The Hackers Voice


	Infamous Hackers and Phreaks 4.2 4.2.1 Steve Gold/Robert Schifreen (updated by Robert Schifreen, approved by Steve Gold) Steve Gold and Robert Schifreen were the first hackers to become well known in the UK. They were responsible for hacking Prestel in 1984 and gained notoriety for obtaining system manager status and hacking Prince Phillip's mailbox. They were raided on 10th April 1985 and, in the world's first hacking-related jury trial, were charged with forgery (there being no anti-hacking laws in the UK at that time). Found guilty on various specimen charges, Schifreen was fined £750 and Gold £600, with £1,000 costs each. They were both acquitted on appeal, which resulted in the introduction of the Computer Misuse Act 1990 which now outlaws hacking in the UK. Neither continues to hack and are now freelance journalists. Robert Schifreen was also known as Hex Maniac and Triludan the Warrior, and can be contacted at robert@schifreen.co.uk. Robert regularly speaks at IT security seminars with John Austen, former head of Scotland Yard's computer crime unit and the man who arrested Robert back in 1985. 4.2.2 Nick Whitely (from ``Approaching Zero'') Briefly, in 1990, Nick Whiteley was the most famous hacker in Britain. A quiet, unremarkable young man with a pedestrian job at a chemical supplies company, by night he became the Mad Hacker and roamed through computer systems nationwide. To the alarm of the authorities, he was believed to have broken into computers at the Ministry of Defense and MI5, Britain's counterintelligence security service. More troublesome still, there were messages sent by the Mad Hacker that strongly suggested he had evidence that some type of "surveillance" had been carried out against the opposition Labour party, the Campaign for Nuclear Disarmament (CND), and even the British Cabinet. It was unclear who was supposed to be carrying out the surveillance, but it was presumed to be MI5. When Nick was arrested in 1988, he was interviewed for up to six hours by agents he believes were from the Ministry of Defence and MI5. They were accompanied by an expert from International Computers Limited (ICL), at the time Britain's only independent mainframe computer manufacturer (the company is now controlled by Fujitsu of Japan). Nick was passionate in his admiration for ICL computers; he never hacked anything else, and both the MoD and MI5 use them. Whiteley's ambition was to buy his own ICL: he especially coveted the 3980, their top-of-the-line mainframe. In his daytime job, he worked on an ICL 2966, a smaller model, but still a formidable mainframe. Whenever Nick felt his fellow workers were making fun of him-which he believed they did because he was only an operator, rather than a real programmer-he would fantasize about the 3980. It was twenty times faster than the 2966 and could support far more individual users. But he had to admit that on his salary it would take a long time to earn the down payment on the almost $2 million purchase price. Nick had originally wanted to be a computer programmer or to work in technical support. But without a university degree his chances of becoming a programmer were limited: he would need to go back to college to get the qualifications. So instead he became an operator, or "tape monkey,"employed to ensure that there was enough computer tape in the drive and enough paper in the printer to keep the machinery running. Though he had been offered a promotion to senior operator, he had turned it down against a vague promise of a job in technical support sometime in the future. Then nineteen years old, Nick lived with his parents in their home in Enfield in north London. He was affable, intelligent, and articulate, was generally casually dressed-sweatshirt, jeans, sneakers-and had nicotine-stained fingers. Nick's life became consumed by his passion for the ICL. He was fascinated by its operating system and by the language-called SCL (System Control Language used to write its programs. Of course he had to admit that his ambition to buy an ICL 3980 was pretty unrealistic. Even if he had enough money to buy one, he would certainly have no use for a computer that was designed for large businesses. But then he would begin to worry about what would happen if he lost his job or had to leave the company. Where would he go to work on an ICL then? In his bedroom in his parents' house Nick had a personal computer, a Commodore Amiga 1000, equipped with a modem. He had intended to use the modem to dial in to electronic bulletin boards-specialist data and information services, like Prestel but generally run by private individuals. It was never his intention to start hacking, he says; he thought it would be boring. Nonetheless, he started reading a guide called The Hacker's Handbook. The Handbook had been written by a British hacker known as "Hugo Cornwall" and achieved instant notoriety when it was first published in March 1985. Guided by the Handbook, he began dialing into more bulletin boards. (He found that about 20 percent of them had hacker sections.) With the information he obtained from the Handbook and the bulletin boards he learned how to find the access phone numbers for other computers, and how to deal with IDs and passwords. The Handbook was especially useful: it contained a list of phone numbers that gave access to JANET. JANET is the earnestly friendly acronym for the Joint Academic Network, a system that links computers in eighty to ninety universities, polytechnics, and research centers throughout the United Kingdom. Because it is designed to be used by students and researchers. the network needs to be relatively open, and tries to present a friendly face to users: hence the feminine acronym and the useful tutorial and guide provided by the system when a user types HELP- The network's various data banks also contain a wealth of information on subjects as dissimilar as military research and theoretical physics. For Nick, however, the chief appeal of JANET was that it linked a number of ICLs on different sites around the country. By accessing JANET he could play around on his favorite computers from his home, just by using his little Commodore. Nick attempted his first hack in January 1988. He first dialed up a number for the computer center at Queen Mary College, where he knew there was an ICL 2988. Because Queen Mary is not far from Nick's home, the telephone charges would be lower; also, most colleges are easy targets because they generally have weak security. He got the dial-up from The Hacker's Handbook-but that, as he knew, would only get him to the front door. Access to the QMC computer would be like gaining entry to the Prestel system. To get inside, Nick would need both a user-name-a log-in or ID-and a password. The user-name at QMC is an individual seven-character ID; the password is a one-way encrypted code. (One way means the code can only be encrypted once and is entirely random; if the user forgets the password, a new one needs to be created.) That was the theory, anyway. But Nick knew that some software supplied by ICL includes a standard, or default, "low-security" user-name, one that doesn't require a password. Nick had learned the default user-name from his job and his constant reading of ICL promotional material, manuals, and security information. And because Queen Mary College had never changed its default user-name, it had left its back door wide open, making it k easy for Nick to walk right in to the college's mainframe ICL on his first try. The sole drawback from Nick's point of view was that the low-security user-name gave him only restricted access to the computer. The QMC computer had a strict hierarchy of user status, and the environment of low-security users-the areas on the computer they could enter - was severely limited. Most ordinary users had higher status, though their environment was usually restricted by the nature of their tasks. At the apex of the hierarchy, as with Prestel, was the systems manager, who had access to everything. At QMC the sysman is in complete control of the computer, assigning status to other users, overseeing the functioning of the system, and managing the programs and data. Nick's objective was to capture sysman status. Without it his options were too limited, his environment too restricted. He began searching through the files, using his knowledge of the minutiae of ICL operating systems to find his way through the electronic pathways of the QMC computer. He ran into walls or traps designed to keep him out of restricted areas, but he kept trying. Nick's hobby, his only one, was collecting unlisted commands for ICL computers. These are keyboard operations that the company doesn't document, which can be discovered by experimentation. Sometimes these got him around the traps and farther into the system. Slowly he moved through the back alleys of the QMC systems until finally he was able to access the operator libraries, the collection of programs that manage the computer. He knew that the keys to raising his status lay among the programs. He had been hacking for hours by then, but he didn't notice the time or his own tiredness. He played with commands, his little PC sending signals from his bedroom in Enfield through the telephone lines to the mainframe at QMC. He went through the programs systematically, coaxing the ICL, trying to outsmart the security systems that had been put in place precisely to stop someone like him. Eventually the machine yielded. On his first hack Nick had managed to capture system-manager status. He decided not to play with the QMC computer too much-the capture of sysman status was too valuable to lose by leaving obvious evidence; also, he needed QMC as a jumping-off point for other computers on JANET. He roamed about the QMC computer for a bit, looking at electronic mailboxes and assessing different files. Then he used his sysman status to create four new user-names, OLAD011, OLAD024, OLAD028, and OLAD059, which would allow him continual entry to the QMC machine. He assigned the four user-names to Alan Dolby. The best part of the JANET network, from Nick's point of view, was that it was a freeway: entry into one point on the system gave a direct route to other points. That meant that he could dial into QMC and then link into other ICLs at other sites. Conveniently, the ever-friendly network listed the sites on the system by computer manufacturer, so he knew just where to go to find more ICLs. One of Nick's targets was an ICL at Glasgow University in Scotland. Eventually he linked into Glasgow by logging in as a guest user. He used the same technique to break into the ICL at Hull University and others in Nottingham, Belfast, and Bath. Nick saw hacking as simply a means to play on ICLs. He wasn't interested in stealing information from the network, and in fact, he had no real purpose at all. He was hooked on ICLs and wanted only to be able to work on them, to play around on the operating system, to explore the complexities of the network. He told his parents there wasn't anything illegal in what he was doing, and technically he was correct: at the time there were no laws in the U.K. that specifically addressed hacking, and the Gold-Schifreen case had seemed to make the practice beyond the law. Once Nick had started hacking the Whiteley family phone bills soared from around $100 a quarter to over $1,600. But Nick always paid his share. He could afford to do so because he had no other social life: no expensive habits, no girlfriends. He went to work came home, and started hacking. He hacked at night because it fit into his schedule, and also because the phone rates were cheaper, there was less line noise, and the target computers would be unmanned. The trick was, he said later, to stay awake; sometimes he hacked all through the night and then had to go to work the next morning. His "day" could stretch to twenty-eight hours: first eight hours at work, then a night spent hacking, then another eight hours at work trying to stay awake while keeping the printer stuffed with paper and the tape running in the drive. After a marathon stretch like that he would take the next night off and go to bed early. "It was obsessive," Nick later explained. "Five or six hours can seem like five minutes." He drank coffee and Coke and ingested caffeine tablets to keep going. "When you get into a system, you must keep going. It might take four or five hours to penetrate the defenses and another four or five hours to protect the position that has been established. If protection isn't put into place, then the earlier work could be wasted." The challenge was in beating the system; success came from staying awake. It gave him a feeling of power: he enjoyed knowing that while the designated sysman thought he controlled the computer, in fact it was himself, Nick, who had manipulated system-manager status and was really in control. Nick compared hacking to a game of chess, a battle of wits between himself and the system, nothing criminal, just a game: The excitement comes from knowing that a computer in the bedroom at home can be used to break into multi-million-dollar installations. There's the thrill of exploration, of going around the world electronically. The objective is to try to gain the highest status within the system, that of system manager, and once there, to begin making the rules instead of following them. If the system manager blocks one way in, then you find another. It becomes a game with the systems manager; the hacker's goal is simply to try to persuade the computer that he should have increased privileges. One person who didn't see it as a game was Bob Jones, the chief programmer at Queen Mary College. A tall, well-built man with beard and lasses and an academic uniform that sometimes runs to jeans and T-shirts, he had been at the college since 1968, first as a physics student, then staying on to work full-time at the QMC computer centre after earning his degree in 1971. He worked out of a large office on the top floor of the computer science block, a nondescript concrete shell of a building in east London. His office was near the computer centre, a cramped room packed with mainframes, some of them ICLs. In the room's centre were eight consoles set up on adjoining desks, which allowed the activities of the mainframes to be monitored but were usually unmanned, particularly at night. Jones first realized that the QMC system had been breached by 1 a hacker on February 19, 1988. He had heard reports from colleagues at the Universities of Glasgow and Hull that their own systems had been hacked by someone calling himself Alan Dolby. What he saw on his computer was a series of files that had been incorrectly stored in the memory, one of which had been labeled AD. He began searching for signs of further tampering, and he soon found it: the four OLAD user files Nick had created to give himself a smooth path into the QMC computer. The files appeared to have been created a month previously. Jones immediately reported the intrusion to his superior, Jeremy Brandon, the director of the computer centre, although it was clear that their options were limited. They could attempt to lock their hacker out by closing all of the OLAD files, but that might force the hacker to try more devious back-door methods to regain access. If he entered the system through such a method, they might not be able to find him again-and he might do some real damage. Instead, they decided to leave the files as they were and watch him, although they did remove the Mad Hacker's sysman status. When Jones came into the office on the morning of March 30th, he found that there had been no work processed on the computer since about two A.M., when the scheduler (the program listing the priority of jobs) had failed. Its failure coincided with a successful hack of the system made by OLAD028. Jones and Brandon decided to record future intrusions on a dedicated journal within the computer. They also decided to wipe out three of the user-names, leaving only OLAD028, the one the hacker had consistently employed. It would be easier to track him this way. By this time the hacking incidents had been reported to QMC's head of security, who passed on the information to Scotland Yard's Computer Crime Unit. Although established in 1971, the CCU had until 1985 consisted of only one officer. Then, as computer crime escalated and the government became concerned about the vulnerability of its own systems, it was eventually enlarged to four officers-still not a big force, given that Scotland Yard can be called in on cases anywhere in Great Britain. The unit is headed by John Austen, who was the officer assigned to investigate the Mad Hacker affair. Austen knew that the only way to catch the hacker was to monitor the lines, the same time-consuming process used to track down Triludan the Warrior. That meant involving British Telecom, which needed to assign an engineer to trace calls. And because the Mad Hacker worked at night, that would involve overtime. For the first few days the investigation was bogged down over the overtime question: neither British Telecom nor QMC nor Scotland Yard were willing to pay. Eventually the phone company gave in and set up a twenty-four-hour trace, to be activated whenever the hacker was detected on the QMC system. As the Mad Hacker gained confidence and experience, his activities took on a new twist. To Bob Jones it seemed malicious, as if the hacker had declared war on the system. One night the Mad Hacker ordered the QMC computer to print, I THINK YOU SHOULD KNOW I AM MAD . . . I AM ALSO DEPRESSED, over and over. To Hull University he sent a message saying, I AM TAKING UP THE CHALLENGE, then loaded a "rabbit" onto the system. A rabbit is a piece of software that orders a computer to perform useless tasks endlessly, multiplying ever more work orders until they finally overwhelm the computer and it can cope with nothing else. The Hull computer was down for ten hours after this particular rabbit began breeding. THAT WILL FILL UP YOUR SODDING SYSTEM, another message said. He then dropped a rabbit into the Glasgow computer. But this time, it didn't work. As he was on-line, the computer operator discovered him and sent him a message demanding that he call the operations department. ALAN DOLBY DOESN T MAKE CALLS, he wrote back. Glasgow was where Dolby had first been rumbled, three months previously, when a file he had created as a back door had been discovered. It was Glasgow that had alerted the rest of the system operators on JANET that there was a hacker. So there may have been an element of revenge when, one night, the Glasgow system manager, Dr. Roger MacKenzie, tried to access the mainframe from his home PC and found that he had been "locked out"-barred from his own computer. It was later discovered that the Mad Hacker had captured sysman status that night and instructed the mainframe to kick out MacKenzie. At QMC an increasingly irritated Bob Jones was watching as intrusion after intrusion was recorded in the computer journal. At first these were just messages left for the sysman, schoolboyish nonsense such as WILL ET PLEASE PHONE HOME and WILL NORMAN BATES PLEASE REPORT TO THE SHOWER ROOM. But then things became more serious: the Mad Hacker instructed the QMC computer to generate copies of reports from its memory, which prevented it from processing necessary work, and on more than one occasion his intrusions caused the computer to crash. It seemed as if the Mad Hacker had become vindictive and malicious. Once, he left a message asking, WHY DON'T YOU LOCK ME OUT? It was obvious to Jones that his hacker wanted to play, but he ignored the messages. Monitoring the lines was slowly getting results. When the Mad Hacker was spotted making an unusual daytime appearance, Bob Jones called the twenty-four-hour emergency number at British Telecom-which rang and rang. In frustration he gave the receiver to someone else to hold while he called a contact at British Telecom direct. "There's no one answering my emergency call," he shouted. "Well, yes," the Telecom man said patiently. "The service doesn't start until five P.M." As they spoke, an assistant passed him a note saying that the hacker had left the system. Jones, still steaming, explained the precise meaning of "twenty-four-hour service. The monitoring intensified. In early July the engineers at the telephone office nearest QMC finally traced the hacker back to a telephone in Enfield. Another monitor was placed on the suspect number to record all future activity. On July 5th Jones came in to work to find that the computer journal recording the Mad Hacker's intrusions had been wiped out. That could only have happened if the hacker had captured sysman status again. He also found this message: THIS INSTALLATION HAS BEEN HACKED BY ALAN DOLBY. ALAN DOLBY IS A REGISTERED MEMBER OF HACKING INC. (ICL DIVISION), WHICH IS A SUBSIDIARY OF HACKING INTERNATIONAL. THIS HACK IS ã 1988 BY ALAN DOLBY (THE MAD HACKER). The announcement was followed by a message for Marlyn, a computer operator previously employed by QMC and mistakenly believed by the Mad Hacker to be the sysman: NOW MARLYN IS PROBABLY THINKING, ! #?$ (SH*T) HOW THE HELL DID HE GET IN THIS TIME? . . . I BETTER HAVE A LOOK AT WHERE I KEEP HIS JOURNALS. OH SHIT, SHE SAYS, THEY ARE NOT THERE ANYMORE. ! #?$ NOW, MARLYN, IT'S GETTING PRETTY BORING HAVING TO KEEP ON TEACHING YOU MANNERS. I'D RATHER BE AT MY OTHER SYSMAN HACK SITES. SO I HOPE YOU HAVE LEARNED (EXCEPT HOW I DID IT) FROM THIS, MARLYN, AND REPLY TO MY MESSAGES; OTHERWISE YOU WILL MAKE ME VERY VERY ANGRY, AND ROGER WILL TELL YOU ONE THING, YOU WON'T LIKE IT WHEN l'M ANGRY. The reference was to the Mad Hacker's successful lockout of Roger MacKenzie from his own system. The message continued: STILL, DON T GET TOO DESPONDENT MARLYN, I MEAN WHAT DID YOU EXPECT? IF I CAN HACK ROGER S PLACE TWICE, THEN ANYTHING ELSE IS JUST A PIECE OF CAKE, AND I MEAN YOU'RE NO GURU, MARLYN. ROGER IS THE GURU, HE WRITES PROGRAMS, HE DOESN T PHONE UP SAYING, OH, ROGER, HELP ME, ROGER. HAVE I WOUND YOU UP ENOUGH, MARLYN? YOU WON'T BELIEVE HOW I GOT IN, MARLYN HAHAHAHAHAHAHAHAHAHAHHAAAA YOURS HACKINGLY, ALAN DOLBY . . . THE MAD HACKER!!! THE MAD HACKER THE MAD HACKER ALAN DOLBY ALAN DOLBY . . . Though the Mad Hacker had destroyed the journal when he hacked in to QMC that night, he didn't destroy the evidence. Like most computer users, QMC keeps backup copies of files, so the record of the Mad Hacker's intrusions still existed. But it was becoming evident that eventually real damage to the system could be caused if the hacking continued. It had already become very frustrating to Jones, who was spending more and more time cleaning up after the Mad Hacker and less time doing his real work. But even worse, Scotland Yard had become concerned about hints that were contained in some of his computer messages, that Alan Dolby was hacking into the Ministry of Defence computer, also an ICL. The break-ins might still be a game to the Mad Hacker, but it was becoming deadly serious to everyone else. They decided to go for a bust that very evening. An arrest for computer hacking is not a straightforward affair. To make the charge stick, the police would have to arrest the Mad Hacker while he was actually in the middle of a hack, with the unauthorized dial-up on his computer screen and his fingers on the keyboard. Evidence that the hacking had been committed from his phone number was not sufficient: it could, after all, have been done by his mother. The team assembled for the bust was enormous. There were four policemen from the Computer Crime Unit, two technical support specialists, two experts from ICL, a police photographer, two British Telecom engineers, and a phalanx of uniformed policemen. In addition Jones had to monitor the QMC computer to alert the team when the Mad Hacker broke in. He was joined in his vigil by the managers at other ICL sites on the JANET network, as well as by internal British Telecom staff to monitor the phone lines. In total the team numbered forty people. As luck would have it, however, on that evening nothing happened; the Mad Hacker simply went to bed early. But the next night, he decided to dial in to QMC once more to see if anyone had replied to his message. According to the computer record, he logged on at 7:48 P.M. Just a few minutes before 8:00 P.M. the Whiteley family heard a knock on the door. The police later described it as a gentle tap; to Nick, upstairs in his bedroom, it sounded like loud banging. He thought it odd: why didn't they use the doorbell? Then he walked to his window and saw four men approaching the door. He said later that he could tell from their appearance that they weren't Jehovah's Witnesses, and for one awful second he thought they might be Mafia. Downstairs Nick's father was at the door bewilderedly reading a warrant presented to him by the policemen. Nick sat down on his bed. He thought that perhaps they were after a spy or a murderer. They couldn't be after him: he was nineteen years old and liked to play games with computers, that was all. The police moved upstairs to arrest Nick. By this time, there were twelve members of the team in the tiny house, communicating by portable phone to their colleagues outside. John Austen from the CCU told Nick he was being arrested for "criminal damage." Nick looked at him incredulously, then burst out laughing. He thought it must be a mistake. Though hacking wasn't illegal at that time, the case against Whiteley had been put together around the concept of criminal damage, which boiled down to loss of data and denial of computer service as a result of his hacks. QMC alone had valued the down-time to fix its computers at $48,000. Police photographers moved in to record the computer screen, keyboard, and modem. Every inch of the room was photographed: Nick's files, the books on his bookshelf, the posters on the wall. The police stayed until midnight: they confiscated Nick's Commodore and all the other equipment, loading the evidence into bags; they removed from Nick's room books, blank paper, empty folders, even the posters; and they interviewed Nick's older brother, Christopher. Nick's mother, who was out when the raid began, came home to find the team searching Nick's car. Nick was still stunned: he was convinced it was all a mistake and that soon the police would apologize and go away. He presumed that he had never been locked out of the QMC mainframe because the systems manager wanted him to test the security, that , he was playing the game too. Nick was the stereotypical hacker: a kid who wanted to play a big-time computer game to demonstrate how clever he was. He didn't want to damage anything, although he did enjoy playing a few malicious pranks from time to time. When he was busted, Nick had only been hacking for six months. Two days after the raid, he was taken to Bow Street magistrate's court and charged with having caused a total of $115,000 damage to computer hardware and disks. But what concerned the authorities the most were the suggestions that Nick had been hacking into MoD and MI5; in his room they found a little red notebook with dial-ups for ICLs operated by government agencies. They also wanted to know about the messages that had been left by Nick on the QMC computer alleging that he had knowledge of "surveillance" of the Labour party, CND (the Campaign for Nuclear Disarmament) and the Cabinet. Nick told the police, and later two agents he presumed to be from the MoD and MI5, that he had never used the numbers in his book; they were for future reference. As for the messages about surveillance, they were fantasy, part of the games he was playing with the sysman at QMC.3 The police were unimpressed. Nick was released on bail, but only after promising not to continue hacking. In May 1990, almost two years after the incidents took place, he was tried for criminal damage at London's Southwark crown court. The defense accepted the prosecution's charges, but argued that there had been no real criminal damage. Nick's lawyers were confident of getting him off, but it's said that he made a bad impression as a witness in his own defense: he was too sure of himself, too clever. Bob Jones later described him as "flippant and sneering." Nick himself thinks he was destined for a harsh sentence from the start. "They wanted to make an example of me," he said. "They'd have sent me to jail for a parking ticket." In the end, amid a flurry of national publicity, he was cleared of causing criminal damage to computer hardware, but convicted on four counts of damaging disks. After the verdict, defense counsel asked for but were refused bail. Whiteley was sentenced to a year's imprisonment, but eight months were suspended, and with good behaviour in jail, he was paroled after serving only two months. He was released in March 1991. Nick was the first person in Britain to be convicted of offenses relating to hacking. The overtones in his case-and the allegations of MI5 snooping and break-ins at the MoD-were enough to bring pressure on Parliament to propose a new computer crime law. The Computer Misuse Act came into effect in 1990: it made any attempt, successful or otherwise, to alter computer data with criminal intent an offense punishable by up to five years in jail. It could be called Nick Whiteley's legacy. The contrast between Nick-generally polite, easygoing, and articulate-and his alter ego, the Mad Hacker, impressed everyone who met him. Nick Whiteley would never leave messages redolent with sexual aggression for Marlyn: that was the Mad Hacker, or Alan Dolby. Nick Whiteley wouldn't cause damage to an ICL: again, that was the Mad Hacker. Like so many hackers, Nick played out his fantasies on the computer keyboard. He was no longer Nick Whiteley from Enfield when he was hacking, he was the Mad Hacker, the Mr. Hyde of QMC, Hull, Glasgow, and JANET. With a computer he could become anyone he wanted to be; without it he was just Nick Whiteley. 4.2.3 Paul Bedworth (from NewsBytes article / Steve Gold??) A member of 8lgm, Paul Bedworth a 19-year-old student was accused and acquitted of unauthorized access to several computer systems. It was the first case under the Computer Misuse Act, 1990, which introduced stiff penalties for unauthorized access to computer systems, among several other other hacking-related activities. Bedworth was arrested at his mother's house in North Yorkshire, following an investigation into unauthorized access to networks that spanned the world. Bedworth used a dial-up link into a local university to gain access to the Internet. By repeatedly trying various test passwords and exploiting known weaknesses in DEC VAX computer systems, he was able to log onto several dozen computers with very high privilege levels. When the case came to court Bedworth admitted that he was scared when the police raided his mother's house. The result of the scare, he said, was that he realized that hacking was illegal and, by his own admission, stupid. As well as being the first major case of its type to be brought under the Computer Misuse Act, the trial was significant since junior counsel to Bedworth, a barrister named Alistair Kelman, along with Ian MacDonald, QC, introduced an unusual defense for their client, that of computer addiction. In support of this, Kelman and MacDonald introduced an expert witness called Professor Griffith-Edwards of the Maudsley Hospital, an expert in compulsive behavior, who, after testing Bedworth, came to the conclusion that he was an obsessive person, totally besotted by computers. "That side of the case wasn't made up. Even today, while he is studying artificial intelligence at Edinburgh University, Paul spends all his nights up to midnight in the computing labs and his weekends too. He's hooked on computing," Kelman told Newsbytes. Once in court, Bedworth pleaded not guilty to the charges of unauthorized modification and access of computers and material and denies conspiring to obtain telecommunication services dishonestly. He was charged with logging into an EC computer system in Luxembourg and causing havoc. Other charges against him involved illegally accessing a Lloyd's Bank computer and BT's network generally. During the trial, it transpired that Bedworth had dialed around the world on the Internet, instructing computers in the EC to dial other networks repeatedly, at a cost of several tens of thousands of pounds. His own mother's phone bill, meanwhile, came to several hundred pounds as she struggled to come to terms with her son's computer problem. Peter Sommer, a computer security consultant and the author of the Hacker's Handbook, said he was surprised at the not-guilty verdict, given the nature of the defense."I think it was successful because the jury is looking to let the guy off, due to their heavy-handed behavior when they arrested him," he said. According to Sommer, although the defense of computer addiction was an unusual one, it was able to beat the charges involved. "In law, to make a prosecution of this type work, you have to ensure that there is the "mens rea," the reason of intent. To convince the jury otherwise, you have to demonstrate that the compulsion is sufficiently strong to overcome the intent, as has clearly happened in this case," Sommer said. Sommer dismissed suggestions that the result of the case is a "hacker's charter," allowing anyone to hack away at online systems legally. He said, however, that he does not view the "threat" of "hackers" such as Bedworth as a major one in his line of work as a security consultant. At a press conference held immediately after the trial's conclusion, Kelman said that its significance was nothing to do with the wrongful acts its sought to punish, "but the realization that maybe what is required is a little more understanding and a little less condemnation." Kelman pointed out that his client was a second generation "anorak" (a popular name for computer enthusiasts in the UK) but there are now large numbers of third generation anoraks at large, all of whom are well versed in computers. "The child, whose best friend is a computer rather than a person, is not going to function normally in society. We need to be able to predict how he will behave and what treatments will restore him to normal health. Parents must demand that proper research is done into this important problem." he said. 4.2.4 Neil Woods and Carl Strickland (by Cold Fire coldfire@shady.org) Neil Woods and Karl Strickland, were and still are the main members of 8lgm (8 Legged Groove Machine). As far as I know they were arrested around the same time as Paul Bedworth, June 1991. But didn't stand trial till May 1993. They both (I think) pleaded guilty, and were convicted for six months each. They were the first people to be jailed under the Computer Misuse Act 1990. They publish the 8lgm security advisories, and act as computer security consultants. Neil Woods is certainly an active security consultant. Neil Woods was also known as pad and Karl Strickland as Gandalf 4.2.5 Eddie Singh(by Cold Fire coldfire@shady.org) Eddie Singh was first arrested in (approx) 1988 for breaking into the University of Surrey terminal rooms. He used the nickname Camelot and was arrested very soon after the Computer Misuse Act came into operation for hacking the Ritz video chain. There is a book about him: Beating the System (Hackers Phreakers and Electronic Spies) by Owen Bowcott and Sally Hamiliton (ISBN: 7475 0513 6 published by Bloomsbury Press, 1990) 4.2.6 Mathew Bevan (by Mathew Bevan) I belong to a group of the most persecuted people on the planet. Our crime is usually no more than curiosity. Yet we can be dealt with under anti-terrorist legislation and we face the longest prison sentences meted out in the Western world. I am a hacker. This is my story. There is a point sometimes where the line between fact and fantasy blurs. I found that point when I was described by a Pentagon official as ``Possibly the single biggest threat to world peace since Adolf Hitler.'' At that moment, I was sitting happily at my computer, in my bedroom, in Cardiff, unaware that within a year I would be facing 15 years in prison. To understand me, you need to know my background. I was 12 when I got my first computer. I was given a ZX81 and a subscription to some computing magazines. It was that point that my love for computers was sealed. I had found a friend, someone who would always be there for me. I, like most nerds, upgraded my machine as often as money would allow until I had an Amiga 500 at about the age of 15. The Amiga was a piece of computing genius, not only did it have better graphics than any PC it also had four-channel stereo sound, something that would prove useful in the months to come. My friend gave me his 2400baud modem and for the first month I went crazy calling every BBS (Bulletin Board) number I could get my hands on. At the end of the month my Mother showed me a £400 phone bill and told me ``I never want to see one like this again'', and she never did. I learned about manipulation of the phone system in order not only to make free calls, but to obfuscate call origin. Every hacker wants to be anonymous and how better to be so than by diverting your call through several countries before reaching your destination. Once I had the ability to call anywhere in the world for free and be untraceable, the fun began. I was given the number to a BBS in Belgium called Sin City, an apt name for a hangout of all manner of electronic deviants. I met people on that BBS who were extremely interested in the skills I had over the phone system and as a trade for that information they gave me documents, files and other information to break into computers. In the good old days, hackers were free with their information and were less wary of the law. After all, when I started hacking there was no such thing as a Computer Misuse Act and hackers could see no harm in anything they were doing. It's similar to the curiosity that a parent feels when they find their child's diary. They know its wrong to read it, but often something inside them is just too inquisitive. Hacking is like that in many ways you know it's wrong but the excitement, the rush of adrenaline you feel by electronically rifling through a CEOs files, or looking at the latest space station plans at NASA is hard to beat. That is where the addictive nature of hacking can take hold. You feel the rush once you want it again and again. This is the point where I make you feel something you didn't think was possible to feel sorry for a hacker. Hackers are usually kids and, like many, I was beaten and bullied pretty much every day of my young school life. Through my later school years the physical abuse was replaced with name-calling and other mental abuse. It was this time of my life that I can categorically state was the precursor to my hacking. I was able for the first time to enjoyably interact with people across the globe. These people wanted nothing more than to share interests and as a result we became good friends even though I would ever meet only a handful in person. I took to the path of computer misuser very quickly, and it wasn't long before I was breaking into all sorts of systems, large and small, purely because I could. I have been asked many times if I can remember the first computer I broke into; sorry to disappoint you, but no, I can't. Once I had perfected the knack, I hacked so many machines in quick succession that most of the specifics elude me. I needed a direction. I found myself hacking everything I could, but there was something lacking. I found that needed direction on another BBS based in Australia called Destiny Stone, run by a phone phreaker called Ripmax, who also ended up on the wrong side of the law. On his system were hundreds of documents about UFOs, government cover-ups and conspiracy theories. At that time my curiosity was gripped by these stories, just as a hacker publication called PHRACK released a story about an alleged disappearance of 40 hackers who had been targeting military systems to try and uncover the truth. They printed the names of the bases that were thought to have been the targets of the missing group, and naive as I was, I didn't think about the consequences of following a similar path. I noted all of the various military bases that were named in the UFO documents I had downloaded. I began a systematic attack on each of the ones I could find with online equivalents. Luckily, I had many jump-off points with which to attack these military bases. I had already broken so many other systems, corporate, educational, and government, that it would be easy to find routes into the systems. You see, in the computer realm you can become anyone that you like. You can be strong and fearless whereas in real life you may be as I was, scared and powerless. I would get up and go to school, hate it, return home and get on the net until about 4 or 5am sleep for an hour or two and repeat the cycle. I could think to myself ``I hacked NASA last night, what did YOU do!'' Whilst penetrating various installations, four thousand miles away, a group of high-ranking military personnel from the Air Force Office of Special Investigations (AFOSI) Air Force Information Warfare Centre (AFIWAC) were gathered around a few computer terminals at Griffiss Air Force Base in Rome, New York. The base was known as Rome Laboratories and was a research facility for the Air Force where new methods of planning air battles and counter measures were being developed. According to later reports and three subsequent Senate enquiries, the group were the ``hacker trackers''. They monitored all activity including keystrokes within the network. They were confident that they had every mechanism in place to catch the unwanted intruders. Over the preceding few days they had watched two hackers penetrate numerous sensitive computer systems belonging to the Army, Military and Air Force. The hackers they determined to be ``Datastream Cowboy'' and ``Kuji''. They had discovered via an informant on IRC, the Internet chat system, that Datastream Cowboy was in fact a 15 year old English boy and it was only a short time before an arrest was made via the Metropolitan Computer Crime Unit. The other hacker was deemed more elusive and wily and the only thing they had to go on was his handle ``Kuji''. Kuji had been spotted on an Australian BBS by investigators but that is where their information ran dry. It was noted that Kuji would stay online for only short periods of time, never long enough to be traced successfully. They discovered that Datastream Cowboy would make mistake after mistake, but Kuji was perfect in his actions every time. They would observe what they believed to be Datastream Cowboy attempting to attack a site, fail, talk to Kuji and a minute later successfully get in. They knew they were dealing with someone far more sophisticated and with financial motives their combined brainpower determined that the most likely scenario was that Kuji was a spy, tutoring the younger Datastream Cowboy in exchange for military secrets. After all, what 18 year old kid, living in Cardiff, wouldn't have millions stashed under the floorboards. A true case of two plus two equals five. The reality was, as any unbiased person would guess, quite different. It was a year after Pryce's arrest that a tip-off to the police identified ``Kuji'' and I was subsequently arrested at work. I was working in the IT department of an Insurance company and after being asked to fix the MD's computer was not surprised to see a group of dark suited men in the office. After being read my rights and arrested for various computer crimes against NATO, NASA, the Air Force and other military installations, my reaction was simply ``Oh gosh!''. Luckily I had read reports of Pryce's arrest and was aware that he had broken down in tears shouting ``Oh God! no, what have I done?'' and made sure I reacted with calm. I had a suspicion they might find me, but believed that due to them looking for a spy the chances were slim. I was taken to the local police station for questioning. In all I was held for 36 hours and finally charged with conspiracy under the Computer Misuse Act. For the next 18 months legal argument followed legal argument. I read through all of the papers with my solicitor Simon Evenden nearly every day for a year. I do not believe anyone else in the case had actually done this. I believe that the chain of evidence was taken as correct as presented by the Americans. We were able to see that witnesses had lied about the extent of their involvement in the investigation, evidence had been tampered with, there was conflicting information regarding sensitive information held on the sites and various other technical discrepancies, all of which added up. If they had read thoroughly through the evidence, they would not have pushed it through court so quickly, as there was clearly no case to answer. I maintained throughout that any hacking I had done was on my own. There was no conspiracy and I refused to accept any ``conspiracy'' deals offered by the prosecution. By the time they had realised there was no conspiracy, they had run out of time to charge me with the original offences: section 1, unauthorised access, leaving them with only three more serious section 3 offences, which were unauthorised access with intent to impair the operation of the computer. Of course, impairment was never an issue, why would I wish to impair a machine I was having fun with, using it to attack other machines. The pre-trial case culminated with the prosecution offering no evidence. They held that it was not in the public interest to prosecute me. Imagine the cost of running a 4-month trial in crown court at a cost of £10,000 per day, plus the cost of bringing many high ranking military captains from the USA. One of the things I most often point out is that my case is not one of hacking, but an exercise in propaganda. After all, in the same year that a handful of hackers were caught there was an estimated 250,000 attacks on Department of Defense computers. Is it a coincidence that when the Senate is being asked for money to fund protection against Information Warfare that a case study that appears to prove their necessity falls in their laps? Is it a coincidence that requests for increased funding coincide with news headlines of ``dangerous hackers'' or computer viruses? I now work on the right side of the law as a consultant. I mainly work performing penetration tests or ``ethical hacking''. I also volunteer my time and technical ability to www.antichildporn.org, which helps to root out those using the Internet to exploit and abuse children. I can be reached by email at hacker@kujimedia.com. Further information is available at www.bogus.net/kuji and www.kujimedia.com © Mathew Bevan 2001. 4.2.7 Raphael Gray (by Virtua7) Raphael Gray (aka Curador) broke into a series of web sites in 2000 and stole credit card details from them. I think this is here not as an example of a hacker, but of the new generation of script kiddies. He got caught very quickly because he boasted about his achievements and posted the credit card details on the web. He obtained the credit card numbers by using the same well known exploit on several servers one after the other. There's not much clever in that at all, in fact he got caught big style with a joint investigation including the UK police, FBI, RCMP and law enforcement agencies from the far east. He then proceeded to make a number of media appearances and the media loved it and lapped it up. Have no idea what the state of his case is right now.