home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Floppyshop 2
/
Floppyshop - 2.zip
/
Floppyshop - 2.iso
/
diskmags
/
0022-3.564
/
dmg-3557
/
news.txt
/
hackers2.asc
< prev
next >
Wrap
Text File
|
1997-06-21
|
25KB
|
419 lines
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ ~
~ US SECRET SERVICE DECLARES WAR ON HACKERS ~
~ ~
~ Part 2 ~
~ ~
~ collated by Dave Mooney ~
~ ~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following article appeared in the Telegram-Tribune Newspaper,
San Luis Obispo, CA. March 23, 1991. Permission to electronically
reproduce this article was given by the newspaper's senior editor.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ AMATEUR HACKERS TRIPPED UP ~
~ By Danna Dykstra Coy ~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
San Luis Obispo police have cracked a case of computer hacking. Now
they've got to work out the bugs. Officers were still interviewing
suspects late Friday linked to a rare case of computer tampering that
involved at least four people, two of them computer science majors from
Cal Poly.
The hackers were obvious amateurs, according to police. They were
caught unknowingly tapping into the computer system in the office of two
local dermatologists. The only information they would have obtained, had
they cracked the system's entry code, was patient billing records. Police
declined to name names because the investigation is on-going. They don't
expect any arrests, though technically, they say a crime has been
committed. Police believe the tampering was all in fun, though at the
expense of the skin doctors who spent money and time fixing glitches
caused by the electronic intrusion.
"Maybe it was a game for the suspects, but you have to look at the
bigger picture," said the officer assigned to the case, Gary Nemeth. "The
fact they were knowingly attempting to access a computer system without
permission is a crime." Because the case is rare in this county, police
are learning as they go along. "We will definitely file complaints with
the District Attorney's Office," said Nemeth. "They can decide whether
we've got enough of a case to go to trial."
Earlier this month San Luis dermatologists James Longabaugh and
Jeffrey Herten told police they suspected somebody was trying to access
the computer in the office they share at 15 Santa Rosa St. The system,
which contains patient records and billing information, continually shut
down. The doctors were unable to access their patients' records, said
Nemeth, and paid a computer technician at least $1,500 to re-program
their modem.
The modem is a device that allows computers to communicate through
telephone lines. It can only be accessed when an operator "dials" its
designated number by punching the numbers on a computer keyboard. The
"calling" computer then asks the operator to punch in a password to enter
the system. If the operator fails to type in the correct password, the
system may ask the caller to try again or simply hang up. Because the
doctors' modem has a built-in security system, several failed attempts
causes the system to shut down completely.
The technician who suspected the problems were more than mechanical,
advised the doctors to call the police. "We ordered a telephone tap on
the line, which showed in one day alone 200 calls were made to that
number," said Nemeth. "It was obvious someone was making a game of trying
to crack the code to enter the system." The tap showed four residences
that placed more than three calls a day to the doctors' computer number.
Three of the callers were from San Luis Obispo and one was from Santa
Margarita. From there police went to work.
"A lot of times I think police just tell somebody in a situation
like that to get a new phone number," said Nemeth, "and their problem is
resolved. But these doctors were really worried. They were afraid someone
really wanted to know what they had in their files. They wondered if it
was happening to them, maybe it was happening to others. I was
intrigued."
Nemeth, whose training is in police work and not computer crimes,
was soon breaking new ground for the department. "Here we had the
addresses, but no proper search warrant. We didn't know what to name in a
search warrant for a computer tampering case." A security investigator
for Pacific Bell gave Nemeth the information he needed: disks, computer
equipment, stereos and telephones, anything that could be used in a
computer crime.
Search warrants were served at the San Luis Obispo houses Thursday
and Friday. Residents at the Santa Margarita house have yet to be served.
But police are certain they've already cracked the case. At all three
residences that were searched police found a disk that incorrectly gave
the doctors' phone number as the key to a program called "Cygnus XI". "It
was a fluke," said Nemeth. "These people didn't know each other, and yet
they all had this same program". Apparently when the suspects failed to
gain access, they made a game of trying to crack the password, he said.
"They didn't know whose computer was hooked up to the phone number the
program gave them," said Nemeth. "So they tried to find out."
Police confiscated hundreds of disks containing illegally obtained
copies of software at a residence where two Cal Poly students lived,
which will be turned over to a federal law enforcement agency, said
Nemeth.
Police Chief Jim Gardner said he doesn't expect this type of case to
be the department's last, given modern technology. "What got to be a
little strange is when I heard my officers talk in briefings this week.
It was like `I need more information for the database'." "To think 20
years ago when cops sat around and talked all you heard about was `211'
cases and dope dealers."
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The following article appeared in the Telegram-Tribune Newspaper,
San Luis Obispo, CA. March 29, 1991. Permission to electronically
reproduce this article was given by the newspaper's senior editor.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ COMPUTER CASE TAKES A TWIST ~
~ By Danna Dykstra Coy ~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A suspected computer hacker says San Luis Obispo police overreacted
when they broke into his house and confiscated thousands of dollars of
equipment. "I feel violated and I'm angry" said 34-year-old engineer Ron
Hopson. All of Hopson's computer equipment was seized last week by police
who believed he may have illegally tried to "hack" his way into an office
computer belonging to two San Luis Obispo dermatologists. Police also
confiscated equipment belonging to three others.
"If police had known more about what they were doing, I don't think
it would have gone this far," Hopson said. "They've treated me like a
criminal, and I was never aware I was doing anything wrong. It's like a
nightmare." Hopson, who has not been arrested in the case, was at work
last week when a neighbor called to tell him there were three patrol cars
and two detective cars at his house. Police broke into the locked front
door of his residence, said Officer Gary Nemeth, and broke down a locked
door to his study where he keeps his computer. "They took my stuff, they
rummaged through my house, and all the time I was trying to figure out
what I did, what this was about. I didn't have any idea."
A police phone tap showed three calls were made from Hopson's
residence this month to a computer at an office shared by doctors James
Longabaugh and Jeffery Herten. The doctors told police they suspected
somebody was trying to access the computer in their office at 15 Santa
Rosa St. Their system, which contains patient records and billing
information, kept shutting down. The doctors were unable to access their
patients' records, said Nemeth. They had to pay a computer technician at
least $1,500 to re-program their modem, a device that allows computers to
communicate through telephone lines.
Hopson said there is an easy explanation for the foul-up. He said he
was trying to log-on to a public bulletin board that incorrectly gave the
doctors number as the key to a system called "Cygnus XI". Cygnus XI
enabled people to send electronic messages to one another, but the Cygnus
XI system was apparently outdated. The person who started it up moved
from the San Luis Obispo area last year, and the phone company gave the
dermatologists his former number, according to Officer Nemeth.
Hopson said he learned about Cygnus XI through a local computer
club, the SLO-BYTES User Group. "Any of the group's 250 members could
have been trying to tap into the same system", said Robert Ward, SLO-
BYTES club secretary and computer technician at Cal Poly. In addition, he
suspects members gave the phone number to fellow computer buffs and could
have been passed around the world through the computer Bulletin-Board
system. "I myself might have tried to access it three or four times if I
was a new user," he said. "I'd say if somebody tried 50 times, fine, they
should be checked out, but not just for trying a couple of times." Police
said some 200 calls were made to the doctors modem during the 10 days the
phone was tapped. "They say, therefore, it's obvious somebody is trying
to make a game of trying to crack the computer code", said Hopson. "The
only thing obvious to me is a lot of people have that published number.
Nobody's trying to crack a code to gain illegal access to a system. I
only tried it three times and gave up, figuring the phone was no longer
in service."
Hopson said he tried to explain the situation to the police. "But
they took me to an interrogation room and said I was lying. They treated
me like a big-time criminal, and now they won't give me back my stuff."
Hopson admitted he owned several illegally obtained copies of software
confiscated by police. "But so does everybody," he said, "and the police
have every right to keep them, but I want the rest of my stuff."
Nemeth, whose training is in police work and not computer crimes,
said this is the first such case for the department and he learning as he
goes along. He said the matter has been turned over to the District
Attorney's Office, which will decide whether to bring charges against
Hopson and one other suspect.
The seized belongings could be sold to pay restitution to the
doctors who paid to re-program their system. Nemeth said the police are
waiting for a printout to show how many times the suspects tried to gain
access to the doctors' modem. "You can try to gain access as many times
as you want on one phone call. The fact a suspect only called three times
doesn't mean he only tried to gain access three times."
Nemeth said he is aware of the bulletin board theory. "The problem
is we believe somebody out there intentionally got into the doctors'
system and shut it down so nobody could gain access, based on evidence
from the doctors' computer technician," said Nemeth. "I don't think we
have that person, because the guy would need a very sophisticated system
to shut somebody else's system down." At the same time, he said, Hopson
and the other suspects should have known to give up after the first
failed attempt. "The laws are funny. You don't have to prove malicious
intent when you're talking about computer tampering. The first attempt
you might say was an honest mistake. More than once, you have to wonder."
Police this week filled reports with the District Attorney's Office
regarding their investigation of Hopson and another San Luis Obispo man
suspected of computer tampering. Police are waiting for Stephen Brown, a
deputy district attorney, to decide whether there is enough evidence
against the two to take court action. If so, Nemeth said he will file
reports involving two other suspects, both computer science majors from
Cal Poly. All computers, telephones, computer instruction manuals, and
program disks were seized from three houses in police searches last week.
Hundreds of disks containing about $5,000 worth of illegally obtained
software were also taken from the suspects' residences.
Police and the District Attorney's Office are not naming the
suspects because the case is still under investigation. However, police
confirmed Hopson was one of the suspects in the case after he called the
Telegram-Tribune to give his side of the story.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The following article appeared in the Telegram-Tribune Newspaper,
San Luis Obispo, CA. April 12, 1991. Permission to electronically
reproduce this article was given by the newspaper's senior editor.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ HACKERS OFF HOOK, PROPERTY RETURNED ~
~ By Danna Dykstra Coy ~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Two San Luis Obispo men suspected of computer tampering will not be
charged with any crime. They will get back the computer equipment that
was seized from their homes, according to Stephen Brown, a deputy
district attorney who handled the case. "It appears to have been a case
of inadvertent access to a modem with no criminal intent," said Brown.
San Luis Obispo police were waiting on Brown's response to decide whether
to pursue an investigation that started last month. They said they would
drop the matter if Brown didn't file a case.
The officer heading the case, Gary Nemeth, admitted police were
learning as they went along because they rarely deal with computer
crimes. Brown said he doesn't believe police overreacted in their
investigation. "They had a legitimate concern."
In early March two dermatologists called police when the computer
system containing patient billing records in their San Luis Obispo office
kept shutting down. They paid a computer technician about $1,500 to re-
program their modem, a device that allows computers to communicate
through the telephone lines. The technician told the doctors it appeared
someone was trying to tap into their system. The computer's security
system caused the shutdown after several attempts to gain access failed.
Police ordered a 10-day phone tap on the modem's line and, after
obtaining search warrants, searched four residences where calls were made
to the skin doctors' modem at least three times. One suspect, Ron Hopson,
said last week his calls were legitimate and claimed police overreacted
when they seized his computer, telephone, and computer manuals. Hopson
could not reached Thursday for comment.
Brown's investigation revealed Hopson, like the other suspects, was
trying to log-on to a computerized "bulletin-board" that incorrectly gave
the doctors' number as the key to a system called "Cygnus XI". Cygnus XI
enabled computer users to electronically send messages to one another.
Brown said while this may not be the county's first computer crime, it
was the first time the District Attorney's Office authorized search
warrants in a case of suspected computer fraud using telephone lines.
Police will not be returning several illegally obtained copies of
software also seized during the raids, he said.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ A Case of Mistaken Identity... ~
~ Whose Privacy was Really Invaded? ~
~ ~
~ By Jim Bigelow ~
~ SLO Bytes PCUG ~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
According to the San Luis Obispo County (California) Telegram-
Tribune, dated Saturday, March 23, 1991, the San Luis Obispo Police
raided the homes of two Cal Poly students and two other residents
including one in Santa Margarita for alleged computer crimes, "hacking."
The suspects had, through their computer modems, unknowingly tried to
access a computer owned by a group of local dermatologists. That same
number had previously belonged to a popular local bulletin board, Cygnus
XI. The police were alerted by the dermatologists and their computer
technician who was afraid someone was trying to access their patient
records. The police put a phone tap on the computer line for 10 days
which showed over 200 calls placed to that number in one 24 hour period.
Armed with a search warrant, police went to the house of the first
suspect who later said he only called that number 3 times in a 24 hour
period (I wonder who made the other 197 calls?). Unfortunately he was not
home... this cost him two broken doors as the police had to enter the
house some way. All computer equipment, disks and computer related
equipment was "seized" and taken to police headquarters. Follow-up
articles reveal that the individual had not committed local crimes, that
no charges would be filed and that the computers would be returned. Disks
which were determined to contain illegally copied commercial software
were to be turned over to Federal authorities.
Like most personal home computer users I have interviewed, I didn't
think much of this matter at first, but I am now becoming alarmed. I am a
64-year old senior citizen, perhaps a paranoid senior. I think most
seniors are a bit paranoid. I am a strong supporter of law enforcement,
an ex-peace officer, a retired parole agent, and as a senior I want law
enforcement protection.
In this situation, according to the Tribune report, the police "had
legitimate concern." But, apparently they didn't know what they were
doing as the officer in charge stated "We are learning as we go."
Accessing a modem is not easy. I, with five years of computer
experience, find it difficult and frustrating to set up a computer and
keep it operating, to understand a manual well enough to get the software
to operate, to set the switches and jumpers on a modem, and then contact
a BBS, and in the midst of their endless questions, coupled with my
excitability and fumbling, answer them and get on line. I have many times
tried to connect to BBS's only to be disconnected because I typed my name
or code incorrectly. I have dialed wrong numbers and gotten a private
phone.
I do not want to be considered an enemy of law enforcement merely
because I own a computer. I do not like to be called a "hacker," and
especially because I contacted a BBS 3 times. The word, "hacker"
originally applied to a computer user, now has become a dirty word. It
implies criminality, a spy, double agents, espionage, stealing government
secrets, stealing business codes, etc. Certainly, not that of a law
abiding and law supporting, voting senior citizen, who has found a new
hobby, a toy and a tool to occupy his mind. Computers are educational and
can and do assist in providing community functions. I hope that the name
"personal computer user" doesn't become a dirty word.
The "hacker" problem seems to be viewed by law enforcement as one in
which "we learn as we go." This is an extremely costly method as we
blunder into a completely new era, that of computerization. It causes
conflicts between citizens and law enforcement. It is costly to citizens
in that it causes great distress to us, to find ourselves possible
enemies of the law, the loss of our computers and equipment, telephones
and reputation by being publicly called hackers and criminals. It causes
more problems when we attempt to regain our reputation and losses by
suing the very agencies we have been so diligently supporting, for false
arrest, confiscation of our most coveted possession and uninvited and
forced entrance into our homes, causing great emotional disturbances (and
older people are easily upset).
I have a legal question I would like answered. Who is obligated in
this incident: the owners and operators of Cygnus XI for failure to make
a public announcement of the discontinuance of their services? or the
phone company for issuing the number to a private corporation with a
modem? the police for not knowing what they are doing? the computer user?
It is not a problem of being more cautious, ethical, moral, law⌐abiding.
It is a matter of citizen rights.
The "hacker" problem now applies not only to code breakers, secret
and document stealers, but to me, even in my first attempts to connect
with a BBS. Had I tried to contact Cygnus XI my attempts would have put
me under suspicion of the police and made me liable for arrest,
confiscation of my computer, equipment, disks, and subsequent
prosecution. I am more than a little bewildered.
And, am I becoming a paranoid senior citizen, not only because of
criminals, but of the police also? Am I running a clandestine operation
by merely owning a computer and a modem, or am I a solid senior citizen,
which may well imply that I don't own "one of those computers?" Frankly,
I don't know. Even though my computer is returned, and I am not arrested
or prosecuted, I wonder what condition it now is in after all the rough
handling. (Police who break down doors do not seem to be overly gentle,
and computers and their hard disk drives are very fragile instruments).
Just who and how many have scrutinized my computer? its contents? and
why? my personal home business transactions? and perhaps I supplement my
income with the aid of my computer (I am a writer)? my daily journal? my
most private and innermost thoughts? my letters? my daily activities?
(This is exactly why personal computers and their programs were designed,
for personal use. My personal computer is an extension of my self, my
mind, and my personal affairs.)
Can the police confiscate all my software claiming it is stolen,
merely because they don't find the originals? (I, at the suggestion of
the software companies, make backup copies of the original disks, and
then place the originals elsewhere for safekeeping.) Do I need to keep
all receipts to "prove" to the police that I am innocent of holding
bootleg software? Is there a new twist in the laws that applies to
personal computer users?
Also any encoding of my documents or safeguarding them with a
password, such as my daily journal, my diary, I have read in other cases,
is viewed by law enforcement as an attempt to evade prosecution and
virtually incriminates me. ("If it wasn't criminal why did the "suspect"
encode it?")
This recent incident arouses complex emotions for me. What will the
future bring for the home and personal computer user? I do not care to
fear the police. I do not want to have to register my computer with the
government. Will it come to that in our country? I do not want to have to
maintain an impeccable record of all of my computer usages and
activities, imports and exports, or to be connected to a state police
monitoring facility, that at all times monitors my computer usage. The
year "1984" is behind us. Let's keep it that way.
This matter is a most serious problem and demands the attention of
all citizens. As for myself, I wasn't the one involved, but I find it
disturbing enough to cause me to learn of it and do something about it.
~~~~~eof~~~~~