Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker

Hitched in Haste
Kvoh wg hvs boas ct hvs Doqwtwq Pszz sadzcmss kvc fsor hvs
wbhsfboz
asac opcih am voqywbu oqhwjwhwsg cjsf hvs voa forwc?
B
onnie recently said that she still remembers “how much fun Kevin was,
how sweet he was.”
I felt the same about her. There had been other girls I’d had crushes on,
but Bonnie was a first for me in how serious I felt, a first in how much I
cared. We enjoyed so many of the same things, even down to the Reese’s
Peanut Butter Cups that we’d drive out of our way to pick up at a 7-Eleven
on our way home. You probably know the satisfaction when you’re just
comfortable and happy being in one particular person’s company. There
was no doubt that having her there for me, after those two rapid-fire job
losses, was exactly what the doctor ordered. I was spending so much time at
her place that I began moving some of my clothes there. We never really
decided, 
Okay, let’s live together
. It just sort of happened.
We loved biking together. We loved going to the beach with a bottle of
wine. We loved hiking in the Chantry Flat, in Arcadia, a beautiful area with
waterfalls that’s right in Los Angeles County but feels like being in a forest
—really cool, such a refreshing escape for a pale guy like me who sat in
front of a computer all day and all night.
I didn’t even mind that she was a lazy housekeeper, with a big pile of
her dirty clothes usually occupying space on the bedroom floor. I’ve never
been a neat freak like my parents, but I do like things tidy and organized.
The two of us were alike in so many other ways that when it came to the
condition of the apartment, I just closed my eyes.

Since I didn’t have a job, I signed up for an extension course at UCLA in
Westwood, not far from us. Bonnie went with me to register.
But it was a deception—the first time in our relationship that I was, in a
sense, cheating on her. I’d go out three evenings a week saying I was going
to class, and instead I’d drive over to Lenny DiCicco’s work and hack with
him until almost sunup. It was a pretty rotten thing to do.
On the nights when I didn’t go out, I’d sit at my computer in the
apartment, using Bonnie’s telephone line for hacking while she read by
herself, watched television by herself, and then went to bed by herself. I
could say it was my way of handling the disappointment of those two
almost-but-oh-never-mind jobs, but I’d be lying. Sure, I was having
problems handling the massive disappointment. But that wasn’t the reason.
The real reason was simply that I was in the thrall of a powerful obsession.
Though that had to be frustrating for her, she was somehow as accepting
as I was about her less-than-admirable housekeeping. After a few months of
living together, we both knew we were committed to the relationship. We
were in love, we started talking about getting married, and we began saving
money. Whatever was left over from my paycheck (I was hired by Fromin’s
Delicatessen to migrate them over to a point-of-sale system), I would
convert into hundred-dollar bills that I stashed in the inside breast pocket of
a jacket in our coat closet.
I was twenty-three years old, living in my girlfriend’s apartment and
spending virtually every waking hour on my computer. I was David on my
PC, attacking the Goliath networks of the major telephone companies
throughout the United States.
The phone company control systems used a bastardized version of Unix,
which I wanted to learn more about. A company in Northern California
called Santa Cruz Operations, or SCO, was developing a Unix-based
operating system called Xenix for PCs. If I could get my hands on a copy of
the source code, that would give me a chance to study the inner workings of
the operating system on my own computer. From Pacific Bell, I was able to
obtain SCO’s secret dial-up numbers for its computer network, and then
manipulated an employee into revealing her username and changing her
password to a new password that I had provided, which gave me access.

At one point while immersed in studying the details of SCO’s system
trying to locate the source code I wanted to study, I noticed a system admin
was watching my every move. I sent him a message, “Why are you
watching me?”
To my surprise, he answered: “It’s my job,” his message said.
Just to see how far he’d allow me to go, I wrote back that I wanted my
own account on the system. He created an account for me, even giving me
the username I requested: “hacker.” Knowing that he’d be keeping the
account under surveillance, I just distracted him by poking around at
nothing in particular. I was able to locate the code I wanted, but in the end I
never tried to download it because the transfer would have taken forever
over my 2,400-baud modem.
But that wasn’t going to be the end of this tale.
Bonnie came home from work one day at the beginning of June to find
everything in disarray: we had been robbed. She paged me, I called, and I
could hear the alarm and upset in her voice.
I asked her to check my coat pocket for the money I’d been saving for
our wedding. But then she noticed that my stash of hundred-dollar bills—
totaling about $3,000—had been neatly laid out on the kitchen table…
along with a search warrant.
We hadn’t been robbed; we’d been raided. By officers of the Santa Cruz
Police Department. Santa Cruz! I knew it had to be connected to my
nighttime hacking excursions into the computers of Santa Cruz Operations.
When Bonnie said my computer and disks were gone, my world
immediately crumbled. I told her to quickly pack some clothes and meet
me. I knew there would be a lot of trouble coming my way. I needed to get
a lawyer to do damage control. Fast!
Bonnie joined me at a local park, and my mom came, too. I told them
both it wasn’t a big deal, since I had just poked around—I hadn’t damaged
any of the SCO files or even downloaded their source code. I wasn’t as
worried about dealing with the law as I was about the pain and suffering I
was bringing down on these two and Gram, the most important people in
my life.
Mom drove home, I took Bonnie to a nearby motel. She was upset,
feeling violated. If she had walked out on me right then, I would have

deserved it. Instead, without hesitation, she showed her true colors, her
loyalty. Her attitude wasn’t “What have you done to me?” It was more,
“What do we do now?”
The next morning she called her work and asked to take some vacation time
for a family emergency. Her boss told her that some police officers had
shown up, wanting to interview her. My first thought was that since I had
been hacking from her apartment and on her telephone, they were assuming
that 
she
was the hacker. But then I concluded that their strategy was
probably to use arresting my girlfriend as a bargaining chip: “Admit
everything or your girlfriend goes to jail.”
I spent the next few days calling lawyers, explaining the situation,
making plans. The way Bonnie remembers it, “We cried a lot together but
we stuck by each other.”
Why didn’t she just walk out? “I was crazy about Kevin,” she says
today.
We were able to release some amount of anxiety and worry by spending
a lot of time making love. I felt really sorry that I had put Bonnie in this
position, and that I caused my mom and grandmother such anxiety, and I
guess Bonnie and I found comfort in that basic outlet.
Aunt Chickie drove Bonnie and me down to the Los Angeles County
Sheriff’s West Hollywood station. We turned ourselves in, and Chickie
immediately posted our bond, $5,000 each. Somehow the police neglected
to fingerprint and photograph us. Because of this major procedural error,
there was no arrest record created for either of us. Still today, there is no
official record that I was ever arrested on the Santa Cruz Operations charge.
Please don’t tell anyone.
Over the next few months, for every appearance we had to make in the
Santa Cruz courts, I had to buy four round-trip airplane tickets—Bonnie
was using a different attorney—plus spring for hotel rooms, a rental car,
and meals. Both of the attorneys had required a retainer up front. So much
for the money I had been saving for the wedding: the entire $3,000 went to
pay my attorney’s retainer. Mom and Gram loaned me money to pay for
Bonnie’s attorney and all the other expenses.

So we didn’t have the money anymore for a proper wedding, but it was
worse than that. There isn’t any loving, romantic way to put this: I told
Bonnie we needed to get married so she couldn’t testify against me, and
also so she could visit me if I landed in jail, which was looking like the way
things were headed.
I gave Bonnie a diamond engagement ring, and we were married by a
minister who conducted weddings in his home in Woodland Hills. Gram
was there, along with my mom and her current boyfriend, deli entrepreneur
Arnie Fromin. None of Bonnie’s family joined us; her mother was
understandably furious at the situation I had landed her daughter in.
It wasn’t the magical occasion so many girls dream about when they’re
young. Bonnie wore pants, a top, and flip-flops. She hadn’t bothered to
even attempt to put herself together. Afterward we all headed over to our
apartment, Gram bringing a platter of food.
The legal picture turned from bad to worse. On top of the criminal charges,
SCO filed a $1.4 million lawsuit against me for damages. And ditto against
Bonnie.
Then a little sun broke through. It turned out the lawsuits were just for
leverage: the opposing lawyers said the folks at SCO would drop the civil
suits if I would tell them how I’d hacked in. They had never been able to
figure it out.
Of course I agreed, and sat down with a system admin named Stephen
Marr, who acted as if he thought we were going to chat like good buddies. I
treated it the same way I would have if it had been a deposition: he asked
questions, I answered. But there wasn’t all that much to tell. No high-tech
hacking secrets. I told him how I had simply called a secretary and
schmoozed her into giving me her log-in name and changing her password
to one I provided—no big deal.
Though Bonnie’s mother wouldn’t come to the wedding, she did give us a
wedding reception at her home in San Dimas. This time Bonnie wore a
wedding dress and I was in a rented tux. My dad and my brother, Adam,
were there and of course my mom and Gram, as well as Bonnie’s sister and
brothers, and even Bonnie’s ex-boyfriend. This was a much happier day
than the real wedding, complete with wedding cake and a photographer.

The criminal charges for the SCO break-in turned out better than I could
have hoped. The charges against Bonnie were dropped, and my attorney,
who knew the prosecutor, Michael Barton, got me a good deal. For anyone
else—for what was technically a first offense, since my juvenile records
were sealed—the case would have been charged as a misdemeanor. But
because I was Kevin Mitnick, with a badass reputation, the prosecutor
initially insisted on charging me with a felony—even though my trespass
into SCO’s network still amounted to only a misdemeanor under the law. I
agreed to admit to the trespass to settle the case and get the charges against
Bonnie dropped. I wouldn’t have to serve any jail time, only pay a way-
modest $216 fine and be on “summary probation” for thirty-six months—
meaning that I wouldn’t have to report to a Probation Officer. The only
other obvious condition was that I had to promise not to “commit any
crimes.”
A few days later I drove up to Santa Cruz for the return of the stuff that
had been seized. The cops gave me back my computer terminal but not the
disks, which worried me because those incriminating disks contained
evidence of my hacks into Pacific Bell, among other interesting places.
Another box that they did return, though, they must not have looked at very
carefully or cared: it held Bonnie’s pot stash and bong pipe. Then again, this
was Santa Cruz, with a small-town police department.
There was an aftermath to the Santa Cruz story. As I had feared, the Santa
Cruz detectives apparently got around to looking at those computer disks,
and turned information over to Pacific Bell about what I had been doing
with its systems. Pacific Bell Security was alarmed enough to generate an
internal memo to all managers, which I found out about in a most unlikely
way: a Pacific Bell employee named Bill Cook, also a ham operator who
frequently used the infamous 147.435 megahertz repeater in Los Angeles,
read the memo on the air, just to antagonize me.
Of course, I had to see the memo for myself. How could I get it?
I contacted Lewis De Payne at work and asked him to temporarily
reprogram the fax machine there so incoming calls would be answered by a
machine that said it belonged to Pacific Bell Security.
Then I dialed into the phone company switch that handled the telephone
service for Pacific Bell Security, and reprogrammed the phone line for its

fax machine so it would call-forward to the phone number for the machine
at Lewis’s work. That took care of the preparations.
I then called the office of Pacific Bell vice president Frank Spiller. His
executive secretary answered. I said I was calling from Pacific Bell Security
and gave the name of one of the actual security investigators—maybe I said
I was Steve Dougherty.
I asked, “Did Frank get the memo on the Kevin Mitnick case?”
“What’s it about?” she asked.
“A hacker who’s been breaking into our computers.”
“Oh, yes, right. I’ve got it right here.”
I said, “I think we sent you an older revision that has since been
updated. Can you fax the version you have to me?” I gave her the internal
fax number for Pacific Bell Security in Northern California.
“Sure,” she said. “I’ll do it right now.” As soon as Lewis got the fax, he
refaxed it to me, then he and I both undid our setup steps.
Here’s the list of things the memo said had been found on my floppy
disks:
Mitnick’s compromise of all Southern California SCC/ESAC
computers. On file were the names, log-ins, passwords, and home
telephone numbers for northern and southern ESAC employees.
The dial-up numbers and circuit identification documents for SCC
computers and data kits.
The commands for testing and seizing trunk testing lines and
channels.
The commands and log-ins for COSMOS wire centers for northern
and Southern California.
The commands for line monitoring and the seizure of dial tone.
References to the impersonation of Southern California security
agents and ESAC employees to obtain information.
The commands for placing terminating and originating traps.
The addresses of Pacific Bell locations and the electronic door lock
access codes for the following Southern California central offices
ELSG12, LSAN06, LSAN12, LSAN15, LSAN56, AVLN11,
HLWD01, HWTH01, IGWD01, LOMT11, and SNPD01.

Intercompany electronic mail detailing new log-in/password
procedures and safeguards.
The worksheet of an UNIX encryption reader hacker file. If
successful, this program could break into any UNIX system at will.
I imagine a lot of people in the company must have been more than a
little upset to find out how deeply I had penetrated their systems, bypassing
all of their elaborate security safeguards. Based on what had been found on
those disks, I was just stunned that the FBI didn’t show up at my door.
Several months later, by the fall of 1988, I was back at work with Don
David Wilson at Franmark. Bonnie was still at GTE, though she was sure
their security department had tried to find evidence that she had been
hacking into company computers. We were saving money again, trying to
put together enough for the down payment on a house. There were some
nice places we could afford, but they were so far out of town that the
commute would have been daunting and wearing on our nerves and
patience.
Trying to support our home-ownership goal, my mom offered us the
spare bedroom in her home so we could save on rent and build our down-
payment fund quicker. Though neither Bonnie nor I much liked the idea, we
decided to give it a try.
Our living with my mom turned out to be a bad idea. As eager as she
was to make it work for us, we simply had no privacy. Bonnie would later
complain, in a personal memo that she left behind at my mom’s, that she
was “reluctant and a bit bitter… about it.”
We were growing apart, and I was getting deeper and deeper back into
hacking, spending all my days at work at Franmark and my nights almost
until sunup with Lenny DiCicco, largely focused on hacking into Digital
Equipment Corporation.
When Lenny told me he was signing up to take a computer course at
nearby Pierce College, I said I’d sign up as well to keep him company,
despite my earlier run-in with the chair of the Computer Science
Department, which had led to my quitting the program. It turned out the
administrators had not forgotten me, but I didn’t know it at the time.

One day, Lenny and I went into the student computer room, which had a
bunch of terminals connected to a MicroVAX VMS system. We hacked into
the machine quickly and obtained all privileges. Lenny had written a script
that would allow us to make a backup of the entire system. We had no real
use for it: we just planned to treat it as a trophy. So, once we got in, Lenny
put a cartridge tape into the computer tape drive, and ran his script to start
the backup, and we left. We were going to return for it a few hours later,
after the copy had finished.
A bit later as we were walking across campus, I got a page from Eliot
Moore, a longtime friend I hadn’t been in touch with for a while. I went to a
pay phone to call him back.
“Are you at Pierce College?” he asked.
“Yes.”
“Did you leave a tape in the tape drive?”
“Oh, shit… how did you know?” I said.
“Don’t go back to the computer room,” he warned me. “They’re waiting
for you.” By some strange chance, Eliot had been in the computer lab when
the instructor noticed the blinking light on the MicroVAX tape drive. It was
obvious that someone had inserted a cartridge tape and was copying some
files.
The computer science instructor, Pete Schleppenbach, had immediately
suspected us. Eliot overheard the instructor discussing the situation with
another staff member and called me right away. If he hadn’t, we would’ve
walked right into a trap.
The college later contacted the LAPD to report the incident.
Since we never went to pick up the tape, they had no evidence, and we
were allowed to continue as students, attending classes and using the
computer lab. But the LAPD kept an eye on us, positioning their team on
the classroom rooftops and trailing us for days. Apparently, attempting to
copy student lab work became a top priority. You’d think they’d have more
interesting cases to work on. At night, they’d follow us to Lenny’s work,
where we stayed at his office hacking until the wee hours of the morning.
They knew we were up to no good, but they couldn’t prove anything.

I guess the Pierce College folks were disappointed, and weren’t ready to
drop it. I noticed a DEC company vehicle in the college parking lot. So I
called the local DEC field office for Los Angeles, said I was from Accounts
Payable at Pierce College, and asked what support they were providing at
the time.
“Oh,” the guy told me, “we’re trying to help you catch some hackers.”
At a terminal in the Pierce computer lab, I was able to examine a
memory location from my student account that showed me that all “security
auditing” was enabled on my account. Lenny checked his account using the
same technique; security auditing was enabled on it, as well. The guy from
DEC was closeted in a small room with a computer and printer, watching
everything we were doing from our student accounts. (I discovered this by
showing up early one day before the tech arrived and following him to the
room.) I thought this was a bit overkill since the system was only used by
students to complete their lab work, and not connected to any network or
phone line. But I found a way to keep him busy: I wrote a very simple script
that listed the files in my directory, over and over. Since the security
auditing was designed to send a detailed alert for every file opened or read,
I knew his printer would be working nonstop. I could picture the guy closed
up in his tiny room, pulling his hair out that his printer kept running until it
was out of paper. And as soon as he would load more paper, the file lists
would start printing out again.
A short while later, the instructor pulled Lenny and me out of the
computer room and accused us of typing unauthorized commands. I asked,
“Is doing a directory of my own files unauthorized?” Both Lenny and I
were sent to the dean for further proceedings.
Over the next several weeks, Pierce’s administrators held a kangaroo
court hearing on our case. They still suspected we were behind the hacking
incident, but still couldn’t prove it. No eyewitnesses. No fingerprints. No
confessions. Nonetheless, Lenny and I were both expelled from Pierce,
based on circumstantial evidence.

Download 2,97 Mb.

Do'stlaringiz bilan baham: