From hol-owner Mon Mar 6 12:10:14 1995 Return-Path: owner-HOL-announce Received: from localhost (daemon@localhost) (fnord) by nando.yak.net (8.6.5/8.6.5) id MAA06458 for hol-announce-out31415; Mon, 6 Mar 1995 12:10:14 -0800 Received: from localhost (daemon@localhost) (fnord) by nando.yak.net (8.6.5/8.6.5) id MAA06422 for hol-announce; Mon, 6 Mar 1995 12:09:51 -0800 Received: via =-=-=-=-= from carlson@odin.net for hol-announce@hungary.yak.net (hol-announce) Received: from odin.net (root@omega.odin.net [193.130.116.3]) (fnord) by nando (8.6.5/8.6.5) with ESMTP id MAA06322 for ; Mon, 6 Mar 1995 12:07:40 -0800 Received: from [193.130.116.13] by odin.net with SMTP (8.6.10/1.2-btv) id VAA01422; Mon, 6 Mar 1995 21:19:24 GMT Message-Id: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Mon, 6 Mar 1995 21:02:28 +0100 To: hol-announce@hungary.yak.net From: carlson@odin.net (Steven Carlson) Subject: (HOL-A) HOL> hacker bust Sender: owner-HOL-announce@hungary.yak.net Precedence: bulk Reply-To: HOL@hungary.yak.net I hate the term "hacker". It's become such a media buzzword. I was pissed off this morning when I saw the _Warsaw Business Journal_ (the bbj's new sister) had titled this piece: "hackers infest the Internet". For the record: a hacker is a talented person who attacks a technical problem persisently and creatively until he finds a solution. The hacker creed lacks any other ethic. In other words a problem is a problem, whether it means hammering out the bugs before a new software ships, or hammering away at a corporate firewall until you get through. In comparison: a businessman is a talented person who seeks out market opportunities and attempts to satisfy the market and turn a profit. The business creed lacks any other ethic. In other words, a market opportunity is a market opportunity, whether that means selling girl scout cookies to little old ladies, or selling chemical weapons factories to Saddam Hussein. There are bad hackers, and there are bad businessmen. end rant =steve= --- hungary-online hacker bust By Steven Carlson Kevin Mitnick, 31, is the Internet's worst nightmare. At least that was his ambition. Some people risk their necks in rocket-powered cars; others climb mountains. Mitnick gets his kicks from breaking into computers. And he's so good federal agents now holding him won't let him near a telephone for fear of what he might do. "He's a computer terrorist," says Justice Department spokesman John Russell. Mitnick is now behind bars, accused of computer fraud and violating parole. If convicted he faces a $500,000 fine and 35 years in prison. Investigators say he broke into dozens of computers around the globe include ones at Apple Computers, Motorola, NEC, and Silicon Graphics. He is also accused of stealing 20,000 credit card numbers from computers across the United States. This comes at a time when banks, credit institutions, and big business are ramping up to launch systems allowing financial transactions across the Internet. "It's very unsettling," said John Wankmueller, director of technology assessment for MasterCard International Inc. "We wouldn't use the Internet as it is today to conduct electronic commerce." David Melancon, a spokesman for Visa echoes those misgivings: "The Internet isn't nearly as secure as we'd like it to be." Nevertheless, both VISA and Mastercard are still moving ahead to exploit a future industry estimated to be worth billions. VISA is working with Microsoft in an online service to be bundled with the coming Windows 95 operating system, due this Fall. MasterCard is teamed up with former Silicon Graphics CEO Jim Clark's aggressive startup Netscape Communications on a payment system for merchants on the World Wide Web. Other smaller players have joined the game. However one link is missing. The lynchpin of any secure payment system is strong encryption, which can protect confidential data and offer a credible means of identifying users. The US government is blocking widespread use of strong encryption algorithms for fear that criminals will use them to hide their activities. "The irony is while the government spends all its effort chasing after Mitnick, it spends its time trying to suppress the technology that could secure those networks," says Bruce Koball, director of a group called Computers, Freedom and Privacy, which puts on an annual conference to discuss legal issues in the computer age. Koball himself was a victim. Koball discovered the hacker's tracks in his account at the WELL, an online system based in Sausalito, California. He then called for help, which grew to include Federal investigators as well as computer specialists. They set a watch for the intruder on the WELL and watched him access the system and then use it as a departure point for further break-ins. Authorities traced Mitnick's call across the United States to its origin at a cellular phone in Raleigh, North Carolina. In a pre-dawn raid Mitnick was arrested and accused of computer fraud as well as violating probation. >From time to time spectacular busts like this one raise public fears about hackers. Yet the problem is a constant one. The good news is there's no crime wave on the Internet; the bad news is break-ins are likely to increase at the same pace that the Internet grows. After all, the Net was designed to facilitate _sharing_ information. It's the nature of Internet that one person can leverage his creativity and knowledge to enormous effect - to good or to evil. Experts say security is a moving target, running at the pace of technological development. As new security holes are discovered, these are publicized and patches are developed to cover them. Then along comes a new technology and the game continues. Ironically, hackers often claim they actually aid this process by exposing the holes. In the case of Mitnick, he was able to penetrate corporate firewalls, previously considered impervious, by posing as a friendly computer. This information will help others develop stronger protection. Many wear the label of hacker proudly. To them a hacker is someone who tests his own ability by persistently attacking - "hacking" - a problem. The trouble is the hacker's code is morally ambivalent. Mitnick is clearly a "bad hacker." But he certainly is not the most dangerous kind. Mitnick is a showoff. He likes being in the limelight. The trouble with being superman, roaming the world's networks and mastering the databases of corporate power is that very few people can watch you. Investigator say Mitnick left telltale clues behind. He didn't cover his tracks. One security expert that halped catch Mitnick went as far as to suggest "he's not very good at this." Far more dangerous is the quiet "professional," the hacker whose only aim is profit. The FBI is currently working on a case in which an anonymous hacker is trying to extort money from a major US corporation. Some companies say competitors have hired hackers to steal their secrets. The game goes on. [blurb] Steven Carlson is an Internet trainer and technology writer ------------------------------------------------------------------------ Copyright (c) 1995. Permission granted to redistribute this article in electronic form for non-profit purposes only. My byline and this message must remain intact. Contact me for reprint rights. ------------------------------------------------------------------------ --- Steven Carlson Moderator/Publisher - hungary-online Critical Mass Media Inc. Internet trainer, consultant [+361] 133-4647 in Budapest, Hungary carlson@odin.net ############# # This message to HOL-announce@hungary.yak.net # was from carlson@odin.net (Steven Carlson) # # To unsubscribe, send "unsubscribe" to # For a full subscription (rather than this announcement-only subscription) # mail "subscribe" to # Send mail to for more information, # or to if you need human assistance. #############