Reading: Kevin Mitnick – Ghost In The Wires : My Adventures As the World’s Most Wanted Hacker July 8, 2012Posted by truthspew in Uncategorized.
I’m currently reading Kevin Mitnick’s “Ghost In The Wires”. Fascinating book as Mitnick employed social engineering skills early on.
I’m only about 55 pages into the book so far and one thing that astounds me is how much my early start mirrored his.
Myself and a group of friends were all over Bell System’s insecure systems, back when in-band signalling was used extensively. In-band refers to the fact that all the command and control features of the system at the time were sent as tones over the voice band. For customer facing of course it was DTMF (Dual Tone Multi Frequency) whereas on the long distance side it was MF (Multi Frequency). The trick was to call an 800 style number, then do a 2600Hz wink. That 2600Hz was the way Ma Bell marked an unused trunk circuit. So when the switch detected the tone it put the trunk in idle mode and awaited your commands. KP-ST-###-###-####-ST (KP = Key Pulse, ST = Start)
A short time later I had figured out the algorithm that Sprint used at the time for customer pass codes. So however you diced it we NEVER paid for long distance calls.
And before I started college I had found out that they had a DEC PDP-11/70 system. My aunt had worked for a company that had a DEC PDP-11/34 and she would let me read the DCL/CCL manuals.
When I started college I was only 17 years old but had more than a passing familiarity with what computers could do. And I had a fairly formidable knowledge, if only on paper, of the RSTS/E operating system prevalent on DEC systems.
So when I tried to run a systat command at the college it was blocked. Knowing that you could allocate and present login shell on remote terminals I wrote a routine that presented the pseudo login screen to the operator console and had obtained the system administrator id and password.
Well when we went to use it I get a call – that put an end to my first brush with college. It was boring anyhow – they’re teaching basic computer science and I’d already learned a great deal more than most of my classmates.
Luckily I realized the trouble I could get into and so went the more ethical route after that.
But what fascinates me is that they just didn’t think security was necessary back then. And even today, there are ways around most of the security methodologies. It’s all about human nature.