home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hacker Chronicles 1
/
HACKER1.ISO
/
cud3
/
cud332c.txt
< prev
next >
Wrap
Text File
|
1992-10-10
|
11KB
|
199 lines
------------------------------
Date: Wed, 10 Jul 1991 19:37:22 -0400
From: Brendan Kehoe <brendan@CS.WIDENER.EDU>
Subject: File 3--_CYBERPUNK_ Review
A capsule & review by Brendan Kehoe.
"Cyberpunk", by Katie Hafner and John Markoff, provides the reader
with a peek inside the very real world of the computer "hacker".
Labeled members of a "counterculture", these people, generally in
their teens and early twenties, have added a sharp tint to the
normally bland design of the computing world.
Divided into three contrasting sections, "Cyberpunk" provides an
insight into what drives a hacker, from the extreme to the accidental.
(To allay any complaints, I'll use hacker in its common vernacular; as
Steven Bellovin said a couple of years ago, "the battle is over, and
the purists have lost." For our purposes, "hacker" will imply
"criminal".)
Kevin Mitnick, a overweight and markedly shy youth, satisfied many of
the stereotypes that have been developed over the years regarding
hackers. He ran the full gamut of "evil deeds," from altering credit
ratings to turning off telephones at will. Remarkably adept at social
engineering, Mitnick could talk himself into (or out of) nearly any
situation. In one escapade, Mitnick and his compatriots ("Roscoe",
"Susan", and a third phreak) managed to enter, raid, and leave a
PacBell COSMOS center (where much of PacBell's main computing takes
place for things like billing), leaving with a wealth of door-lock
codes and, more importantly, manuals. All with the PacBell guard's
unwitting permission. (They were later turned in by Susan, who is
described as a very vindictive and dangerous young woman.)
All adventure aside, Kevin had a serious problem. He was, by clinical
definition, addicted to hacking of any sort. It became impossible for
him to stop. Even after incidents with USC, GTE, Pierce College, and
the Santa Cruz Operation (makers of SCO Unix), Mitnick kept following
the endless road of systems to be conquered.
He disappeared for a year (purportedly to Israel, but in reality only
a few miles outside of San Francisco), to return after his warrant for
the SCO incidents had been dropped. He immediately looked up his
friend Lenny DiCiccio, who had spent a number of his teenage years
following Kevin as a trainee might follow a mentor. Lenny found
himself increasingly unhappy, as the fevered hacker's hold upon him
returned. Mitnick insisted that he be allowed to come to Lenny's
office (a small software company) after hours to hack. Under normal
circumstances, such constant imposition would lead to some sort of
objection---but Lenny couldn't help himself. Kevin appealed to the
criminal in him that normally lay dormant. With Kevin, he could do
things he had previously only schemed about.
After a few months, Kevin and Lenny happened upon a virtual gold mine:
Digital's Star development cluster in Nashua, New Hampshire, where
their most proprietary systems development takes place. Since DEC's
VMS operating system was their favorite, they couldn't have been
happier. Or more greedy. "Kevin had always approached his illicit
computing as a serious project [ ... his ] project for 1988 was
downloading Digital's VMS source code."
In the course of following Mitnick's tale, Hafner and Markoff do an
excellent job of drawing the reader into Kevin's never-ending search
for the "perfect hack." The eventual outcome of their Digital
exploits, and the end of their (illegal) hacking careers (to slip out
of the vernacular for just a moment), is nothing short of amazing.
The authors' depiction is both disturbing as it is riveting.
By now, many people are acquainted with the story of the "Wily
Hacker", the electronic intruder that skyrocketed Cliff Stoll, an
astronomer by degree who found himself a system manager, into
wide-spread notoriety as an authority on computer security. Stoll's
paper in the Communications of the ACM, "Stalking the Wily Hacker",
graduated to become the book "The Cuckoo's Egg", which was on the best
seller lists for weeks, and also took the form of a Nova documentary.
This all, however, was presented from Stoll's point of view. Hafner
and Markoff now afford people the opportunity to see the "other side"
of the whole affair---from the world of Markus Hess, Pengo, and the
German hacking underground.
Hans Huebner went by the name "Pengo" in his youth, and is the main
character in the second part of "Cyberpunk". Pengo grew from a
Commodore 64 and BASIC programming to a network "cowboy" in a matter
of months. Video games (including the one that provided his namesake)
were his first passion---he could spend hours upon hours completely
engrossed in the tiny world that exposed itself before him. Then a
friend introduced him to using a modem, and the vast web of computers
only a phone call or network connection away. He found in hacking an
excitement and adrenaline rush normal video games could only attempt
to equal.
Pengo's world was strewn with drugs---one of his fellow hackers, Karl
Koch (nicknamed "Hagbard Celine", for the protagonist in the
Illuminatus! trilogy), regularly abused hashish and LSD. All members
of their small group (with the exception of Markus Hess) spent a
substantial amount of time in a chemical haze.
Peter Carl and Dirk-Otto Brzezinski (aka "Dob") also played a major
role in Germany's hacking scene. It was ultimately Carl who
introduced a new angle to their computer crimes---the potential for
making money by selling their knowledge to the Soviets. Starved for
technology, the pre-Glastnost Russian republic absorbed the booming
computer industry with relish at every opportunity. Members of the
KGB worked with agents around the world, smuggling electronics and
high-tech computers into the Soviet Union. The hackers, particularly
Carl and Dob, wanted in.
Carl approached one KGB agent with an offer to provide the fruits of
their hacking ventures in exchange for one million German marks.
After small rewards, it became clear that they would never reach their
lofty goal---they received at best a few thousand marks for a copy of
the source code to Berkeley Unix. Often, they sold what was otherwise
public domain software, much to the Soviets' chagrin.
Eventually, internal struggles drew the hackers apart---Pengo, for not
being able to "produce" often enough for Carl; Hagbard, falling
further and further into an incoherent world only he knew; Dob, who
went to prison for weeks because Pengo forgot to pay a bill; and Hess,
who became increasingly wary about how much he should share with the
others, until he rarely heard from them.
Pengo, growing weary of the entire KGB ordeal, let the secret slip
during a routine interview with the local media. The German press was
habitually interested in the darkly intriguing German hackers. When
the reporters realized the magnitude of the story that Pengo mentioned
so casually, they felt society draw its breath at the idea that
espionage, considered inevitable by many, had actually been
demonstrated in the computer underground.
"Cyberpunk" spends a good deal of time describing the aftermath of the
exposure of the KGB dealings. The arduous ordeal of deciding who was
responsible for what crime(s), trying to educate a computer illiterate
court in the intricacies of computer networks and use in general, and
the conflicting stories of each of the hackers would make a normal
writer's head spin. Hafner and Markoff demonstrate an ability to
organize the entire matter into a sensible, and interesting,
counterplay. At the closing of the final section, we learn of a truly
unexpected casualty of the entire affair.
Finally, probably the most widely known case of computer malfeasance,
the story of Robert Tappan Morris (aka "RTM") and his Internet worm of
1988 is described. The section begins in a room at Berkeley called
the "fishbowl", where Phil Lapsley notices a strange process running
on his system. It soon becomes clear that many of the computers on
the campus display similar characteristics to Phil's. They later
discover that it's not confined to Berkeley---it's happening all over
the Internet.
Morris, a Cornell graduate student in computer science, had written a
program that would "reproduce" itself from computer to computer, in a
relatively benign way (inasmuch as it didn't destroy any information).
He made some careless errors, however, which made the program go out
of control. He released it on Wednesday afternoon, November 2, 1988.
Rather than replicate itself only after a long period of time on the
same system, it did so at a rate so fast that the computer soon became
unusable. When Morris returned from dinner only an hour later, it had
already ground hundreds of systems to a halt.
It traveled the network by exploiting holes in certain Unix systems'
software. Teams at Berkeley and MIT spent all night studying a copy
of his program, trying to return it to its original source form.
Slowly "patches" for the holes were worked together, and sent out to
system administrators and posted to the Usenet news network.
Unfortunately, many systems had completely disconnected themselves
from the Internet as soon as the worm hit, so they didn't get the
fixes until days later.
Robert Morris, RTM's father and a computer scientist for the National
Security Agency, stood by his son while he went to trial and faced
reprimand for the results of his actions. Hafner and Markoff portray
the young Morris as an extremely bright student who probably only now
realizes the full effect of his relatively small programming errors.
What happened behind the scenes of the whole incident completes the
story given by the news media and various technical and electronic
journals. (As a note, also included is the story of how the senior
Morris came to work for the NSA.)
"Cyberpunk" brings to the forefront an issue facing computer
professionals and enthusiasts alike---the legal systems of the world
are sorely lacking in appropriate investigation and treatment of cases
like the three detailed in this book. Oftentimes the punishments and
results of captures are far too harsh--other times, they're lenient
enough to be laughable. "Do young people who illegally enter
computers really represent such a menace? We hope that from reading
the following stories readers will learn that the answer isn't a
simple one." Throughout the book, the authors never let the reader
forget that they're describing real people and real consequences, not
fictional events.
In all, I found "Cyberpunk" to be an excellent read (I devoured it in
about 4 days, coupled with work and other things) that anyone remotely
connected with computers, or intrigued by the computer underground in
general, will find truly fascinating.
As an aside, I think the first section on Kevin Mitnick would make an
absolutely fantastic docu-drama.
Downloaded From P-80 International Information Systems 304-744-2253