackers, probably because it seemed impossible to get
rid of them. The OTC operators managed the OTC X.25 exchange, which
was like a telephone exchange for the X.25 data network. This exchange
was the data gateway for Minerva and other systems connected to that
data network.
Australia's early hackers had it easy, until Michael Rosenberg
arrived.
Rosenberg, known on-line simply as MichaelR, decided to clean up
Minerva. An engineering graduate from Queensland University, Michael
moved to Sydney when he joined OTC at age 21. He was about the same
age as the hackers he was chasing off his system. Rosenberg didn't
work as an OTC operator, he managed the software which ran on Minerva.
And he made life hell for people like Force. Closing up security
holes, quietly noting accounts used by hackers and then killing those
accounts, Rosenberg almost single-handedly stamped out much of the
hacker activity in OTC's Minerva.
Despite this, the hackers--`my hackers' as he termed the regulars--had
a grudging respect for Rosenberg. Unlike anyone else at OTC, he was
their technical equal and, in a world where technical prowess was the
currency, Rosenberg was a wealthy young man.
He wanted to catch the hackers, but he didn't want to see them go to
prison. They were an annoyance, and he just wanted them out of his
system. Any line trace, however, had to go through Telecom, which was
at that time a separate body from OTC. Telecom, Rosenberg was told,
was difficult about these things because of strict privacy laws. So,
for the most part, he was left to deal with the hackers on his own.
Rosenberg could not secure his system completely since OTC didn't
dictate passwords to their customers. Their customers were usually
more concerned about employees being able to remember passwords easily
than worrying about warding off wily hackers. The result: the
passwords on a number of Minerva accounts were easy pickings.
The hackers and OTC waged a war from 1988 to 1990, and it was fought
in many ways.
Sometimes an OTC operator would break into a hacker's on-line session
demanding to know who was really using the account. Sometimes the
operators sent insulting messages to the hackers--and the hackers gave
it right back to them. They broke into the hacker's session with `Oh,
you idiots are at it again'. The operators couldn't keep the hackers
out, but they had other ways of getting even.
Electron, a Melbourne hacker and rising star in the Australian
underground, had been logging into a system in Germany via OTC's X.25
link. Using a VMS machine, a sort of sister system to Minerva, he had
been playing a game called Empire on the Altos system, a popular
hang-out for hackers. It was his first attempt at Empire, a complex
war game of strategy which attracted players from around the world.
They each had less than one hour per day to conquer regions while
keeping production units at a strategic level. The Melbourne hacker
had spent weeks building his position. He was in second place.
Then, one day, he logged into the game via Minerva and the German
system, and he couldn't believe what he saw on the screen in front of
him. His regions, his position in the game, all of it--weeks of
work--had been wiped out. An OTC operator had used an X.25
packet-sniffer to monitor the hacker's login and capture his password to
Empire. Instead of trading the usual insults, the operator had waited
for the hacker to logoff and then had hacked into the game and destroyed
the hacker's position.
Electron was furious. He had been so proud of his position in his very
first game. Still, wreaking havoc on the Minerva system in retribution
was out of the question. Despite the fact that they wasted weeks of
his work, Electron had no desire to damage their system. He considered
himself lucky to be able to use it as long as he did.
The anti-establishment attitudes nurtured in BBSes such as PI and Zen
fed on a love of the new and untried. There was no bitterness, just a
desire to throw off the mantle of the old and dive into the new.
Camaraderie grew from the exhilarating sense that the youth in this
particular time and place were constantly on the edge of big
discoveries. People were calling up computers with their modems and
experimenting. What did this key sequence do? What about that tone?
What would happen if ... It was the question which drove them to stay
up day and night, poking and prodding. These hackers didn't for the
most part do drugs. They didn't even drink that much, given their age.
All of that would have interfered with their burning desire to know,
would have dulled their sharp edge. The underground's
anti-establishment views were mostly directed at organisations which
seemed to block the way to the new frontier--organisations like
Telecom.
It was a powerful word. Say `Telecom' to a member of the computer
underground from that era and you will observe the most striking
reaction. Instant contempt sweeps across his face. There is a pause as
his lips curl into a noticeable sneer and he replies with complete
derision, `Telescum'. The underground hated Australia's national
telephone carrier with a passion equalled only to its love of
exploration. They felt that Telecom was backward and its staff had no
idea how to use their own telecommunications technology. Worst of all,
Telecom seemed to actively dislike BBSes.
Line noise interfered with one modem talking to another, and in the
eyes of the computer underground, Telecom was responsible for the line
Share with your friends: |