What keeps a good security guy from turning to the dark side

I’m reading the excellent Blackhatonomics right now. And one thing I read in it reminded me of a question that someone asked me last year. I was probably the third or fourth guy with an advanced security certification he’d met, and he asked me one day what it is that keeps us from turning criminal.

I said, “Well, for one thing, good guys have much longer careers.”

I didn’t cite a specific example, but Blackhatonomics cited the case of Albert Gonzalez, the infamous hacker convicted of breaking into TJX, Dave & Buster’s, and others. His crime spree, which ended when he was captured in 2008, netted him $2.98 million.

He was convicted in 2010, and had to give back what was left of his fortune, and now is serving 20 years in a minimum-security prison.

I like my approach better. Read more

Rob O’Hara on phreaking, Tesla coils and modems

Rob O’Hara posted a podcast about phreaking today. He explains in layperson’s terms how the phone system was controlled by tones, cites it as an example of security through obscurity, and he talks about his own first-person experience subverting the phone system. He was far from the only one who did that.

Read more

New media in Cuba

I read an ingenious article this week on Slashdot, talking about how Cubans evade Internet censorship (not to mention lack of access) by passing contraband material around on flash drives. It’s so old school, but brilliant.

Sure, it’s less efficient and less elegant than using the Internet, but unlike the Internet, it’s nearly impossible to detect and even harder to stop. Read more

Busted at the Safeway for phone phreaking

Software developer, author, and blogger Jeff Atwood wrote his confessions of the 1980s this week. As a teenager and not-quite-adult, he was a phone phreaker.

More of this went on than anyone wants to admit. Rob O’Hara has podcasted about it. Read more

Confessions and rememberances of an Amigaholic

Confessions and rememberances of an Amigaholic

My name is Dave. I am an Amigaholic.

I thought I was recovered. But I don’t think you ever recover. Not really.

You see, this week I was trolling Craigslist for garage sales. I look for trains, toys for my boys, and other things that strike my fancy. I spotted a sale that advertised an Amiga computer. I shouldn’t have put it on my list, but I did. I didn’t want to buy it, but I had to see it. I had to. Like I said, you don’t recover.

Read more

Of politeness and consideration in the connected age

I’ve quit several online forums in recent months, and lately I’ve been noticing a lot of Facebook wars–discussions that just got out of hand too fast. All of this makes me extremely nostalgic for the days of Commodore 64s and 128s, dialup modems, and hobbyist-run BBSs. It was hopelessly primitive compared to what we have today, but for the most part it was polite, and it certainly felt more like community.

What happened?

Read more

The kind of guy who could save America

I went to several estate sales today (it’s what I do on Saturdays, after all), but one was memorable. Some sales just jump out at you, and this one had evil genius/mad scientist written all over it.The estate belonged to a man named Carl. From what I could gather, Carl was Catholic, diabetic, and from my wife’s comments, must not have been married at the time he died. She mostly stayed upstairs while I rollicked around in the basement, which was tinkerer’s heaven.

“This guy was just like you!” my wife marveled when I resurfaced once. Well, she’s half right. I very much would have liked Carl. And yes, Carl liked computers and models and trains and didn’t see any point in buying anything he could make himself. But Carl’s knowledge of physics and other sciences went far, far beyond mine, as did his knowledge of electronics. I pulled out box after box after box of electronic components. Some of the stuff was pretty new, and some of it obviously dated to the early 1970s, if not earlier. It pains me to think most of that stuff is going to get thrown away, but there’s no sense in me buying it, even for pennies on the dollar, when I don’t know what it is, let alone what to do with it.

It’s entirely possible that Carl and I did cross paths, sort of. In the 1980s and early 1990s, BBSing was a common hobby among people who enjoyed electronics, amateur radio, and computers. People exactly like Carl. For that matter, it’s possible he might not have just dialed into BBSs, he fit the stereotype of a BBS operator like a hand in a glove. Who knows, maybe Carl ran a BBS I used to call.

Digging around Carl’s work area, I found lots of different things. I bought some moldmaking supplies and casting resin, Bondo body filler, and some tools. Carl took care of his tools. But on his workbench, I found a single file laying there that still had metal shavings on it. Perhaps Carl died before he was finished with it and cleaned it. I found a brush, cleaned off the file, and could picture Carl looking down, nodding approval. I bought the file and the brush. Both were better than the ones I owned previously.

Unfortunately, Carl is the type of person our society has been trained to fear, rather than respect, especially during this decade. I found plenty of literature that Homeland Security wouldn’t approve of. Instructions for making Tesla coils, and lots of instructions for making things that go boom in the back yard. I also found literature that dealt with alternative car fuels, converting cars to electric power, and generating your own electricity.

He was also obviously very interested in robotics and using computers to control things. In a spare bedroom, I found a pile of old Timex Sinclair 1000 computers and peripherals. He added I/O ports to most of them, and hacked another one to use a Texas Instruments keyboard instead of the cheap membrane keyboard that came with it. He must have used that Sinclair for programming. Another spare bedroom had a couple of barely started robotics projects.

Unfortunately, many people look at people like Carl, and are too quick to label him a deviant, or worse yet, a terrorist. The label is unfair. In fact, during natural disasters, amateur radio operators often are the people with the best information early, giving invaluable information to relief workers.

But the most important thing is the tendency not to think within the boundaries that “normal” people usually confine themselves to. Among his things, I found a book titled How to Patent Your Ideas.

Now I don’t know what kind of ideas he had floating in his head. As far as I can tell, he never published any of them (I have his last name, and I searched out of curiosity).

But with all this talk today about energy independence, I think it’s great that some guy in Crestwood, Missouri was thinking along those lines. I don’t know if any of those thoughts turned into anything tangible or not. But frankly, that kind of work is important–much more so than the tinkering I’m doing in my basement, which so far has resulted only in some wooden toys for my son to play with, and metal toys for me.

We need some new ideas, rather than just buying everything from abroad. I know there are still people like Carl out there, but I hope they aren’t a dying breed.

Now, if you’ll excuse me, I have a sudden desire to go see what I can do with some of the tools I bought from Carl’s workbench.

Secret Service BBS raids from the other perspective

I’ve written in the past about the Feds busting people using BBSs for nefarious purposes in the early 1990s. But the only stories I’ve ever heard were from the perspective of the people who got busted, often second or third hand.

Here’s a story from the side of someone who helped the Secret Service for three days in the 1980s.

Read more

WordPress Appliance - Powered by TurnKey Linux