Underground: Tales of Hacking, Madness and Obsession from the Electronic Frontier (60 page)

The Victoria Police report concluded that ‘Gill was able to infiltrate the policing environment by skilfully manipulating himself and information to the unsuspecting’. The Ombudsman concluded that a

‘large quantity of confidential police information, mainly from the ISU database, was given to ... Gill by [Victoria Police officer]

Cosgriff’.

The police report stated that Inspector Chris Cosgriff had deliberately leaked confidential police information to Gill, and reported that he was ‘besotted with Gill’. Superintendent Tony Warren, ex-Deputy Commissioner John Frame and ex-Assistant Commissioner Bernice Masterston were also criticised in the report.

The Ombudsman concluded that Warren and Cosgriff’s relationship with Gill was ‘primarily responsible for the release of confidential information’. Interestingly, however, the Ombudsman also stated,

‘Whilst Mr Gill may have had his own agenda and taken advantage of his relationship with police, [the] police have equally used and in some cases misused Mr Gill for their own purposes’.

The Ombudsman’s report further concluded that there was no evidence of criminal conduct by Frank Green, and that the ‘allegations made over the years against Mr Green should have been properly and fully investigated at the time they were made’.

PHOENIX

As his court case played in the media, Phoenix was speeding on his motorcycle through an inner-city Melbourne street one rainy night when he hit a car. The car’s driver leapt from the front seat and found a disturbing scene. Phoenix was sprawled across the road. His helmet had a huge crack on the side, where his head had hit the car’s petrol tank, and petrol had spilled over the motorcycle and its rider.

Miraculously, Phoenix was unhurt, though very dazed. Some bystanders helped him and the distraught driver to a nearby halfway house. They called an ambulance, and then made the two traumatised young men some tea in the kitchen. Phoenix’s mother arrived, called by a bystander at Phoenix’s request. The ambulance workers confirmed that Phoenix had not broken any bones but they recommended he go to hospital to check for possible concussion.

Still both badly shaken, Phoenix and the driver exchanged names and phone numbers. Phoenix told the driver he did technical work for a 0055 telephone service, then said, ‘You might recognise me. I’m Phoenix. There’s this big computer hacking case going on in court--that’s my case’.

The driver looked at him blankly.

Phoenix said, ‘You might have seen me on the TV news.’

No, the driver said, somewhat amazed at the strange things which go through the dazed mind of a young man who has so narrowly escaped death.

Some time after Phoenix’s close brush with death, the former hacker left his info-line technician’s job and began working in the information technology division of a large Melbourne-based corporation. Well paid in his new job, Phoenix is seen, once again, as the golden-haired boy. He helped to write a software program which reduces waste in one of the production lines and reportedly saved the company thousands of dollars. Now he travels abroad regularly, to Japan and elsewhere.

He had a steady girlfriend for a time, but eventually she broke the relationship off to see other people. Heartbroken, he avoided dating for months. Instead, he filled his time with his ever-increasing corporate responsibilities.

His new interest is music. He plays electric guitar in an amateur band.

ELECTRON

A few weeks after his sentencing, Electron had another psychotic episode, triggered by a dose of speed. He was admitted to hospital again, this time at Larundel. After a short stay, he was released and underwent further psychiatric care.

Some months later, he did speed again, and suffered another bout of psychosis. He kept reading medical papers on the Internet about his condition and his psychiatrists worried that his detailed research might interfere with their ability to treat him.

He moved into special accommodation for people recovering from mental instabilities. Slowly, he struggled to overcome his illness. When people came up to him and said things like, ‘What a nice day it is!’

Electron willed himself to take their words at face value, to accept that they really were just commenting on the weather, nothing more.

During this time, he quit drugs, alcohol and his much-hated accounting course. Eventually he was able to come off his psychiatric medicines completely. He hasn’t taken drugs or had alcohol since December 1994.

His only chemical vice in 1996 was cigarettes. By the beginning of 1997 he had also given up tobacco.

Electron hasn’t talked to either Phoenix or Nom since 1992.

In early 1996, Electron moved into his own flat with his steady girlfriend, who studies dance and who also successfully overcame mental illness after a long, hard struggle. Electron began another university course in a philosophy-related field. This time university life agreed with him, and his first semester transcript showed honours grades in every class. He is considering moving to Sydney for further studies.

Electron worked off his 300 hours of community service by painting walls and doing minor handyman work at a local primary school. Among the small projects the school asked him to complete was the construction of a retaining wall. He designed and dug, measured and fortified. As he finished off the last of his court-ordered community service hours on the wall, he discovered that he was rather proud of his creation. Even now, once in a while, he drives past the school and looks at the wall.

It is still standing.

[ ]

There are still hacking cases in Australia. About the same time as Mendax’s case was being heard in Victoria, The Crawler pleaded guilty to 23 indictable offences and thirteen summary offences--all hacking related charges--in Brisbane District Court. On 20 December 1996, the 21-year-old Queenslander was given a three-year suspended prison sentence, ordered to pay $5000 in reparations to various organisations, and made to forfeit his modem and two computers. The first few waves of hackers may have come and gone, but hacking is far from dead. It is merely less visible.

Law enforcement agencies and the judiciaries of several countries have tried to send a message to the next generation of would-be hackers.

The message is this: Don’t hack.

But the next generation of elite hackers and phreakers have heard a very different message, a message which says: Don’t get caught.

The principle of deterrence has not worked with hackers at this level.

I’m not talking here about the codes-kids--the teeny-bopper, carding, wanna-be nappies who hang out on IRC (Internet relay chat). I’m talking about the elite hackers. If anything, law enforcement crackdowns have not only pushed them further underground, they have encouraged hackers to become more sophisticated than ever before in the way they protect themselves. Adversity is the mother of invention.

When police officers march through the front door of a hacker’s home today, they may be better prepared than their predecessors, but they will also be facing bigger hurdles. Today, top hackers encrypt everything sensitive. The data on their hard drives, their live data connections, even their voice conversations.

So, if hackers are still hacking, who are their targets?

It is a broad field. Any type of network provider--X.25, cellular phone or large Internet provider. Computer vendors--the manufacturers of software and hardware, routers, gateways, firewalls or phone switches. Military institutions, governments and banks seem to be a little less fashionable these days, though there are still plenty of attacks on these sorts of sites.

Attacks on security experts are still common, but a new trend is the increase in attacks on other hackers’ systems. One Australian hacker joked, ‘What are the other hackers going to do? Call the Feds? Tell the AFP, "Yes, officer, that’s right, some computer criminal broke into my machine and stole 20000 passwords and all my exploitation code for bypassing firewalls".’

For the most part, elite hackers seem to work alone, because of the well-advertised risks of getting caught. There are still some underground hacking communities frequented by top hackers, most notably UPT in Canada and a few groups like the l0pht in the US, but such groups are far less common, and more fragmented than they used to be.

These hackers have reached a new level of sophistication, not just in the technical nature of their attacks, but in their strategies and objectives. Once, top hackers such as Electron and Phoenix were happy to get copies of Zardoz, which listed security holes found by industry experts. Now top hackers find those holes themselves--by reading line by line through the proprietary source code from places like DEC, HP, CISCO, Sun and Microsoft.

Industrial espionage does not seem to be on the agenda, at least with anyone I interviewed. I have yet to meet a hacker who has given proprietary source code to a vendor’s competitor. I have, however, met a hacker who found one company’s proprietary source code inside the computer of its competitor. Was that a legal copy of the source code?

Who knows? The hacker didn’t think so, but he kept his mouth shut about it, for obvious reasons.

Most of the time, these hackers want to keep their original bugs as quiet as possible, so vendors won’t release patches.

The second popular target is source code development machines. The top hackers have a clear objective in this area: to install their own backdoors before the product is released. They call it ‘backdooring’ a program or an operating system. The word ‘backdoor’ is now used as both a noun and a verb in the underground. Hackers are very nervous discussing this subject, in part because they don’t want to see a computer company’s stock dive and people lose their jobs.

What kind of programs do these hackers want to backdoor? Targets mentioned include at least one major Internet browser, a popular game, an Internet packet filter and a database product used by law enforcement agencies.

A good backdoor is a very powerful device, creating a covert channel through even the most sturdy of firewalls into the heart of an otherwise secure network. In a net browser, a backdoor would in theory allow a hacker to connect directly into someone’s home computer every time he or she wandered around the World Wide Web. However, don’t expect hackers to invade your suburban home just yet. Most elite hackers couldn’t care less about the average person’s home computer.

Perhaps you are wondering who might be behind this sort of attack.

What sort of person would do this? There are no easy answers to that question. Some hackers are good people, some are bad, just like any group of people. The next generation of elite hackers are a diverse bunch, and relaying their stories would take another book entirely.

However, I would like to introduce you to just one, to give you a window into the future.

Meet SKiMo.

A European living outside Australia, SKiMo has been hacking for at least four years, although he probably only joined the ranks of world-class hackers in 1995 or 1996. Never busted. Young--between the age of 18 and 25--and male. From a less than picture-perfect family.

Fluent in English as a second language. Left-leaning in his politics--heading toward environmentally green parties and anarchy rather than traditional labour parties. Smokes a little dope and drinks alcohol, but doesn’t touch the hard stuff.

His musical tastes include early Pink Floyd, Sullen, Dog Eat Dog, Biohazard, old Ice-T, Therapy, Alanis Morissette, Rage Against the Machine, Fear Factory, Life of Agony and Napalm Death. He reads Stephen King, Stephen Hawking, Tom Clancy and Aldous Huxley. And any good books about physics, chemistry or mathematics.

Shy in person, he doesn’t like organised team sports and is not very confident around girls. He has only had one serious girlfriend, but the relationship finished. Now that he hacks and codes about four to five hours per day on average, but sometimes up to 36 hours straight, he doesn’t have time for girls.

‘Besides,’ he says, ‘I am rather picky when it comes to girls. Maybe if the girl shared the same interests ... but those ones are hard to find.’ He adds, by way of further explanation, ‘Girls are different from hacking. You can’t just brute force them if all else fails.’

SKiMo has never intentionally damaged a computer system, nor would he.

Indeed, when I asked him, he was almost offended by the question.

However, he has accidentally done damage on a few occasions. In at least one case, he returned to the system and fixed the problem himself.

Bored out of his mind for most of his school career, SKiMo spent a great deal of time reading books in class--openly. He wanted to send the teacher a message without actually jacking up in class.

He got into hacking after reading a magazine article about people who hacked answering machines and VMBs. At that time, he had no idea what a VMB was, but he learned fast. One Sunday evening, he sat down with his phone and began scanning. Soon he was into phreaking, and visiting English-speaking party lines. Somehow, he always felt more comfortable speaking in English, to native English-speakers, perhaps because he felt a little like an outsider in his own culture.

‘I have always had the thought to leave my country as soon as I can,’

he said.

From the phreaking, it was a short jump into hacking.

What made him want to hack or phreak in the first place? Maybe it was the desire to screw over the universally hated phone company, or

‘possibly the sheer lust for power’ or then again, maybe he was simply answering his desire ‘to explore an intricate piece of technology’.

Today, however, he is a little clearer on why he continues to hack.

‘My first and foremost motivation is to learn,’ he said.

When asked why he doesn’t visit his local university or library to satisfy that desire, he answered, ‘in books, you only learn theory. It is not that I dislike the theory but computer security in real life is much different from theory’. Libraries also have trouble keeping pace with the rate of technological change, SKiMo said. ‘Possibly, it is also just the satisfaction of knowing that what I learn is proprietary--is "inside knowledge",’ he added. There could, he said, be some truth in the statement that he likes learning in an adrenalin-inducing environment.