|
Sneakers
.)
Whenever I logged in to my account on escape.com, there was always a
notification displaying the date and time of my previous log-in. The first
thing I did each time I logged in was truncate the log entries to eliminate
any trace of my comings and goings. But this time when I logged in, I
immediately noticed that someone else had logged in to my account… from
the Well. Someone else had been there. What the fuck?
I immediately went to the Well and started poking around, but didn’t
find anything that led me to the mystery spy.
I disconnected immediately, feeling like I was being watched.
Meanwhile, a Sprint engineer was trying to make sense of the number that
GTE had traced as originating from the Sprint network. When he searched
through the company’s customer records, the number didn’t come up, which
seemed strange. But then the engineer realized it wasn’t a Sprint number at
all—in fact, it didn’t even have a cellular prefix. Shimmy asked the FBI to
set up a conference call so he could discuss this oddity with the engineer at
Sprint. Then he decided to try calling the number himself, to see if anyone
would answer. As soon as the call connected, he began to hear a
kerchunk-
ing noise that would get quieter and quieter until the call was dropped. This
was intriguing to him and the engineers. It appeared that I had set up a fail-
safe to prevent them from tracing me back, and they wondered if I could
have tampered with the switch.
My using Sprint’s cellular network to dial in to Netcom through my cut-
out number made it look as if the cut-out number was originating from
Sprint’s network when it really wasn’t. This was because both the cut-out
number and Netcom’s dial-up number were in the same switch. The Sprint
engineer now decided to change tactics and perform what’s known as a
“terminating number search.” Rather than looking for calls placed
from
the
traced number, he looked for any subscriber calls
to
that number.
It didn’t take him long to hit pay dirt. His search through the call detail
records indicated that the traced number had been called numerous times
from a Sprint cell phone—or rather, from the cell number I was using to
dial in to Netcom, a phone with a Raleigh area code.
The technician noticed that the calls were usually being routed through
the same cellular phone tower. That meant that the phone on the other end
was likely in a fixed location. So they now knew where I was: Raleigh.
As soon as the engineer told Shimmy what he had figured out, Shimmy
hopped on a plane, destination Raleigh.
I tried calling and emailing JSZ in Israel several times to rule out the
unlikely possibility that he had recently accessed my “escape.com” account
from the Well. On Sunday afternoon, while Shimmy was winging his way
to Raleigh, JSZ sent me a message that left me up in the air:
Hi,
This AM my dad had a serious heart attack and is hospitalized here; I
have been at the hospital all the day, and probably will be there all day
on tomorrow as well; Don’t expect me to be on computers during next
3–4 days—I hope you understand.
Rgrds,
Jonathan
Growing more and more nervous, I immediately logged on to the phone
company switch that serviced the dial-up numbers to Netcom through
Research Triangle Park—one of the routes I had been using in Raleigh for
Internet access. It was in fact my preferred route because cell phone calls
direct to Netcom in Denver and elsewhere were not of good quality for long
dial-up sessions.
When I examined the Netcom dial-up number in the switch, it indicated
that the modem number had a trap-and-trace activated! I started getting an
anxious feeling in the pit of my stomach. Now I was really worried.
My pursuers were getting too close. How much had they figured out?
I needed to know whether the trap had been in place long enough to
capture any of my calls.
General Telephone has a Network Operations Center in Texas that handles
switch surveillance outside of regular working hours. I call and pretend to
be from GTE Security. I ask to be transferred to the person handling the
Durham Parkwood switch in Raleigh. A lady comes on the line.
“Listen, I’m working on a suicide case,” I tell her. “The phone number is
558-8900. What time did the trap go up?”
She says she’ll find out. I wait. And wait. And wait some more,
meanwhile getting more alarmed. Finally, after about five minutes, the call
is picked up again—not by the same lady, but by a man.
I ask, “Did we get any information yet?”
He starts asking a series of questions: What’s my callback number? Who
do I work for? I’ve done my homework and feed him appropriate answers.
“Have your manager call me,” he says.
“He won’t be in till morning,” I say. “I’ll leave a message for him to call
you.”
Now I’m extremely suspicious: they’ve been warned that somebody
might call. This has all the earmarks of a national security investigation. Is
someone getting close to pinpointing my location?
As a precaution, I immediately clone my cell phone to a
different
cellular phone provider—Cellular One—just in case someone really has
been tracking me.
As soon as Shimmy arrived in Raleigh, he was picked up by a Sprint
technician, who drove him to the cell site. At the cell site, the techs had a
Cellscope 2000 for radio direction finding, the same type of unit that the
investigators in Seattle had used to track my location. Technicians at
Cellular One had been alerted to watch for any strange activity coming
from their network. When I placed a cellular call to Netcom, Cellular One
identified a data call in progress and informed the posse. They jumped into
a vehicle and started driving around, following clues from the Cellscope
2000 to hunt down the origin of my cellular radio signal. Within minutes,
Shimmy and other team members were driving around the Players Club
looking for any apartments with their lights still on at this early-morning
hour.
A while later they got a lucky break. The Sprint technician running the
surveillance equipment picked up a conversation. John Markoff, who had
just arrived in Raleigh to join the chase, recognized one of the voices. It
was the well-known founder of the magazine
2600: The Hacker Quarterly
,
Eric Corley (though he preferred going by his chosen handle, Emmanuel
Goldstein, after a character in the novel
1984
). Moments later, above the
hiss and static and intermittent reception, they heard the voice on the other
end of the conversation. Markoff recognized that one, too.
“It’s him,”
Markoff shouted.
“It’s Mitnick!”
Do'stlaringiz bilan baham: |
