Read Underground: Tales of Hacking, Madness and Obsession from the Electronic Frontier Online
Authors: Suelette Dreyfus
was stuffed with magazines like Compute and Australian Communications, along with a few Commodore, Amiga and Unix reference manuals. There was just enough space for Anthrax’s old stereo and his short-wave radio. When he wasn’t listening to his favourite show, a hacking program broadcast from a pirate station in Ecuador, he tuned into Radio Moscow or the BBC’s World Service.
Anthrax considered what to do with System X. This system had aroused his curiosity and he intended to visit it frequently.
It was time to work on the login patch. The patch replaced the system’s normal login program and had a special feature: a master password. The password was like a diplomatic passport. It would let him do anything, go anywhere. He could login as any user using the master password. Further, when he logged in with the master password, he wouldn’t show up on any log files--leaving no trail. But the beauty of the login patch was that, in every other way, it ran as the normal login program. The regular computer users--all three of them--could login as usual with their passwords and would never know Anthrax had been in the system.
He thought about ways of setting up his login patch. Installing a patch on System X wasn’t like mending a pair of jeans. He couldn’t just slap on a swath from an old bandanna and quick-stitch it in with a thread of any colour. It was more like mending an expensive cashmere coat. The fabric needed to be a perfect match in colour and texture.
And because the patch required high-quality invisible mending, the size also needed to be just right.
Every file in a computer system has three dates: the date it was created, the date it was last modified and the date it was last accessed. The problem was that the login patch needed to have the same creation and modification dates as the original login program so that it would not raise suspicions. It wasn’t hard to get the dates but it was difficult to paste them onto the patch. The last access date wasn’t important as it changed whenever the program was run anyway--whenever a user of the System X logged in.
If Anthrax ripped out the original login program and stitched his patch in its place, the patch would be stamped with a new creation date. He knew there was no way to change a creation date short of changing the clock for the whole system--something which would cause problems elsewhere in System X.
The first thing a good system admin does when he or she suspects a break-in is search for all files created or modified over the previous few days. One whiff of an intruder and a good admin would be all over Anthrax’s login patch within about five minutes.
Anthrax wrote the modification and creation dates down on a bit of paper. He would need those in a moment. He also jotted down the size of the login file.
Instead of tearing out the old program and sewing in a completely new one, Anthrax decided to overlay his patch by copying it onto the top of the old program. He uploaded his own login patch, with his master password encased inside it, but he didn’t install it yet. His patch was called ‘troj’--short for Trojan. He typed: cat
The cat command told the computer: ‘go get the data in the file called
"troj" and put it in the file "/bin/login"’. He checked the piece of paper where he had scribbled down the original file’s creation and modification dates, comparing them to the new patch. The creation date and size matched the original. The modification date was still wrong, but he was two-thirds of the way home.
Anthrax began to fasten down the final corner of the patch by using a little-known feature of the command:
/usr/5bin/date
Then he changed the modification date of his login patch to the original login file’s date.
He stepped back to admire his work from a distance. The newly installed patch matched the original perfectly. Same size. Same creation date. Same modification date. With patch in place, he deleted the root account he had installed while visiting port 2001. Always take your garbage with you when you leave.
Now for the fun bit. Snooping around. Anthrax headed off for the email, the best way to work out what a system was used for. There were lots of reports from underlings to the three system users on buying equipment, progress reports on a certain project, updates. What was this project?
Then Anthrax came across a huge directory. He opened it and there, couched inside, were perhaps 100 subdirectories. He opened one of them. It was immense, containing hundreds of files. The smallest subfile had perhaps 60 computer screens’ worth of material, all of it unintelligible. Numbers, letters, control codes. Anthrax couldn’t make head nor tail of the files. It was as if he was staring at a group of binary files. The whole subdirectory was filled with thousands of pages of mush. He thought they looked like data files for some database.
As he didn’t have the program he needed to interpret the mush, Anthrax cast around looking for a more readable directory.
He pried open a file and discovered it was a list. Names and phone numbers of staff at a large telecommunications company. Work phone numbers. Home numbers. Well, at least that gave him a clue as to the nature of the project. Something to do with telecommunications. A project important enough that the military needed the home phone numbers of the senior people involved.
The next file confirmed it. Another list, a very special list. A pot of gold at the end of the rainbow. The find of a career spent hacking.
If the US government had had any inkling what was happening at that moment, heads would have rolled. If it had known that a foreigner, and a follower of what mainstream American media termed an extremist religious group, had this information in his possession, the defence agency would have called in every law enforcement agency it could enlist.
As John McMahon might have said, a lot of yelling and screaming would have occurred.
Anthrax’s mother had made a good home for the family, but his father continued to disrupt it with his violence. Fun times with his friends shone like bright spots amidst the decay of Anthrax’s family life.
Practical jokes were his specialty. Even as a small child, he had delighted in trickery and as he grew up, the jokes became more sophisticated. Phreaking was great. It let him prank people all over the world. And pranking was cool.
Most of the fun in pranking was sharing it with friends. Anthrax called into a voice conference frequented by phreakers and hackers.
Though he never trusted others completely when it came to working on projects together, it was OK to socialise. The phreaking methods he used to get onto the phone conference were his own business. Provided he was discreet in how much he said in the conference, he thought there wasn’t too much risk.
He joined the conference calls using a variety of methods. One favourite was using a multinational corporation’s Dialcom service.
Company employees called in, gave their ID numbers, and the operator put them through to wherever they wanted to go, free of charge. All Anthrax needed was a valid ID number.
Sometimes it was hard work, sometimes he was lucky. The day Anthrax tried the Dialcom service was a lucky day. He dialled from his favourite pay phone.
‘What is your code, sir?’ The operator asked.
‘Yes, well, this is Mr Baker. I have a sheet with a lot of numbers here. I am new to the company. Not sure which one it is.’ Anthrax shuffled papers on top of the pay phone, near the receiver. ‘How many digits is it?’
‘Seven.’
That was helpful. Now to find seven digits. Anthrax looked across the street at the fish and chips shop. No numbers there. Then a car licence plate caught his eye. He read off the first three digits, then plucked the last four numbers from another car’s plate.
‘Thank you. Putting your call through, Mr Baker.’
A valid number! What amazing luck. Anthrax milked that number for all it was worth. Called party lines. Called phreakers’ bridges. Access fed the obsession.
Then he gave the number to a friend in Adelaide, to call overseas. But when that friend read off the code, the operator jumped in.
‘YOU’RE NOT MR BAKER!’
Huh? ‘Yes I am. You have my code.’
‘You are definitely not him. I know his voice.’
The friend called Anthrax, who laughed his head off, then called into Dialcom and changed his code! It was a funny incident. Still, it reminded him how much safer it was working by himself.
Living in the country was hard for a hacker and Anthrax became a phreaker out of necessity, not just desire. Almost everything involved a long-distance call and he was always searching for ways to make calls for free. He noticed that when he called certain 008
numbers--free calls--the phone would ring a few times, click, and then pause briefly before ringing some more. Eventually a company representative or answering service picked up the call. Anthrax had read about diverters, devices used to forward calls automatically, in one of the many telecommunications magazines and manuals he was constantly reading. The click suggested the call was going through a diverter and he guessed that if he punched in the right tones at the right moment, he could make the call divert away from a company’s customer service agent. Furthermore, any line trace would end up at the company.
Antrax collected some 008 numbers and fiddled with them. He discovered that if he punched another number in very quickly over the top of the ringing--just after the click--he could make the line divert to where he wanted it to go. He used the 008 numbers to ring phone conferences around the world, where he hung out with other phreakers, particularly Canadians such as members of the Toronto-based UPI or the Montreal group, NPC, which produced a phreakers’ manual in French. The conversation on the phreaker’s phone conferences, or phone bridges as they are often called, inevitably turned to planning a prank. And those Canadian guys knew how to prank!
Once, they rang the emergency phone number in a major Canadian city.
Using the Canadian incarnation of his social engineering accents, Anthrax called in a ‘police officer in need of assistance’. The operator wanted to know where. The phreakers had decided on the Blue Ribbon Ice-Cream Parlour. They always picked a spot within visual range of at least one member, so they could see what was happening.
In the split second of silence which followed, one of the five other phreakers quietly eavesdropping on the call coughed. It was a short, sharp cough. The operator darted back on the line.
‘Was that A GUN SHOT? Are you SHOT? Hello? John?’ The operator leaned away from her receiver for a moment and the phreakers heard her talking to someone else in the background. ‘Officer down.’
Things moved so fast when pranking. What to do now?
‘Ah, yeah. Yeah.’ It was amazing how much someone squeezing laughter back down his oesophagus can sound like someone who has been shot.
‘John, talk to me. Talk to me,’ the operator pleaded into the phone, trying to keep John alert.
‘I’m down. I’m down,’ Anthrax strung her along.
Anthrax disconnected the operator from the conference call. Then the phreaker who lived near the ice-cream parlour announced the street had been blocked off by police cars. They had the parlour surrounded and were anxiously searching for an injured fellow officer. It took several hours before the police realised someone had played a mean trick on them.
However, Anthrax’s favourite prank was Mr McKenny, the befuddled southern American hick. Anthrax had selected the phone number at random, but the first prank was such fun he kept coming back for more.
He had been ringing Mr McKenny for years. It was always the same conversation.
‘Mr McKenny? This is Peter Baker. I’d like my shovel back, please.’
‘I don’t have your shovel.’
‘Yeah, I lent it to you. Lent it to you like two years ago. I want it back now.’
‘I never borrowed no shovel from you. Go away.’
‘You did. You borrowed that shovel of mine. And if you don’t give it back I’m a gonna come round and get it myself. And you won’t like it.
Now, when you gonna give me that shovel back?’
‘Damn it! I don’t have your goddamn shovel!’
‘Give me my shovel!’
‘Stop calling me! I’ve never had your friggin’ shovel. Let me be!’
Click.
Nine in the morning. Eight at night. Two a.m. There would be no peace for Mr McKenny until he admitted borrowing that shovel from a boy half his age and half a world away.
Sometimes Anthrax pranked closer to home. The Trading Post, a weekly rag of personals from people selling and buying, served as a good place to begin. Always the innocent start, to lure them in.
‘Yes, sir, I see you advertised that you wanted to buy a bathtub.’
Anthrax put on his serious voice. ‘I have a bathtub for sale.’
‘Yeah? What sort? Do you have the measurements, and the model number?’
And people thought phreakers were weird.
‘Ah, no model number. But its about a metre and a half long, has feet, in the shape of claws. It’s older style, off-white. There’s only one problem.’ Anthrax paused, savouring the moment.
‘Oh? What’s that?’
‘There’s a body in it.’
Like dropping a boulder in a peaceful pond.
[ ]
The list on System X had dial-up modem numbers, along with usernames and password pairs for each address. These usernames were not words like ‘jsmith’ or ‘jdoe’, and the passwords would not have appeared in any dictionary. 12[AZ63. K5M82L. The type of passwords and usernames only a computer would remember.
This, of course, made sense, since a computer picked them out in the first place. It generated them randomly. The list wasn’t particularly user-friendly. It didn’t have headers, outlining what each item related to. This made sense too. The list wasn’t meant to be read by humans.
Occasionally, there were comments in the list. Programmers often include a line of comment in code, which is delineated in such a way that the computer skips over the words when interpreting the commands.
The comments are for other programmers examining the code. In this case, the comments were places. Fort Green. Fort Myers. Fort Ritchie.
Dozens and dozens of forts. Almost half of them were not on the mainland US. They were in places like the Philippines, Turkey, Germany, Guam. Places with lots of US military presence.