Coming
Soon to a Computer Near You!
 |
Hackers!!
|
|
Thrill! To the crimes committed!
Gasp! At their rationalizations!
If you'd like a more realistic view of computer hackers,
and how they practice their arcane arts, I'd like to recommend a book to you.
Namely, "Secrets of a Super Hacker" (Dennis Fiery, Loompanics
Unlimited, POB 1197, Port Townsend WA., 88368; ISBN 1-55950-106-5, 1994;
$19.95; 205 pages) by “The
Knightmare” provides a good look at the basic tools -- both ideological
and technical -- of a hacker.
In the modern world secrets are still protected by
walls and metal locks, but now there are also electronic safeguards as
well. Most of the modern bureaucratic
state and much of the corporate world could not function without information --
electronic dossiers, reports, balance sheets, inventories, etc.. Indeed, the very systems that are basic to
electronic communication are themselves dependent upon information (e.g.
billing data, links between systems and protocols for exchanging information,
switching and routing information). All
of this data is protected by several layers of security -- ignorance (if no one
knows the information exists nobody will look for it), walls and locks, access
codes, passwords and so on.
Inevitably this mountain of data attracts interest --
some of it not sanctioned by the owners of said information. There are many reasons why people try to get
into such computer systems -- revenge, corporate/governmental espionage, theft
of services or goods, investigations by agencies or individuals, as well as the
old stand-by, curiosity. And as the
cliché tells us, curiosity killed the felix
domesticus. (Curiosity is currently
either a misdemeanor or a felony, butnot yet a capital offense.) The popular media image of the hacker as vicious
kaot and wrecker is one definition of
that curiosity, but there are others.
In the introduction to “Secrets,”
Gareth Branwyn sketches the various popular images of the hacker (Independent
Scientist, Cowboy, Terrorist, Hero, etc.) and how they do -- and don't -- fit
reality. After this short discourse,
The Knightmare takes us into the hacker's world.
The first section, "Before The Hack,"
covers a lot of the basics including the motivations of hackers. There is a serviceable introduction to the
basics of computers for neophytes, and a brief
history of hacking from the early days of the "Youth International
Party Line" (YIPL) and *phrack* up to the present. He then shows some basic methods for
researching a target, ranging from the standard perusal of garbage
("dumpster-diving") to more technical methods of trying to read
damaged and discarded floppy disks.
(People worried about government agents obtaining data from disks might
pay heed to this section.) The
Knightmare discusses the basics of passwords and computer accounts, and some of
the different schemes used to try to protect computer systems. Some appendices have related material on
common default accounts (an account on a computer is basically an identity on
that machine which allows for certain levels of access) and two lengthy lists
of common passwords.
The best chapters are on the most reliable methods of
gaining access to computers -- "social engineering." Although some information can be gleaned
from public sources and documentation, much that is of interest to the
unauthorized interloper is not openly publicized. Social engineering is the term applied to the gentle art of
coaxing such tidbits out of their possessors.
This is probably the most successful strategy for gaining entry, and The
Knightmare does a good job of explaining how to persuade people you've never
met to tell you things about their computers and/or companies; he even provides
some simple role-playing scenarios for practice. The basic idea is simple: make the person you are talking with
believe that you are a legitimate user of the system. Being able to mention people and procedures that are known helps
establish a familiarity as well as authenticating you. Although many companies try to remind
employees not to hand out any information to people that they don't know, the
course of daily business in a large company often involves taking others (even
unknown people) at face value. As with
more ordinary computer security measures (strict permissions about who can run
which programs, or see data, etc.), the tighter the guard, the more
constraining it is. If it becomes too
much of a restraint, people will begin to circumvent the security measures so
they can get their jobs done; this can leave the company less well protected
than it was in the first place. With
the more obvious security holes in computers plugged, this technique continues
to strike fear into the hearts of computer security people everywhere.
The Knightmare also looks at the more difficult -- and
more useful -- technique of "reverse social engineering," in which
you persuade your target to call you
when they develop a problem with their system.
Examples might include posting business cards with your
"company" name and phone number, perhaps along with a (possibly
forged) note recommending your services.
Because they call you, they are much more likely to entrust you with
information they might otherwise balk at handing out (such as passwords). Of course, if they never have a problem they
won't call, so this technique requires either great patience or active
intervention. He has a list of five
general categories of such non-permanent sabotage (e.g. setting obscure
switches on a terminal or modem to keep it from working normally; changing
certain parameters that most users don't know about, or installing lots of
(non-destructive) programs into the computer's memory so it slows down or won't
run other programs). This is paired
with a warning -- in keeping with the hacker ethic of not doing damage to a
computer -- that these measures mustn't be truly harmful. As with its cousin, reverse social
engineering strikes at the trust and confidence co-workers have for each other.
He also discusses more traditional methods of
computer intrusion, including guessing passwords (what are the subject's
interests, etc.) and brute force approaches to getting passwords. He discusses several methods of purloining
accounts, such as those issued by computer science classes to enrolled
students. Although often limited in
what they can do, they can provide a starting point for a more determined
attempt at getting the hacker's grail -- the password for the "root"
or "superuser" account which allows one unlimited control over the
machine's operations. Other chapters
discuss the use of programs ("Trojan horses") which deceive the
innocent user into parting with his/her account name and passwords. Although there are many variants, they all
involve presenting a screen which looks exactly the screen a user usually sees when
logging onto a computer; hopefully any differences in behavior will not be
noted, or won't be noticed until it's too late. Such methods can be used in both public (bulletin board systems
-- BBSs -- or computers for general use in a school or company) and private
computers. There's also a section on
setting up a fake BBS that collects passwords from known persons. This depends on a known foible of computer
users -- they tend to use the same password on all the computer systems they
work with. Hence, if one of these
people has an account on a computer that the hacker is interested in, the
chance that the password will work on both machines is quite high. BBSs are targets of hacking as well. Among other tidbits to be gleaned might be
the spoor of other hackers, either through finding their tools on site (such as
a Trojan horse) or by finding underground BBSs for/by hackers. He makes some good points of etiquette on
such boards. He also has some points
about running one's own BBS.
Another chapter covers the basics of what to do while
inside a site (or a computer) and copious hints on ways of getting out of
limited user accounts into more interesting sections of a computer. A good starting point is to learn the basic
commands for that type of computer and to exploit known problems with certain
types of software. He keeps these
sections moving by not burdening the reader with lots of jargon or technical
procedures, which keeps these sections moving.
The tradeoff is that he doesn't usually give concrete examples. (This is mitigated by a list of common
commands for major operating systems in an appendix.) There is an interesting section on getting purloined information from
where it’s captured to your own machine.
For instance, when a Trojan horse is employed, it collects account names
and passwords. You could just send it
by electronic mail to yourself (assuming that the target machine can
communicate with other computers), but this is similar to breaking into an
office, photocopying documents, putting them in an envelope and leaving it the
office's outgoing mail; great if it works, but if anybody notices you've given
away your identity. Several different
approaches are outlined, including hiding or disguising files, transmitting
short messages one bit at a time and other tricks of the trade.
An entire section of the book is about how not to get
caught even if you are detected. There
are tips on using portable computers (almost mandatory for the modern hacker),
a discussion of the types of laws that apply to hacking (ranging from trespass
to larceny to criminal conspiracy) and his version of the hacker ethic (never
harm or alter any computer system, don't profit unfairly, inform system
managers about their vulnerabilities, etc.).
He gives an example of himself at work, having been invited by the
director of a library to try to hack the new computer system. He illustrates how the various techniques shown
in the book help him to break into the system, and how his actions reflected
his ethics.
There are some omissions -- The Knightmare doesn't
discuss sophisticated systems, such as the network of computer networks known
as The Internet, or such arcane approaches to hacking as using devices called
"sniffers" which show data as it is transmitted, nor does he consider
more sophisticated protection schemes used to verify that both parties are in
fact who they purport to be. He does a
good job on the basics (which are probably more than your average computer
security type would like you to know). It's unlikely that law enforcement people will be amused/diverted
by any claim of ethics by hackers, nor are all hackers likely to share such
beliefs. Still, The Knightmare may help
to de-demonize the mythical hacker, and wise people up to the biggest
vulnerability in any system -- its users.
3½ . Recommended reading for the curious, the
wanna-bes, the watchdogs, and all who want to know about the real
activities of a hacker.
--Primitivo Morales
