The Cybernetic Education of a Hacker: the Genocide2600 story.
"I was in after school doing make up work in my chem class as usual when I noticed one day my teacher, Miss Ricker, entering grades through an Apple network using a fairly simple grade program. She wasn't very security minded and I used that as a window. Through a little use of "Social Engineering" I quick thought something up to ask her and walked up and started asking her info right when she was entering her login and password into the mac. I was looking down into my notebook and pretended to write stuff as I asked her, what I really did was write down her login and password."--The cybernetic education of a Hacker, in MEME 3.02
"Hackers." The word means something different, depending on whom you ask. People at CERT, the Computer Emergency Response Team at Carnegie Mellon University in Pittsburgh, might say, "a hacker is someone who breaks into computers." My great-aunt, who recently turned 91, associates hackers with people who drive taxis, from the days when a "hack" meant an unpleasant, or distasteful job. Richard Stallman, founder of the Free Software Foundation, who was interviewed in MEME 2.04, calls himself a hacker. To him "hacking" means developing software in an open, collaborative environment, with a strong ethical sense of right and wrong. The New Hacker's Dictionary defines hacker as "someone who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary."Hacking, hackers, hack-- whatever the form, these words are the Rorschach test of cyberspace: what you think hacker means says as much about you as it does about hackers. Are hackers good? Are hackers bad? It all depends on what definition of hacking you have.
In this issue of MEME, I send you one of the rare, lucid examples of a hacker memoir from the breaking-into-computers variety of hacker. The story is written by someone whose nom-de-hack is "Genocide," and is a founder of Genocide2600, a hacker-clan based in Alaska and the Northwest of the United States. The piece came my way via another hacker, named WiZDoM. He could well be the same person as Genocide, or not. That's part of this game-- uncertainty.
With hackers you can't be sure what's true, and what's not. Nor does it really matter. Hacker-tales are meant to be heroic. They are yarns, and this one's one of the best I've received in a long, long time. I think you'll enjoy it as well. A brief cautionary note: those readers who take umbrage at "curse words" should be forewarned, Genocide likes to use them. Spelling is left as received.
I make no moral judgment about this essay, other than to say breaking into computers is bad, and you shouldn't do it. You, however, may want to discuss the issues raised by Genocide's essay, and you're invited to do so in the MEME discussion area, on Electric Minds.
Date: Fri, 18 Apr 1997 16:42:43 -0800 (AKDT)
From: -=* WiZDoM *=-
To: The_World@universe.com
Cc: gen2600@aracnet.com
Subject: Thought you may want to read.
The Genocide2600 Group HistoryWrittin by Genocide 4/1/97
http://www.aracnet.com/~gen2600
http://www.Genocide2600.com
/* Some of the contents of this document may be fictional. I leave the
reader to themselves to figure out what is true and not true and what
you will believe. Since it covers possibly illegal topics and events,
I will not swear that any of the following content is true in any way.
All events herein may or may not have happened, for obvious reasons I
must leave it up to the reader to choose whether or not anything the
read contains even a grain of truth. As for the members, we all know
what really happened. */---
A: Intro1. What a hacker is. What a hack is.
2. Who we are.
3. The Genocide2600 Manifesto
4. How it started.---
A: IntroWell, people have been asking me for about a three years or so, how did
you start the Genocide2600 group...how did you get into hacking, how, how,
how, how...etc...Well, I'm going to make a damn good effort to "tell
all". Right now it's April 1st, April Fools day of 1997, I've been a
h/p/v/a/c'er for over 8 years now.Today the Genocide2600 group is over 150people strong and we occupy
Alaska, Washington, Oregon and are now expanding into the East coast area.We have made many friends in our business/field and have tought many
people.Shout outs go out to:
-Silicon Toad, Bishop, MODul8r, Jester, Tim Wilde, Xer0 Tolerance.---
1.First let me start by defining what I consider a hack, or a hacker.
A "Hack":=
The act of doing an action when there is no known way to do it.
The act of doing something that can't be done.
The act of doing something that is totally against the odds.A "Hacker":=
Someone who can overcome, against the odds.
Someone who can figure a way out of a game that can't be won.
Someone who teaches others and spreads knowledge when no one
wants to hear it.
Someone who doesn't quit.
Those who rise in the face of thier advesaries when they are
grossely outnumbered.You don't have to know how to "Crack a password file to be a hacker"
"Use what you have got, and you will not need what you have not..."
-Quote from "Around the world in 80 days" ---
2.
Who we are.Let me describe what we are and what we do.
We are simply a group of talented people. Nothing more nothing less.
A group of people from all walks of life, from 14years old to 52years old.
Some of the group don't even know what a password file is, hell some of
them don't even know how to turn on a computer. But the point is,
everyone specializes in something and they offer thier services to the
rest of the group. We even have lawyers that assist us...should the need
arise. Everyone helps everyone else in whatever they do, however they
can offer thier expertise in thier chosen field. Most of the group was
chosen by my hand, but now our numbers have grown so large, I have
appointed "heads" that manage areas, ie: one head per Alaska, Washington
and now the East coast. Most of our members choose to stay behind the
viel, in other words they don't choose to be public thus they are
protected and they speak to those of us who are in the open. There are a
handfull of us that do choose to be public:-DoXaVG, BernZ, Astroboy, WiZDoM, Alexu, OvErLoRD and me - Genocide
Some members of the group are long married and have kids, some
are single, the point is, we could be your neighbor or your babysitter for
all you know. We could be the kid filling your gas in your car, it
doesn't matter, all you really need to know is we are spreading, as fast
as knowledge, faster then light, the speed of information.The Social Base of the Hacker:
The Genocide2600 Manifesto.People generally believe that hackers have a milicious intent as
a general rule. This, pardon my language is a crock of shit and
obviously the idea/ramblings of the most generally uninformed people on
the net, I do admit that "YES" there are those that are out to only
destroy, and yes this group does occasionally add to that at a very small
percentage (this will be explained later), but for the most part, we are
in the persuit of knowledge. I do not claim to be a 100% law abiding
person, nor does the group, obviously if you have heard of us, or even
after reading this you will be shaking your head at this point.As a whole that we believe in a collective good, we believe that
people who try to shut out other are people so others can't listen to them
or people who try to censor our actions/language/activities are the people
who deserve none of the above. We cling to our most basic civil rights.
We also believe in retrobution for what is lost.Eye for an eye mentality is spoken here, take back what is yours.
Bottom line is this, don't fuck with us, we do fuck back.
Trying to turn peoples minds away from truth or trying to hide
whats REALLY going on is something that is not tollerable no matter
what and that therein is the true crime, not trying to rip the viel from
the sheeps eyes. We're here to show you. We aren't the criminals that
need to be put away. We are the ones you should praise.People for all time have feared what they did not
understand...what they did not know. You don't know us...you don't
understand us.Some have labeled us as terrorists, others as criminals. Ok.
Sure. Whatever. Go ahead take the criminals and terrorists away that
fight for your rights. After you have lost the battle because your
soldiers are gone at your own hand, you'll have no one to blame but
yourself.We fight with the greatest tools of all, our intellect and
courage.---
3.
How it all started.I started when I was 14, I had never heard of hacking, phreaking
or any of the lot. People really didn't pay much attention to me and
that suited me just fine. I was able to be more an observer then the
person who screwed up and got nailed for something, I would shake my head
and learn from how they fell.I guess I was what you would call now a phreaker then...I heard
that funny sound when you put coins into the pay phones... found it
curious and I bought a hand recorder for $20.00 and went to town, I
called places I didn't even know about, because I could. Me and my close
personal friends dabbled in Blue Boxing once we discovered BBS' on our
brand new 1200baud modems. I learned telephony from my cousin, the
resident criminal in our town. As I look back now, the first phreaker I
ever knew was my cousin. He tought me the magic of Ma' Bell and how it
could be turned on her. I understood true telephony and hadn't even seen
a computer. I had met my first hacker.My phreaking died with the end of the blue box. I gave up on it
when those friends whome I surrounded myself with began to be picked off
one by one by the local law. I decided to survive I had to adapt, I knew
what I was doing was generally thought of as criminal. But I finally
found a knowledge that made my mind hunger, made me stay up night after
night. I wanted to learn for the first time in my life.Although this hunger didn't lead me in the ways of most law
abiding talented computer learners, it did teach me how to make it and
not loose no matter what pieces of the art of survival.I was in after school doing make up work in my chem class as usuall
when I noticed one day my teacher, Miss Ricker, entering grades through
an Apple network using a fairly simple grade program. She wasn't very
security minded and I used that as a window. Through a little use of
"Social Engineering" I quick thought something up to ask her and walked
up and started asking her info right when she was entering her login and
password into the mac. I was looking down into my notebook and
pretended to write stuff as I asked her, what I really did was write
down her login and password.
If I failed Chemistry, I wouldn't be able to graduate highschool
because it was a required class.Later that day I had a speech class that I did the grades for on
the same network on a similar mac. I came in 10minutes early, just like
normal and no one was in there. I entered her name and password into the
computer and accessed the class grades via her saved information in her
personal directory on a restricted network hard drive. I found my name
and double clicked on it, there was all my work info, I added extra
credit wherever I could. On a test, I moved it from 63% to a 73%, it was
just enough to boost my grade into the low "D" area. I graduated almost
a year later. Right on time.My mother was going back to school to get her degree at the local
college in Fairbanks Alaska when I really discovered computers. I used her
access (which, yes I got from a yellow sticky) to the local VAX to wet my
lips with the taste of the computer age. I explored and learned for
about two to three years there in that simple student VAX lab, then they
went to OSF/1 or Digital UNIX as most know it and something happened.
This was a chance at a virgin system, the system administrator didn't
know exactly how to use/manage a actual UNIX system vs. a VAX system.
Before he had a chance to secure the server to any reasonable
level, I had already discovered the unshadowed /etc/passwd file and in a
matter of hours had also discovered my first version of crack. My first
successfull run of my now compiled crack was nearly my last. I was not
aware of the system requirements that crack used at that time. It was
a rather extensive resource hog and after I had set crack to run I put it
in the background and hit "w" to see what everyone was doing. The lab
was full. I had about 40 more seconds before it would finally be done
with the passwd file when I hit "w" the last time. I noticed the system
admin doing a "w fstbo" I knew what was happening. He saw I was using
crack on the passwd file and he also knew I was only around the corner by
looking at my terminal number. I freaked, foregrounded the processes,
killed it and ran.I only looked back after I had completely left the building,
there in the computer lab was the system admin talking to a student at my
terminal. My luck those computers were in such high demand.I loved that taste of adrenaline. It was also in that room where
I would meet Alexu, WiZDoM and Astroboy. The first members of the
Genocide2600 group, they didn't even know it yet, niether did I.The following year yielded many systems, mostely criminally
broken into, but none were damaged other then our initial breakins. I
guess we were also lucky that Fairbanks Alaska was a great region to
begin such a spree. Two military bases, one Army and one AirForce were
only a half hour in each direction, three highschools and a huge college
with multiple Cray computers.Contests between us all, then about up to 10, began and we
realized we had formed an actual group. We wrote virii in assembly that
would take each other out on the system while eating resources eventually
crashing the computer. If you won, it was your virii left standing.One of the guys in the group "Malcom" had knowledge of a 2600
magazine and brought up the idea of actually holding a 2600 group meeting
on Fridays at 7pm like in the mag. We all agreed and took turns teaching
whomever would care to listen about computer security, telephony, media,
cryptography, government whatever was our specialty. This was my first
year of College. I was a freshman.We actually were recognized as a educational group by the
University at that point and were encouraged to hold group meetings and
givin areas where we could meet.The group continued on like that for about two years. Usually after
the 2600 meetings we would either find a secluded computer room or go
over to one of the members houses and "try out" our newfound info, or
trick, we scowered documented holes in unix operating systems looking for
other holes that may have been similar.One Friday we held the proceedings at my house and planned a breakin.
I had a Pent75 with 16megs of ram (badass at that point in time) with a
1.275 gig hard drive. The fastest computer of the group. As standard
proceedure we would dialup from an anonymous number in the "Great Hall"
of the University onto "PolarNet" under a hacked PPP account. After
connect we proceeded to telnet to a student account at the local school
network where we had already gotten root access. We would do anything
we really had to do from there usually, but sometimes we were lazy and
would telnet straight out of "PolarNet" or "AlaskaNet".That night We snooped a commercial server which we will call "moon" and
found we could gain root access remotelly. We got root access after
approxamately 1hour of scanning the target system. We however did not
know that this was one of the foremost computer security systems in the
U.S. We gained root access at approxamately 11pm. Upon entry it
looked like a simple corperate computer, perhaps only a webhosting
machine. Upon closer inspection we noticed that it was a server designed
for information storage that is used by system administrators to crack
into systems in order to secure them. This server also had programs used
to crack systems, so we took them all. We took the programs and the info
they had within the system. It was a total of about 14megs of it, we
downloaded it to the local system which was through a T1 so it didn't
take long, we broke connection to "moon" and proceeded to download the
info from the local server to our computer. Where we passed the info to
eachother.From then on we couldn't access that "PolarNet" account.
We proceeded to share our new found info with the group members
that friday night and brought disks full of info to give away at the
price of the disks themselfs, the information was spreading.I had the Genocide2600 webpage up for almost a year at this
point, and the attack on "moon" had yielded some incredible info, so the
page grew amazingly fast. As did the requests for it's removal by the
system administration by of school.At this time the page was then mentioned by several German underground
magazines at the address:http://icecube.acf-lab.alaska.edu/~fstbo
With email going to:
fstbo@aurora.alaska.edu
The next Friday I recieved an official warning at my schools account
to "please remove your page from the system" well...I changed it a little
and hid it a little deeper on my account, and the requests stopped for a
little while.Also that next Friday we had a visitor at the meeting. This was
not uncommon because us being a University group, anyone could come in
and sit in. At times like these we would obviously speak of nothing
illegal. This was, however, different from the rest of the "visits" by
faculty and staff, this was a man in a navy blue suit.After the meeting was over and everyone was leaving he came up to
me and asked if we could talk, I agreed, and we walked. He informed me
he was here to prove that I had broken into "moon" and that he would be
heading up the investigation. He also informed me that they suspected me
because of my page, my affiliation of the group etc...I was honestly scared. I called my mother and told her I had
been approached by the FBI and that there was a possibility that I may be
put away as a result. She asked me if I did what they were accusing and I
told her no. Which turned out to be a damn good idea, because she spent
over two hours speaking to them.They froze my account to view the contents and review what I had
on the system. They were looking for info that would point to me as the
person who broke into the system, they found plenty. The one thing that
saved my neck was that they couldn't tie me to the broken account on
"PolarNet" they could prove that the call came from the University but
not where. They could prove that I had info that was regarded as secret
but they couldn't prove where I had gotten it. I told them I got it off
the internet.After the entire thing was done and overwith, it had taken up
around 3 weeks and alot of missed classes on my part. My account was
unfrozen right in time for them to barage me with numerous requests to
move the page off of the server again. I burried it deeper into my
account and the requests subsided again.After the FBI left, the group wasn't quite the same, around half
the "not so into it" members left, probably out of fear for thier school
status. The school slammed the door on the school 2600 group on campus.The remaining members and I formed the formal Genocide2600 group
we didn't meet in any publically known places or in schedualed places
after that. We would just get together and decide where to go on the
fly. The 2600 group dropped from site and the Genocide2600 group went
under viel, away from view after the papers stopped publishing stories
about some loose internet terrorist at the University.A couple months later, I got a job at a local internet service
provider, I had alot more time on my hands to surf the web and check out
areas that I didn't know about and discovered news groups I was looking
through the usual alt.2600, alt.warez etc... and noticed people peddling
serial codes and numbers for software, this intrigued me and I added the
"service" to my webpage. The Genocide2600 group's page was the basic
hub for serial numbers at that time and that is what probably what
really put us on the map.We made friends of other net going hackers by trading info, programs
and knowledge. The big web areas on the net were: SiliconToad, Materva,
CandyMan and us, the Genocide2600 group. CandyMan dissappeared and we
have been asked by certain parties to not really say anything regarding
his silence. Materva is currently out of the scene and revamping his
pages. This left SiliconToad and our group of the original few on the
web, pre the movie "Hackers" and the influx of everyone and thier dog
wanting to be 3l33t3, er rather elite, sorry.I had plenty of free time while waiting for people to call at the
ISP I worked at (ImagiNet) I discovered a strong regard to the freedom of
speech, after all, it was what was keeping me from going to jail.Now there are those that abuse the theory of freedom of speech,
some say it's us, the hacker, but what I am referring to are the child
pornography dealers on the net. I know it has been deemed illegal now,
but it still goes on. We were kicking the shit out of these people on
AOL (the primary front) we would get onto AOL with our AOHell programs
and start scanning the chat rooms, when we found someone whome we
suspected or who was talking about it, we would flood them with email
and kick them off, causing them to actually have thier connection break
have to logon and have to deal with a paralyzed mailbox and as soon as
we would see them, WHAM again, they would be gone again. Sure we'd get
caught and kicked off but that was half the fun, we were back on within
10minutes. What I always thought was entertaining were the agents AOL
hired to look for hackers, they would be in the SAME room as us and the
child porno runners and we'd attack the porno runner, who would the
agent go after? Us. They would let the porno runner go 90% of the time
without even a warning. Sure we were breaking the law too, but we do
have some ethics. >;)Enter BernZ, a young prospective hacker who wrote to me on one
of my last days in Fairbanks, and asked me to help him learn the trade.
Now, I get around 500 emails a week, from non-member sources and half of
them are asking me the same thing. But something was different this
time. He had a style that I liked. He defined what it was he could do,
I told him this was called "Social Engineering" or standard old
manipulation. I could hear him grin over the email. He asked to join
the group after a couple of weeks of correspondence and I finally asked
him where he was. East coast. The group was primarilly a west coast
operation. East coast was a good idea though, both coastal areas were
the biggest expanding computer related areas on the map. So we decided
that yes he should indeed head up the East Coast movement.And so he did and is.
My job moved to Portland, Oregon, so I followed. I needed a
webserver so I moved it to it's current home:http://www.aracnet.com/~gen2600
This is where our hits really began to grow. Also our
international image. Magazines started printing our address as a
contriversial/underground webpage. We started turning heads. Somewhere
along the line someone out there (Cheyenne Software) noticed that we
carried serial numbers on our page and the real flame storm started that
day. My account was frozen instantly. They froze the account to
review what was really on the page and see if there was really any
serial numbers, which all of you know is bigtime bad. I was facing
around 2,000 counts of software piracy. The Oregon chapter of the
Genocide2600 group got together that night and cracked the server,
moving any evidence of the serial numbers off of the system. We got
away again.Almost 3 days later I was at work at about 10am when my pager
went off and told me to call home for messages, I did. Found a message
from someone only identifying themselfs as "Mr. Jerkins" and that I
should give him a call. I did, he said that he wanted to meet with me at
my Gladstone Oregon home and that they would like to bring me somewhere
to talk. I freaked, I don't care what anyone says, if they say that the
hair on the back of thier necks doesn't stand on end when they get a call
from the FBI, they are lying.I called a emergency meeting at my house of the Genocide2600
members from Oregon for later that night. We probably wore that
recording out listening to it, trying to find out if it was indeed a
joke. We finally decided, no it wasn't a joke. So I called him back and
setup a time.They were five minutes early. Mr. Jerkins was with 4 other men
dressed in suits, all smiling. They wanted to take me to some place I
didn't recognize, which is no shock seeing I only had lived there 3
months. But I wasn't going to chance it. I told them I wanted to go to
Burgerville down the street at GlennEcho street. Hey, I know it sounds
corney, but if you have ever seen "MoHolland Falls" you would understand.We packed into a late model Ford Royal Crown Victoria and headed
to the burgerhouse. My leg was uncomfortable because of the Gerber
MarkII boot knife pushing into my ankle and my right hand was on my switch
blade the entire time.They didn't say a word while we got out of the car. We walked
into Burgerville and everyone behind the counter followed us with thier
eyes and heads. We had to look out of the norm, 4 suited guys all under
6 foot and me, black leather jacket and jeans, and a black "Skellum"
shirt that says, "Un-natural disaster, can you feel hells laughter?"
and six foot tall. We sat, I ate and we talked for almost one hour.Only two of the four talked. Mr. Jerkins and someone else whome
I can't remember his name. As soon as they opened thier mouths, I began
to sweat.It seems I was dropped off at home as rapidly as they had picked
me up. I sat there at my computer, my hands shaking, dialed up and
jumped into my email program, pine. I wrote all members of the
Genocide2600 group, in Alaska, Washington and Oregon and informed them, I
had just been offered a job.That was only a couple of months ago now and I sit here at midnight
typing away and not even wanting sleep anymore. In two weeks the
Genocide2600 server goes up, the new dawn.-Genocide
Head of the Genocide2600 Group*Embrace Freedom*
[EOF]
MEME is published by David S. Bennahum. Duplication for non-commerical use is permitted. Contact me if you have questions. Direct comments, bugs and so on to me at davidsol@panix.com.