The Situation Today: A Network at War

The Situation Today: A Network at War

The situation today is radically different from the one 10 years ago. Over that period of
time, these two groups of people have faced off and crystallized into opposing teams. The
network is now at war and these are the soldiers. Crackers fight furiously for recognition
and often realize it through spectacular feats of technical prowess. A month cannot go by
without a newspaper article about some site that has been cracked. Equally, hackers work
hard to develop new methods of security to ward off the cracker hordes. Who will
ultimately prevail? It is too early to tell. The struggle will likely continue for another
decade or more.
The crackers may be losing ground, though. Because big business has invaded the Net,
the demand for proprietary security tools has increased dramatically. This influx of
corporate money will lead to an increase in the quality of such security tools. Moreover,
the proliferation of these tools will happen at a much faster rate and for a variety of
platforms. Crackers will be faced with greater and greater challenges as time goes on.
However, as I explain in Chapter 5, "Is Security a Futile Endeavor?" the balance of
knowledge maintains a constant, with crackers only inches behind. Some writers assert
that throughout this process, a form of hacker evolution is occurring. By this they mean
that crackers will ultimately be weeded out over the long haul (many will go to jail, many
will grow older and wiser, and so forth). This is probably unrealistic. The exclusivity
associated with being a cracker is a strong lure to up-and-coming teenagers. There is a
mystique surrounding the activities of a cracker.
There is ample evidence, however, that most crackers eventually retire. They later crop
up in various positions, including system administrator jobs. One formerly renowned
cracker today runs an Internet salon. Another works on systems for an airline company in
Florida. Still another is an elected official in a small town in Southern California.
(Because all these individuals have left the life for a more conservative and sane
existence, I elected not to mention their names here.)

The Hackers

I shall close this chapter by giving real-life examples of hackers are crackers. That seems
to be the only reliable way to differentiate between them. From these brief descriptions,
you can get a better understanding of the distinction. Moreover, many of these people are
discussed later at various points in this book. This section prepares you for that as well.

Richard Stallman - Stallman joined the Artificial Intelligence Laboratory at MIT in 1971.
He received the 250K McArthur Genius award for developing software. He ultimately
founded the Free Software Foundation, creating hundreds of freely distributable utilities
and programs for use on the UNIX platform. He worked on some archaic machines,
including the DEC PDP-10 (to which he probably still has access somewhere). He is a
brilliant programmer.
Dennis Ritchie, Ken Thompson, and Brian Kernighan Ritchie - , Thompson, and
Kernighan are programmers at Bell Labs, and all were instrumental in the development of
the UNIX operating system and the C programming language. Take these three
individuals out of the picture, and there would likely be no Internet (or if there were, it
would be a lot less functional). They still hack today. (For example, Ritchie is busy
working on Plan 9 from Bell Labs, a new operating system that will probably supplant
UNIX as the industry-standard super-networking operating system.)


Paul Baran, Rand Corporation Baran is probably the greatest hacker of them all for
one fundamental reason: He was hacking the Internet before the Internet even existed. He
hacked the concept, and his efforts provided a rough navigational tool that served to
inspire those who followed him.

Eugene Spafford Spafford is a professor of computer science, celebrated for his work at
Purdue University and elsewhere. He was instrumental in creating the Computer Oracle
Password and Security System (COPS), a semi-automated system of securing your
network. Spafford has turned out some very prominent students over the years and his
name is intensely respected in the field.

Dan Farmer Farmer worked with Spafford on COPS (Release 1991) while at Carnegie
Mellon University with the Computer Emergency Response Team (CERT). For real
details, see Purdue University Technical Report CSD-TR-993, written by Eugene
Spafford and Daniel Farmer. (Yes, Dan, the byline says Daniel Farmer.) Farmer later
gained national notoriety for releasing the System Administrator Tool for Analyzing
Networks (SATAN), a powerful tool for analyzing remote networks for security
vulnerabilities.


Wietse Venema Venema hails from the Eindhoven University of Technology in the
Netherlands. He is an exceptionally gifted programmer who has a long history of writing
industry-standard security tools. He co-authored SATAN with Farmer and wrote TCP
Wrapper, one of the commonly used security programs in the world. (This program
provides close control and monitoring of information packets coming from the void.)


Linus Torvalds A most extraordinary individual, Torvalds enrolled in classes on UNIX
and the C programming language in the early 1990s. One year later, he began writing a
UNIX-like operating system. Within a year, he released this system to the Internet (it was
called Linux). Today, Linux has a cult following and has the distinction of being the only
operating system ever developed by software programmers all over the world, many of
whom will never meet one another. Linux is free from copyright restrictions and is
available free to anyone with Internet access.


Bill Gates and Paul Allen From their high school days, these men from Washington
were hacking software. Both are skilled programmers. Starting in 1980, they built the
largest and most successful software empire on Earth. Their commercial successes
include MS-DOS, Microsoft Windows, Windows 95, and Windows NT.


The Crackers


Kevin Mitnik Mitnik, also known as Condor, is probably the world's best-known
cracker. Mitnik began his career as a phone phreak. Since those early years, Mitnik has
successfully cracked every manner of secure site you can imagine, including but not
limited to military sites, financial corporations, software firms, and other technology
companies. (When he was still a teen, Mitnik cracked the North American Aerospace
Defense Command.) At the time of this writing, he is awaiting trial on federal charges
stemming from attacks committed in 1994-1995


Kevin Poulsen Having followed a path quite similar to Mitnik, Poulsen is best known for
his uncanny ability to seize control of the Pacific Bell telephone system. (Poulsen once
used this talent to win a radio contest where the prize was a Porsche. He manipulated the
telephone lines so that his call would be the wining one.) Poulsen has also broken nearly
every type of site, but has a special penchant for sites containing defense data. This
greatly complicated his last period of incarceration, which lasted five years. (This is the
longest period ever served by a hacker in the United States.) Poulsen was released in
1996 and has apparently reformed.

Justin Tanner Peterson Known as Agent Steal, Peterson is probably most celebrated for
cracking a prominent consumer credit agency. Peterson appeared to be motivated by
money instead of curiosity. This lack of personal philosophy led to his downfall and the
downfall of others. For example, once caught, Peterson ratted out his friends, including
Kevin Poulsen. Peterson then obtained a deal with the FBI to work undercover. This
secured his release and he subsequently absconded, going on a crime spree that ended
with a failed attempt to secure a six-figure fraudulent wire transfer.