Approaching Zero by Paul Mungo (best way to read e books .TXT) 📕
The next day, after his friend in Kentucky had picked up the $687, Fry Guy carried out a second successful transaction, this time worth $432. He would perform the trick again and again that summer, as often as he needed to buy more computer equipment and chemicals. He didn't steal huge amounts of money-- indeed, the sums he took were almost insignificant, just enough for his own needs. But Fry Guy is only one of many, just one of a legion of adolescent computer wizards worldwide, whose ability to crash through high-tech security systems, to circumvent access controls, and to penetrate files holding sensitive information, is endangering our computer-dependent societies. These technology-obsessed electronic renegades form a distinct subculture. Some steal--though most don't; some look for information; some just like to play with computer systems. Together they probably represent the future of our computer-dependent society. Welcome to the com
Read free book «Approaching Zero by Paul Mungo (best way to read e books .TXT) 📕» - read online or download for free at americanlibrarybooks.com
- Author: Paul Mungo
- Performer: -
Read book online «Approaching Zero by Paul Mungo (best way to read e books .TXT) 📕». Author - Paul Mungo
and two journalists who were known to Wernery would handle the media. On the
designated day, the journalists told the full story on the evening news; the
next morning it made newspaper headlines around the country.
A few days later the two journalists had a second chance at the story when it
was realized that NASA had still not removed the VAXbusters’ programs (the
“trap” programs) from its two computers at its Washington headquarters. Nor had
it installed the mandatory patches. So another event was staged for German
television audiences. This time, in front of the cameras, Bach and Handel broke
into the two NASA computers in Washington, D.C., and installed the mandatory
patches that DEC had issued four months earlier. It took a matter of minutes in
each case. The hackers had fixed the security flaw that NASA could not be
bothered to fix for itself.
A spokesman for NASA in Washington, D.C., was not impressed. The loophole in
the operating system was not a “security flaw,” he insisted. The information on
the computers was not classified: it was just scientific data, for the use of
scientists. The two computers were, he said, “like a public library.”
The VAXbusters knew differently. With the higher privileges they had been able
to manipulate from the multitude of IDs and passwords they had copied, they had
the authority of the chief librarian in NASA’s library. They had roamed through
the offlimits sections of the shelves; one of the files they had copied was a
fifty-two-page document outlining the security within the entire NASA computer
system.
The story, despite the Americans’ professed indifference, got heavy play.
Steffen found himself on television more than once, explaining the arcana of
hacking and his own role in the VAXbuster saga. Eventually the media interest
waned; and that, Steffen assumed, was that. He was not aware of the Illuminati.
The French were less phlegmatic than the Americans They had been suffering some
“very serious” hacking incidents that had begun in 1986 and were still
continuing in 1987. The incidents included the theft and destruction of
important programs and data from VAX computers at Philips-France and SGSThom
son—the two French companies targeted by the KGB. Their total losses, they
claimed, reached an astronomical level, some hundreds of millions of dollars.
When the French authorities were told about the VAXbusters they became
convinced that the German hackers were the culprits. The penetration techniques
used on the French VAXen were the same as those described in the August report
made by the German secret service. The same back door and the same sort of
program to collect legitimate user IDs and passwords were used.
At the instigation of the French, Germany’s federal police raided the homes of
a number of known Chaos Computer Club members in Hamburg on September 27th and
28th, impounding their computer equipment. Ironically, the police overlooked
the VAXbusters, who were not Chaos members. To a large extent, Chaos had become
a victim of its own publicity: the police, not aware the VAXbusters were a
separate group, had simply raided the homes of the most notorious hackers in
Germany. It was a case of rounding up the usual suspects—one of whom was
Steffen Wernery, who told them about his own role in the matter and of his
previous cooperation with the secret service. Within four months the police had
completed their investigations. They concluded that Steffen was simply a
“switching center”—a conduit for information—and nothing more. Neither he nor
the other Chaos members were involved in hacking into the French computers.
This information was passed to the French—who didn’t believe it. The methods
used to hack into the French sites were too similar to the techniques employed
by the VAXbusters to be mere coincidence. And even though the gang’s list of
all the VAX computers it had hacked did not include either Philips-France or
SGSThomson, the French authorities remained convinced that the trail from the
two companies led back to Hamburg.
At about the same time, the secret service contacted Hans Gliss about the
incidents in France and asked if he could help. Gliss discussed the matter with
Steffen, and suggested that they both go to Paris for the forthcoming annual
Securicom conference, in March 1988, and present a report on computer security-
-particularly VAX security. Securicom was the ideal forum: it attracted the top
computer security specialists in the world. Steffen could tell the delegates
about the back door on the DEC machines and how to fix it.
Steffen acquiesced; he had found the limelight agreeable, and the visit to
Securicom would give him another chance to bask in its glow. He arranged to go
to Paris with a colleague from Chaos. Gliss would drive to Paris from his
holiday home in the south of France.
Steffen also offered to meet representatives of Philips-France, one of the
companies hit by the unknown hackers. Philips agreed, and asked Steffen to
confirm the names so that security passes could be arranged.
Steffen arrived at Paris’s Orly Airport on March 14th. He approached
immigration control and handed his German passport to one of the officers on
duty, a woman. She looked at the photo and his name and hesitated.
‘There has been a problem,” she said. “Please wait a moment.” She reappeared a
few minutes later with three men in civilian clothing who claimed to be from
the Brigade Financiere, France’s revenue service. Steffen now suspects that
they were from French Intelligence.
“Where is your friend?” they wanted to know. His friend, the colleague from
Chaos, was coming in later by train. Steffen was immediately concerned: how did
they know about his friend? And why should he tell them where he was? Steffen
was arrested and taken to the police cells.
Under French law an investigating judge can order the deten-tion of a suspect for twenty-four hours and then for an additional twenty-four
hours if necessary. During that period the suspect is not allowed to make
contact with anyone at all, not even a lawyer. The police began interrogating
Steffen: they asked him about Chaos, about the VAXbusters, and about the two
sites in France. They also went through his belongings and papers, looking at
names and addresses. In his diary they found the Paris contact address for Hans
Gliss.
Gliss had checked into the Pullman St. Jacques Hotel, having driven up from his
house in the Dordogne. When he arrived at the hotel, he found three members of
the “Brigade Financiere” waiting for him. Fortunately for Gliss he was with his
wife, Ursula, who, seeing her husband arrested and escorted away, started
telephoning for help.
Gliss was taken to the police station, and his passport was impounded. The
police began asking him about the Chaos Computer Club. Gliss, whose French is
poor, demanded an interpreter. The police told Gliss they had arrested Steffen-
-unnecessarily, as it happens, because Gliss could hear him being questioned in
a nearby cell.
Gliss was interrogated for two and a half hours before his passport was
returned. Half an hour after that he was set free. On his return to the hotel,
Ursula told him she had phoned their friends in Paris, who had contacted the
German police, who in turn had called the secret service. The agency, it was
presumed, had prevailed on the French authorities to release him.
Steffen wasn’t so lucky. He was held in the police cells for two days, under
continuous interrogation. He says he was allowed to sleep for only three to
four hours each day. Steffen told them all he knew, including the fact that a
full list of computers penetrated by the VAXbusters had been presented to the
German authorities and didn’t include the two French sites. He also insisted
that all Chaos members had stopped hacking.
While Steffen was being interrogated, Gliss told the five hundred delegates at
Securicom of his experience and of Steffen’s incarceration. He also read
Steffen’s paper, which had been written to help the French improve their
computer security. Later he contacted the German authorities on Steffen’s
behalf, but they were powerless to intervene: the French were holding Steffen
as an “accessory” to the breakins at Philips-France and SGSThomson.
Three times Steffen was brought before a judge, and each time he was remanded
in custody for further questioning. The German foreign office discreetly
pressured the French government over the case, until finally Steffen’s dossier
reached the desk of the French president.
Mitterand presumably had enough problems: he ordered the German hacker’s
release. On May 20th, at five minutes past midnight, Steffen was driven to the
airport and unceremoniously bundled aboard the night plane to Hamburg. He had
spent over two months in a French jail.
While Steffen was incarcerated in Paris, the real culprits remained in Germany,
safely beyond French jurisdiction.
Despite the French authorities’ suspicions about Chaos and the VAXbusters,
despite the raids in Hamburg, it was in reality the Soviet hacker gang—
ensconced in Hannover and Berlin—who had penetrated the sites at
Philips-France and SGSThomson. They were looking for information on megachip
research, just as the KGB had requested. Surprisingly, in view of the
importance the French authorities attached to the sites, Pengo remembers them
as simple systems to get around in once they had been breached.
Koch and Pengo had penetrated the security at Philips-France and SGSThomson
using the back door and the trap program they had learned about from Weihruch,
the Karlsruhe student. It was understandable that the French would blame the
VAXbusters: both teams had used the same techniques, having learned them from
the same source.
Koch and Pengo had downloaded data from the two French
companies, and supposedly passed a computer tape to the KGB in East Berlin.
Without revealing exactly what was on the tape, Pengo has suggested that it
might have contained details of a design program for advanced microprocessors.
But although the hackers were able to pass on the French material to their
Soviet paymasters, the KGB was again demanding more. By the end of 1987 they
wanted information on Western military computer networks, including the
operating specifications of the interconnected machines. It appeared that the
KGB wanted to infiltrate the military systems.
However, the pressure was beginning to tell on Pengo and Koch, and the two had
other things on their minds. They were frightened by the arrests of the Chaos
members in Hamburg; they felt that it wouldn’t be long before the police
stumbled over their own operation. And they had also heard about Steffen’s
interrogation in Paris, which meant that the French were also chasing them.
In the summer of 1988 both Pengo and Koch independently approached the
authorities, hoping to take advantage of an amnesty provision in German
espionage legislation. This provision guaranteed lenient treatment to those who
had not previously been under suspicion and now confessed, provided they
cooperated fully. The two confessed to espionage, the only offense covered by
the amnesty. Paradoxically, confessing to any lesser offense could have
resulted in a severer penalty.
Both were interrogated regularly and at length by the authorities. By early
1989 the Germans felt that they had enough evidence to support a case against
the other members of the Soviet hacker gang. On March 2nd, eighteen people were
interrogated and eight arrested. The latter included Hess, Pengo, and Koch, as
well as Dirk Brescinsky and Peter Kahl. The others were local hackers caught up
in the wide-ranging investigation. All the hackers were released after a few
days; Kahl and Brescinsky were dispatched to a high-security prison in
Karlsruhe. Pengo and Koch could expect to escape prosecution due to their
earlier confessions under the amnesty.
Just two months after his arrest Karl Koch would be found dead, his burned body
Iying in a wood
Comments (0)