July 24th, 2001, 08:49 PM
The satellite problem of last week really indicates the reliance our society now has on technology.
This shows how vulnerable we would be to some sort of 'hacker attack'. I can't help but think that
it would be extremely easy to secure these systems if strong encryption became ubiquitous.
Of course the problem is that our government listens to law enforcement people who are more
concerned with solving already committed crimes.
PS - JP - great job with the site. It is my premiere source for info on Computer Security!
Thanks for writing in Dan, you bring up some good points. As for the satellite, you
wouldn't BELIEVE the phone calls and emails that we got about that one. "Was it hacked?" Well, it's
our opinion, as well as the opinion of the people that run the thing, that no, it was not hacked. I hate
to say this, and it may be news to some people, but sometimes, things, well, just break. Yes, it's true. Things
break. The other point you brought up, about "law enforcement people who are more
concerned with solving already committed crimes". EXACTLY!!!! Why doesn't Janet take that 64million
that she's going to spend tracking down 14 year olds that break into governmental systems on patching
these systems up so they can't be hacked in the first place?
This hacker business seems to me like a two-edged sword. If the story is true about these people hacking military
systems, if we are lucky they will be on our side. If not, we could be dead from a nuke or crippled from a power
blackout. Who would have the last laugh? Not you, if you are dead (or your computer). Or (please consider) a
plane crashes (a BIG one) like what could have happened back east, some kid closes down an AIRPORT
(runway lights, phones, computers radar screens) they said that the kid "didn't have a clue" as to what he was
doing, he was just "****ing up some ****" HAHAHA isn't that funny?! Not if the plane lands on my head, I
dont think you would laugh if it was your head, either. Now, this is the point I'm trying to make. That one
should not glory in the ability to create a potentially disastrous situation.
Yes, very true. I wouldn't much like having a plane land on my head. Hahaha, yet
another great quote for the "Best of the MailBag" quotes! As for the kid not knowing what he was doing? Hrm..
why do I doubt that for some reason?
Iím not really a hacker, but I have been following the hacking seen for a whole now. I just recently started to
pursue my MCSE and for what ever reason happen to like Microsoft products. Iíve been playing around with
computers since the telnet days when we had one in JR. High. Computers have come along way since then I can
remember when you would put in a simple math problem and it would send that question 50 miles away to be added
up on a main frame, after a few seconds the answer would come back. One thing people have to admit is that Microsoft
has played a major role in the advancement in computers, it is far better today than it was 20 years ago. Iím a mechanic
by trade and have worked on every thing from bulldozer to compact cars and one thing I have found is there isnít any
one out there that is better than the other. If you want good gas mileage go buy some thing like a Geo Prizem if you
want horsepower go buy a Porchea. One thing is certain some day you will need to change the tires or the oil and all
engines wear out eventually. All car makers have there lemons GM has the Vega Ford has Itís Pinto, so whatís
all the hype with Unix vs. NT and then they through in Linux and Macs. They all claim to be secure and hacker
claim they all are not secure. One thing I do know it doesnít matter what car you drive if you donít change the
oil you will eventually blow the motor on that car. Can you put some common since to this for me please.
Actually, I don't think you need any light shed on this. I think you understand
things perfectly. Back to the old saying "the only way to 100% secure a system from hackers, is to
not take it out of its box to begin with". I think your analogy says this perfectly!
I am a brand new person to this site. (This is the FIRST
time that I have been here in my life.) I must say that
this is one of the laziest government people I know of. After
the first few paragraphs of his letter, I made up my mind
that if I was his boss, I would fire him for sleeping on the
John, keep up the good work. Apparently, this is a person who does nothing on his own.
I am speaking of the sentence where you said he sent a letter
to a 16 year old. If he really was investigating, he would know
who he sent this other letter to.
People who work for the government wonder why this nation
dislikes the government and does not trust them.
Yes, we're still getting letters about good 'ol Peter. Haha, will they never end? Seems like
everyone likes to take pot shots at "Big Brother" when they get the chance too. Can't say as I blaim them either ;-)
I was alerted to that hack of Tartarus.jpl.nasa.gov by an alert reader of your site. Since that hack cited me as the
perpetrator, perhaps a few comments would be in order.
First, most people have probably figured the real hacker wouldn't be dumb enough to identify him/herself.
Just to help the clueless get it strait -- I didn't do it.
Second, almost any code kiddie could have hacked that computer. Here's the smoking gun on how the exploit was done:
~ > telnet tartarus.jpl.nasa.gov 25
Connected to tartarus.jpl.nasa.gov (18.104.22.168).
Escape character is '^]'.
220- tartarus.jpl.nasa.gov Sendmail 950413.SGI.8.6.12/950213.SGI.AUTOCF
ready at Thu, 21 May 1998 08:06:37 -0700
220 ESMTP spoken here
250 Super-User <|/usr/lib/Zmailemail@example.com>
OK, so is this hack really cause for making a big deal over incompetence of NASA officials?
Get real, guys. At JPL, which is run by Caltech -- not NASA officials -- an SGI box is typically
just someone's desk top computer. To say that NASA officials should be responsible for how
each and every scientist and engineer at JPL manages his or her desk top computer is ridiculous.
Bottom line: the hack was trivial, lame, and reveals that the attacker believes NASA should turn
into a Big Brother telling everyone at Caltech's JPL how to manage their own desktop computers.
This belief on the part of the JPL hacker that Big Brother sysadmins should rule over everyone's desk top
computers reveals his blather about freedom is hypocritical. Sheesh. He is just another one of those
computer security extremists who thinks he has a right to trash anyone who doesn't buy the services of his
Do you see what is happening? These guys who work as computer security experts by day run around trashing
people's computers by night in the hopes of increasing the demand for their services. Nice little racket. It's a
racket that is taking the fun out of the Internet.
I suggest that computer security fascists such as the JPL hacker lighten up.
PS. My SGI box, a humble Indigo, has the vapors.
I'm waiting for a system CD-ROM to arrive so I can get her up again :-(
Ok, for those of you that don't recognize her name, Carol is the author of
"happy hacker" as well as several other books and white papers. She's also one of the ones
running the hacker games. She called me the other day, and we spoke at great length about
the present state of computer security, and about what rights individuals at the governmental level
should have over their own systems. Needless to say, our opinions differed. Hehe, at any rate,
thanks for the letter Carol, and I hope you continue to share your educated opinions with us.
Just saw your show on CBS. I was amazed how much of the information you have on this site they talked
about. I visit your site everyday to get all the latest hacker info.
Hey, I'm glad you liked Part 1 of the series. Look for part 2 coming on Tuesday
of this week (baring any other major world crisis). Just as a personal comment. CBS News contacted
me about doing this series, and possibly getting an interview with a major hack group. Needless to say,
it wasn't easy, but I did get them an interview with two members of the MOD. I can say that CBS was,
of course, VERY professional in the way they researched and produced the two part report. But, also,
they were very understanding of the MOD's concearns, and catered to them to every extent so that
they felt comfortable with giving the interview. Great job CBS! I really think this is the type of news story
that needs to be out there right now.
I have been rumaging through AntiOnline's archives for a few hours now
and I keep seeing references to irc channels, cut and pasted logs, and
nicks. I was wondering what irc server you guys use (ie efnet, undernet,
dalnet, etc) and the channel names. I would be very interested in hanging
w/ you guys some time. I am very interested in hearing our side of the
story, instead of how the media wishes to portray it.
Well, I can be found on the Undernet. The easiest place to find
me there is in a public channel called #HackPhreak. I'm an op there and usually go by the
nick JP, or if taken, |JP|. I try to make myself as easy to get ahold of as possible. You can
find my email information, as well as a phone number, etc. on our contact page.
This is in reply to everyone who sees that our governments computer systems are being hacked into. I would like to remind
everyone of the fact that these servers and networks are unclassified, i.e. no encryption to speak of. All classified networks
that I know of use point to point hardware streamed encryption systems. Far more powerful than say, PGP, or anything
available to the public. They use algorithms that have been tested by the world's best cryptographers. The keys are changed
very frequently and are now not even easily available to the users for espionage attempts. If you think that these 20 or so
MOD hackers can gain any access to classified information, I would just say it is very unlikely. The average person, or
average country for that matter, could not even afford to buy supercomputers that could break these encryption systems.
The only 'hacking' worthwhile to them is social engineering and/or physical theft. I would like to see any of them try to walk in!
to a secure area and pick up a crypto device and key material, let alone know how to use it. I'm not trying to say it's
impossible, nothing is. In reply to the Canadian that couldn't believe how easy it was to break into our systems;
Do you really think that any of Canada's government computer systems are not easily viewed by the NSA?
I'm not coming here as an expert, just someone who knows a bit about the subject. If there's anything I missed or if you
think I'm wrong, let me know.
Well, we're working on a Special Report about just such a topic. How does the government
protect its systems? We've been doing a lot of research, as well as speaking to several of our contacts in the US military, and,
of course, contacts from the "underground". After we compile everything, and speak to some attorneys (haha, I for one, do NOT
want to be raided), we'll release the Special Report here on AntiOnline. How soon will it be up? I'm not sure yet. It will be a
very large, and detailed project, and the legalities of it may take some time to iron out. We'll keep you posted!