A Terminal Obsession
THE SUNDAY AGE
Sunday February 13, 1994
Australians are the second-biggest users of personal computers in the world. But what happens when playing tricks with the terminal becomes an obsession? Ian Munro enters the world of the computer hacker.
THE Watcher, also known as Data King, is a self-confessed, one-time high school maths nut who has been rendered short-sighted by a decade of peering at flickering computer screens.
He lives in Melbourne's outer northern suburbs, where the sameness of the brick veneers is broken only by fake Corinthian columns and lions on gates.
He is 25kilometres from Melbourne, but only eight minutes from Finland via an illicit computer link. In a bedroom furnished with half a dozen computer screens and almost as many computers, he reveals that hacking has taken a toll greater than his diminished eyesight.
At 26 he is unemployed and separated from his wife and children.
Despite a CV boasting data communications experience with a major private bank, he last worked selling time-share resorts. And that was nine months ago.
``I do say, to a degree, it did affect my marriage _ we're no longer together. These days I don't go out much, but I'm not employed so I can't afford to," he says, surrounded by hardware worth thousands of dollars.
He got into computers as a 15-year-old, messing about with school equipment, encouraged by his science teacher, and made his own way from there.
It is a trap awaiting thousands of teenagers, who are increasingly using computers at school, at work, and as entertainment. In the same way that Australians took up television, video recorders and mobile phones, so, too, with computers. IDC Australia, a research company, says Australia is second only to the United States in the number of personal computers per head of population.
Almost one million personal computers will be sold in Australia next year, against 575,000 in 1990, says Mr Graham Penn, an IDC market analyst. About a third of the new PCS sold will upgrade existing machines. The remaining 600,000 will boost the number of PCs in Australia to about 4.9 million.
The Watcher was introduced to the hackers' world by word of mouth. The key is to find an underground bulletin board, an electronic link where computer users can exchange information. Once there ``lamers" _ novices _ have access to shared information and hacking tools, computer programs such as demon diallers, which seek out computer systems connected to the telephone network, and password crackers, which test possible passwords to crack computer security.
Melbourne is linked to an international hackers' network, PuKE, and there is a self-proclaimed Australian Institute of Hackers, which offers access to hacking and virus programs through bulletin boards.
ITS alumni include the Digital Vampyr, Cyber Crack, Australian Parasite and Kiken Butt. It claims Nom and Phoenix among its graduates, the aliases of two of the people charged with hacking the NASA space centre system, which forced the shutdown of its external communications system last year. Present ``students" at the institute include Disk Molestor and The Propagator.
``There's a lot of satisfaction when you finally get inside a network system. Mind you, there's a lot of people call themselves hackers _ all they do is get a password off someone and get in, then they might get a password file," the Watcher says.
Hacking is a means to an end, and an end in itself. ``I like to get information, but I enjoy the challenge of just getting in. I'd get into a machine just because it's hard to do."
Australian hackers operate almost exclusively through Internet, an international university and research computer network. Access can be gained legitimately through universities, the public access network and, in Melbourne, through a hobbyists' bulletin board called ``Suburbia" for the cost of a local phone call.
The Watcher says that, in contrast to Australia, Internet is more comprehensive in the US and is illicitly accessed by hackers through big universities.
``In the states it's a lot more open _ you've got the colleges, their version of CSIRO, connections into the military network and then, NASA.
``I could connect to NICK DDN MIL, which is a military site in the States. If that was a normal military site the first thing it would ask is, `Is this guy from America?' No. OK, it will close the connection.
``So then what you do is go on to an American site, a college site, and then call the military site. So when it asks where you're from it gets the college address and it thinks you're from America. OK.
``There's no hard and fast rule. You used to get into a lot of tricks, like tell the computer to go and collect the password file. What I did is get a program called a password cracker _ it doesn't actually crack the password _ what it does is take a list of words I give it and encrypts them and compares the encrypted word with the password. It takes time and a lot of words. That's one way in.
``Basically once you're in, you're there until the password gets changed. Some places never change their passwords. There've been places I've had access to for four years."
Like many computer buffs, the Watcher is dismissive of virus writers, a close relative of computer hackers. All he wants, he says, is to get information out of systems, not destroy it.
Take, for example, a legal data base now discontinued. He said conventional subscribers paid $180 an hour, but those who knew their way around computers could tap, for nothing, a very rich source of information.
``There's a lot of information out there. A lot of it you can't get to. You can't get into the Tax Office, they don't have dial-ins into their system," he said.
``Any computer system can be broken into _ it just takes time. You've got to be someone who enjoys a good challenge. All you need is a computer, a modem, a bit of intelligence and a few phone numbers."
All told, these could be bought through `The Trading Post' for between $500 and $700. But by hacking, a bargain-basement system can be enhanced.
A former hacker awaiting prosecution, whose alias is Splendide Mendux (translation: gloriously false), says that by hacking ``someone with very little money but a reasonable degree of intelligence can use a very powerful computer system".
The County Court was told last year it was also the challenge that drove one of those charged with the penetration of NASA's computer system _ Richard Martin Jones, aka Electron.
``He did not really live in a real world peopled by human beings ...
It was like a game for him. The game was to get in and once you get in the game is over, you've proved to yourself you can do it, now let's go on to the next one," Jones' counsel, Mr Boris Kayser, said.
In an interview with police, read to the court, Jones said: ``It's just a kick of getting into a system. I mean, once you're in, you very often get bored ... it's a challenge ... that's basically it, the challenge and the ego boost that you get from doing something like that, whereas other people try and fail."
But now the Watcher, like Nom, Electron and Phoenix before him, is one of a growing number of Australian hackers convicted of unauthorised access to computers by means of the telecommunications system.
The comparatively new offence was created in Commonwealth legislation three years ago. Investigations are complex and evidence often must be traced overseas.
Police are uncertain how widespread hacking is, partly because a break-in to a computer system can go undetected for long periods, and because much of it goes unreported. Companies do not want to advertise breaches of security.
Despite the uncertainties, Sergeant Ken Day, of the Australian Federal Police computer crime section, says it is likely that there are several thousand computer hackers in Australia.
The greatest threat from hacking may come from accidental damage caused to computer systems.
``These people are not trained. They are persistent and they learn from other hackers, but really they don't know what they are doing," Sergeant Day says.
``The damage (they cause) can't always be gauged on their motives.
They might not intend to damage a system, but through lack of knowledge, if they get root access, which is total and absolute control of the system, they can do things in there that they don't know they're doing and bring it down."
The Federal Police expect to press charges against 10 more hackers during the next year. ``We are not short of work _ it's a growth industry," Sergeant Day says.
``When someone accesses a network it's a breach of privacy _ they have accessed information and they have the capacity to look at it when they shouldn't. It's a very big breach of civil liberties."
As a result of increased police scrutiny a closed community has tightened up. Few hackers would recognise one another in the street.
``You have got very few people who know each other face to face _ nowhere you'll get any more than seven (hackers) coming together as a group," says Major Nick Chantler, the army's first head of computer security, now doing a PhD on computer hacking.
``Increased security really is making people a lot more sensitive, but at the same time it's creating much stronger bonds than ever before."
If the authorities are dismissive of hackers' computer knowledge, then those who counter the virus writers suggest the most threatening things about local operators are the lurid Gothic aliases they adopt.
Mr Roger Riordan, discoverer of the Michelangelo virus and technical director of Cybec Pty Ltd, compares virus writing and propagating to spraying paint on trains.
``Someone calling himself the Australian Parasite was offering a virus writing tool kit recently, but his viruses are barely functional," Mr Riordan says. ``The only virus writer of any real talent who has left a mark is the Dark Avenger, whose most recent message was that he had retired, `now I've got a real job'. Most of the people who leave their names write pretty crappy viruses."
There are between 1000 and 3000 viruses, including variations, and they increase by about 20 a week. Mr Riordan says very few originate in Australia, but we seem to get first look at viruses from China and Taiwan. One _ ``Little Red" _ played two Chinese songs, one on Mao Zedong's birthday, the other on the anniversary of his death.
``Most of the hackers are involved in some form of criminal activity.
Some of them write viruses as a sideline. Even the ones who are doing it for a challenge could not afford to pay for the vast amount of on- line time they occupy, so they try to pass that charge on to someone else.
``They are quirky kids but they are capable of doing a lot of damage.
``I had a schoolkid, fifteenish, come up to me at the PC Show last year. He said he was the secretary of one of the virus groups. He had one of those fanciful names they use. He had directory listings of all these sections of code.
``I told him if he could understand that stuff he should be using his talents elsewhere. He told me he liked what he was doing, the feeling of power."
Computer hackers are usually young students at tertiary institutions, where they have the time and opportunity to develop their craft. But Dr Roger Coldwell, a research fellow of the Australian Computer Abuse Research Bureau (ACARB), based at RMIT, says too little is known to define them accurately.
``We have found that the youngest identified hacker was about four and a half years old and female. The oldest was about 74. It's very difficult to pin down exactly what is happening. Trying to get organisations to admit they have been hacked is very difficult," Dr Coldwell says.
He says, however, that hackers tend to be introverted and ``linear thinkers": ``You say something to them like good morning, and they go and look out the window to see if it's raining."
Their contribution to computer crime is relatively minor, he says, a view shared by Mr Kevin Fitzgerald, a private sector computer consultant.
In a ranking of 30 threats to computer systems, hackers rank 26 or 27, Mr Fitzgerald says.
``The days of the dial-up modem are fast disappearing so the problem becomes the internal hacker. They rely on a management which thinks passwords are effective."
THE Watcher says the apparent risk from hacking is minimised because many hackers understand only the Unix operating system. Security generally is lax.
``I'll give you an example. I went to call a machine the other day and misdialled the number and I got a carrier (a tone linking two modems). All of a sudden I got a screenful of information and I was into some company's accounting system. No log in, no password, no nothing.
``In Australia it's the universities who are taking measures because that's where most of the hackers target. If Australia develops a broader range of hackers prepared to look at things other than Unix, all of a sudden you are going to get things happening again, like medical data bases being deleted.
``I used to like to get into things and have a look around. A business, someone's business machine doesn't really interest me. Get into a data base like Clirs. That's interesting."
Splendide Mendux says the worst a hacker will do is ring up an out- dialling bill for another system. He says a code of ethics instructs hackers to leave systems as they found them.
``A hacker is not going to want to do anything to a system that will jeopardise his access to it," he says. ``It's like reading a very good novel _ you can delve into this other world."
Now living in a bungalow at the rear of his parent's home, and with his court case behind him, the Watcher is still spending his nights at a computer screen and sleeping during the day.
``Most of my working life has been in computers," he says. ``I haven't really been applying for a lot of jobs ... but I've been thinking I should put a resume together and get on the road."
Computer hardware and software used in the preparation of this article was supplied by IC Technologies in Heidelberg.
THE HACKER's ALMANAC
Hacker: someone who gets unauthorised access to a computer system.
Internet: a legitimate international academic network, but also the
hacker's gateway to the world.
The Scene: or the underground, a loosely organised, but highly
protective group
sharing knowledge and programs on hacking, piracy and phreaking.
Phone Phreaking: manipulating the telecommunications system, often in
order to make free calls.
Cracking: removing the protection system for copyright software so, it
can be copied.
Demon dialler: a computer program, avaliable on uderground bulletin
boards, used to scan thousands of telephone numbers searching for
computer connections which it then logs for later investigstion.
Handle: or alias,, the `nom de keyboard' behind which hackers hide,
such as the Pallbearer, Eric Bloodaxe, the Watcher, the Dark Avenger.
Snarfing: Illicit seizure of a password file.
Elite language: a method of using capitsal letters, numerals and
phonetically inspired misspellings to, exclude novices from
deciphering communications, eg: elite may appear as 3L33T.
Lamers: novices or less competent hackers. `Elite' can be used
ironically in this sense.
Pirate Couriers: distributors of illicitly obtained software.
Out-dialling: the practice of breaking into one system and then making
a further call into another system - any charge is levied against the
first system.
© 1994 THE SUNDAY AGE