Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker

carelessness, but also the cost of not wanting to run the risk of talking to a
police officer.
Of course, my next task was to find a way to wipe squeaky-clean the
computer I had been using at the law firm. But how, when I no longer
worked there?
A couple of weeks later, Elaine said she’d allow me to come in and
transfer my “personal” files to floppies, which of course meant all my
source code riches from the recent hacks. She sat with me while I did it, and
looked concerned when she saw that I was deleting each file after saving it
to a floppy. To throw her off the scent, I created an “Eric” folder on the
computer and moved each file there instead of deleting it. Later I’d
somehow have to either connect to the computer remotely or slip into the
building to wipe all the files in that directory.
Not long after, I regrouped and decided to call Ginger, on the pretext of
“just staying in touch” but really in the hope of gathering some useful
information. During the call, she mentioned that she was having problems
with the “BSDI” system that connected the law firm to the Internet, which I
had installed and managed.
I told her I could help her out over the phone. As I walked her through
fixing the problem, I had her type:
nc–l–p 53–e/bin/sh &
She didn’t recognize the command, which gave me full root access to
the firm’s gateway host. When she typed that command, it ran a program
called “netcat,” which set up a root shell on port 53, so I could connect to
the port and be granted with an instant root shell, requiring no password.
All unaware, Ginger had effectively set up a simple backdoor for me with
root access.
Once I was in, I connected to the law firm’s AViiON Data General
computer system, running the firm’s telephone accounting application,
where I had previously set up my early-warning system. The reason I
connected to the AViiON first was as a safety measure: if after firing me my
bosses had decided to change the passwords on the VMS Cluster—the

firm’s primary computer systems—then any attempt I might have made to
log in directly to the VMS Cluster with an incorrect password would have
triggered a log-in-failure security alarm from the system that acted as the
firm’s Internet gateway. By accessing the VMS Cluster through the AViiON
instead, I ensured that an incorrect password would appear to be an attempt
made from inside the firm. So any security alarm would not appear to be
coming from the Internet gateway system, which would likely point to me
since I was the only person who had previously had access to it.
Successfully logged in to the VMS system, I remotely mounted my old
workstation’s hard drive; that way I could gain access to my files and
securely wipe all the potential evidence.
Searching Elaine’s email for mentions of my name, I learned that the
firm was trying to put together a defense in case I sued for wrongful
termination—which I had grounds for doing but obviously couldn’t risk.
Liz had been asked to write up any observations that might support the
claim of my doing outside consulting while at work; her reply read:
With respect to Eric’s outside consulting I don’t know anything
specific…. He was always very busy but I have no idea what he
was doing. He was on his cell phone a lot and worked on his p.c.
a lot.
And that was as much as management would be able to get from
anybody as justification for firing me. But it was a fantastic find, because it
meant my former bosses hadn’t caught on to the truth about me.
I would continue to check the firm’s emails over the following months
to make sure nothing else turned up with my name on it. Nothing important
ever did.
But keeping up my status as an ex-office-buddy, I stayed in touch with
Ginger by calling her now and then to hear the latest from the company
grapevine. After I let her know that I might file for unemployment, she
admitted that the firm was worried I might sue for wrongful termination.
So apparently, after I was fired, they figured they should do some
checking to see if they could drum up a legitimate reason for having fired
me. I hadn’t had any reason to keep paying the answering service in Las
Vegas for the phony Green Valley Systems, so when they tried to reverify

my employment, they discovered there was no such company. They started
pursuing some other queries.
The next time I called her, Ginger thought she was dropping the ultimate
bomb on me: “The firm has done some checking. And, Eric… you don’t
exist!”
Oh, well. So much for the second life of Eric Weiss.
With nothing to lose, I told Ginger I was a private investigator hired to
collect evidence against the firm. And “I’m not allowed to discuss it.”
I went on, “One thing I can tell you. Everything is bugged—there are
listening devices in Elaine’s office and under the raised floor in the
computer room.” I figured she would walk—no, 
run—
to Elaine’s office
with the news. I hoped the disinformation tactic would raise doubts about
the stories I had told Ginger in the past—so they wouldn’t know what to
believe.
Every day, I would check De Payne’s Netcom account looking for any
messages he had left for me to find. We were protecting our
communications with an encryption program called “PGP” (short for
“Pretty Good Privacy”).
One day I found a message that, when decrypted, read, “LITTMAN
WAS VISITED BY 2 FBI AGENTS!!!” That scared me because I had spent
some time on the phone with Jon Littman, who was writing a 
Playboy
article about me around that time. (Actually, that was just what he originally
told me; somewhere along the line, he cadged a contract to do an entire
book on my story, without mentioning it to me. I hadn’t had any problem
about talking to him for an article in 
Playboy
. But Littman didn’t disclose to
me that he was writing a book about my life until after I was arrested in
Raleigh. Earlier I had turned down John Markoff and his wife, Katie
Hafner, about cooperating on a book, and I would have never agreed to
speak to Littman if he had told me he was writing a book about my life.)
I really loved Denver. My new permanent identity as Brian Merrill was
ready to be rolled out, and for a time I toyed with the idea of lining up a
new everything—job, apartment, furniture rental place, rental car, and the
rest—and putting down roots as a Denverite. I would have loved to stay. I
thought about just moving to the other side of town and starting over with a
brand-new identity.

But then I pictured myself in a restaurant with some new coworker, a
date, or, eventually, a wife, and having somebody walk up to the table with
a bright smile and a hand extended for a shake, saying, “Hi, Eric!” Maybe I
could claim mistaken identity the first time, but if it happened more than
once…
No, that wasn’t a chance I was willing to take.
A couple of days later, with my clothes and other belongings still loaded in
the U-Haul, I drove out of Denver headed southwest, for Las Vegas, to visit
my mom and grandmother and to plan my next steps.
Checking back into the Budget Harbor Suites gave me an eerie feeling
of déjà vu. So did sitting in a room there and diving back into research on
the next place I would live.
I was constantly on my guard. I could never forget how dangerous Las
Vegas was for me. When I was in prison, it seemed like every guy in there
who hadn’t been ratted out by a girlfriend or wife had instead been caught
when he paid a visit to his wife, his mother, or some other family member
or close friend. But I couldn’t be in town and not hang out with my mother
and Gram—they were my whole reason for coming to Vegas, despite the
constant danger.
I was packing my usual early-warning system, a ham radio that was
easily modified so I could transmit and receive on all the frequencies being
used by the various Federal agencies.
It annoyed the hell out of me that traffic of those agencies was all
encrypted. Sure, I’d know whenever one of their agents was somewhere
nearby, but I never had any idea whether the transmissions were about me
or somebody else. I tried calling the local Motorola office, pretending I was
an FBI agent, and fishing for some clue that would let me obtain the
encryption key. No good: the Motorola guy said there wasn’t anything he
was able to do for me over the phone, “But if you come by with your key
loader…”
Yeah, right—I’m going to walk into the local Motorola and say I’m FBI
and… what? “I forgot to bring my credentials with me.” Not quite.
But how was I going to crack the FBI crypto? After thinking it over for
a while, I came up with a Plan B.

To enable its agents to communicate over greater distances, the
government had installed “repeaters” at high elevations to relay the signals.
The agents’ radios transmitted on one frequency and received on another;
the repeaters had an input frequency to receive the agents’ transmissions,
and an output frequency that the agents listened on. When I wanted to know
if an agent was nearby, I simply monitored the signal strength on the
repeater’s input frequency.
That setup enabled me to play a little game. Whenever I heard any hiss
of communication, I’d hold down my Transmit button. That would send out
a radio signal on the same exact frequency, which would jam the signal.
Then the second agent wouldn’t be able to hear the first agent’s
transmission. After two or three tries back and forth, the agents would get
frustrated with the radio. I could imagine one of them saying something
like, “Something’s wrong with the radio. Let’s go in the clear.”
They’d throw a switch on their radios to take them out of encryption
mode, and I’d be able to hear both sides of the conversation! Even today
I’m amused to remember how easy it was to work around that encryption
without even cracking the code.
If I had ever heard somebody saying “Mitnick” or any radio traffic that
suggested I was the target of ongoing surveillance, I would have vanished
in a hurry. But that never happened.
I used this little trick every time I was in Las Vegas. You can imagine
how much it increased my comfort level. And the Feds never caught on. I
could picture them griping to each other about that lousy encryption feature
on their radios always crapping out on them. Sorry, Motorola—they were
probably blaming you.
The whole time I was in Las Vegas, I kept asking myself, 

Download 2,97 Mb.

Do'stlaringiz bilan baham: