home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hackers Toolkit v2.0
/
Hackers_Toolkit_v2.0.iso
/
HTML
/
archive
/
Texts
/
hacking
/
swedish_hack_history.txt
< prev
next >
Wrap
Text File
|
1999-11-04
|
20KB
|
318 lines
The Swedish Hacker Scene
-- First published in Phrack Magazine issue #48
It's about time to fill up this hole in the worldwide history of hackers
published in the Phrack series of articles on national scenes. Since no one
else seems to be getting around to do it I'd better do it myself.
Sweden was in fact one of the countries in the front line during the birth
of computers in the 1940's and 50's. By 1953 KTH university in Stockholm
built BESK, at the time being the fastest and most advanced computer in the
world. During the late 1960's Linkoping university specialized in computer
science and in 1973 the computer society Lysator started out as an offshoot
of american hacker culture of the kind you could find at MIT during the
60's and 70's. They are still active and often referred to as the first
Swedish hacker society ever, which is indeed true. Now days they still
adhere to the international hacker ethic of university societies and among
their lines are as well idiots as real bright guys (as is the case of most
such societies) and their contributions to the world of e-culture include
Project Runeberg; a text archive of Scandinavian literature, and a
voluminous FTP archive. There's actually a lot of ASCII work being done at
Lysator, including converting Phrack back issues to HTML format.
Despite the early interest in computers in Sweden there was no equivalent
to the American phreakers of the 1970's. This was not caused by lack of
knowledge but rather by dullness. Sweden was during the 70's and early 80's
in a period of both economic wealth and social mentality commonly known as
"The Welfare State". Everybody was facing the same high economic standards,
nobody was really displeased with Swedish society, and the government
granted lots of spare-time activities for youths. Thus the growing ground
for any outlaw societies was withdrawn. (Eg Hells Angels didn't start out
in Sweden until the 80's.) Swedes were in fact too pleased, too wealthy and
too filled up with their vision of an almost utopian society to even get
the faintest glimpse of an idea to form any underground movements. Even
political groupings like Anarchists, Hippies (in Europe referred to as
"Provos") or Fascists were almost WIPED OUT by the extreme political
climate and wealth of the 70's.
Thus, phreaker culture couldn't possibly start out in Sweden at this time,
though some freaked out engineers and radio-amateurs might have built blue
boxes and similar equipment for their household needs. This state of
society caused Sweden to lag behind other European and Scandinavian
countries in the field of outlaw hacking.
The first hacker activity in Sweden was reported by the authorities in
1980. The hacker in question was a student at Chalmers university in
Gothenburg and was sued for manipulating the account system into granting
him free access to the mainframe, for which was sentenced to a relatively
light fine. Apart from some similar incidents carried out by bright
individuals there was no real H/P scene until 1984. Also in 1980 BBS
activity started out in Sweden. Most enthusiasts were using a Swedish micro
built by Luxor and DIAB in 1978 called ABC-80 (Obviously inspired by the
American TRS-80). These enthusiast, however, were well organized engineers
running a straight user-group, no anarchists or radicals of any kind were
ever involved.
In 1984 a magazine called "Rolig Teknik" started out as an offshoot of
YIPL/TAP featuring the same kind of material, and by 1987 some journalist
"discovered" this magazine, causing a lot of noise throughout The Welfare
State and bringing people out in a public debate of how to defeat this
magazine. (Though it actually didn't feature any illegal material; even
Sweden has the freedom of speech and press written explicit in its
constitution, as in the American First Amendment.) "Rolig Teknik" rapidly
became a cult media for underground electronic freaks, outlaw radio
amateurs, and other antisocial movements. But let's not get ahead of
events.
By early 1984 two youths aged 17 and 19, clearly inspired by the movie "War
Games", hacked their way into several Swedish computer systems using a
simple Apple II and a 300 baud modem, notably DAFA-Spar - a register
containing public information on every Swedish citizen. Though there were
no secret data in this computer, and though these hackers never succeed in
gaining root access, the incident was annoying to the authorities. Also
this year, some wealthy upper-middle class youths started using the
was-to-become major European home computer: the Commodore 64. What the
Apple II was for America, the C-64 was for Europe. Enter the software
crackers.
C-64 was THE symbol of hackerdom to Swedish youths in the 1980's. As
software cracker Mr.Z pioneered the hacker scene in 1983 with hundreds and
hundreds of cracked games, Swedish hackers somehow got to believe that
cracking games was the Big Thing for any hacker. Besides, not many of these
guys had modems. By 1987 American game producers were alarmed by the
Niagara of cracked C-64 software being downloaded from Europe, causing them
to start copy-protecting games that were to be exported to Europe. A closer
examination showed that a lot of these cracks were made by Swedish groups,
notably Triad and Fairlight. Thus, most Americans to get in touch with the
Swedish hacker scene were what you would refer to as the "Warez D00ds" or
"Pirates" of the time. Since the Swedes were unable to phreak due to lack
of knowledge in the telecom field, American warez d00ds constantly called
up Swedish crackers to obtain the latest software.
There seems to be some kind of misconception in the American view of the
hacker culture of Europe: Not very many hackers in Sweden and the rest of
Europe got into phreaking nor net hacking in these early years, perhaps
with the exception of the movement in Germany caused by Chaos Computer
Club. By tradition most European hackers in general, and Swedish hackers in
particular, turned to software cracking and demo programming. (The Demo as
an art form was invented in Europe during 1984-86.) None of these
activities were actually illegal at the time being, though indeed
underground. This might have helped to create the general American view of
European hackers as "Idiotic Immature Warez D00ds". In fact, most European
hackers look upon software cracking and demo programming with pride, though
spreading (warez trading) wasn't considered a real hacker activity, and
pirating for economic gain was looked upon with disgust and utter contempt.
Software spreading in all forms was finally outlawed in Sweden January 1st
1993.
1986: Enter the Netrunners. By the year 1986 the legendary BBS
"Tungelstamonitorn" under the supervision of Jinge Flucht began
distributing H/P and Anarchy files. Jinge himself, being a social inspector
and thereby fully aware of the state of society, was upset with The Welfare
State and thought the Swedes had gone law-abiding in an absurd and
unhealthy manner. In his view people seemed to accept laws without ever
questioning them, thereby making Sweden into a conformistic utopian hell.
Later Jinge joined the Fidonet where he got known for running the most
explicit and intense debates in Swedish BBS-culture ever.
Probably the H/P files stored at Jinges BBS were the spark that lit the
Swedish net hacking scene. Swedish hackers had SEEN "War Games", HEARD
about the CCC in Germany, and now they finally got their hands on documents
that explained the techniques. In 1987 excerpts from Steven Levy's
"Hackers" and Bill Leebs "Out of the Inner Circle" were reprinted in the
Swedish computer- magazine "Datormagazin" by editor Christer Rindeblad,
creating a common group-awareness among Swedish hackers. ("Out of the Inner
Circle" had actually been translated to Swedish already 1985, but was
obviously read mostly by security experts and War Games-obsessed
wannabe's.) 1987 also saw the birth of the first all-Swedish hacker group
ever to make themselves a name outside Scandinavia. This was of course SHA
- Swedish Hackers Association.
SHA wanted to be a hacker group of international standards and qualities.
They collected the best people, storing up a knowledge basis for future
use. In the years 1989-92 SHA was at its height, successfully trashing
computer companies and computer scrap dumps and gaining access to hundreds
of computers. Inspired by the German hackers Pengo and Hagbard in
Leitstelle 511 they started having regular meetings on fridays at their own
booked table in a restaurant in Stockholm. Their perhaps biggest
achievement ever was made in 1991 when they wrote a scanner to exploit the
Unix NIS-bug, running it on 30 processes simultaneously, and ending up with
some 150.000 passwords whereof 600 gained root access. Though some would
say SHA were a bit too fond of the media image of hackers and sometimes had
a weakness for hacker cliches, no one can really deny their achievements.
Swedish hackers also got a lot attention for their carding activities in
1989. Both Sneaker of SHA and Erik XIV of Agile wrote modulo 10-calculators
to produce endless series of valid Visa-numbers. Erik XIV was even on
national television, demonstrating the weaknesses of the credit card
system. Cynically they were both busted.
At Christmas 1990 the Swedish X.25 network Datapak and Decnet were both
attacked by a group of UK hackers called 8LGM (8 Little Green Men or
8-Legged Groove Machine - I don't know which one is a media nick). Using a
war dialer they scanned about 22.000 entries and successfully accessed 380
of these. This is perhaps the most well-known of all hacks in Sweden,
causing a lot of media noise. (The exact figures are a product of the
Swedish telephone system AXE that I will write more about in a moment.) As
reported in Phrack #43 they were busted and convicted under the new British
anti-hacker law.
Later Swedish achievements include the phonecard emulator, constructed by
Atari ST enthusiast Marvin in 1992, after hearing the Swedish phone company
Telia boast of these prepaid phonecards superior security. Though these
silicon-based chip phonecards (256 bytes serial EPROMs) couldn't actually
be recharged or easily tampered with, he realized there was no problem in
emulating the chip with a Motorola 68c705 one-chip computer. Some fake
phonecards were manufactured and sold for almost nothing among his very
best friends more on a "See, it can be done"-basis than with any intention
to defraud Telia or earn heaps of money. Somehow the blueprints for the
emulator found its way into the Internet.
Swedish hackers in general have a very strong tradition of forming groups,
due to their roots in programming activities rather than phreaking. Group
awareness and culture is very widespread and accepted within the boundaries
of the whole Swedish computer underground. Thus, LOYALTY is very strong
among Swedish hackers. Most hackers who get busted by authorities or
blackmailed by companies would rather DIE than telling the name of even a
single 10-year old warez d00d.
While we're at it - hacker busts, and phreaker busts in particular, are
carried out in quite a disturbing manner in Sweden. To explain this I must
first explain a bit about the Swedish telephone system.
Almost all Swedish networks use a system similar to 4ESS, constructed in
cooperation by the State Telecom "Televerket" and Swedish
telecommunications equipment producers Ericsson Telecom. This system is
called AXE, which is an abbreviation for Automatic Cross-Connection
Equipment. AXE is used in some 100 countries all over the world and
probably one of the most beautiful exchange systems ever developed. AXE is
designed for national, metropolitan and rural networks, and the same system
nucleus is used in all the different systems. It can control both digital
and analog equipment, though it's made with the aim on transforming all
Swedish networks from analog to digital connections. It also comes with a
fully featured bureaucratic organization for maintenance, administration
and economics in general. AXE has the capability of building virtual groups
in switching-stations, thus putting your PBX into the telco soup as well,
making you believe you have the control over it though it's actually
located elsewhere.
In short, this is an centralized, monolithic system of the horribly
efficient type that telcos love. It tells any amateur to keep their hands
off and do something else. Of course it's a system that hackers and
phreakers hate, since it's limited to authorities. The filthy crowd do not
know what is going on inside these exchanges, and the telcos like to keep
it that way.
AXE also works with stored program control that resides inside the system
core of every switching station. Of course this is all software, and of
course State Telecom, upon building AXE, couldn't hold back their Big
Brother tendencies.
The result is that every call made from anywhere to anywhere, is logged in
a central computer. Now that's something! Not only did this equipment wipe
out every possibility to box within Sweden, but it also removed all kind of
phone privacy. In fact not only calls are logged, but ALL activity
performed at your terminal. If you lift the handset, press a digit and hang
up, time, date and the digit you pressed is registered. All this data is
stored on magnetic tapes for 6 months.
Now, luckily Sweden has a strong Computer Privacy Act. You just aren't
allowed to set up and use such facilities as you please, not even if you
are the State Telecom. There is even a specific authority,
"Datainspektionen" (The Computer Inspection Department) with the only
purpose of looking after and preserve citizen privacy by protecting
individuals from corporate and governmental interests. As a result State
Telecom "Televerket" (which later changed name to "Telia" as they were
transformed from an authority into a private corporation as of July 1st
1993) were not allowed to give out any of the information gathered in these
registers to anyone else than either the calling or the receiving party.
Not even the police could have this information in case they weren't
suspecting a indictable crime resulting in at least 2 years of prison, such
as drug trading or terrorism, and you don't get that kind of penalty for
phreaking alone - at least not in Sweden.
But Telia could evade these restrictions. In order to successfully phreak
using PIN-codes, you have to call an operator using a Swedish version of
the 800-number: a 020-number. Telia could then claim the call was made to
the owner of that number: AT&T, MCI & Sprint mostly. (There are of course
Calling Cards in Sweden as well: "Telia Access" - neither used nor abused
by anybody.) As well as these companies have their own intelligence
agencies, so have Telia. Once eg AT&T had someone traced for phreaking,
Telia could easily produce a complete list of calls made to AT&T operators
from a certain number. Telia themselves would even use information they
weren't allowed to: they would pull out a list of ALL outgoing calls from
the phreaker in question including calls to MCI, girlfriends, mom, dad,
grandma... all logged calls.
Telia would then call this poor phreaker to their local Swedish office,
sticking the endless list under his/her nose, commanding: "TALK, or we will
turn you in to the authorities", carefully not to mention that all
information on the printout would be absolutely useless in court. The only
conclusive evidence would in fact be those calls traced back all the way
from America or wherever the phreaker called; in that way rigorously
documented. Naturally, the common phreaker had no legal experience and
wouldn't know about this. Instead he would talk, giving out detailed
information on his/her techniques worthy of a full-time high-educated
security consultant. After this session the phreaker was given a bill of
the calls that could indeed be proven in court. If he/she didn't pay it -
Telia (or any other operator) would end up turning him/her to the
authorities anyway. So much for cooperation. Telia themselves would, if
they felt it was necessary, go even further than the overseas operators,
systematically exposing every weakness in the phreakers personal life,
using the information in the computer log for psychological terror.
This pattern of treatment of Swedish phreakers seems to be very much the
same among all telecom providers in Sweden. Lately Telia, under command of
security officer Pege Gustavsson made some noteworthy mistakes though: in
their efforts to convict as many phreakers as possible, they called up
companies receiving calls from "suspicious" individuals, warning them about
this or that person calling them over and over again. This could only mean
Telia was also systematically monitoring some Swedish hackers and had
formed some security group to carry out this probation. Normally this
should have been kept quiet, as Telia are absolutely not allowed to form
their own abuse police forces, but at some instance they happened to call
up a security company using phreakers as informants. Of course this
security company didn't like the idea of having "their" phreakers traced
around, and the matter was brought to public attention. Many independent
sources agreed that Telia had violated the Swedish Computer Act, and
hopefully this brought an end to this wild tracing. You shouldn't be too
sure though, since Telia themselves never confessed of doing anything
illegal.
As you might have understood the Computer Act is quite an important factor
in all legal discussions concerning Swedish hacking. This Act came out as a
result of general attention focused upon the computers vs. privacy matter
in 1973. As Sweden was one of the first countries to make use of computers
in governmental administration, and as Swedish authorities were eager to
register every possible piece of information, some politically influential
individuals started a debate resulting in the founding of the Computer Act
and the Computer Inspection Department. As a result Sweden is light years
ahead of most countries when it comes to privacy matters. For example there
is no problem in having the number identification possibilities on your
line deactivated for good, and it won't cost you anything. You can also
easily obtain free printouts from any computer register containing
information on you, including the register at your local AXE-exchange.
To sum this article up I can draw the conclusion that even Sweden has had
its handful of bright hackers, each category bringing their straw to the
stack. Even though Swedish officials and companies would hardly admit it,
these hackers have obviously been very important for this country, at least
in forcing system managers, security officials, software producers,
policemen, politicians and so on to think things over. Sweden has also
attracted outside attention in some cases, and will probably keep doing so.
If you should pin- point one group that has meant more to the Swedish scene
than any other, it wouldn't be any of the H/P groups, but rather the
cracking pioneers Fairlight - a well organized and world-famous warez
producer.
Linus Walleij aka King Fisher / Triad
(Some handles have been changed to protect retired Swedish hackers from
luser mail.)
Swedish readers may be interested in the fact that I'm currently writing a
lengthy text in Swedish (a book actually) providing a closer look at
Swedish hacking history, which will be released on hypertext and ASCII
sometime later this year. Over and out from Sweden!