Underground: Hacking, Madness and Obsession on the Electronic Frontier by Suelette Dreyfus, is part of the HackerNoon Books Series. You can jump to any chapter in this book here. The Holy Grail.
So we came and conquered and found; riches of Commons and Kings.
— from `River Runs Red', Blue Sky Mining.
There it was, in black and white. Two articles by Helen Meredith in The Australian in January 1989.2 The whole Australian computer underground was buzzing with the news.
The first article appeared on 14 January:
Citibank hackers score $500,000
An elite group of Australian hackers has lifted more than $US500,000 ($580,000) out of America's Citibank in one of the more daring hacking crimes in Australia's history.
Australian federal authorities were reported late yesterday to be working with American authorities to pin down the Australian connection involving hackers in Melbourne and Sydney.
These are the elite `freekers' of white collar crime …
The Australian connection is reported to have used a telephone in the foyer of Telecom's headquarters at 199 William Street in Melbourne to send a 2600-hertz signal giving them access to a trunk line and ultimately to a managerial access code for Citibank.
Sources said last night the hackers had lifted $US563,000 from the US bank and transferred it into several accounts. The money has now been withdrawn …
Meanwhile, Victorian police were reported yesterday to be systematically searching the homes of dozens of suspects in a crackdown on computer hackers …
An informed source said Criminal Investigation Bureau officers armed with search warrants were now searching through the belongings of the hacking community and expected to find hundreds of thousands of dollars of goods.
An informed source said Criminal Investigation Bureau officers armed with search warrants were now searching through the belongings of the hacking community and expected to find hundreds of thousands of dollars of goods.
The second article was published ten days later:
Hackers list card hauls on boards
Authorities remain sceptical of the latest reports of an international hacking and phreaking ring and its Australian connection.
Yesterday, however, evidence continued to stream into the Melbourne based bulletin boards under suspicion …
In the latest round of bulletin board activity, a message from a United States hacker known as Captain Cash provided the Australian connection with the latest news on Australian credit cards, provided by local hackers, and their illegal use by US hackers to the value of $US362 018 ($416112).
The information was taken from a computer bulletin board system known as Pacific Island and used actively by the Australian connection.
The message read: `OK on the 5353 series which we are closing today—Mastercard $109 400.50. On the 4564 series—Visa which I'll leave open for a week
$209417.90. And on good old don't leave home without someone else's: $43 200.
`Making a grand total of
$362018.40!
`Let's hear it for our Aussie friends!
`I hear they are doing just as well!
`They are sending more numbers on the 23rd! Great!
`They will be getting 10%
as usual…a nice bonus of
$36 200.00!'
The bulletin board also contained advice for phreakers on using telephones in Telecom's 199 William Street headquarters and the green phones at Spencer Street Station in Melbourne—to make free international calls …
Phoenix, another local bulletin board user, listed prices for `EXTC'- tablets … Late Friday, The Australian received evidence suggesting a break-in of the US Citibank network by Australian hackers known as The Realm …
The gang's US connection is believed to be based in Milwaukee and Houston. US Federal authorities have already raided US hackers involved in Citibank break-ins in the US.
A covert operation of the Bureau of Criminal Intelligence has had the Australian connection under surveillance and last week took delivery of six months' of evidence from the Pacific Island board and associated boards going by the name of Zen and Megaworks …
The Australian hackers include a number of Melbourne people, some teenagers, suspected or already convicted of crimes including fraud, drug use and car theft. Most are considered to be at the least, digital voyeurs, at worst criminals with a possible big crime connection.
The information received by The Australian amounts to a confession on the part of the Australian hackers to involvement in the break-in of the US Citibank network as well as advice on phreaking … and bank access.
The following is taken directly from the bulletin board … It was stored in a private mailbox on the board and is from a hacker known as Ivan Trotsky to one who uses the name Killer Tomato:
`OK this is what's been happening …
`While back a Sysop had a call from the Feds, they wanted Force's, Phoenix's, Nom's, Brett Macmillan's and my names in connection with some hacking The Realm had done and also with some carding meant to have been done too.
`Then in the last few days I get info passed to me that the Hack that was done to the Citibank in the US which has led to arrests over there also had connections to Force and Electron …'
DPG monitoring service spokesman, Mr Stuart Gill, said he believed the Pacific Island material was only the tip of the iceberg.
`They're far better organised than the police,' he said.
`Unless everyone gets their act together and we legislate against it, we'll still be talking about the same things this time next year.'
Yesterday, the South Australian police started an operation to put bulletin boards operating in that state under surveillance.
And in Western Australia, both political parties agreed they would proceed with an inquiry into computer hacking, whoever was in government.
The Victoria Police fraud squad last week announced it had set up a computer crime squad that would investigate complaints of computer fraud.
The articles were painful reading for most in the computer underground.
Who was this Captain Cash? Who was the Killer Tomato? Many believed they were either Stuart Gill, or that Gill had forged messages by them or others on Bowen's board. Was the underground rife with credit card frauders? No. They formed only a very small part of that community. Had the Melbourne hackers stolen half a million dollars from Citibank? Absolutely not. A subsequent police investigation determined this allegation to be a complete fabrication.
How had six months' worth of messages from PI and Zen found their way into the hands of the Victoria Police Bureau of Criminal Intelligence? Members of the underground had their suspicions.
To some, Stuart Gill's role in the underground appeared to be that of an information trader. He would feed a police agency information, and garner a little new material from it in exchange. He then amalgamated the new and old material and delivered the new package to another police agency, which provided him a little more material to add to the pot. Gill appeared to play the same game in the underground.
A few members of the underground, particularly PI and Zen regulars Mentat and Brett MacMillan, suspected chicanery and began fighting a BBS-based war to prove their point. In early 1989, MacMillan posted a message stating that Hackwatch was not registered as a business trading name belonging to Stuart Gill at the Victorian Corporate Affairs office. Further, he stated, DPG Monitoring Services did not exist as an official registered business trading name either. MacMillan then stunned the underground by announcing that he had registered the name Hackwatch himself, presumably to stop Stuart Gill's media appearances as a Hackwatch spokesman.
Many in the underground felt duped by Gill, but they weren't the only ones. Soon some journalists and police would feel the same way. Stuart Gill wasn't even his real name.
What Gill really wanted, some citizens in the underground came to believe, was a public platform from which he could whip up hacker hype and then demand the introduction of tough new anti-hacking laws. In mid-1989, the Commonwealth Government did just that, enacting the first federal computer crime laws.
It wasn't the journalists' fault. For example, in one case Helen Meredith had asked Gill for verification and he had referred her to Superintendent Tony Warren, of the Victoria Police, who had backed him up. A reporter couldn't ask for better verification than that. And why wouldn't Warren back Gill? A registered ISU informer, Gill also acted as a consultant, adviser, confidant and friend to various members of the Victoria Police. He was close to both Warren and, later, to Inspector Chris Cosgriff. From 1985 to 1987, Warren had worked at the Bureau of Criminal Intelligence (BCI). After that, he was transferred to the Internal Investigations Department (IID), where he worked with Cosgriff who joined IID in 1988.
Over a six-month period in 1992, Tony Warren received more than 200 phone calls from Stuart Gill—45 of them to his home number. Over an eighteen-month period in 1991-92, Chris Cosgriff made at least 76 personal visits to Gill's home address and recorded 316 phone calls with him.3
The Internal Security Unit (ISU) investigated corruption within the police force. If you had access to ISU, you knew everything that the Victoria Police officially knew about corruption within its ranks. Its information was highly sensitive, particularly since it could involve one police officer dobbing in another. However, a 1993 Victorian Ombudsman's report concluded that Cosgriff leaked a large amount of confidential ISU material to Gill, and that Warren's relationship with Gill was inappropriate.4
When Craig Bowen (aka Thunderbird1) came to believe in 1989 that he had been duped by Gill, he retreated into a state of denial and depression. The PI community had trusted him. He entered his friendship with Gill a bright-eyed, innocent young man looking for adventure. He left the friendship betrayed and gun-shy.
Sad-eyed and feeling dark on the world, Craig Bowen turned off PI and Zen forever. Sitting at his computer sometime in the second half of 1989, Force stared at his screen without seeing anything, his mind a million miles away. The situation was bad, very bad, and lost in thought, he toyed with his mouse absent-mindedly, thinking about how to deal with this problem.
The problem was that someone in Melbourne was going to be busted.
Force wanted to discount the secret warning, to rack it up as just another in a long line of rumours which swept through the underground periodically, but he knew he couldn't do that. The warning was rock solid; it had come from Gavin.*
The way Force told it, his friend Gavin worked as a contractor to Telecom by day and played at hacking at night. He was Force's little secret, who he kept from the other members of The Realm. Gavin was definitely not part of the hacker BBS scene. He was older, he didn't even have a handle and he hacked alone, or with Force, because he saw hacking in groups as risky.
As a Telecom contractor, Gavin had the kind of access to computers and networks which most hackers could only dream about. He also had good contacts inside Telecom—the kind who might answer a few tactfully worded questions about telephone taps and line traces, or might know a bit about police investigations requiring Telecom's help.
Force had met Gavin while buying some second-hand equipment through the Trading Post. They hit it off, became friends and soon began hacking together. Under the cover of darkness, they would creep into Gavin's office after everyone else had gone home and hack all night. At dawn, they tidied up and quietly left the building. Gavin went home, showered and returned to work as if nothing had happened.
Gavin introduced Force to trashing. When they weren't spending the night in front of his terminal, Gavin crawled through Telecom's dumpsters looking for pearls of information on crumpled bits of office paper. Account names, passwords, dial-up modems, NUAs—people wrote all sorts of things down on scrap paper and then threw it out the next day when they didn't need it any more.
According to Force, Gavin moved offices frequently, which made it easier to muddy the trail. Even better, he worked from offices which had dozens of employees making hundreds of calls each day. Gavin and Force's illicit activities were buried under a mound of daily legitimate transactions.
The two hackers trusted each other; in fact Gavin was the only person to whom Force revealed the exact address of the CitiSaudi machine. Not even Phoenix, rising star of The Realm and Force's favoured protégé, was privy to all the secrets of Citibank uncovered during Force's network explorations.
Force had shared some of this glittering prize with Phoenix, but not all of it. Just a few of the Citibank cards—token trophies—and general information about the Citibank network. Believing the temptation to collect vast numbers of cards and use them would be too great for the young Phoenix, Force tried to keep the exact location of the Citibank machine a secret. He knew that Phoenix might eventually find the Citibank system on his own, and there was little he could do to stop him. But Force was determined that he wouldn't help Phoenix get himself into trouble.
The Citibank network had been a rich source of systems—something Force also kept to himself. The more he explored, the more he found in the network. Soon after his first discovery of the CitiSaudi system, he found a machine called CitiGreece which was just as willing to dump card details as its Saudi-American counterpart. Out of fifteen or so credit cards Force discovered on the system, only two appeared to be valid. He figured the others were test cards and that this must be a new site. Not long after the discovery of the CitiGreece machine, he discovered similar embryonic sites in two other countries.
Force liked Phoenix and was impressed by the new hacker's enthusiasm and desire to learn about computer networks.
Force introduced Phoenix to Minerva, just as Craig Bowen had done for Force some years before. Phoenix learned quickly and came back for more. He was hungry and, in Force's discerning opinion, very bright. Indeed, Force saw a great deal of himself in the young hacker. They were from a similarly comfortable, educated middle-class background. They were also both a little outside the mainstream. Force's family were migrants to Australia. Some of Phoenix's family lived in Israel, and his family was very religious.
Phoenix attended one of the most Orthodox Jewish schools in Victoria, a place which described itself as a `modern orthodox Zionist' institution. Nearly half the subjects offered in year 9 were in Jewish Studies, all the boys wore yarmulkes and the school expected students to be fluent in Hebrew by the time they graduated.
In his first years at the school, Phoenix had acquired the nickname `The Egg'. Over the following years he became a master at playing the game—jumping through hoops to please teachers. He learned that doing well in religious studies was a good way to ingratiate himself to teachers, as well as his parents and, in their eyes at least, he became the golden-haired boy.
Anyone scratching below the surface, however, would find the shine of the golden-haired boy was merely gilt. Despite his success in school and his matriculation, Phoenix was having trouble. He had been profoundly affected by the bitter break-up and divorce of his parents when he was about fourteen.
After the divorce, Phoenix was sent to boarding school in Israel for about six months. On his return to Melbourne, he lived with his younger sister and mother at his maternal grandmother's house. His brother, the middle child, lived with his father.
School friends sometimes felt awkward visiting Phoenix at home. One of his best friends found it difficult dealing with Phoenix's mother, whose vivacity sometimes bordered on the neurotic and shrill. His grandmother was a chronic worrier, who pestered Phoenix about using the home phone line during thunderstorms for fear he would be electrocuted. The situation with Phoenix's father wasn't much better. A manager at Telecom, he seemed to waver between appearing disinterested or emotionally cold and breaking into violent outbursts of anger.
But it was Phoenix's younger brother who seemed to be the problem child. He ran away from home at around seventeen and dealt in drugs before eventually finding his feet. Yet, unlike Phoenix, his brother's problems had been laid bare for all to see. Hitting rock bottom forced him to take stock of his life and come to terms with his situation.
In contrast, Phoenix found less noticeable ways of expressing his rebellion. Among them was his enthusiasm for tools of power—the martial arts, weapons such as swords and staffs, and social engineering. During his final years of secondary school, while still living at his grandmother's home, Phoenix took up hacking. He hung around various Melbourne BBSes, and then he developed an on-line friendship with Force.
Force watched Phoenix's hacking skills develop with interest and after a couple of months he invited him to join The Realm. It was the shortest initiation of any Realm member, and the vote to include the new hacker was unanimous. Phoenix proved to be a valuable member, collecting information about new systems and networks for The Realm's databases. At their peak of hacking activity, Force and Phoenix spoke on the phone almost every day.
Phoenix's new-found acceptance contrasted with the position of Electron, who visited The Realm regularly for a few months in 1988. As Phoenix basked in the warmth of Force's approval, the eighteen-year-old Electron felt the chill of his increasing scorn. Force eventually turfed Electron and his friend, Powerspike, out of his exclusive Melbourne club of hackers. Well, that was how Force told it. He told the other members of The Realm that Electron had committed two major sins. The first was that he had been wasting resources by using accounts on OTC's Minerva system to connect to Altos, which meant the accounts would be immediately tracked and killed.
Minerva admins such as Michael Rosenberg—sworn enemy of The Realm—recognised the Altos NUA. Rosenberg was OTC's best defence against hackers. He had spent so much time trying to weed them out of Minerva that he knew their habits by heart: hack, then zoom over to Altos for a chat with fellow hackers, then hack some more. Most accounts on Minerva were held by corporations. How many legitimate users from ANZ Bank would visit Altos? None. So when Rosenberg saw an account connecting to Altos, he silently observed what the hacker was doing—in case he bragged on the German chat board—then changed the password and notified the client, in an effort to lock the hacker out for good.
Electron's second sin, according to Force, was that he had been withholding hacking information from the rest of the group. Force's stated view—though it didn't seem to apply to him personally—was one in, all in.
It was a very public expulsion. Powerspike and Electron told each other they didn't really care. As they saw it, they might have visited The Realm BBS now and then but they certainly weren't members of The Realm. Electron joked with Powerspike, `Who would want to be a member of a no-talent outfit like The Realm?' Still, it must have hurt. Hackers in the period 1988-90 depended on each other for information. They honed their skills in a community which shared intelligence and they grew to rely on the pool of information.
Months later, Force grudgingly allowing Electron to rejoin The Realm, but the relationship remained testy. When Electron finally logged in again, he found a file in the BBS entitled `Scanner stolen from the Electron'. Force had found a copy of Electron's VMS scanner on an overseas computer while Electron was in exile and had felt no qualms about pinching it for The Realm.
Except that it wasn't a scanner. It was a VMS Trojan. And there was a big difference. It didn't scan for the addresses of computers on a network. It snagged passwords when people connected from their VMS computers to another machine over an X.25 network. Powerspike cracked up laughing when Electron told him. Well,' he told Powerspike,
Mr Bigshot Force might know something about Prime computers, but he doesn't know a hell of a lot about VMS.'
Despite Electron's general fall from grace, Phoenix talked to the outcast because they shared the obsession. Electron was on a steep learning curve and, like Phoenix, he was moving fast—much faster than any of the other Melbourne hackers.
When Phoenix admitted talking to Electron regularly, Force tried to pull him away, but without luck. Some of the disapproval was born of Force's paternalistic attitude toward the Australian hacking scene. He considered himself to be a sort of godfather in the hacking community. But Force was also increasingly concerned at Phoenix's ever more flagrant taunting of computer security bigwigs and system admins. In one incident, Phoenix knew a couple of system admins and security people were waiting on a system to trap him by tracing his network connections. He responded by sneaking into the computer unnoticed and quietly logging off each admin. Force laughed about it at the time, but privately the story made him more than a little nervous.
Phoenix enjoyed pitting himself against the pinnacles of the computer security industry. He wanted to prove he was better, and he frequently upset people because often he was. Strangely, though, Force's protégé also thought that if he told these experts about a few of the holes in their systems, he would somehow gain their approval. Maybe they would even give him inside information, like new penetration techniques, and, importantly, look after him if things got rough. Force wondered how Phoenix could hold two such conflicting thoughts in his mind at the same time without questioning the logic of either.
It was against this backdrop that Gavin came to Force with his urgent warning in late 1989. Gavin had learned that the Australian Federal Police were getting complaints about hackers operating out of Melbourne. The Melbourne hacking community had become very noisy and was leaving footprints all over the place as its members traversed the world's data networks.
There were other active hacking communities outside Australia—in the north of England, in Texas, in New York. But the Melbourne hackers weren't just noisy—they were noisy inside American computers. It wasn't just a case of American hackers breaking into American systems. This was about foreign nationals penetrating American computers. And there was something else which made the Australian hackers a target. The US Secret Service knew an Australian named Phoenix had been inside Citibank, one of the biggest financial institutions in the US.
Gavin didn't have many details to give Force. All he knew was that an American law enforcement agency—probably the Secret Service—had been putting enormous pressure on the Australian government to bust these people.
What Gavin didn't know was that the Secret Service wasn't the only source of pressure coming from the other side of the Pacific. The FBI had also approached the Australian Federal Police about the mysterious but noisy Australian hackers who kept breaking into American systems,5 and the AFP had acted on the information.
In late 1989, Detective Superintendent Ken Hunt of the AFP headed an investigation into the Melbourne hackers. It was believed to be the first major investigation of computer crime since the introduction of Australia's first federal anti-hacking laws. Like most law enforcement agencies around the world, the AFP were new players in the field of computer crime. Few officers had expertise in computers, let alone computer crime, so this case would prove to be an important proving ground.6
When Gavin broke the news, Force acted immediately. He called Phoenix on the phone, insisting on meeting him in person as soon as possible. As their friendship had progressed, they had moved from talking on-line to telephone conversations and finally to spending time together in person. Force sat Phoenix down alone and gave him a stern warning. He didn't tell him how he got his information, but he made it clear the source was reliable.
The word was that the police felt they had to bust someone. It had come to the point where an American law enforcement officer had reportedly told his Australian counterpart, `If you don't do something about it soon, we'll do something about it ourselves'. The American hadn't bothered to elaborate on just how they might do something about it, but it didn't matter.
Phoenix looked suddenly pale. He had certainly been very noisy, and was breaking into systems virtually all the time now. Many of those systems were in the US.
He certainly didn't want to end up like the West German hacker Hagbard, whose petrol-doused, charred remains had been discovered in a German forest in June 1989. An associate of Pengo's, Hagbard had been involved in a ring of German hackers who sold the information they found in American computers to a KGB agent in East Germany from 1986 to 1988.
In March 1989, German police raided the homes and offices of the German hacking group and began arresting people. Like Pengo, Hagbard had secretly turned himself into the German authorities months before and given full details of the hacking ring's activities in the hope of gaining immunity from prosecution.
American law enforcement agencies and prosecutors had not been enthusiastic about showing the hackers any leniency. Several US agencies, including the CIA and the FBI, had been chasing the German espionage ring and they wanted stiff sentences, preferably served in an American prison.
German court proceedings were under way when Hagbard's body was found. Did he commit suicide or was he murdered? No-one knew for sure, but the news shook the computer underground around the world. Hackers discussed the issue in considerable depth. On the one hand, Hagbard had a long history of mental instability and drug use, having spent time in psychiatric hospitals and detoxification centres off and on since the beginning of 1987. On the other hand, if you were going to kill yourself, would you really want to die in the agony of a petrol fire? Or would you just take a few too many pills or a quick bullet?
Whether it was murder or suicide, the death of Hagbard loomed large before Phoenix. Who were the American law enforcement agencies after in Australia? Did they want him?
No. Force reassured him, they were after Electron. The problem for Phoenix was that he kept talking to Electron on the phone—in voice conversations. If Phoenix continued associating with Electron, he too would be scooped up in the AFP's net.
The message to Phoenix was crystal clear.
Stay away from Electron.
`Listen, you miserable scum-sucking pig.'
`Huh?' Phoenix answered, only half paying attention.
`Piece of shit machine. I did all this editing and the damn thing didn't save the changes,' Electron growled at the Commodore Amiga, with its 512 k of memory, sitting on the desk in his bedroom.
It was January 1990 and both Phoenix and Electron were at home on holidays before the start of university.
`Yeah. Wish I could get this thing working. Fucking hell. Work you!' Phoenix yelled. Electron could hear him typing at the other end of the phone while he talked. He had been struggling to get AUX, the Apple version of Unix, running on his Macintosh SE30 for days.
It was difficult to have an uninterrupted conversation with Phoenix. If it wasn't his machine crashing, it was his grandmother asking him questions from the doorway of his room.
`You wanna go through the list? How big is your file?' Phoenix asked, now more focused on the conversation.
`Huh? Which file?'
`The dictionary file. The words to feed into the password cracker,' Phoenix replied. Electron pulled up his list of dictionary words and looked at it. I'm going to have to cut this list down a bit, he thought. The dictionary was part of the password cracking program. The larger the dictionary, the longer it took the computer to crack a list of passwords. If he could weed out obscure words—words that people were unlikely to pick as passwords—then he could make his cracker run faster.
An efficient password cracker was a valuable tool. Electron would feed his home computer a password file from a target computer, say from Melbourne University, then go to bed. About twelve hours later, he would check on his machine's progress.
If he was lucky, he would find six or more accounts—user names and their passwords—waiting for him in a file. The process was completely automated. Electron could then log into Melbourne University using the cracked accounts, all of which could be used as jumping-off points for hacking into other systems for the price of a local telephone call.
Cracking Unix passwords wasn't inordinately difficult, provided the different components of the program, such as the dictionary, had been set up properly. However, it was time-consuming. The principle was simple. Passwords, kept in password files with their corresponding user names, were encrypted. It was as impossible to reverse the encryption process as it was to unscramble an omelette. Instead, you needed to recreate the encryption process and compare the results.
There were three basic steps. First, target a computer and get a copy of its password file. Second, take a list of commonly used passwords, such as users' names from the password file or words from a dictionary, and encrypt those into a second list. Third, put the two lists side by side and compare them. When you have a match, you have found the password.
However, there was one important complication: salts. A salt changed the way a password was encrypted, subtly modifying the way the DES encryption algorithm worked. For example, the word Underground' encrypts two different ways with two different salts:
kyvbExMcdAOVM' or `lhFaTmw4Ddrjw'. The first two characters represent the salt, the others represent the password. The computer chooses a salt randomly when it encrypts a user's password. Only one is used, and there are 4096 different salts. All Unix computers use salts in their password encryption process.
Salts were intended to make password cracking far more difficult, so a hacker couldn't just encrypt a dictionary once and then compare it to every list of encrypted passwords he came across in his hacking intrusions. The 4096 salts mean that a hacker would have to use 4096 different dictionaries—each encrypted with a different salt—to discover any dictionary word passwords.
On any one system penetrated by Electron, there might be only 25 users, and therefore only 25 passwords, most likely using 25 different salts. Since the salt characters were stored immediately before the encrypted password, he could easily see which salt was being used for a particular password. He would therefore only have to encrypt a dictionary 25 different times.
Still, even encrypting a large dictionary 25 times using different salts took up too much hard-drive space for a basic home computer. And that was just the dictionary. The most sophisticated cracking programs also produced intelligent guesses' of passwords. For example, the program might take the user's name and try it in both upper- and lower-case letters. It might also add a
1' at the end. In short, the program would create new guesses by permutating, shuffling, reversing and recombining basic information such as a user's name into new `words'.
`It's 24000 words. Too damn big,' Electron said. Paring down a dictionary was a game of trade-offs. The fewer words in a cracking dictionary, the less time it was likely to take a computer to break the encrypted passwords. A smaller dictionary, however, also meant fewer guesses and so a reduced chance of cracking the password of any given account.
`Hmm. Mine's 24328. We better pare it down together.'
`Yeah. OK. Pick a letter.'
`C. Let's start with the Cs.'
`Why C?'
`C. For my grandmother's cat, Cocoa.'
Yeah. OK. Here goes. Cab, Cabal. Cabala. Cabbala.' Electron paused.
What the fuck is a Cabbala?'
Dunno. Yeah. I've got those. Not Cabbala. OK, Cabaret. Cabbage. Fuck, I hate cabbage. Who'd pick Cabbage as their password?'
A Pom,' Electron answered.
`Yeah,' Phoenix laughed before continuing.
Phoenix sometimes stopped to think about Force's warning, but usually he just pushed it to one side when it crept, unwelcomed, into his thoughts. Still, it worried him. Force took it seriously enough. Not only had he stopped associating with Electron, he appeared to have gone very, very quiet.
In fact, Force had found a new love: music. He was writing and performing his own songs. By early 1990 he seemed so busy with his music that he had essentially put The Realm on ice. Its members took to congregating on a machine owned by another Realm member, Nom, for a month or so.
Somehow, however, Phoenix knew that wasn't all of the story. A hacker didn't pick up and walk away from hacking just like that. Especially not Force. Force had been obsessed with hacking. It just didn't make sense. There had to be something more. Phoenix comforted himself with the knowledge that he had followed Force's advice and had stayed away from Electron. Well, for a while anyway.
He had backed right off, watched and waited, but nothing happened. Electron was as active in the underground as ever but he hadn't been busted. Nothing had changed. Maybe Force's information had been wrong. Surely the feds would have busted Electron by now if they were going to do anything. So Phoenix began to rebuild his relationship with Electron. It was just too tempting. Phoenix was determined not to let Force's ego impede his own progress.
By January 1990, Electron was hacking almost all the time. The only time he wasn't hacking was when he was sleeping, and even then he often dreamed of hacking. He and Phoenix were sailing past all the other Melbourne hackers. Electron had grown beyond Powerspike's expertise just as Phoenix had accelerated past Force. They were moving away from X.25 networks and into the embryonic Internet, which was just as illegal since the universities guarded computer accounts—Internet access—very closely.
Even Nom, with his growing expertise in the Unix operating system which formed the basis of many new Internet sites, wasn't up to Electron's standard. He didn't have the same level of commitment to hacking, the same obsession necessary to be a truly cutting-edge hacker. In many ways, the relationship between Nom and Phoenix mirrored the relationship between Electron and Powerspike: the support act to the main band.
Electron didn't consider Phoenix a close friend, but he was a kindred spirit. In fact he didn't trust Phoenix, who had a big mouth, a big ego and a tight friendship with Force—all strikes against him. But Phoenix was intelligent and he wanted to learn. Most of all, he had the obsession. Phoenix contributed to a flow of information which stimulated Electron intellectually, even if more information flowed toward Phoenix than from him.
Within a month, Phoenix and Electron were in regular contact, and during the summer holidays they were talking on the phone—voice—all the time, sometimes three or four times a day. Hack then talk. Compare notes. Hack some more. Check in again, ask a few questions. Then back to hacking.
The actual hacking was generally a solo act. For a social animal like Phoenix, it was a lonely pursuit. While many hackers revelled in the intense isolation, some, such as Phoenix, also needed to check in with fellow humanity once in a while. Not just any humanity—those who understood and shared in the obsession.
Caboodle. Caboose,
Electron went on, Cabriolet. What the hell is a Cabriolet? Do you know?'
Yeah,' Phoenix answered, then rushed on. `OK. Cacao. Cache. Cachet …'
`Tell us. What is it?' Electron cut Phoenix off.
`Cachinnation. Cachou …'
Do you know?' Electron asked again, slightly irritated. As usual, Phoenix was claiming to know things he probably didn't.
Hmm? Uh, yeah,' Phoenix answered weakly. `Cackle. Cacophony …'
Electron knew that particular Phoenix yeah'—the one which said
yes' but meant `no, and I don't want to own up to it either so let's drop it'.
Electron made it a habit not to believe most of the things Phoenix told him. Unless there was some solid proof, Electron figured it was just hot air. He didn't actually like Phoenix much as a person, and found talking to him difficult at times. He preferred the company of his fellow hacker Powerspike.
Powerspike was both bright and creative. Electron clicked with him. They often joked about the other's bad taste in music. Powerspike liked heavy metal, and Electron liked indie music. They shared a healthy disrespect for authority. Not just the authority of places they hacked into, like the US Naval Research Laboratories or NASA, but the authority of The Realm. When it came to politics, they both leaned to the left. However, their interest tended more toward anarchy—opposing symbols of the military-industrial complex—than to joining a political party.
After their expulsion from The Realm, Electron had been a little isolated for a time. The tragedy of his personal life had contributed to the isolation. At the age of eight, he had seen his mother die of lung cancer. He hadn't witnessed the worst parts of her dying over two years, as she had spent some time in a German cancer clinic hoping for a reprieve. She had, however, come home to die, and Electron had watched her fade away.
When the phone call from hospital came one night, Electron could tell what had happened from the serious tones of the adults. He burst into tears. He could hear his father answering questions on the phone. Yes, the boy had taken it hard. No, his sister seemed to be OK. Two years younger than Electron, she was too young to understand.
Electron had never been particularly close to his sister. He viewed her as an unfeeling, shallow person—someone who simply skimmed along the surface of life. But after their mother's death, their father began to favour Electron's sister, perhaps because of her resemblance to his late wife. This drove a deeper, more subtle wedge between brother and sister.
Electron's father, a painter who taught art at a local high school, was profoundly affected by his wife's death. Despite some barriers of social class and money, theirs had been a marriage of great affection and love and they made a happy home. Electron's father's paintings hung on almost every wall in the house, but after his wife's death he put down his brushes and never took them up again. He didn't talk about it. Once, Electron asked him why he didn't paint any more. He looked away and told Electron that he had `lost the motivation'.
Electron's grandmother moved into the home to help her son care for his two children, but she developed Alzheimer's disease. The children ended up caring for her. As a teenager, Electron thought it was maddening caring for someone who couldn't even remember your name. Eventually, she moved into a nursing home.
In August 1989, Electron's father arrived home from the doctor's office. He had been mildly ill for some time, but refused to take time off work to visit a doctor. He was proud of having taken only one day's sick leave in the last five years. Finally, in the holidays, he had seen a doctor who had conducted numerous tests. The results had come in.
Electron's father had bowel cancer and the disease had spread. It could not be cured. He had two years to live at the most.
Electron was nineteen years old at the time, and his early love of the computer, and particularly the modem, had already turned into a passion. Several years earlier his father, keen to encourage his fascination with the new machines, used to bring one of the school's Apple IIes home over weekends and holidays. Electron spent hours at the borrowed machine. When he wasn't playing on the computer, he read, plucking one of his father's spy novels from the over-crowded bookcases, or his own favourite book, The Lord of The Rings.
Computer programming had, however, captured the imagination of the young Electron years before he used his first computer. At the age of eleven he was using books to write simple programs on paper—mostly games—despite the fact that he had never actually touched a keyboard.
His school may have had a few computers, but its administrators had little understanding of what to do with them. In year 9, Electron had met with the school's career counsellor, hoping to learn about career options working with computers.
I think maybe I'd like to do a course in computer programming …' His voice trailed off, hesitantly.
Why would you want to do that?' she said. `Can't you think of anything better than that?'
Uhm …' Electron was at a loss. He didn't know what to do. That was why he had come to her. He cast around for something which seemed a more mainstream career option but which might also let him work on computers.
Well, accounting maybe?'
`Oh yes, that's much better,' she said.
`You can probably even get into a university, and study accounting there. I'm sure you will enjoy it,' she added, smiling as she closed his file.
The borrowed computers were, in Electron's opinion, one of the few good things about school. He did reasonably well at school, but only because it didn't take much effort. Teachers consistently told his father that Electron was underachieving and that he distracted the other students in class. For the most part, the criticism was just low-level noise. Occasionally, however, Electron had more serious run-ins with his teachers. Some thought he was gifted. Others thought the freckle-faced, Irish-looking boy who helped his friends set fire to textbooks at the back of the class was nothing but a smart alec.
When he was sixteen, Electron bought his own computer. He used it to crack software protection, just as Par had done. The Apple was soon replaced by a more powerful Amiga with a 20 megabyte IBM compatible sidecar. The computers lived, in succession, on one of the two desks in his bedroom. The second desk, for his school work, was usually piled high with untouched assignments.
The most striking aspect of Electron's room was the ream after ream of dot matrix computer print-out which littered the floor. Standing at almost any point in the simply furnished room, someone could reach out and grab at least one pile of print-outs, most of which contained either usernames and passwords or printed computer program code. In between the piles of print-outs, were T-shirts, jeans, sneakers and books on the floor. It was impossible to walk across Electron's room without stepping on something.
The turning point for Electron was the purchase of a second-hand 300 baud modem in 1986. Overnight, the modem transformed Electron's love of the computer into an obsession. During the semester immediately before the modem's arrival, Electron's report card showed six As and one B. The following semester he earned six Bs and only one A.
Electron had moved onto bigger and better things than school. He quickly became a regular user of underground BBSes and began hacking. He was enthralled by an article he discovered describing how several hackers claimed to have moved a satellite around in space simply by hacking computers. From that moment on, Electron decided he wanted to hack—to find out if the article was true.
Before he graduated from school in 1987, Electron had hacked NASA, an achievement which saw him dancing around the dining room table in the middle of the night chanting, `I got into NASA! I got into NASA!' He hadn't moved any satellites, but getting into the space agency was as thrilling as flying to the moon.
By 1989, he had been hacking regularly for years, much to the chagrin of his sister, who claimed her social life suffered because the family's sole phone line was always tied up by the modem.
For Phoenix, Electron was a partner in hacking, and to a lesser degree a mentor. Electron had a lot to offer, by that time even more than The Realm.
`Cactus, Cad, Cadaver, Caddis, Cadence, Cadet, Caesura. What the fuck is a Caesura?' Phoenix kept ploughing through the Cs.
`Dunno. Kill that,' Electron answered, distracted.
Caesura. Well, fuck. I know I'd wanna use that as a password.' Phoenix laughed.
What the hell kind of word is Caduceus?'
A dead one. Kill all those. Who makes up these dictionaries?' Electron said.
Yeah.'
`Caisson, Calabash. Kill those. Kill, kill, kill,' Electron said gleefully.
`Hang on. How come I don't have Calabash in my list?' Phoenix feigned indignation.
Electron laughed.
Hey,' Phoenix said,
we should put in words like "Qwerty" and
"ABCDEF" and "ASDFGH".'
Did that already.' Electron had already put together a list of other common passwords, such as the
words' made when a user typed the six letters in the first alphabet row on a keyboard.
Phoenix started on the list again. `OK the COs. Commend, Comment, Commerce, Commercial, Commercialism, Commercially. Kill those last three.'
`Huh? Why kill Commercial?'
Let's just kill all the words with more than eight characters,' Phoenix said.
No. That's not a good idea.'
`How come? The computer's only going to read the first eight characters and encrypt those. So we should kill all the rest.'
Sometimes Phoenix just didn't get it. But Electron didn't rub it in. He kept it low-key, so as not to bruise Phoenix's ego. Often Electron sensed Phoenix sought approval from the older hacker, but it was a subtle, perhaps even unconscious search.
Nah,' Electron began,
See, someone might use the whole word, Commerce or Commercial. The first eight letters of these words are not the same. The eighth character in Commerce is "e", but in Commercial it's "i".'
There was a short silence.
Yeah,' Electron went on,
but you could kill all the words like Commercially, and Commercialism, that come after Commercial. See?'
`Yeah. OK. I see,' Phoenix said.
But don't just kill every word longer than eight characters,' Electron added.
Hmm. OK. Yeah, all right.' Phoenix seemed a bit out of sorts. Hey,' he brightened a bit,
it's been a whole ten minutes since my machine crashed.'
`Yeah?' Electron tried to sound interested.
Yeah. You know,' Phoenix changed the subject to his favourite topic,
what we really need is Deszip. Gotta get that.' Deszip was a computer program which could be used for password cracking.
`And Zardoz. We need Zardoz,' Electron added. Zardoz was a restricted electronic publication detailing computer security holes.
`Yeah. Gotta try to get into Spaf's machine. Spaf'll have it for sure.' Eugene Spafford, Associate Professor of Computer Science at Purdue University in the US, was one of the best known computer security experts on the Internet in 1990.
`Yeah.'
And so began their hunt for the holy grail.
Deszip and Zardoz glittered side by side as the most coveted prizes in the world of the international Unix hacker.
Cracking passwords took time and computer resources. Even a moderately powerful university machine would grunt and groan under the weight of the calculations if it was asked to do. But the Deszip program could change that, lifting the load until it was, by comparison, feather-light. It worked at breathtaking speed and a hacker using Deszip could crack encrypted passwords up to 25 times faster.
Zardoz, a worldwide security mailing list, was also precious, but for a different reason. Although the mailing list's formal name was Security Digest, everyone in the underground simply called it Zardoz, after the computer from which the mailouts originated. Zardoz also happened to be the name of a science fiction cult film starring Sean Connery. Run by Neil Gorsuch, the Zardoz mailing list contained articles, or postings, from various members of the computer security industry. The postings discussed newly discovered bugs—problems with a computer system which could be exploited to break into or gain root access on a machine. The beauty of the bugs outlined in Zardoz was that they worked on any computer system using the programs or operating systems it described. Any university, any military system, any research institute which ran the software documented in Zardoz was vulnerable. Zardoz was a giant key ring, full of pass keys made to fit virtually every lock.
True, system administrators who read a particular Zardoz posting might take steps to close up that security hole. But as the hacking community knew well, it was a long time between a Zardoz posting and a shortage of systems with that hole. Often a bug worked on many computers for months—sometimes years—after being announced on Zardoz.
Why? Many admins had never heard of the bug when it was first announced. Zardoz was an exclusive club, and most admins simply weren't members. You couldn't just walk in off the street and sign up for Zardoz. You had to be vetted by peers in the computer security industry. You had to administer a legitimate computer system, preferably with a large institution such as a university or a research body such as CSIRO. Figuratively speaking, the established members of the Zardoz mailing list peered down their noses at you and determined if you were worthy of inclusion in Club Zardoz. Only they decided if you were trustworthy enough to share in the great security secrets of the world's computer systems.
In 1989, the white hats, as hackers called the professional security gurus, were highly paranoid about Zardoz getting into the wrong hands. So much so, in fact, that many postings to Zardoz were fine examples of the art of obliqueness. A computer security expert would hint at a new bug in his posting without actually coming out and explaining it in what is commonly referred to as a `cookbook' explanation.
This led to a raging debate within the comp-sec industry. In one corner, the cookbook purists said that bulletins such as Zardoz were only going to be helpful if people were frank with each other. They wanted people posting to Zardoz to provide detailed, step-by-step explanations on how to exploit a particular security hole. Hackers would always find out about bugs one way or another and the best way to keep them out of your system was to secure it properly in the first place. They wanted full disclosure.
In the other corner, the hard-line, command-and-control computer security types argued that posting an announcement to Zardoz posed the gravest of security risks. What if Zardoz fell into the wrong hands? Why, any sixteen-year-old hacker would have step-by-step directions showing how to break into thousands of individual computers! If you had to reveal a security flaw—and the jury was still out in their minds as to whether that was such a good idea—it should be done only in the most oblique terms.
What the hard-liners failed to understand was that world-class hackers like Electron could read the most oblique, carefully crafted Zardoz postings and, within a matter of days if not hours, work out exactly how to exploit the security hole hinted at in the text. After which they could just as easily have written a cookbook version of the security bug.
Most good hackers had come across one or two issues of Zardoz in their travels, often while rummaging though the system administrator's mail on a prestigious institution's computer. But no-one from the elite of the Altos underground had a full archive of all the back issues. The hacker who possessed that would have details of every major security hole discovered by the world's best computer security minds since at least 1988.
Like Zardoz, Deszip was well guarded. It was written by computer security expert Dr Matthew Bishop, who worked at NASA's Research Institute for Advanced Computer Science before taking up a teaching position at Dartmouth, an Ivy League college in New Hampshire. The United States government deemed Deszip's very fast encryption algorithms to be so important, they were classified as armaments. It was illegal to export them from the US.
Of course, few hackers in 1990 had the sophistication to use weapons such as Zardoz and Deszip properly. Indeed, few even knew they existed. But Electron and Phoenix knew, along with a tiny handful of others, including Pad and Gandalf from Britain. Congregating on Altos in Germany, they worked with a select group of others carefully targeting sites likely to contain parts of their holy grail. They were methodical and highly strategic, piecing information together with exquisite, almost forensic, skill. While the common rabble of other hackers were thumping their heads against walls in brute-force attacks on random machines, these hackers spent their time hunting for strategic pressure points—the Achilles' heels of the computer security community.
They had developed an informal hit list of machines, most of which belonged to high-level computer security gurus. Finding one or two early issues of Zardoz, Electron had combed through their postings looking not just on the surface—for the security bugs—but also paying careful attention to the names and addresses of the people writing articles. Authors who appeared frequently in Zardoz, or had something intelligent to say, went on the hit list. It was those people who were most likely to keep copies of Deszip or an archive of Zardoz on their machines.
Electron had searched across the world for information about Deszip and DES (Data Encryption Standard), the original encryption program later used in Deszip. He hunted through computers at the University of New York, the US Naval Research Laboratories in Washington DC, Helsinki University of Technology, Rutgers University in New Jersey, Melbourne University and Tampere University in Finland, but the search bore little fruit. He found a copy of CDES, a public domain encryption program which used the DES algorithm, but not Deszip. CDES could be used to encrypt files but not to crack passwords.
The two Australian hackers had, however, enjoyed a small taste of Deszip. In 1989 they had broken into a computer at Dartmouth College called Bear. They discovered Deszip carefully tucked away in a corner of Bear and had spirited a copy of the program away to a safer machine at another institution.
It turned out to be a hollow victory. That copy of Deszip had been encrypted with Crypt, a program based on the German Enigma machine used in World War II. Without the passphrase—the key to unlock the encryption—it was impossible to read Deszip. All they could do was stare, frustrated, at the file name Deszip labelling a treasure just out of reach.
Undaunted, the hackers decided to keep the encrypted file just in case they ever came across the passphrase somewhere—in an email letter, for example—in one of the dozens of new computers they now hacked regularly. Relabelling the encrypted Deszip file with a more innocuous name, they stored the copy in a dark corner of another machine. Thinking it wise to buy a little insurance as well, they gave a second copy of the encrypted Deszip to Gandalf, who stored it on a machine in the UK in case the Australians' copy disappeared unexpectedly.
In January 1990, Electron turned his attention to getting Zardoz. After carefully reviewing an old copy of Zardoz, he had discovered a system admin in Melbourne on the list. The subscriber could well have the entire Zardoz archive on his machine, and that machine was so close—less than half an hour's drive from Electron's home. All Electron had to do was to break into the CSIRO.
The Commonwealth Scientific and Industrial Research Organisation, or CSIRO, is a government owned and operated research body with many offices around Australia. Electron only wanted to get into one: the Division of Information Technology at 55 Barry Street, Carlton, just around the corner from the University of Melbourne.
Rummaging through a Melbourne University computer, Electron had already found one copy of the Zardoz archive, belonging to a system admin. He gathered it up and quietly began downloading it to his computer, but as his machine slowly siphoned off the Zardoz copy, his link to the university abruptly went dead. The admin had discovered the hacker and quickly killed the connection. All of which left Electron back at square one—until he found another copy of Zardoz on the CSIRO machine.
It was nearly 3 a.m. on 1 February 1990, but Electron wasn't tired. His head was buzzing. He had just successfully penetrated an account called Worsley on the CSIRO computer called DITMELA, using the sendmail bug. Electron assumed DITMELA stood for Division of Information Technology, Melbourne, computer `A'.
Electron began sifting through Andrew Worsley's directories that day. He knew Zardoz was in there somewhere, since he had seen it before. After probing the computer, experimenting with different security holes hoping one would let him inside, Electron managed to slip in unnoticed. It was mid-afternoon, a bad time to hack a computer since someone at work would likely spot the intruder before long. So Electron told himself this was just a reconnaissance mission. Find out if Zardoz was on the machine, then get out of there fast and come back later—preferably in the middle of the night—to pull Zardoz out.
When he found a complete collection of Zardoz in Worsley's directory, Electron was tempted to try a grab and run. The problem was that, with his slow modem, he couldn't run very quickly. Downloading Zardoz would take several hours. Quashing his overwhelming desire to reach out and grab Zardoz then and there, he slipped out of the machine noiselessly.
Early next morning, an excited and impatient Electron crept back into DITMELA and headed straight for Worsley's directory. Zardoz was still there. And a sweet irony. Electron was using a security bug he had found on an early issue of Zardoz to break into the computer which would surrender the entire archive to him.
Getting Zardoz out of the CSIRO machine was going to be a little difficult. It was a big archive and at 300 baud—30 characters per second—Electron's modem would take five hours to siphon off an entire copy. Using the CAT command, Electron made copies of all the Zardoz issues and bundled them up into one 500 k file. He called the new file .t and stored it in the temporary directory on DITMELA.
Then he considered what to do next. He would mail the Zardoz bundle to another account outside the CSIRO computer, for safe-keeping. But after that he had to make a choice: try to download the thing himself or hang up, call Phoenix and ask him to download it.
Using his 2400 baud modem, Phoenix would be able to download the Zardoz bundle eight times faster than Electron could. On the other hand, Electron didn't particularly want to give Phoenix access to the CSIRO machine. They had both been targeting the machine, but he hadn't told Phoenix that he had actually managed to get in. It wasn't that he planned on withholding Zardoz when he got it. Quite the contrary, Electron wanted Phoenix to read the security file so they could bounce ideas off each other. When it came to accounts, however, Phoenix had a way of messing things up. He talked too much. He was simply not discreet.
While Electron considered his decision, his fingers kept working at the keyboard. He typed quickly, mailing copies of the Zardoz bundle to two hacked student accounts at Melbourne University. With the passwords to both accounts, he could get in whenever he wanted and he wasn't taking any chances with this precious cargo. Two accounts were safer than one—a main account and a back-up in case someone changed the password on the first one.
Then, as the DITMELA machine was still in the process of mailing the Zardoz bundle off to the back-up sites, Electron's connection suddenly died.
The CSIRO machine had hung up on him, which probably meant one thing. The admin had logged him off. Electron was furious. What the hell was a system administrator doing on a computer at this hour? The admin was supposed to be asleep! That's why Electron logged on when he did. He had seen Zardoz on the CSIRO machine the day before but he had been so patient refusing to touch it because the risk of discovery was too great. And now this.
The only hope was to call Phoenix and get him to login to the Melbourne Uni accounts to see if the mail had arrived safely. If so, he could download it with his faster modem before the CSIRO admin had time to warn the Melbourne Uni admin, who would change the passwords.
Electron got on the phone to Phoenix. They had long since stopped caring about what time of day they rang each other. 10 p.m. 2 a.m. 4.15 a.m. 6.45 a.m.
`Yeah.' Electron greeted Phoenix in the usual way.
`Yup,' Phoenix responded.
Electron told Phoenix what happened and gave him the two accounts at Melbourne University where he had mailed the Zardoz bundle. Phoenix hung up and rang back a few minutes later. Both accounts were dead. Someone from Melbourne University had gone in and changed the passwords within 30 minutes of Electron being booted off the CSIRO computer. Both hackers were disturbed by the implications of this event. It meant someone—in fact probably several people—were onto them. But their desperation to get Zardoz overcame their fear.
Electron had one more account on the CSIRO computer. He didn't want to give it to Phoenix, but he didn't have a choice. Still, the whole venture was filled with uncertainty. Who knew if the Zardoz bundle was still there? Surely an admin who bothered to kick Electron out would move Zardoz to somewhere inaccessible. There was, however, a single chance.
When Electron read off the password and username, he told Phoenix to copy the Zardoz bundle to a few other machines on the Internet instead of trying to download it to his own computer. It would be much quicker, and the CSIRO admin wouldn't dare break into someone else's computers to delete the copied file. Choosing overseas sites would make it even harder for the admin to reach the admins of those machines and warn them in time. Then, once Zardoz was safely tucked away in a few back-up sites, Phoenix could download it over the Internet from one of those with less risk of being booted off the machine halfway through the process.
Sitting at his home in Kelvin Grove, Thornbury, just two suburbs north of the CSIRO machine, Ian Mathieson watched the hacker break into his computer again. Awoken by a phone call at 2.30 a.m. telling him there was a suspected hacker in his computer, Mathieson immediately logged in to his work system, DITMELA, via his home computer and modem. The call, from David Hornsby of the Melbourne University Computer Science Department, was no false alarm.
After watching the unknown hacker, who had logged in through a Melbourne University machine terminal server, for about twenty minutes, Mathieson booted the hacker off his system. Afterwards he noticed that the DITMELA computer was still trying to execute a command issued by the hacker. He looked a little closer, and discovered DITMELA was trying to deliver mail to two Melbourne University accounts.
The mail, however, hadn't been completely delivered. It was still sitting in the mail spool, a temporary holding pen for undelivered mail. Curious as to what the hacker would want so much from his system, Mathieson moved the file into a subdirectory to look at it. He was horrified to find the entire Zardoz archive, and he knew exactly what it meant. These were no ordinary hackers—they were precision fliers. Fortunately, Mathieson consoled himself, he had stopped the mail before it had been sent out and secured it.
Unfortunately, however, Mathieson had missed Electron's original file—the bundle of Zardoz copies. When Electron had mailed the file, he had copied it, leaving the original intact. They were still sitting on DITMELA under the unassuming name .t. Mailing a file didn't delete it—the computer only sent a copy of the original. Mathieson was an intelligent man, a medical doctor with a master's degree in computer science, but he had forgotten to check the temporary directory, one of the few places a hacker could store files on a Unix system if he didn't have root privileges.
At exactly 3.30 a.m. Phoenix logged into DITMELA from the University of Texas. He quickly looked in the temporary directory. The .t file was there, just as Electron had said it would be. The hacker quickly began transferring it back to the University of Texas.
He was feeling good. It looked like the Australians were going to get the entire Zardoz collection after all. Everything was going extremely well—until the transfer suddenly died. Phoenix had forgotten to check that there was enough disk space available on the University of Texas account to download the sizeable Zardoz bundle. Now, as he was logged into a very hot machine, a machine where the admin could well be watching his every move, he discovered there wasn't enough room for the Zardoz file.
Aware that every second spent on-line to DITMELA posed a serious risk, Phoenix logged off the CSIRO machine immediately. Still connected to the Texas computer, he fiddled around with it, deleting other files and making enough room to pull the whole 500 k Zardoz file across.
At 3.37 a.m. Phoenix entered DITMELA again. This time, he vowed, nothing would go wrong. He started up the file transfer and waited. Less than ten minutes later, he logged off the CSIRO computer and nervously checked the University of Texas system. It was there. Zardoz, in all its glory. And it was his! Phoenix was ecstatic.
He wasn't done yet and there was no time for complacency. Swiftly, he began compressing and encrypting Zardoz. He compressed it because a smaller file was less obvious on the Texas machine and was faster to send to a back-up machine. He encrypted it so no-one nosing around the file would be able to see what was in it. He wasn't just worried about system admins; the Texas system was riddled with hackers, in part because it was home to his friend, Legion of Doom hacker Erik Bloodaxe, a student at the university.
After Phoenix was satisfied Zardoz was safe, he rang Electron just before 4 a.m. with the good news. By 8.15, Phoenix had downloaded Zardoz from the Texas computer onto his own machine. By 1.15 p.m., Electron had downloaded it from Phoenix's machine to his own. Zardoz had been a difficult conquest, but Deszip would prove to be even more so. While dozens of security experts possessed complete Zardoz archives, far fewer people had Deszip. And, at least officially, all of them were in the US.
The US government banned the export of cryptography algorithms. To send a copy of Deszip, or DES or indeed any other encryption program outside the US was a crime. It was illegal because the US State Department's Office of Defense Trade Controls considered any encryption program to be a weapon. ITAR, the International Traffic in Arms Regulations stemming from the US Arms Export Control Act 1977, restricted publication of and trad in `defense articles'. It didn't matter whether you flew to Europe with a disk in your pocket, or you sent the material over the Internet. If you violated ITAR, you faced the prospect of prison.
Occasionally, American computer programmers discreetly slipped copies of encryption programs to specialists in their field outside the US. Once the program was outside the US, it was fair game—there was nothing US authorities could do about someone in Norway sending Deszip to a colleague in Australia. But even so, the comp-sec and cryptography communities outside the US still held programs such as Deszip very tightly within their own inner sanctums.
All of which meant that Electron and Phoenix would almost certainly have to target a site in the US. Electron continued to compile a hit list, based on the Zardoz mailing list, which he gave to Phoenix. The two hackers then began searching the growing Internet for computers belonging to the targets.
It was an impressive hit list. Matthew Bishop, author of Deszip. Russell Brand, of the Lawrence Livermore National Labs, a research laboratory funded by the US Department of Energy. Dan Farmer, an author of the computer program COPS, a popular security-testing program which included a password cracking program. There were others. And, at the top of the list, Eugene Spafford, or Spaf, as the hackers called him.
By 1990, the computer underground viewed Spaf not just as security guru, but also as an anti-hacker zealot. Spaf was based at Purdue University, a hotbed of computer security experts. Bishop had earned his PhD at Purdue and Dan Farmer was still there. Spaf was also one of the founders of usenet, the Internet newsgroups service. While working as a computer scientist at the university, he had made a name for himself by, among other things, writing a technical analysis of the RTM worm. The worm, authored by Cornell University student Robert T. Morris Jr in 1988, proved to be a boon for Spaf's career.
Prior to the RTM worm, Spaf had been working in software engineering. After the worm, he became a computer ethicist and a very public spokesman for the conservatives in the computer security industry. Spaf went on tour across the US, lecturing the public and the media on worms, viruses and the ethics of hacking. During the Morris case, hacking became a hot topic in the United States, and Spaf fed the flames. When Judge Howard G. Munson refused to sentence Morris to prison, instead ordering him to complete 400 hours community service, pay a $10000 fine and submit to three years probation, Spaf publicly railed against the decision. The media reported that he had called on the computer industry to boycott any company which chose to employ Robert T. Morris Jr.
Targeting Spaf therefore served a dual purpose for the Australian hackers. He was undoubtedly a repository of treasures such as Deszip, and he was also a tall poppy.
One night, Electron and Phoenix decided to break into Spaf's machine at Purdue to steal a copy of Deszip. Phoenix would do the actual hacking, since he had the fast modem, but he would talk to Electron simultaneously on the other phone line. Electron would guide him at each step. That way, when Phoenix hit a snag, he wouldn't have to retreat to regroup and risk discovery.
Both hackers had managed to break into another computer at Purdue, called Medusa. But Spaf had a separate machine, Uther, which was connected to Medusa.
Phoenix poked and prodded at Uther, trying to open a hole wide enough for him to crawl through. At Electron's suggestion, he tried to use the CHFN bug. The CHFN command lets users change the information provided—such as their name, work address or office phone number—when someone `fingers' their accounts. The bug had appeared in one of the Zardoz files and Phoenix and Electron had already used it to break into several other machines.
Electron wanted to use the CHFN bug because, if the attack was successful, Phoenix would be able to make a root account for himself on Spaf's machine. That would be the ultimate slap in the face to a high-profile computer security guru.
But things weren't going well for Phoenix. The frustrated Australian hacker kept telling Electron that the bug should work, but it wouldn't, and he couldn't figure out why. The problem, Electron finally concluded, was that Spaf's machine was a Sequent. The CHFN bug depended on a particular Unix password file structure, but Sequents used a different structure. It didn't help that Phoenix didn't know that much about Sequents—they were one of Gandalf's specialties.
After a few exasperating hours struggling to make the CHFN bug work, Phoenix gave up and turned to another security flaw suggested by Electron: the FTP bug. Phoenix ran through the bug in his mind. Normally, someone used FTP, or file transfer protocol, to transfer files over a network, such as the Internet, from one computer to another. FTPing to another machine was a bit like telnetting, but the user didn't need a password to login and the commands he could execute once in the other computer were usually very limited.
If it worked, the FTP bug would allow Phoenix to slip in an extra command during the FTP login process. That command would force Spaf's machine to allow Phoenix to login as anyone he wanted—and what he wanted was to login as someone who had root privileges. The root' account might be a little obvious if anyone was watching, and it didn't always have remote access anyway. So he chose
daemon', another commonly root-privileged account, instead.
It was a shot in the dark. Phoenix was fairly sure Spaf would have secured his machine against such an obvious attack, but Electron urged him to give it a try anyway. The FTP bug had been announced throughout the computer security community long ago, appearing in an early issue of Zardoz. Phoenix hesitated, but he had run out of ideas, and time.
Phoenix typed:
FTP -i uther.purdue.edu
quote user anonymous
quote cd ~daemon
quote pass anything
The few seconds it took for his commands to course from his suburban home in Melbourne and race deep into the Midwest felt like a lifetime. He wanted Spaf's machine, wanted Deszip, and wanted this attack to work. If he could just get Deszip, he felt the Australians would be unstoppable.
Spaf's machine opened its door as politely as a doorman at the Ritz Carlton. Phoenix smiled at his computer. He was in. It was like being in Aladdin's cave. Phoenix just sat there, stunned at the bounty which lay before him. It was his, all his. Spaf had megabytes of security files in his directories. Source code for the RTM Internet worm. Source code for the WANK worm. Everything. Phoenix wanted to plunge his hands in each treasure chest and scoop out greedy handfuls, but he resisted the urge. He had a more important—a more strategic—mission to accomplish first.
He prowled through the directories, hunting everywhere for Deszip. Like a burglar scouring the house for the family silver, he pawed through directory after directory. Surely, Spaf had to have Deszip. If anyone besides Matthew Bishop was going to have a copy, he would. And finally, there it was. Deszip. Just waiting for Phoenix.
Then Phoenix noticed something else. Another file. Curiosity got the better of him and he zoomed in to have a quick look. This one contained a passphrase—the passphrase. The phrase the Australians needed to decrypt the original copy of Deszip they had stolen from the Bear computer at Dartmouth three months earlier. Phoenix couldn't believe the passphrase. It was so simple, so obvious. But he caught himself. This was no time to cry over spilled milk. He had to get Deszip out of the machine quickly, before anyone noticed he was there.
But as Phoenix began typing in commands, his screen appeared to freeze up. He checked. It wasn't his computer. Something was wrong at the other end. He was still logged into Spaf's machine. The connection hadn't been killed. But when he typed commands, the computer in West Lafayette, Indiana, didn't respond. Spaf's machine just sat there, deaf and dumb.
Phoenix stared at his computer, trying to figure out what was happening. Why wouldn't Spaf's machine answer? There were two possibilities. Either the network—the connection between the first machine he penetrated at Purdue and Spaf's own machine—had gone down accidentally. Or someone had pulled the plug.
Why pull the plug? If they knew he was in there, why not just kick him out of the machine? Better still, why not kick him out of Purdue all together? Maybe they wanted to keep him on-line to trace which machine he was coming from, eventually winding backwards from system to system, following his trail.
Phoenix was in a dilemma. If the connection had crashed by accident, he wanted to stay put and wait for the network to come back up again. The FTP hole in Spaf's machine was an incredible piece of luck. Chances were that someone would find evidence of his break-in after he left and plug it. On the other hand, he didn't want the people at Purdue tracing his connections.
He waited a few more minutes, trying to hedge his bets. Feeling nervy as the extended silence emanating from Spaf's machine wore on, Phoenix decided to jump. With the lost treasures of Aladdin's cave fading in his mind's eye like a mirage, Phoenix killed his connection.
Electron and Phoenix talked on the phone, moodily contemplating their losses. It was a blow, but Electron reminded himself that getting Deszip was never going to be easy. At least they had the passphrase to unlock the encrypted Deszip taken from Dartmouth.
Soon, however, they discovered a problem. There had to be one, Electron thought. They couldn't just have something go off without a hitch for a change. That would be too easy. The problem this time was that when they went searching for their copy from Dartmouth, which had been stored several months before, it had vanished. The Dartmouth system admin must have deleted it.
It was maddening. The frustration was unbearable. Each time they had Deszip just within their grasp, it slipped away and disappeared. Yet each time they lost their grip, it only deepened their desire to capture the elusive prize. Deszip was fast becoming an all-consuming obsession for Phoenix and Electron.
Their one last hope was the second copy of the encrypted Dartmouth Deszip file they had given to Gandalf, but that hope did not burn brightly. After all, if the Australians' copy had been deleted, there was every likelihood that the Brit's copy had suffered the same fate. Gandalf's copy hadn't been stored on his own computer. He had put it on some dark corner of a machine in Britain.
Electron and Phoenix logged onto Altos and waited for Pad or Gandalf to show up.
Phoenix typed .s for a list of who was on-line. He saw that Pad was logged on:
No Chan User
0 Guest
1 Phoenix
2 Pad
Guest 0 was Electron. He usually logged on as Guest, partly because he was so paranoid about being busted and because he believed operators monitored his connections if they knew it was Electron logging in. They seemed to take great joy in sniffing the password to his own account on Altos. Then, when he had logged off, they logged in and changed his password so he couldn't get back under the name Electron. Nothing was more annoying. Phoenix typed, `Hey, Pad. How's it going?'
Pad wrote back, `Feeny! Heya.'
`Do you and Gand still have that encrypted copy of Deszip we gave you a few months ago?'
`Encrypted copy … hmm. Thinking.' Pad paused. He and Gandalf hacked dozens of computer systems regularly. Sometimes it was difficult to recall just where they had stored things.
`Yeah, I know what you mean. I don't know. It was on a system on JANET,' Pad said. Britain's Joint Academic Network was the equivalent of Australia's AARNET, an early Internet based largely on a backbone of universities and research centres.
`I can't remember which system it was on,' Pad continued.
If the Brits couldn't recall the institution, let alone the machine where they had hidden Deszip, it was time to give up all hope. JANET comprised hundreds, maybe thousands, of machines. It was far too big a place to randomly hunt around for a file which Gandalf would no doubt have tried to disguise in the first place.
But the file was encrypted, and you didn't have the password,' Pad wrote.
How come you want it?'
`Because we found the password. <smile>' That was the etiquette on Altos. If you wanted to suggest an action, you put it in < >.
`Gr8!' Pad answered.
That was Pad and Gandalf's on-line style. The number eight was the British hackers' hallmark, since their group was called 8lgm, and they used it instead of letters. Words like great',
mate' and later' became
gr8', m8' and
l8r'.
When people logged into Altos they could name a `place' of origin for others to see. Of course, if you were logging from a country which had laws against hacking, you wouldn't give your real country. You'd just pick a place at random. Some people logged in from places like Argentina, or Israel. Pad and Gandalf logged in from 8lgm.
`I'll try to find Gandalf and ask him if he knows where we stashed the copy,' Pad wrote to Phoenix.
`Good. Thanks.'
While Phoenix and Electron waited on-line for Pad to return, Par showed up on-line and joined their conversation. Par didn't know who Guest 0 was, but Guest certainly knew who Par was. Time hadn't healed Electron's old wounds when it came to Par. Electron didn't really admit to himself the bad blood was still there over Theorem. He told himself that he couldn't be bothered with Par, that Par was just a phreaker, not a real hacker, that Par was lame.
Phoenix typed, `Hey, Par. How's it going?'
Feenster!' Par replied.
What's happening?'
`Lots and lots.'
Par turned his attention to the mystery Guest 0. He didn't want to discuss private things with someone who might be a security guy hanging around the chat channel like a bad smell.
`Guest, do you have a name?' Par asked.
`Yeah. It's "Guest—#0".'
`You got any other names?'
There was a long pause.
Electron typed, `I guess not.'
`Any other names besides dickhead that is?'
Electron sent a `whisper'—a private message—to Phoenix telling him not to tell Par his identity.
OK. Sure,' Phoenix whispered back. To show he would play along with whatever Electron had in mind, Phoenix added a sideways smiley face at the end:
:-)'.
Par didn't know Electron and Phoenix were whispering to each other. He was still waiting to find out the identity of Guest. `Well, speak up, Guest. Figured out who you are yet?'
Electron knew Par was on the run at the time. Indeed, Par had been on the run from the US Secret Service for more than six months by the beginning of 1990. He also knew Par was highly paranoid.
Electron took aim and fired.
`Hey, Par. You should eat more. You're looking underFED these days.'
Par was suddenly silent. Electron sat at his computer, quietly laughing to himself, halfway across the world from Par. Well, he thought, that ought to freak out Par a bit. Nothing like a subtle hint at law enforcement to drive him nuts.
Did you see THAT?' Par whispered to Phoenix.
UnderFED. What did he mean?'
`I dunno,' Phoenix whispered back. Then he forwarded a copy of Par's private message on to Electron. He knew it would make him laugh.
Par was clearly worried. Who the fuck are you?' he whispered to Electron but Guest 0 didn't answer. With growing anxiety, Par whispered to Phoenix,
Who IS this guy? Do you know him?'
Phoenix didn't answer.
`Because, well, it's weird. Didn't you see? FED was in caps. What the fuck does that mean? Is he a fed? Is he trying to give me a message from the feds?'
Sitting at his terminal, on the other side of Melbourne from Electron,
Phoenix was also laughing. He liked Par, but the American was an easy
target. Par had become so paranoid since he went on the run across the
US, and Electron knew just the right buttons to push.
I don't know,' Phoenix whispered to Par.
I'm sure he's not really a fed.'
Well, I am wondering about that comment,' Par whispered back.
UnderFED. Hmm. Maybe he knows something. Maybe it's some kind of warning. Shit, maybe the Secret Service knows where I am.'
You think?' Phoenix whispered to Par.
It might be a warning of some kind?' It was too funny.
`Can you check his originating NUA?' Par wanted to know what network address the mystery guest was coming from. It might give him a clue as to the stranger's identity.
Phoenix could barely contain himself. He kept forwarding the private messages on to Electron. Par was clearly becoming more agitated.
I wish he would just tell me WHO he was,' Par whispered.
Shit. It is very fucking weird. UnderFED. It's spinning me out.'
Then Par logged off.
Electron typed, `I guess Par had to go. <Grin>' Then, chuckling to himself, he waited for news on Gandalf's Deszip copy.
If Pad and Gandalf hadn't kept their copy of Deszip, the Australians would be back to square one, beginning with a hunt for a system which even had Deszip. It was a daunting task and by the time Pad and Gandalf finally logged back into Altos, Phoenix and Electron had become quite anxious.
How did you go?' Phoenix asked.
Do you still have Deszip?'
`Well, at first I thought I had forgotten which system I left it on …'
Electron jumped in, `And then?'
`Then I remembered.'
`Good news?' Phoenix exclaimed.
Well, no. Not exactly,' Gandalf said.
The account is dead.'
Electron felt like someone had thrown a bucket of cold water on him.
Dead? Dead how?' he asked.
Dead like someone changed the password. Not sure why. I'll have to re-hack the system to get to the file.'
`Fuck, this Deszip is frustrating,' Electron wrote.
`This is getting ridiculous,' Phoenix added.
I don't even know if the copy is still in there,' Gandalf replied.
I hid it, but who knows? Been a few months. Admins might have deleted it.'
`You want some help hacking the system again, Gand?' Phoenix asked.
`Nah, It'll be easy. It's a Sequent. Just have to hang around until the ops go home.'
If an op was logged on and saw Gandalf hunting around, he or she might kick Gandalf off and investigate the file which so interested the hacker. Then they would lose Deszip all over again.
I hope we get it,' Pad chipped in.
Would be gr8!'
`Gr8 indeed. Feen, you've got the key to the encryption?' Gandalf asked.
`Yeah.'
`How many characters is it?' It was Gandalf's subtle way of asking for the key itself.
Phoenix wasn't sure what to do. He wanted to give the British hackers the key, but he was torn. He needed Pad and Gandalf's help to get the copy of Deszip, if it was still around. But he knew Electron was watching the conversation, and Electron was always so paranoid. He disliked giving out any information, let alone giving it over Altos, where the conversations were possibly logged by security people.
`Should I give him the key?' Phoenix whispered to Electron.
Gandalf was waiting. To fend him off, Phoenix said, `It's 9 chars.' Chars was short for characters. On Altos the rule was to abbreviate where ever possible.
`What is the first char?'
`Yeah. Tell him,' Electron whispered to Phoenix.
`Well, the key is …'
`You're going to spew when you find out, Gand,' Electron interrupted.
Yes … go on,' Gandalf said.
I am listening.'
`You won't believe it. <spew spew spew> The key is … Dartmouth.'
WHAT???? WHAT!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!' Gandalf exclaimed.
No!!! IT's NOT TRUE! Bollox! You are KIDDING?'
The British hacker was thumping himself on the head. The name of the frigging university! What a stupid password!
Phoenix gave an on-line chuckle. `Hehe. Yeah. So hard to guess. We could have had Deszip for all these months …'
`Jesus. I hope it's still on that JANET system,' Gandalf said. Now that he actually had the password, finding the file became even more urgent.
Pray. Pray. Pray,' Phoenix said.
Yeah, you should have seen the licence text on Deszip—it was by NASA.'
`You've seen it? You saw Deszip's source code?'
No,' Phoenix answered.
When I went back to the BEAR machine to check if Deszip was still there, the program was gone. But the licence agreement and other stuff was there. Should have read the licence … truly amazing. It basically went on and on about how the people who wrote it didn't want people like us to get a hold of it. Hehe.'
Electron was growing impatient. `Yeah. So, Gand, when you gonna go check that JANET system?'
`Now. Fingers crossed, m8! See ya l8r …' Then he was gone.
The waiting was driving Electron nuts. He kept thinking about Deszip, about how he could have had it months and months ago. That program was such a prize. He was salivating at the thought of getting it after all this time pursuing it around the globe, chasing its trail from system to system, never quite getting close enough to grab it.
When Gandalf showed up again, Pad, Phoenix and Electron were all over him in an instant.
`WE FUCKING GOT IT GUYS!!!!!' Gandalf exclaimed.
`Good job m8!' Pad said.
YES!' Electron added.
Have you decrypted it yet?'
`Not yet. Crypt isn't on that machine. We can either copy Crypt onto that machine or copy the file onto another computer which already has Crypt on it,' Gandalf said.
`Let's move it. Quick … quick … this damn thing has a habit of disappearing,' Electron said.
`Yeah, this is the last copy … the only one I got.'
`OK. Think … think … where can we copy it to?' Electron said.
`Texas!' Gandalf wanted to copy it to a computer at the University of Texas at Austin, home of the LOD hacker Erik Bloodaxe. Irrepressible, Gandalf came on like a steam roller if he liked you—and cut you down in a flash if he didn't. His rough-and-tumble working-class humour particularly appealed to Electron. Gandalf seemed able to zero in on the things which worried you most—something so deep or serious it was often unsaid. Then he would blurt it out in such crass, blunt terms you couldn't help laughing. It was his way of being in your face in the friendliest possible manner.
Yeah! Blame everything on Erik!' Phoenix joked.
No, seriously. That place is crawling with security now, all after Erik. They are into everything.'
Phoenix had heard all about the security purge at the university from Erik. The Australian called Erik all the time, mostly by charging the calls to stolen AT&T cards. Erik hadn't been raided by the Secret Service yet, but he had been tipped off and was expecting a visit any day.
`It probably won't decrypt anyway,' Electron said.
Oh, phuck off!' Gandalf shot back.
Come on! I need a site NOW!'
Thinking …' Phoenix said.
Gotta be some place with room—how big is it?'
`It's 900 k compressed—probably 3 meg when we uncompress it. Come on, hurry up! How about a university?'
Princeton, Yale could do either of those.' Electron suggested.
What about MIT—you hacked an account there recently, Gand?'
`No.'
All four hackers racked their minds for a safe haven. The world was their oyster, as British and Australian hackers held a real-time conversation in Germany about whether to hide their treasure in Austin, Texas; Princeton, New Jersey; Boston, Massachusetts; or New Haven, Connecticut.
We only need somewhere to stash it for a little while, until we can download it,' Gandalf said.
Got to be some machine where we've got root. And it's got to have anon FTP.'
Anon FTP, or anonymous file transfer protocol, on a host machine would allow Gandalf to shoot the file from his JANET machine across the Internet into the host. Most importantly, Gandalf could do so without an account on the target machine. He could simply login as `anonymous', a method of access which had more limitations than simply logging in with a normal account. He would, however, still be able to upload the file.
OK. OK, I have an idea,' Phoenix said.
Lemme go check it out.'
Phoenix dropped out of Altos and connected to the University of Texas. The physical location of a site didn't matter. His head was spinning and it was the only place he could think of. But he didn't try to connect to Happy, the machine he often used which Erik had told him about. He headed to one of the other university computers, called Walt.
The network was overloaded. Phoenix was left dangling, waiting to connect for minutes on end. The lines were congested. He logged back into Altos and told Pad and Electron. Gandalf was nowhere to be seen.
Damn,' Electron said. Then,
OK, I might have an idea.'
No, wait!' Phoenix cut in.
I just thought of a site! And I have root too! But it's on NASA …'
`Oh that's OK. I'm sure they won't mind a bit. <grin>'
`I'll go make sure it's still OK. Back in a bit,' Phoenix typed.
Phoenix jumped out of Altos and headed toward NASA. He telnetted into a NASA computer called CSAB at the Langley Research Center in Hampton, Virginia. He had been in and out of NASA quite a few times and had recently made himself a root account on CSAB. First, he had to check the account was still alive, then he had to make sure the system administrator wasn't logged in.
Whizzing past the official warning sign about unauthorised access in US government computers on the login screen, Phoenix typed in his user name and password.
It worked. He was in. And he had root privileges.
He quickly looked around on the system. The administrator was on-line. Damn. Phoenix fled the NASA computer and sprinted back into Altos. Gandalf was there, along with the other two, waiting for him.
`Well?' Electron asked.
`OK. All right. The NASA machine will work. It has anon FTP. And I still have root. We'll use that.'
Gandalf jumped in. `Hang on—does it have Crypt?'
`Argh! Forget to check. I think it must.'
`Better check it, m8!'
`Yeah, OK.'
Phoenix felt exasperated, rushing around trying to find sites that worked. He logged out of Altos and coursed his way back into the NASA machine. The admin was still logged on, but Phoenix was running out of time. He had to find out if the computer had Crypt on it. It did.
Phoenix rushed back to Altos. `Back again. We're in business.'
Yes!' Electron said, but he quickly jumped in with a word of warning.
Don't say the exact machine at NASA or the account out loud. Whisper it to Gandalf. I think the ops are listening in on my connection.'
Well,' Phoenix typed slowly,
there's only one problem. The admin is logged on.'
`Arghhh!' Electron shouted.
Just do it,' Pad said.
No time to worry.'
Phoenix whispered the Internet IP address of the NASA machine to Gandalf. `OK, m8, I'll anon FTP it to NASA. I'll come back here and tell you the new filename. Then you go in and decrypt it and uncompress the file. W8 for me here.'
Ten minutes later, Gandalf returned. `Mission accomplished. The file is there!'
`Now, go go Pheeny!' Electron said.
`Gand, whisper the filename to me,' Phoenix said.
`The file's called "d" and it's in the pub directory,' Gandalf whispered.
`OK, folks. Here we go!' Phoenix said as he logged off.
Phoenix dashed to the NASA computer, logged in and looked for the file named `d'. He couldn't find it. He couldn't even find the pub directory. He began hunting around the rest of the file system. Where was the damn thing?
Uh oh. Phoenix noticed the system administrator, Sharon Beskenis, was still logged in. She was connected from Phoebe, another NASA machine. There was only one other user besides himself logged into the CSAB machine, someone called Carrie. As if that wasn't bad enough, Phoenix realised his username stood out a like a sore thumb. If the admin looked at who was on-line she would see herself, Carrie and a user called `friend', an account he had created for himself. How many legitimate accounts on NASA computers had that name?
Worse, Phoenix noticed that he had forgotten to cover his login trail. Friend' was telnetting into the NASA computer from the University of Texas. No, no, he thought, that would definitely have to go. He disconnected from NASA, bounced back to the university and then logged in to NASA again. Good grief. Now the damn NASA machine showed two people logged in as
friend'. The computer hadn't properly killed his previous login. Stress.
Phoenix tried frantically to clear out his first login by killing its process number. The NASA computer responded that there was no such process number. Increasingly nervous, Phoenix figured he must have typed in the wrong number. Unhinged, he grabbed one of the other process numbers and killed that.
Christ! That was the admin's process number. Phoenix had just disconnected Sharon from her own machine. Things were not going well.
Now he was under serious pressure. He didn't dare logout, because Sharon would no doubt find his `friend' account, kill it and close up the security hole he had originally used to get in. Even if she didn't find Deszip on her own machine, he might not be able to get back in again to retrieve it.
After another frenzied minute hunting around the machine, Phoenix finally unearthed Gandalf's copy of Deszip. Now, the moment of truth.
He tried the passphrase. It worked! All he had to do was uncompress Deszip and get it out of there. He typed, `uncompress deszip.tar.z', but he didn't like how the NASA computer answered his command:
corrupt input
Something was wrong, terribly wrong. The file appeared to be partially destroyed. It was too painful a possibility to contemplate. Even if only a small part of the main Deszip program had been damaged, none of it would be useable.
Rubbing sweat from his palms, Phoenix hoped that maybe the file had just been damaged as he attempted to uncompress it. He had kept the original, so he went back to that and tried decrypting and uncompressing it again. The NASA computer gave him the same ugly response. Urgently, he tried yet again, but this time attempted to uncompress the file in a different way. Same problem.
Phoenix was at his wits' end. This was too much. The most he could hope was that the file had somehow become corrupted in the transfer from Gandalf's JANET machine. He logged out of NASA and returned to Altos. The other three were waiting impatiently for him.
Electron, still logged in as the mystery Guest, leaped in. `Did it work?'
`No. Decrypted OK, but the file was corrupted when I tried to decompress it.'
`Arghhhhhhhhh!!!!!!!' Gandalf exclaimed.
Fuckfuckfuck,' Electron wrote.
Doomed to fail.'
`Sigh Sigh Sigh,' Pad typed.
Gandalf and Electron quizzed Phoenix in detail about each command he had used, but in the end there seemed only one hope. Move a copy of the decryption program to the JANET computer in the UK and try decrypting and uncompressing Deszip there.
Phoenix gave Gandalf a copy of Crypt and the British hacker went to work on the JANET computer. A little later he rendezvoused on Altos again.
Phoenix was beside himself by this stage. `Gand! Work???'
`Well, I decrypted it using the program you gave me …'
`And And And???' Electron was practically jumping out of his seat at his computer.
`Tried to uncompress it. It was taking a LONG time. Kept going—expanded to 8 megabytes.'
Oh NO. Bad Bad Bad,' Phoenix moaned.
Should only be 3 meg. If it's making a million files, it's fucked.'
Christ,' Pad typed.
Too painful.'
`I got the makefile—licensing agreement text etc., but the Deszip program itself was corrupted,' Gandalf concluded.
`I don't understand what is wrong with it. <Sob>' Phoenix wrote.
AgonyAgonyAgony,' Electron groaned.
It'll never never never work.'
`Can we get a copy anywhere else?' Gandalf asked.
That FTP bug has been fixed at Purdue,' Pad answered.
Can't use that to get in again.'
Disappointment permeated the atmosphere on Altos.
There were, of course, other possible repositories for Deszip. Phoenix and Electron had already penetrated a computer at Lawrence Livermore National Labs in California. They had procured root on the gamm5 machine and planned to use it as a launchpad for penetrating security expert Russell Brand's computer at LLNL, called Wuthel. They were sure Brand had Deszip on his computer.
It would require a good deal of effort, and possibly another roller-coaster ride of desire, expectation and possible disappointment. For now, the four hackers resolved to sign off, licking their wounds at their defeat in the quest for Deszip.
`Well, I'm off. See you l8r,' Pad said.
`Yeah, me too,' Electron added.
`Yeah, OK. L8r, m8s!' Gandalf said.
Then, just for fun, he added in typical Gandalf style, `See you in jail!'
About HackerNoon Book Series: We bring you the most important technical, scientific, and insightful public domain books.
This book is part of the public domain. Suelette Dreyfus (2003). Underground: Hacking, Madness and Obsession on the Electronic Frontier. Urbana, Illinois: Project Gutenberg. Retrieved https://www.gutenberg.org/cache/epub/4686/pg4686.html
This eBook is for the use of anyone anywhere at no cost and with almost no restrictions whatsoever. You may copy it, give it away or re-use it under the terms of the Project Gutenberg License included with this eBook or online at www.gutenberg.org, located at https://www.gutenberg.org/policy/license.html.