Approaching Zero Part 2

The case was tried before a jury some twelve months later. At the beginning of the trial the judge told counsel: "This isn't murder, but it's a very important case. It will set a very important precedent." After nine days the two were found guilty. Schifreen was fined about $1,500, Gold about $1,200; they had to pay the court almost $2,000 each for costs.

The duo appealed the verdict, and after another twelve months the case was heard in Britain's highest court of appeal by the Lord Chief Justice, Lord Lane, who ruled that copying an electronic pa.s.sword was not covered by the Forgery Act, and overturned the jury's verdict. The prosecution appealed that decision, and after another twelve-month delay, the House of Lords--which carries out many of the functions of America's Supreme Court--upheld Lord Lane's decision. Gold and Schifreen were acquitted.

Since then, Gold and Schifreen have both gone on to respectable careers in computer journalism. And from time to time they still meet in Chinese restaurants, though neither continues to hack.

But their case, which cost the British taxpayers about $3.5 million, gave a misleading signal to the country's hackers and phreakers. Because Gold and Schifreen had admitted hacking while denying forgery, it was a.s.sumed that the courts had decided that hacking itself was not against the law.

That's certainly what Nick Whiteley believed.

Briefly, in 1990, Nick Whiteley was the most famous hacker in Britain. A quiet, unremarkable young man with a pedestrian job at a chemical supplies company, by night he became the Mad Hacker and roamed through computer systems nationwide. To the alarm of the authorities, he was believed to have broken into computers at the Ministry of Defense and MI5, Britain's counterintelligence security service. More troublesome still, there were messages sent by the Mad Hacker that strongly suggested he had evidence that some type of "surveillance" had been carried out against the opposition Labor party, the Campaign for Nuclear Disarmament (CND), and even the British Cabinet. It was unclear who was supposed to be carrying out the surveillance, but it was presumed to be MI5.

When Nick was arrested in 1988, he was interviewed for up to six hours by agents he believes were from the Ministry of Defense and MI5. They were accompanied by an expert from International Computers Limited (ICL), at the time Britain's only independent mainframe computer manufacturer (the company is now controlled by Fujitsu of j.a.pan). Nick was pa.s.sionate in his admiration for ICL computers; he never hacked anything else, and both the MoD and MI5 use them.

Whiteley's ambition was to buy his own ICL: he especially coveted the 3980, their top-of-the-line mainframe. In his daytime job, he worked on an ICL 2966, a smaller model, but still a formidable mainframe. Whenever Nick felt his fellow workers were making fun of him--which he believed they did because he was only an operator, rather than a real programmer--he would fantasize about the 3980. It was twenty times faster than the 2966 and could support far more individual users. But he had to admit that on his salary it would take a long time to earn the down payment on the almost $2 million purchase price.

Nick had originally wanted to be a computer programmer or to work in technical support. But without a university degree his chances of becoming a programmer were limited: he would need to go back to college to get the qualifications. So instead he became an operator, or "tape monkey," employed to ensure that there was enough computer tape in the drive and enough paper in the printer to keep the machinery running. Though he had been offered a promotion to senior operator, he had turned it down against a vague promise of a job in technical support sometime in the future.

Then nineteen years old, Nick lived with his parents in their home in Enfield in north London. He was affable, intelligent, and articulate, was generally casually dressed--sweatshirt, jeans, sneakers--and had nicotine-stained fingers.

Nick's life became consumed by his pa.s.sion for the ICL. He was fascinated by its operating system and by the language--called SCL (System Control Language used to write its programs. Of course he had to admit that his ambition to buy an ICL 3980 was pretty unrealistic. Even if he had enough money to buy one, he would certainly have no use for a computer that was designed for large businesses. But then he would begin to worry about what would happen if he lost his job or had to leave the company. Where would he go to work on an ICL then? In his bedroom in his parents' house Nick had a personal computer, a Commodore Amiga 1000, equipped with a modem. He had intended to use the modem to dial in to electronic bulletin boards--specialist data and information services, like Prestel but generally run by private individuals. It was never his intention to start hacking, he says; he thought it would be boring. Nonetheless, he started reading a guide called The Hacker's Handbook. The Handbook had been written by a British hacker known as "Hugo Cornwall" and achieved instant notoriety when it was first published in March 1985. Guided by the Handbook, he began dialing into more bulletin boards. (He found that about 20 percent of them had hacker sections.) With the information he obtained from the Handbook and the bulletin boards he learned how to find the access phone numbers for other computers, and how to deal with IDs and pa.s.swords. The Handbook was especially useful: it contained a list of phone numbers that gave access to JANET.

JANET is the earnestly friendly acronym for the Joint Academic Network, a system that links computers in eighty to ninety universities, polytechnics, and research centers throughout the United Kingdom. Because it is designed to be used by students and researchers. the network needs to be relatively open, and tries to present a friendly face to users: hence the feminine acronym and the useful tutorial and guide provided by the system when a user types HELP- The network's various data banks also contain a wealth of inforrnation on subjects as dissimilar as military research and theoretical physics. For Nick, however, the chief appeal of JANET was that it linked a number of ICLs on different sites around the country. By accessing JANET he could play around on his favorite computers from his home, just by using his little Commodore.

Nick attempted his first hack in January 1988. He first dialed up a number for the computer center at Queen Mary College, where he knew there was an ICL 2988.

Because Queen Mary is not far from Nick's home, the telephone charges would be lower; also, most colleges are easy targets because they generally have weak security. He got the dial-up from The Hacker's Handbook--but that, as he knew, would only get him to the front door. Access to the QMC computer would be like gaining entry to the Prestel system. To get inside, Nick would need both a user-name--a log-in or ID--and a pa.s.sword. The user-name at QMC is an individual seven-character ID; the pa.s.sword is a one-way encrypted code. (One way means the code can only be encrypted once and is entirely random; if the user forgets the pa.s.sword, a new one needs to be created.) That was the theory, anyway. But Nick knew that some software supplied by ICL includes a standard, or default, "low-security" user-name, one that doesn't require a pa.s.sword. Nick had barned the default user-name from his job and his constant reading of ICL promotional material, manuals, and security informa- tion. And because Queen Mary College had never changed its default user-name, it had left its back door wide open, making it easy for Nick to walk right in to the college's mainframe ICL on his first try.

The sole drawback from Nick's point of view was that the low-security user-name gave him only restricted access to the computer. The QMC computer had a strict hierarchy of user status, and the environment of low-security users--the areas on the computer they could enter--was severely limited. Most ordinary users had higher status, though their environment was usually restricted by the nature of their tasks. At the apex of the hierarchy, as with Prestel, was the systems manager, who had access to everything. At QMC the sysman is in complete control of the computer, a.s.signing status to other users, overseeing the functioning of the system, and managing the programs and data.

Nick's objective was to capture sysman status. Without it his options were too limited, his environment too restricted. He began searching through the files, using his knowledge of the minutiae of ICL operating systems to find his way through the electronic pathways of the QMC computer. He ran into walls or traps designed to keep him out of restricted areas, but he kept trying.

Nick's hobby, his only one, was collecting unlisted commands for ICL computers.

These are keyboard operations that the company doesn't doc.u.ment, which can be discovered by experimentation. Sometimes these got him around the traps and farther into the system. Slowly he moved through the back alleys of the QMC systems until finally he was able to access the operator libraries, the collection of programs that manage the computer. He knew that the keys to raising his status lay among the programs. He had been hacking for hours by then, but he didn't notice the time or his own tiredness. He played with commands, his little PC sending signals from his bedroom in Enfield through the telephone lines to the mainframe at QMC. He went through the programs sys- tematically, coaxing the ICL, trying to outsmart the security systems that had been put in place precisely to stop someone like him. Eventually the machine yielded. On his first hack Nick had managed to capture system-manager status.

He decided not to play with the QMC computer too much--the capture of sysman status was too valuable to lose by leaving obvious evidence; also, he needed QMC as a jumping-off point for other computers on JANET. He roamed about the QMC computer for a bit, looking at electronic mailboxes and a.s.sessing different files. Then he used his sysman status to create four new user-names, OLAD011, OLAD024, OLAD028, and OLAD059, which would allow him continual entry to the QMC machine. He a.s.signed the four user-names to Alan Dolby.

The best part of the JANET network, from Nick's point of view, was that it was a freeway: entry into one point on the system gave a direct route to other points. That meant that he could dial into QMC and then link into other ICLs at other sites. Conveniently, the ever-friendly network listed the sites on the system by computer manufacturer, so he knew just where to go to find more ICLs.

One of Nick's targets was an ICL at Glasgow University in Scotland. Eventually he linked into Glasgow by logging in as a guest user. He used the same technique to break into the ICL at Hull University and others in Nottingham, Belfast, and Bath.

Nick saw hacking as simply a means to play on ICLs. He wasn't interested in stealing information from the network, and in fact, he had no real purpose at all. He was hooked on ICLs and wanted only to be able to work on them, to play around on the operating system, to explore the complexities of the network. He told his parents there wasn't anything illegal in what he was doing, and technically he was correct: at the time there were no laws in the U.K. that specifically addressed hacking, and the Gold-Schifreen case had seemed to make the practice beyond the law.

Once Nick had started hacking the Whiteley family phone bills soared from around $100 a quarter to over $1,600. But Nick always paid his share. He could afford to do so because he had no other social life: no expensive habits, no girlfriends. He went to work came home, and started hacking. He hacked at night because it fit into his schedule, and also because the phone rates were cheaper, there was less line noise, and the target computers would be unmanned.

The trick was, he said later, to stay awake; sometimes he hacked all through the night and then had to go to work the next morning. His "day" could stretch to twenty-eight hours: first eight hours at work, then a night spent hacking, then another eight hours at work trying to stay awake while keeping the printer stuffed with paper and the tape running in the drive. After a marathon stretch like that he would take the next night off and go to bed early.

"It was obsessive," Nick later explained. "Five or six hours can seem like five minutes." He drank coffee and c.o.ke and ingested caffeine tablets to keep going.

"When you get into a system, you must keep going. It might take four or five hours to penetrate the defenses and another four or five hours to protect the position that has been established. If protection isn't put into place, then the earlier work could be wasted." The challenge was in beating the system; success came from staying awake. It gave him a feeling of power: he enjoyed knowing that while the designated sysman thought he controlled the computer, in fact it was himself, Nick, who had manipulated system-manager status and was really in control.

Nick compared hacking to a game of chess, a battle of wits between himself and the system, nothing criminal, just a game.

The excitement comes from knowing that a computer in the bedroom at home can be used to break into multimillion-dollar installations. There's the thrill of exploration, of going around the world electronically. The objective is to try to gain the highest status within the system, that of system manager, and once there, to begin making the rules instead of following them. If the system manager blocks one way in, then you find another. It becomes a game with the systems manager; the hacker's goal is simply to try to persuade the computer that he should have increased privileges.

One person who didn't see it as a game was Bob Jones, the chief programmer at Queen Mary College. A tall, well-built man with beard and gla.s.ses and an academic uniform that sometimes runs to jeans and T-shirts, he had been at the college since 1968, first as a physics student, then staying on to work full-time at the QMC computer center after earning his degree in 1971.

He worked out of a large office on the top floor of the computer science block, a nondescript concrete sh.e.l.l of a building in east London. His office was near the computer center, a cramped room packed with mainframes, some of them ICLs. In the room's center were eight consoles set up on adjoining desks, which al- lowed the activities of the mainframes to be monitored but were usually unmanned, particularly at night.

Jones first realized that the QMC system had been breached by a hacker on February 19, 1988. He had heard reports from colleagues at the Universities of Glasgow and Hull that their own systems had been hacked by someone calling himself Alan Dolby. What he saw on his computer was a series of files that had been incorrectly stored in the memory, one of which had been labeled AD. He began searching for signs of further tampering, and he soon found it: the four OLAD user files Nick had created to give himself a smooth path into the QMC computer. The files appeared to have been created a month previously.

Jones immediately reported the intrusion to his superior, Jeremy Brandon, the director of the computer center, although it was clear that their options were limited. They could attempt to lock their hacker out by closing all of the OLAD files, but that might force the hacker to try more devious back-door methods to regain access. If he entered the system through such a method, they might not be able to find him again--and he might do some real damage. Instead, they decided to leave the files as they were and watch him, although they did remove the Mad Hacker's sysman status.

When Jones came into the office on the morning of March 30th, he found that there had been no work processed on the computer since about two A.M., when the scheduler (the program listing the priority of jobs) had failed. Its failure coincided with a successful hack of the system made by OLAD028.

Jones and Brandon decided to record future intrusions on a dedicated journal within the computer. They also decided to wipe out three of the user-names, leaving only OLAD028, the one the hacker had consistently employed. It would be easier to track him this way.

By this time the hacking incidents had been reported to QMC's head of security, who pa.s.sed on the information to Scotland Yard's Computer Crime Unit. Although established in 1971, the CCU had until 1985 consisted of only one officer. Then, as computer crime escalated and the government became concerned about the vulnerability of its own systems, it was eventually enlarged to four officers-- still not a big force, given that Scotland Yard can be called in on cases anywhere in Great Britain. The unit is headed by John Austen, who was the officer a.s.signed to investigate the Mad Hacker affair.

Austen knew that the only way to catch the hacker was to monitor the lines, the same time-consuming process used to track down Triludan the Warrior. That meant involving British Telecom, which needed to a.s.sign an engineer to trace calls. And because the Mad Hacker worked at night, that would involve overtime. For the first few days the investigation was bogged down over the overtime question: neither British Telecom nor QMC nor Scotland Yard were willing to pay. Eventually the phone company gave in and set up a twenty-four-hour trace, to be activated whenever the hacker was detected on the QMC system.

As the Mad Hacker gained confidence and experience, his activities took on a new twist. To Bob Jones it seemed malicious, as if the hacker had declared war on the system. One night the Mad Hacker ordered the QMC computer to print, I THINK YOU SHOULD KNOW I AM MAD ... I AM ALSO DEPRESSED, over and over. To Hull University he sent a message saying, I AM TAKING UP THE CHALLENGE, then loaded a "rabbit" onto the system. A rabbit is a piece of software that orders a computer to perform useless tasks endlessly, multiplying ever more work orders until they finally overwhelm the computer and it can cope with nothing else. The Hull computer was down for ten hours after this particular rabbit began breeding. THAT WILL FILL UP YOUR SODDING SYSTEM, another message said.

He then dropped a rabbit into the Glasgow computer. But this time, it didn't work. As he was on-line, the computer operator discovered him and sent him a message demanding that he call the operations department. ALAN DOLBY DOESN T MAKE CALLS, he wrote back.

Glasgow was where Dolby had first been rumbled, three months previously, when a file he had created as a back door had been discovered. It was Glasgow that had alerted the rest of the system operators on JANET that there was a hacker. So there may have been an element of revenge when, one night, the Glasgow system manager, Dr. Roger MacKenzie, tried to access the mainframe from his home PC and found that he had been "locked out"--barred from his own computer. It was later discovered that the Mad Hacker had captured sysman status that night and instructed the mainframe to kick out MacKenzie.

At QMC an increasingly irritated Bob Jones was watching as intrusion after intrusion was recorded in the computer journal. At first these were just messages left for the sysman, schoolboyish nonsense such as WILL ET PLEASE PHONE HOME and WILL NORMAN BATES PLEASE REPORT TO THE SHOWER ROOM. But then things became more serious: the Mad Hacker instructed the QMC computer to generate copies of reports from its memory, which prevented it from processing necessary work, and on more than one occasion his intrusions caused the computer to crash. It seemed as if the Mad Hacker had become vindictive and malicious.

Once, he left a message asking, WHY DON'T YOU LOCK ME OUT? It was obvious to Jones that his hacker wanted to play, but he ignored the messages.

Monitoring the lines was slowly getting results. When the Mad Hacker was spotted making an unusual daytime appearance, Bob Jones called the twenty-four-hour emergency number at British Telecom--which rang and rang. In frustration he gave the receiver to someone else to hold while he called a contact at British Telecom direct.

"There's no one answering my emergency call," he shouted.

"Well, yes," the Telecom man said patiently. "The service doesn't start until five P.M." As they spoke, an a.s.sistant pa.s.sed him a note saying that the hacker had left the system. Jones, still steaming, explained the precise meaning of "twenty-four-hour service".

The monitoring intensified. In early July the engineers at the telephone office nearest QMC finally traced the hacker back to a telephone in Enfield. Another monitor was placed on the suspect number to record all future activity.

On July 5th Jones came in to work to find that the computer journal recording the Mad Hacker's intrusions had been wiped out. That could only have happened if the hacker had captured sysman status again. He also found this message: THIS INSTALLATION HAS BEEN HACKED BY ALAN DOLBY.

ALAN DOLBY IS A REGISTERED MEMBER OF HACKING INC. (ICL DIVISION), WHICH IS A SUBSIDIARY OF HACKING INTERNATIONAL.

THIS HACK IS (c) 1988 BY ALAN DOLBY (THE MAD HACKER).

The announcement was followed by a message for Marlyn, a computer operator previously employed by QMC and mistakenly believed by the Mad Hacker to be the sysman: NOW MARLYN IS PROBABLY THINKING, !~?$ (SH*T) HOW THE h.e.l.l DID HE GET IN THIS TIME? ... I BETTER HAVE A LOOK AT WHERE I KEEP HIS JOURNALS. OH s.h.i.t, SHE SAYS, THEY ARE NOT THERE ANYMORE. !~?$ NOW, MARLYN, IT'S GETTING PRETTY BORING HAVING TO KEEP ON TEACHING YOU MANNERS.

I'D RATHER BE AT MY OTHER SYSMAN HACK SITES. SO I HOPE YOU HAVE LEARNED (EXCEPT HOW I DID IT) FROM THIS, MARLYN, AND REPLY TO MY MESSAGES; OTHERWISE YOU WILL MAKE ME VERY VERY ANGRY, AND ROGER WILL TELL YOU ONE THING, YOU WON'T LIKE IT WHEN l'M ANGRY.

The reference was to the Mad Hacker's successful lockout of Roger MacKenzie from his own system. The message continued: STILL, DON T GET TOO DESPONDENT MARLYN, I MEAN WHAT DID YOU EXPECT? IF I CAN HACK ROGER S PLACE TWICE, THEN ANYTHING ELSE IS JUST A PIECE OF CAKE, AND I MEAN YOU'RE NO GURU, MARLYN. ROGER IS THE GURU, HE WRITES PROGRAMS, HE DOESN T PHONE UP SAYING, OH, ROGER, HELP ME, ROGER.

HAVE I WOUND YOU UP ENOUGH, MARLYN? YOU WON'T BELIEVE HOW I GOT IN, MARLYN HAHAHAHAHAHAHAHAHAHAHHAAAA YOURS HACKINGLY, ALAN DOLBY ... THE MAD HACKER!!! THE MAD HACKER THE MAD HACKER ALAN DOLBY ALAN DOLBY ...

Though the Mad Hacker had destroyed the journal when he hacked in to QMC that night, he didn't destroy the evidence. Like most computer users, QMC keeps backup copies of files, so the record of the Mad Hacker's intrusions still existed. But it was becoming evident that eventually real damage to the system could be caused if the hacking continued. It had already become very frustrating to Jones, who was spending more and more time cleaning up after the Mad Hacker and less time doing his real work. But even worse, Scotland Yard had become concerned about hints that were contained in some of his computer messages, that Alan Dolby was hacking into the Ministry of Defense computer, also an ICL. The break-ins might still be a game to the Mad Hacker, but it was becoming deadly serious to everyone else.

They decided to go for a bust that very evening.

An arrest for computer hacking is not a straightforward affair. To make the charge stick, the police would have to arrest the Mad Hacker while he was actually in the middle of a hack, with the unauthorized dial-up on his computer screen and his fingers on the keyboard. Evidence that the hacking had been committed from his phone number was not sufficient: it could, after all, have been done by his mother.

The team a.s.sembled for the bust was enormous. There were four policemen from the Computer Crime Unit, two technical support specialists, two experts from ICL, a police photographer, two British Telecom engineers, and a phalanx of uniformed policemen. In addition Jones had to monitor the QMC computer to alert the team when the Mad Hacker broke in. He was joined in his vigil by the managers at other ICL sites on the JANET network, as well as by internal British Telecom staff to monitor the phone lines. In total the team numbered forty people.

As luck would have it, however, on that evening nothing happened; the Mad Hacker simply went to bed early. But the next night, he decided to dial in to QMC once more to see if anyone had replied to his message. According to the computer record, he logged on at 7:48 P.M.

Just a few minutes before 8:00 P.M. the Whiteley family heard a knock on the door. The police later described it as a gentle tap; to Nick, upstairs in his bedroom, it sounded like loud banging. He thought it odd: why didn't they use the doorbell? Then he walked to his window and saw four men approaching the door. He said later that he could tell from their appearance that they weren't Jehovah's Witnesses, and for one awful second he thought they might be Mafia.

Downstairs Nick's father was at the door bewilderedly reading a warrant presented to him by the policemen. Nick sat down on his bed. He thought that perhaps they were after a spy or a murderer. They couldn't be after him: he was nineteen years old and liked to play games with computers, that was all.

The police moved upstairs to arrest Nick. By this time, there were twelve members of the team in the tiny house, communicating by portable phone to their colleagues outside. John Austen from the CCU told Nick he was being arrested for "criminal damage." Nick looked at him incredulously, then burst out laughing. He thought it must be a mistake.

Though hacking wasn't illegal at that time, the case against Whiteley had been put together around the concept of criminal damage, which boiled down to loss of data and denial of computer service as a result of his hacks. QMC alone had valued the downtime to fix its computers at $48,000.

Police photographers moved in to record the computer screen, keyboard, and modem. Every inch of the room was photographed: Nick's files, the books on his bookshelf, the posters on the wall. The police stayed until midnight: they confiscated Nick's Commodore and all the other equipment, loading the evidence into bags; they removed from Nick's room books, blank paper, empty folders, even the posters; and they interviewed Nick's older brother, Christopher. Nick's mother, who was out when the raid began, came home to find the team searching Nick's car.

Nick was still stunned: he was convinced it was all a mistake and that soon the police would apologize and go away. He presumed that he had never been locked out of the QMC mainframe because the systems manager wanted him to test the security, that , he was playing the game too. Nick was the stereotypical hacker: a kid who wanted to play a big-time computer game to demonstrate how clever he was. He didn't want to damage anything, although he did enjoy playing a few malicious pranks from time to time. When he was busted, Nick had only been hacking for six months.

Two days after the raid, he was taken to Bow Street magistrate's court and charged with having caused a total of $115,000 damage to computer hardware and disks. But what concerned the authorities the most were the suggestions that Nick had been hacking into MoD and MI5; in his room they found a little red notebook with dial-ups for ICLs operated by government agencies. They also wanted to know about the messages that had been left by Nick on the QMC computer alleging that he had knowledge of "surveillance" of the Labor party, CND (the Campaign for Nuclear Disarmament) and the Cabinet.

Nick told the police, and later two agents he presumed to be from the MoD and MI5, that he had never used the numbers in his book; they were for future reference. As for the messages about surveillance, they were fantasy, part of the games he was playing with the sysman at QMC.

The police were unimpressed. Nick was released on bail, but only after promising not to continue hacking. In May 1990, almost two years after the incidents took place, he was tried for criminal damage at London's Southwark crown court. The defense accepted the prosecution's charges, but argued that there had been no real criminal damage. Nick's lawyers were confident of getting him off, but it's said that he made a bad impression as a witness in his own defense: he was too sure of himself, too clever. Bob Jones later described him as "flippant and sneering." Nick himself thinks he was destined for a harsh sentence from the start.

"They wanted to make an example of me," he said. "They'd have sent me to jail for a parking ticket."

In the end, amid a flurry of national publicity, he was cleared of causing criminal damage to computer hardware, but convicted on four counts of damaging disks. After the verdict, defense counsel asked for but were refused bail. Whiteley was sentenced to a year's imprisonment, but eight months were suspended, and with good behavior in jail, he was paroled after serving only two months. He was released in March 1991.

Nick was the first person in Britain to be convicted of offenses relating to hacking. The overtones in his case--and the allegations of MI5 snooping and break-ins at the MoD--were enough to bring pressure on Parliament to propose a new computer crime law. The Computer Misuse Act came into effect in 1990: it made any attempt, successful or otherwise, to alter computer data with criminal intent an offense punishable by up to five years in jail. It could be called Nick Whiteley's legacy.

The contrast between Nick--generally polite, easygoing, and articulate--and his alter ego, the Mad Hacker, impressed everyone who met him. Nick Whiteley would never leave messages redolent with s.e.xual aggression for Marlyn: that was the Mad Hacker, or Alan Dolby. Nick Whiteley wouldn't cause damage to an ICL: again, that was the Mad Hacker. Like so many hackers, Nick played out his fantasies on the computer keyboard. He was no longer Nick Whiteley from Enfield when he was hacking, he was the Mad Hacker, the Mr. Hyde of QMC, Hull, Glasgow, and JANET. With a computer he could become anyone he wanted to be; without it he was just Nick Whiteley.

Even when the computer underground was in its infancy, in the United States back in the early sixties, the use of aliases was symbolic of the growing subculture. Early phreakers had names such as Cheshire Catalyst, Dr. No, Midnight Skulker, and of course Captain Crunch. Hackers continued to use aliases to hide their ident.i.ties--and more often than not to disguise their real selves behind a fearsome mask. Later, aliases became known as handles, after CB slang.

A handle with high-tech allusions (Fiber Cables, Apple Maniac, Byte Ripper) or suggesting personal instability (Perfect a.s.shole, the Prisoner, Right Wing Fool) is considered perfectly acceptable. Some hackers opt for fiercer handles (Knight Stalker, Scorpion) or just co-opt the names of celebrities (there are hackers called Pink Floyd and Robin Williams). Behind these sometimes demonic handles often lurks a fourteen- or fifteen-year-old boy who is hooked on technology and spends hours alone in his bedroom, hacking into remote computers. Armchair psychology suggests that the fiercer the handle, the meeker the kid behind it. There is a huge element of role-playing in hacking, a need to be accepted among the community, not as the person one really is but as the person suggested by the handle. Hacking brings out the Mr. Hyde in all the little technological Dr. Jekylls.

Adopting a handle is essential for a novice to be accepted on pirate hacker boards, where he can access information about his hobby and pa.s.s on messages to other hackers. The computer underground is amorphous; any structure it does have is provided through communication within the community via the boards and a variety of other technical modes electronic and voice mailboxes, conference bridges, and even loop-around-pairs, the old phreaker technology. A handle is a hacker's badge of belonging, his calling card; the pirate boards serve as electronic meeting places, the high-tech equivalent of hanging out at the mall.

Boards are simply computers loaded with some specialist software and linked to a modem. They are generally owned and operated by a single person, who becomes the system operator and controls access. There may be hundreds in existence-- the majority are in North America--and they come and go, as does their status within the hacker community. At any given time there may be only two or three "hot boards" that attract the top hackers. Getting access to one of these boards is a sign of having arrived in the computer underground, a mark of respect. Belonging to a particular board means belonging to the group that uses the board: it means becoming part of what one U.S. attorney called a high-tech street gang.

Hacker boards are never publicized. Obtaining the dial-up number is itself a sign that a potential member has some credibility within the community, but that alone is not enough; no selfrespecting pirate systems operator wants his board cluttered up with "lamers," kids who pretend to be hackers but don't really have what it takes.

The registration procedure on pirate boards is a careful process. First-time callers are met with a request for their user-name and their phone number. Lamers who enter their real name and real phone number have already blown it. The correct procedure is to enter a handle and a fake phone number--a healthy dose of paranoia is a good sign that a caller is a real hacker. The next step is to provide personal references, which will determine the level of access to the pirate board. Hacker boards often have several grades of users, and only the most trusted callers are able to access the "good stuff." The reference query is designed to elicit the names of other pirate boards the caller has access to, his level of access on those boards, and the handles of any other trusted hackers he may know. If the references prove satisfactory, the caller will be granted leave to use the board.

Some boards go a step farther: they ask the caller to write a short statement explaining his reasons for wanting access, or to complete a questionnaire, to test his technical expertise. Some operators, particularly on "cracker" boards (those used by software pirates to swap "cracked"--illegally copied--programs) demand that a caller prove himself by supplying what is called warez--for wares, or pirated software.

Complementing the boards is a sporadically functioning electronic underground press--newsletters, most distributed electronically, that contain articles about busts, tips on hacking and phreaking, and technical descriptions of computer operating systems. The oldest is PHRACK Inc. (the name is an amalgamation of phreak and hack), which was available off and on from 1985 until 1990. Others that have appeared from time to time include the Legion of Doom: Hackers Technical Journal, Phreakers/ Hackers Underground Network, and the Activist Times. A traditional, printed, publication, 2600 The Hacker Quarterly, has been published since 1987, and is available on some news stands.

The 2600 in its t.i.tle is a bow to the infamous frequency tone used by phreakers to make toll-free long-distance calls.

Membership in the computer underground simply means belonging to a self-selected group of high-tech junkies. Some individual hackers--generally members of a particular bulletin board--work as a group and acquire a gang handle. In 1982 the Inner Circle was the first group to claim credit for breaking into the U.S. military computer network. The 414 gang, named after its local Wisconsin area code, specialized in cracking telephonecompany systems.

The telephone company, or "telco," as it is called, is still a favorite target for many hackers. Those who specialize in exploring the telco system are sometimes called phreakers like their predecessors Captain Crunch and Joe Engressia. In words that echo Joe Engressia, one telco phreak wrote, "The phone system is the most interesting, fascinating thing I know of. There is so much to know. I myself would like to work for the telco, doing something interesting, like programming a switch--something that isn't slave labor bulls.h.i.t. Exploring the system is something that you enjoy, but have to take risks in order to partic.i.p.ate in, unless you are lucky enough to work for the telco. To have access to telco things, manuals, etc., would be great."

If there is a credo that unites all members of the computer underground, it is probably the one first expounded by Steven Levy in his 1984 book, Hackers: "Access to computers, and anything that might teach you something about the way the world works, should be unlimited and total." This belief implies a code of ethics that, put simply, boils down to "Look, but don't touch." Hackers, according to this code, may break into computers or computer networks with impunity, but should not tamper with files or programs.

In the real world it rarely works like that. Though hackers see themselves as a useful part of the system, discovering design flaws and security deficiencies, the urge to demonstrate that a particular computer has been cracked tempts hackers to leave evidence, which involves tampering with the computer. The ethical code is easy to overlook, and sometimes tampering can become malicious and damaging.

For the authorities, the whole thing is a giant can of worms. Patrolling the access points and communications webs that make up Worldnet is an impossible task; in the end, policing in the information age is necessarily reactive. Adding to the problems of the authorities is the increasing internationalization of the computer underground. Laws are formed to cover local conditions, in which the crime, the victim, and the perpetrator share a common territory. International crime, in which the victim is in America, say, and the perpetrator in Europe, while the scene of the crime--the computer that was violated--may be located in a third country, makes enforcement all the more difficult. Police agencies only rarely cooperate internationally, language differences create artificial barriers, and the laws and legal systems are never the same.

Still, the authorities are bound to try. The argument that began as the information age dawned, encapsulated in Stephen Levy's uncompromising view that access to data should be "unlimited and total," has never ended. The government, corporations, and state agencies will never aliow unlimited access for very obvious reasons: state security, the privacy of individuals, the intellectual property conventions ... the list goes on and on. In all western countries, hacking is now illegal; the theft of information from computers, and in some cases even unauthorized access, is punishable by fines and jail sentences. The position is rigid and clear: the computer underground is a renegade movement, in conflict with the authority of the state.

But there are still good hackers and bad hackers. And it is even true that sometimes hackers can be helpful to the authorities--or at least, it's happened once. A hacker named Michael Synergy (he has legally changed his name to his handle) once broke into the computer system at a giant credit agency that holds financial information on 80 million Americans, to have a look at then president Ronald Reagan's files. He located the files easily and discovered sixty-three other requests for the president's credit records, all logged that day from enquirers with unlikely names. Synergy also found something even odder--a group of about seven hundred people who all appeared to hold one specific credit card. Their credit histories were bizarre, and to Synergy they all seemed to have appeared out of nowhere, as if "they had no previous experience." It then occurred to him that he was almost certainly looking at the credit history--and names and ad- dresses--of people who were in the U.S. government's Witness Protection Program.

Synergy, a good citizen, notified the FBI about the potential breach of the Witness Program's security. That was hacker ethics. But not every hacker is as good a citizen.

Chapter 3.

DATA CRIME.

Pat Riddle has never claimed to be a good citizen. He is proud of being the first hacker in America to be prosecuted. Even now, as a thirty-four-year-old computer security consultant, he is fond of describing cases he has worked on in which the law, if not actually broken, is overlooked. "I've never been entirely straight," he says.

As a child growing up in a suburb of Philadelphia, he, like most hackers, was fascinated by technology. He built model rockets, played with electronics, and he liked to watch s.p.a.ce launches. When he became a little older, his interests turned to telecommunications and computers.

Pat and his friends used to rummage through the garbage left outside the back doors of phone company offices for discarded manuals or internal memos that would tell them more about the telephone system--a practice known as dumpster diving. He learned how to make a "b.u.t.t set," a portable phone carried by phone repairmen to check the lines, and first started "line tapping"--literally, listening in on telephone calls--in the early 1970s, when he was fourteen or fifteen.

The b.u.t.t set he had built was a simple hand-held instrument with a dial on the back and two alligator clips dangling from one end. All the materials he used were purchased from hardware and electronics stores. To line-tap, he would search out a neighbor- hood telephone box where the lines for all the local phones come together. Every three-block area, roughly, has one, either attached to a telephone pole or freestanding. Opening the box with a special wrench--also available from most good hardware stores--he would attach the clips to two terminals and listen in on conversations.

Sometimes, if the telephone box was in a public area, he would run two long wires from the clips so that he could sit behind the bushes and listen in on conversations without getting caught. To find out whose phone he was listening to, he would simply use his b.u.t.t set to call the operator and pretend to be a lineman. He would give the correct code, which he had learned from his hours of dumpster diving, and then ask, "What's this number?" Despite being fourteen, he was never refused. "So long as you know the lingo, you can get people to do anything," Pat says.

The area where he grew up was a dull place, however, and he never heard anything more interesting than a girl talking to her date. "It was basically boring and mundane," he says, "but at that age any t.i.ttle-tattle seemed exciting."

Pat learned about hacking from a guy he met while shoplifting electronic parts at Radio Shack. Doctor Diode, as his new friend was called, didn't really know much more about hacking than Pat, but the two of them discovered the procedures together. They began playing with the school's computer, and then found that with a modem they could actually call into a maintenance port--a dial-up--at the phone company's switching office. The phone company was the preferred target for phreakers-turned-hackers: it was huge, it was secretive, and it was a lot of fun to play on.