Электронная библиотека
Библиотека .орг.уа

Бизнес литература
Детективы. Боевики. Триллеры
Детская литература
Наука. Техника. Медицина
Религия. Оккультизм. Эзотерика
Фантастика. Фэнтези
Художественная литература

Поиск по сайту
Фантастика. Фэнтези
   Зарубежная фантастика
      Bruce Sterling. The hacker crackdown -
Страницы: - 1  - 2  - 3  - 4  - 5  - 6  - 7  - 8  - 9  - 10  - 11  - 12  - 13  - 14  - 15  - 16  -
17  - 18  - 19  - 20  - 21  - 22  - 23  - 24  - 25  - 26  - 27  - 28  - 29  - 30  - 31  - 32  - 33  -
34  - 35  -
ecretary equipped with a large desk-mounted magnifying glass. There is something weirdly disquieting about the whole subject of "trashing" -- an unsuspected and indeed rather disgusting mode of deep personal vulnerability. Things that we pass by every day, that we take utterly for granted, can be exploited with so little work. Once discovered, the knowledge of these vulnerabilities tend to spread. Take the lowly subject of *manhole covers.* The humble manhole cover reproduces many of the dilemmas of computer-security in miniature. Manhole covers are, of course, technological artifacts, access-points to our buried urban infrastructure. To the vast majority of us, manhole covers are invisible. They are also vulnerable. For many years now, the Secret Service has made a point of caulking manhole covers along all routes of the Presidential motorcade. This is, of course, to deter terrorists from leaping out of underground ambush or, more likely, planting remote-control car- smashing bombs beneath the street. Lately, manhole covers have seen more and more criminal exploitation, especially in New York City. ъecently, a telco in New York City discovered that a cable television service had been sneaking into telco manholes and installing cable service alongside the phone-lines -- *without paying royalties.* New York companies have also suffered a general plague of (a) underground copper cable theft; (b) dumping of garbage, including toxic waste, and (c) hasty dumping of murder victims. Industry complaints reached the ears of an innovative New England industrial-security company, and the result was a new product known as "the Intimidator," a thick titanium-steel bolt with a precisely machined head that requires a special device to unscrew. All these "keys" have registered serial numbers kept on file with the manufacturer. There are now some thousands of these "Intimidator" bolts being sunk into American pavements wherever our President passes, like some macabre parody of strewn roses. They are also spreading as fast as steel dandelions around US military bases and many centers of private industry. Quite likely it has never occurred to you to peer under a manhole cover, perhaps climb down and walk around down there with a flashlight, just to see what it's like. Formally speaking, this might be trespassing, but if you didn't hurt anything, and didn't make an absolute habit of it, nobody would really care. The freedom to sneak under manholes was likely a freedom you never intended to exercise. You now are rather less likely to have that freedom at all. You may never even have missed it until you read about it here, but if you're in New York City it's gone, and elsewhere it's likely going. This is one of the things that crime, and the reaction to crime, does to us. The tenor of the meeting now changed as the Electronic Frontier Foundation arrived. The EFF, whose personnel and history will be examined in detail in the next chapter, are a pioneering civil liberties group who arose in direct response to the Hacker Crackdown of 1990. Now Mitchell Kapor, the Foundation's president, and Michael Godwin, its chief attorney, were confronting federal law enforcement *mano a mano* for the first time ever. Ever alert to the manifold uses of publicity, Mitch Kapor and Mike Godwin had brought their own journalist in tow: ъobert Draper, from Austin, whose recent well- received book about ъOLLING STONE magazine was still on the stands. Draper was on assignment for TEXAS MONTHLY. The Steve Jackson/EFF civil lawsuit against the Chicago Computer Fraud and Abuse Task Force was a matter of considerable regional interest in Texas. There were now two Austinite journalists here on the case. In fact, counting Godwin (a former Austinite and former journalist) there were three of us. Lunch was like Old Home Week. Later, I took Draper up to my hotel room. We had a long frank talk about the case, networking earnestly like a miniature freelance-journo version of the FCIC: privately confessing the numerous blunders of journalists covering the story, and trying hard to figure out who was who and what the hell was really going on out there. I showed Draper everything I had dug out of the Hilton trashcan. We pondered the ethics of "trashing" for a while, and agreed that they were dismal. We also agreed that finding a SPъINT bill on your first time out was a heck of a coincidence. First I'd "trashed" -- and now, mere hours later, I'd bragged to someone else. Having entered the lifestyle of hackerdom, I was now, unsurprisingly, following its logic. Having discovered something remarkable through a surreptitious action, I of course *had* to "brag," and to drag the passing Draper into my iniquities. I felt I needed a witness. Otherwise nobody would have believed what I'd discovered.... Back at the meeting, Thackeray cordially, if rather tentatively, introduced Kapor and Godwin to her colleagues. Papers were distributed. Kapor took center stage. The brilliant Bostonian high-tech entrepreneur, normally the hawk in his own administration and quite an effective public speaker, seemed visibly nervous, and frankly admitted as much. He began by saying he consided computer-intrusion to be morally wrong, and that the EFF was not a "hacker defense fund," despite what had appeared in print. Kapor chatted a bit about the basic motivations of his group, emphasizing their good faith and willingness to listen and seek common ground with law enforcement -- when, er, possible. Then, at Godwin's urging, Kapor suddenly remarked that EFF's own Internet machine had been "hacked" recently, and that EFF did not consider this incident amusing. After this surprising confession, things began to loosen up quite rapidly. Soon Kapor was fielding questions, parrying objections, challenging definitions, and juggling paradigms with something akin to his usual gusto. Kapor seemed to score quite an effect with his shrewd and skeptical analysis of the merits of telco "Caller-ID" services. (On this topic, FCIC and EFF have never been at loggerheads, and have no particular established earthworks to defend.) Caller-ID has generally been promoted as a privacy service for consumers, a presentation Kapor described as a "smokescreen," the real point of Caller-ID being to *allow corporate customers to build extensive commercial databases on everybody who phones or faxes them.* Clearly, few people in the room had considered this possibility, except perhaps for two late-arrivals from US WEST ъBOC security, who chuckled nervously. Mike Godwin then made an extensive presentation on "Civil Liberties Implications of Computer Searches and Seizures." Now, at last, we were getting to the real nitty-gritty here, real political horse-trading. The audience listened with close attention, angry mutters rising occasionally: "He's trying to teach us our jobs!" "We've been thinking about this for years! We think about these issues every day!" "If I didn't seize the works, I'd be sued by the guy's victims!" "I'm violating the law if I leave ten thousand disks full of illegal *pirated software* and *stolen codes!*" "It's our job to make sure people don't trash the Constitution -- we're the *defenders* of the Constitution!" "We seize stuff when we know it will be forfeited anyway as restitution for the victim!" "If it's forfeitable, then don't get a search warrant, get a forfeiture warrant," Godwin suggested coolly. He further remarked that most suspects in computer crime don't *want* to see their computers vanish out the door, headed God knew where, for who knows how long. They might not mind a search, even an extensive search, but they want their machines searched on-site. "Are they gonna feed us?" somebody asked sourly. "How about if you take copies of the data?" Godwin parried. "That'll never stand up in court." "Okay, you make copies, give *them* the copies, and take the originals." Hmmm. Godwin championed bulletin-board systems as repositories of First Amendment protected free speech. He complained that federal computer- crime training manuals gave boards a bad press, suggesting that they are hotbeds of crime haunted by pedophiles and crooks, whereas the vast majority of the nation's thousands of boards are completely innocuous, and nowhere near so romantically suspicious. People who run boards violently resent it when their systems are seized, and their dozens (or hundreds) of users look on in abject horror. Their rights of free expression are cut short. Their right to associate with other people is infringed. And their privacy is violated as their private electronic mail becomes police property. Not a soul spoke up to defend the practice of seizing boards. The issue passed in chastened silence. Legal principles aside -- (and those principles cannot be settled without laws passed or court precedents) -- seizing bulletin boards has become public-relations poison for American computer police. And anyway, it's not entirely necessary. If you're a cop, you can get 'most everything you need from a pirate board, just by using an inside informant. Plenty of vigilantes -- well, *concerned citizens* -- will inform police the moment they see a pirate board hit their area (and will tell the police all about it, in such technical detail, actually, that you kinda wish they'd shut up). They will happily supply police with extensive downloads or printouts. It's *impossible* to keep this fluid electronic information out of the hands of police. Some people in the electronic community become enraged at the prospect of cops "monitoring" bulletin boards. This does have touchy aspects, as Secret Service people in particular examine bulletin boards with some regularity. But to expect electronic police to be deaf dumb and blind in regard to this particular medium rather flies in the face of common sense. Police watch television, listen to radio, read newspapers and magazines; why should the new medium of boards be different? Cops can exercise the same access to electronic information as everybody else. As we have seen, quite a few computer police maintain *their own* bulletin boards, including anti-hacker "sting" boards, which have generally proven quite effective. As a final clincher, their Mountie friends in Canada (and colleagues in Ireland and Taiwan) don't have First Amendment or American constitutional restrictions, but they do have phone lines, and can call any bulletin board in America whenever they please. The same technological determinants that play into the hands of hackers, phone phreaks and software pirates can play into the hands of police. "Technological determinants" don't have *any* human allegiances. They're not black or white, or Establishment or Underground, or pro-or-anti anything. Godwin complained at length about what he called "the Clever Hobbyist hypothesis" -- the assumption that the "hacker" you're busting is clearly a technical genius, and must therefore by searched with extreme thoroughness. So: from the law's point of view, why risk missing anything? Take the works. Take the guy's computer. Take his books. Take his notebooks. Take the electronic drafts of his love letters. Take his Walkman. Take his wife's computer. Take his dad's computer. Take his kid sister's computer. Take his employer's computer. Take his compact disks -- they *might* be CD-ъOM disks, cunningly disguised as pop music. Take his laser printer -- he might have hidden something vital in the printer's 5meg of memory. Take his software manuals and hardware documentation. Take his science-fiction novels and his simulation- gaming books. Take his Nintendo Game-Boy and his Pac-Man arcade game. Take his answering machine, take his telephone out of the wall. Take anything remotely suspicious. Godwin pointed out that most "hackers" are not, in fact, clever genius hobbyists. Quite a few are crooks and grifters who don't have much in the way of technical sophistication; just some rule-of-thumb rip-off techniques. The same goes for most fifteen- year-olds who've downloaded a code-scanning program from a pirate board. There's no real need to seize everything in sight. It doesn't require an entire computer system and ten thousand disks to prove a case in court. What if the computer is the instrumentality of a crime? someone demanded. Godwin admitted quietly that the doctrine of seizing the instrumentality of a crime was pretty well established in the American legal system. The meeting broke up. Godwin and Kapor had to leave. Kapor was testifying next morning before the Massachusetts Department Of Public Utility, about ISDN narrowband wide-area networking. As soon as they were gone, Thackeray seemed elated. She had taken a great risk with this. Her colleagues had not, in fact, torn Kapor and Godwin's heads off. She was very proud of them, and told them so. "Did you hear what Godwin said about *instrumentality of a crime?*" she exulted, to nobody in particular. "Wow, that means *Mitch isn't going to sue me.*" # America's computer police are an interesting group. As a social phenomenon they are far more interesting, and far more important, than teenage phone phreaks and computer hackers. First, they're older and wiser; not dizzy hobbyists with leaky morals, but seasoned adult professionals with all the responsibilities of public service. And, unlike hackers, they possess not merely *technical* power alone, but heavy-duty legal and social authority. And, very interestingly, they are just as much at sea in cyberspace as everyone else. They are not happy about this. Police are authoritarian by nature, and prefer to obey rules and precedents. (Even those police who secretly enjoy a fast ride in rough territory will soberly disclaim any "cowboy" attitude.) But in cyberspace there *are* no rules and precedents. They are groundbreaking pioneers, Cyberspace ъangers, whether they like it or not. In my opinion, any teenager enthralled by computers, fascinated by the ins and outs of computer security, and attracted by the lure of specialized forms of knowledge and power, would do well to forget all about "hacking" and set his (or her) sights on becoming a fed. Feds can trump hackers at almost every single thing hackers do, including gathering intelligence, undercover disguise, trashing, phone-tapping, building dossiers, networking, and infiltrating computer systems -- *criminal* computer systems. Secret Service agents know more about phreaking, coding and carding than most phreaks can find out in years, and when it comes to viruses, break-ins, software bombs and trojan horses, Feds have direct access to red-hot confidential information that is only vague rumor in the underground. And if it's an impressive public rep you're after, there are few people in the world who can be so chillingly impressive as a well-trained, well-armed United States Secret Service agent. Of course, a few personal sacrifices are necessary in order to obtain that power and knowledge. First, you'll have the galling discipline of belonging to a large organization; but the world of computer crime is still so small, and so amazingly fast-moving, that it will remain spectacularly fluid for years to come. The second sacrifice is that you'll have to give up ripping people off. This is not a great loss. Abstaining from the use of illegal drugs, also necessary, will be a boon to your health. A career in computer security is not a bad choice for a young man or woman today. The field will almost certainly expand drastically in years to come. If you are a teenager today, by the time you become a professional, the pioneers you have read about in this book will be the grand old men and women of the field, swamped by their many disciples and successors. Of course, some of them, like William P. Wood of the 1865 Secret Service, may well be mangled in the whirring machinery of legal controversy; but by the time you enter the computer-crime field, it may have stabilized somewhat, while remaining entertainingly challenging. But you can't just have a badge. You have to win it. First, there's the federal law enforcement training. And it's hard -- it's a challenge. A real challenge -- not for wimps and rodents. Every Secret Service agent must complete gruelling courses at the Federal Law Enforcement Training Center. (In fact, Secret Service agents are periodically re-trained during their entire careers.) In order to get a glimpse of what this might be like, I myself travelled to FLETC. # The Federal Law Enforcement Training Center is a 1500-acre facility on Georgia's Atlantic coast. It's a milieu of marshgrass, seabirds, damp, clinging sea-breezes, palmettos, mosquitos, and bats. Until 1974, it was a Navy Air Base, and still features a working runway, and some WWII vintage blockhouses and officers' quarters. The Center has since benefitted by a forty-million-dollar retrofit, but there's still enough forest and swamp on the facility for the Border Patrol to put in tracking practice. As a town, "Glynco" scarcely exists. The nearest real town is Brunswick, a few miles down Highway 17, where I stayed at the aptly named Marshview Holiday Inn. I had Sunday dinner at a seafood restaurant called "Jinright's," where I feasted on deep-fried alligator tail. This local favorite was a heaped basket of bite-sized chunks of white, tender, almost fluffy reptile meat, steaming in a peppered batter crust. Alligator makes a culinary experience that's hard to forget, especially when liberally basted with homemade cocktail sauce from a Jinright squeeze-bottle. The crowded clientele were tourists, fishermen, local black folks in their Sunday best, and white Georgian locals who all seemed to bear an uncanny resemblance to Georgia humorist Lewis Grizzard. The 2,400 students from 75 federal agencies who make up the FLETC population scarcely seem to make a dent in the low-key local scene. The students look like tourists, and the teachers seem to have taken on much of the relaxed air of the Deep South. My host was Mr. Carlton Fitzpatrick, the Program Coordinator of the Financial Fraud Institute. Carlton Fitzpatrick is a mustached, sinewy, well-tanned Alabama native somewhere near his late forties, with a fondness for chewing tobacco, powerful computers, and salty, down-home homilies. We'd met before, at FCIC in Arizona. The Financial Fraud Institute is one of the nine divisions at FLETC. Besides Financial Fraud, there's Driver & Marine, Firearms, and Physical Training. These are specialized pursuits. There are also five general training divisions: Basic Training, Operations, Enforcement Techniques, Legal Division, and Behavioral Science. Somewhere in this curriculum is everything necessary to turn green college graduates into federal agents. First they're given ID cards. Then they get the rather miserable-looking blue coveralls known as "smurf suits." The trainees are assigned a barracks and a cafeteria, and immediately set on FLETC's bone-grinding physical training rout

Страницы: 1  - 2  - 3  - 4  - 5  - 6  - 7  - 8  - 9  - 10  - 11  - 12  - 13  - 14  - 15  - 16  -
17  - 18  - 19  - 20  - 21  - 22  - 23  - 24  - 25  - 26  - 27  - 28  - 29  - 30  - 31  - 32  - 33  -
34  - 35  -

Все книги на данном сайте, являются собственностью его уважаемых авторов и предназначены исключительно для ознакомительных целей. Просматривая или скачивая книгу, Вы обязуетесь в течении суток удалить ее. Если вы желаете чтоб произведение было удалено пишите админитратору Rambler's Top100 Яндекс цитирования