Read Masters of Deception: The Gang That Ruled Cyberspace Online
Authors: Michele Slatalla,Michele Slatalla
Tags: #Computer security - New York (State) - New York, #Technology & Engineering, #Computer hackers, #Sociology, #Computer crimes - New York (State) - New York, #True Crime, #Social Science, #Computers, #New York, #General, #Computer crimes, #Computer hackers - New York (State) - New York, #Political Science, #Gangs - New York (State) - New York, #Computer security, #Security, #New York (State), #Gangs
In fact, while on the run, Jason had created a special account that would allow anyone, anywhere, to use Tymnet free.
You'd get your computer to call a local dialup. Then the computer would ask you for a login, and you'd type
"PARMASTERX75" (and then a password
parmaster=tymnet god
to prove you really were the authorized user).
Too cool. Word spread throughout the underground. It was operable for a whole year, enhancing Parmaster's image more than a PR firm could.
Although the Parmaster Network User ID enabled the MOD boys to use Tymnet, it kept them from tinkering with its engine, kept them out of the guts of this enormous repository of information and power. But with Parmaster's new privileged password, the MOD boys could explore dozens of dedicated subnetworks that the system links.
Tymnet's customers are big corporations and government agencies with far-flung computers that need to talk to one another. Now the MOD boys could get into Tymnet just like any engineer at Martin-Marietta Missile group could. Just like a vice president at Bank of America could. Just like a general in the U. S. Air Force could.
One thing separated the MOD boys from those other users, though. Most Tymnet customers log in to only a tiny section of the system, into the subnetwork that houses their organization's business. The MOD boys were different kinds of customers. They had the power to run rampant through everybody's networks.
Not right away, of course. At first, the MOD boys were simply blown away by the immense possibilities that lay before them. Sure, they'd hacked other big systems. They'd mastered the nation's entire phone system, hadn't they? But Tymnet's sphere of influence and importance is much broader than the phone system's.
Tymnet exists at the very vortex of cyberspace. Billion-dollar financial transactions, top-secret plans for fighter jets, the confidential credit history of the President of the United States. It's all there, sucked into cyberspace and rushing past at an incalculable rate. Information rockets through the pipeline that Tymnet controls, information packaged as precise units of data that zip from one user's computer screen to another halfway around the world. If you know the right commands, if you execute them at the right instant in time, then you can examine that data as it zips past. You can X-ray the units. You can become an electronic voyeur. You can, quite simply, know all the world's business.
Jason's password was the first step.
It is Mark, of course, who figures out the next step.
He logs into Tymnet day after day, obsessively, unable to take a break to sleep or eat, fueled by cigarettes and Coca-Cola. He sees a nearly infinite system, a system that is beautiful because of its endless complexity, a system that defies explanation, spiraling forever outward, like the Big Bang, always changing as new software and new hardware come online. He sees a system that he alone might understand.
Who knows more about so many different networks? AT&T employees only know about AT&T. New York Telephone engineers only know about New York Telephone. A Tymnet technician is just as myopic. But Mark sees how all the systems work and how they all fit together into a universe that he alone has conquered. Mark synthesizes that information into a worldview that allows him to go further, intuitively, hacking. That's why he never doubts that he will master Tymnet.
One day, Mark finds a few old computers called PDP10s, old minicomputers owned by Tymnet and used by the company's technical staff to store... administrative manuals! This is a find of unbelievable good luck. Imagine being an archaeologist, patiently digging through layers and layers of alluvium. And then you find the Rosetta stone. All the pieces are in front of him, but he doesn't know how to read it. Not yet.
John and Julio have told Mark they've heard that TRW operates its own subnetwork somewhere on Tymnet. It makes sense for TRW to exist on Tymnet, because car dealers and loan officers and bill collectors from all over the country had to get into the TRW system quickly to look up credit histories. All those TRW customers wanted a local phone number to dial to get in. Tymnet, with dialups in every major city in America, was the conduit.
John and Julio give him a number of valid users' names
who knew where the names came from, maybe a garbage
dumpster, but they don't know what to do with the stuff.
But Mark does. He logs in, then types "TRWNET, " and there he is. He's in the subnetwork. He gets a prompt: TRWNET>
He starts testing certain ubiquitous commands. He types "dir, " and sure enough, a directory of file names appears. He types "type [filename]" and the contents of the file in question fill his laptop's screen.
Mark discovers that TRW has its own PDP10 computer on Tymnet. He starts looking around and finds a list of every account name and password. The subnetwork has files, and directories, and packets of information that you can send back and forth between users' computers. The subnetwork uses exactly the same hardware as the rest of Tymnet. If Mark can understand the architecture of TRWnet, by extension he'll know everything there is to know about the whole Tymnet system.
So that's exactly what he does. He breaks TRWnet down to its component parts and figures out how each one works alone, then how they work together. He learns the lyrical acronym for Tymnet's whole gorgeous architecture ISIS, the
Internally Switched Interface System. ISIS is made up of nodes, which are really just computer-processing chips. Each node is loaded with "slots, " which run software applications. For instance, every slot has software used for troubleshooting or debugging. The software is called the Dynamic Debugging Tool, or DDT, for short. Get it? A debugger called DDT. Computer people have the best sense of humor.
He learns that there are supervisor nodes. They are to Tymnet what switches are to New York Telephone. Supervisor nodes are like traffic cops, routing packets of data to their destinations and keeping track of what's going on in the rest of the network. With the manuals he got from the PDPs, Mark has a blueprint, and he learns about the software tools that Tymnet technicians use to keep each node running. It's a great system because each engine he explores is loaded with its own full set of software tools, like DDT, right there in the slots.
One of those tools is the aptly named X-RAY, which allows Tymnet workers (and now Mark) to look inside each packet of data as it whizzes by. He learns about every aspect of the network, just as he did with the telephone system. And there's no stopping him. He hits Tymnet at least ten times a day, logging what the government will later say was an astronomical 23, 314 minutes of network time.
Mark gets a stack of floppy disks that he calls "The Main 10. "
He has copied all the information from the Tymnet manuals onto the floppies and carries them around. He's amazed at his treasure, amazed that there are other engineers out there in the world who think just like him, who so meticulously write down all this technical stuff for others to read. He's the only one with the Big Picture. Of course, he shares much of what he knows with his friends. It's only fair to give something back to Julio. And doesn't Julio share what Mark's told him with John? They're all friends. All members of the Masters of Deception. John is as compulsive as Mark when it comes to Tymnet
he can't resist logging in every day. The only thing that slows him down is the bad power supply in his building.
Sometimes John's computer blows a fuse.
Tymnet has become MOD's new playground. The hackers are just like a bunch of excited four-year-olds, running around and trying all the rides at once.
Every day, it seemed, the MOD boys were finding a new expanse of the network to explore. One day, someone, it might have been John, found this weird list of subnets stored on one of the PDP10s. The list says Honeywell, Northrop, Loading Dock.
It sounded funny. Honeywell and Northrop, they were in the newspapers. Big businesses, right? Something to do with the... defense industry? But Loading Dock? What the hell was that? Some kind of multinational shipping concern? Or perhaps a purveyor of pressurized bulkheads?
There was one way to find out. The PDP10 tells them how to get into the Loading Dock host: Log in as COLORS. The password is "RAINBOW. " How can they resist?
The MOD boys connect. But instead of seeing verification that they've entered Loading Dock, they see something very different on their screens. The host they've cracked is called Dockmaster.
They learn that Dockmaster is maintained by the National Computer Security Center, under the jurisdiction of the National Security Administration. The NSA makes the CIA look like lightweights, as any afficionado of spy books could tell you.
The agency is so top secret that until recently, the government didn't even admit it existed. It's well known that the NSA earns its keep by monitoring the communications of the world, from telephone taps to satellite traps.
And here was a bunch of kids in Queens spying on them.
Anyone could see they were getting into War Games territory here. But the MOD boys venture further. The authorized user who owns the "COLORS" account happens to be an Air Force general, which the boys learn, well, by reading his electronic mail. The general is in a Dockmaster access group called AF, which they figure stands for Air Force. They snoop around, and to tell the truth, it gets boring. The general doesn't have access to anything that interests them.
In fact, the whole experience gives Mark the creeps. He calls it "spook stuff, " and vows to stay away. Besides, he's much more interested in the information pipelines
how information flows through the Tymnet system
than he is in the
information itself. That's one big difference between Mark and John.
John likes to sit and watch packets of information as they zip through Tymnet. He has started to research the names of the companies listed on the PDP10s to see what kinds of business they do and whether their transactions are worth more than a look. It was easy for him to dismiss Chiquita Banana or Florsheim Shoe Co. But there were dozens of company names he has to look up in Dun and Bradstreet.
One morning on the phone, while a Secret Service agent surreptitiously listens in, John tells Julio about a whole list of Tymnet customers that he found while scanning the network the previous night. He says he found a thousand new computers, belonging to such customers as Sealand Services, Black and Decker, Exxon, the Department of Motor Vehicles in California, and the administrative offices for the U. S. Court system.
John also says he's found computers that belong to Randolph Air Force Base.
"Oh God, " says Julio. "We've just got to start hitting those sites left and right. "
"That's what I plan on doing, " says John.
John, Julio, Allen, and Eli have become fascinated by the possibilities of TRWnet for reasons that are different from Mark's. Now, instead of possessing a couple of TRW accounts culled from social engineering or bulletin boards, a couple of accounts that could be discontinued at any given moment, suddenly MOD had the whole list of accounts. It was getting pretty intense, all this power. They could look at whoever they want a guy who Eli says his dad is thinking of suing, a
guy in Brooklyn who has a car Eli wants to buy
and find out confidential facts.
It was unfortunate that simply having the authority to change credit reports didn't give them the necessary knowledge to actually do it. They'd been thinking that Mark might have figured out how to change TRW credit information. You know, clear up a bad credit history. Or make someone's good credit background lousy.
If Mark had that knowledge, he wasn't saying.
One day on the phone Allen and John talk about whether another friend, named Matt, has gotten a TRW manual to help them.
"Did you talk to Matt? Did you ever find out how to put the delinquencies on?" asks Allen.
"He forgot to bring it, " says John. "I'm really going to get on him about that.... He has the complete instructions to do anything. "
"Oh yeah?"
"Yeah, " says John. "I'm talking about everything.... He didn't have the bullshit thing that the customers get. He has the admin manual, and he keeps forgetting. It says how to remove them, how to add them, how to do all types of comments to destroy peoples' lives or fix them. You know, make them look like saints. "
"Yeah. "
Destroy people's lives? Make them look like saints? Is this what hackers do?
When Mark was not around, the less scientific members of the MOD family still liked to look up celebrities. They collected celebrity credit histories like baseball cards. Now it was so much easier than it once was.
One Tuesday night, at 10: 21 P. M., Eli phones Julio.
"So I was looking up like a whole bunch of famous people, " Julio says.
"Yeah?" Eli says. "What'd you get? Anybody good?"
"I got, uh, who's that? Richard... Gere. "
"Does he have anything good?" asks Eli.
"Well, I mean they all have good stuff. I didn't get it to get their [credit] cards, you know. "
"I know, " says Eli.
"I have Tony Randall, " says Julio.
"You ever get a social security number on that?"
"Yeah, " says Julio. "But like, I'm always at a loss with who to look up, you know? I looked up Julia Roberts, but I don't know if she has an apartment in New York City, because I came up with like a million of them. "
"How' d you get Richard Gere's address?"
"Because
well, it was obviously him because he was, like, employed by Paramount Pictures or something. "
Sometimes the MOD boys lurked silently in Tymnet's administrative accounts, watching technicians even at the moment when they changed the daily passwords. Lots of times they staked out the network and would know the password of the day before some nitz of a technician, and then they'd watch him as he tried to use yesterday's discontinued login. Duh.
Mark, Julio, and John could read the Tymnet security department's e-mail, and so they could scan highly sensitive memoranda, bulletins, and alerts about Tymnet security. That way, they always stayed a step ahead. They knew about any new security devices well before the devices were put into use.