David Cassel (destiny@wco.com)
Sun, 27 Apr 1997 10:40:35 -0700 (PDT)
H a c k e r H a z i n g
~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~
An AOL staffer confirmed keyword GameWIZ was hacked Friday morning...the
second time this month--and other hackers installed files with obscene
names in the directories of AOL's "Terms of Service" advisor--and attacked
13 other accounts. Meanwhile, the author of AOL4Free has come forward
with information about his remarkable six-month hacking spree in 1995,
which includes stories of accessing AOL's customer records, interrupting
celebrity chats -- and reading Steve Case's e-mail.
Friday morning Keyword GameWIZ displayed a message for AOL's Vice
President of Integrity Assurance, Tatiana Gau: "Tatiana Gau is a
dickweed. The Dr. said so!!!" A screen-shot forwarded to the AOL List
(http://www.wco.com/~destiny/gwhack.htm) showed the title bar had been
altered, too. "Dr. Gamewiz is CLOSED for the evening. We've been hacked
again." (Earlier in April, another message had been left for Gau...)
Hours later, another hacker named "PDT" stuck files with names like
"you_have_been_hacked" into 14 AOL FTP sites--most of them belonging to
AOL employees. "A major security flaw in AOL FTP servers has enabled me
to hack the FTP directories of many AOL staff," they told the AOL List.
"In fact I could hack the directory of ANY AOL MEMBER if I wanted!" As
proof, they sent the list of 14 screen names, which included AOL Mail
System Development Manager Jay Levitt, the manager of the Guide Program,
and Terms of Service manager Pete Hypolite.
(http://www.wco.com/~destiny/ftphack.htm)
"Knock hard. Life is deaf," reads Hypolite's on-line profile. But in
1995, he crossed paths with Happy Hardcore. An e-mail message Hypolite
sent to Terms of Service representative Michael Horton was accessed by the
Connecticut hacker who authored AOL4Free. Happy Hardcore--whose real name
is Nicholas Ryan--then posted the message to Usenet newsgroups.
Ironically, the message concerned another hacker. "It discussed the
crimes they think 'Da Chronic' could be prosecuted for," Happy Hardcore
told the AOL List last week, "and talked about intimidating the owners of
any computers on the Internet that let anyone download AOHell." That was
September of 1995, and 19 months later, Ryan makes an interesting
observation about the program's author. "If they haven't prosecuted him,
there must be some reason why..."
Though AOL claims to offer "the most protected environment on the
Internet," hackers see it differently. "Here's the truth, at last," began
a message Ryan sent to The AOL List.
AOL boasts of their sense of community, and Ryan says he found it in 1995.
"AOL seemed a much more friendly and laid back place than the internet; I
was amazed at how easy it was to walk into a chat room and immediately
acquire megabytes of pirated software." There's a long-standing rumor
that AOL is a hot-bed for "warez" trading. Earlier that year, Macromedia
cited 67 screen names in a suit charging "copyright infringement". Ryan
says he spent a few hours a day wondering what was behind the service's
marble-colored facades. "I decided AOL was a pristine, unhacked world,"
he recalls in a phone interview. So at the end of his Freshman year at
Yale...he hacked it. It wasn't hard. "If someone were to use software
debugging tools to analyze how the communication happens on a very low
level, one could possibly manipulate the information sent to the host in
such a way as to make the system do things it was never intended to do,"
Ryan writes. "That is exactly what I did." And he created the software
which granted free access to AOL.
But that was just the beginning. Ryan says leaked copies of AOL utility
tools also allowed hackers to gain access to normally off-limits parts of
the system. "We used to hang out in the overhead-account lounges," he
tells the AOL List. "We'd pick out the people with the dumb names. We
knew these would be the gullible people. We would message them that we
needed the password for some other reason." Did it work? "Frequently, it
did."
Soon, networking hackers had obtained access to the software containing
customer records. "I actually used 'Online Cris' to determine if anybody
was a narc who hung out in 'Mac warez'," Ryan remembers. "I checked to
see if they were making the screen names off of a tech support account, or
off of a guide account." And he found a few. "I actually confronted
them, and they denied everything. I'm not sure if they were narcs, or
staffers looking for warez."
The tools they'd obtained even allowed hackers to take the stage during
on-line appearances by celebrities. Ryan says that when the producer of
the movie "Hackers" appeared on AOL, real AOL hackers kept knocking him
off-line. The tactic also appeared during an attack on Tech Live. ("A
couple times we went on and scrolled all sorts of crap--and they were
forced to close it down.") And Ryan himself takes credit for wilding an
on-line chat in AOL's "MacWorld" area. "Macworld sucks!!!! Macworld
blows!" a user named "geT locaL" railed during the event--but they'd left
the rows of audience members, and were broadcasting their text between
comments from the scheduled guest.
The incident presents a picture at odds with AOL's public image. "I am
sure corporate communications will be getting some questions about it,"
reads a message credited to Assistant Producer Kevin Bell--which appears
on another hacker web page under the heading "Heads Up: Hacker Attack In
the Rotunda Last Night." (http://www.aolsucks.org/security/recondite.html)
The hackers-on-AOL story then slipped under the press's radar, though it
apparently continued unabated. Months later, another memo leaked out onto
Usenet, quoting Terms of Service representative Donna Quist as saying
"Someone got into the Guide area again and created a vulgar folder. Had
Scott hide the folder." Unbeknownst to the public, AOL had adopted a
"hackers happen" attitude. "Several members hacked into COE today,"
Quist's memo continued--adding, "it seemed more than usual..." COE is the
AOL operations area nicknamed "Center of the Earth".
At this point, Ryan claims, the LOW security was his biggest deterrent --
from a hacker perspective, the thrill was gone. "My pleasure at hacking
came from solving the puzzle," he wrote, "but now that I had access to any
account on the system, the game was over. I had found the last piece, and
I had beaten the 'enemy' totally. Things suddenly became less fun, and a
lot more scary." Just because the door is open doesn't mean you have to
walk through it. "Reading Steve Case's email was of a whole different
perceived level than snagging a few hours of free time."
But hackers may have ultimately moved from exploring the system to
modifying it. Ryan boasts they had access to Rainman, a tool which allows
content providers to modify areas on the system. It's not clear who
created keyword "Dogface"--which took users to Steve Case's January 1996
"Community Update"--but when the AOL List pointed it out to AOL
spokesperson Margaret Ryan in September, she answered brightly "I bet the
majority of our members don't go INTO keyword Dogface." Even then, the
keyword remained active until December--and there was more to come.
(http://www.wco.com/~destiny/hubhack.htm) In March, Wendy Dubit, Business
Development Director of AOL's "The Hub," conceded that her area had also
been hacked. And just days later, the first hack occurred on keyword
GameWiz. ( http://www.wco.com/~destiny/gamewiz.gif ) "Sounds like AOL
still hasn't gotten a hand on the security problems," Ryan commented at
the end of our phone interview.
But he emphasizes that though though his band of hackers had access to
internal AOL areas, "I stress that in no way did we EVER do anything to
cause permanent damage using the tools or information that we found."
( http://www.wired.com/news/culture/0,1284,3309,00.html ) Though AOL denied
that credit card numbers were stolen, hackers dispute that--and Ryan
points out that despite the security breach, AOL probably got off easy.
"I'm not sure if people actually used these credit card number to buy
stuff. I didn't."
Instead he followed his dedication to technological tools and the flow of
information. Even as he begins a six-month home sentence, Ryan is working
on an encryption program to encrypt information on a hard drive. "We have
a right to do this," he says on the phone, "to keep our information
secure. Some people are going to use it for bad, some people are going to
use it for good...
"People in Bosnia are trying to fight their government using it."
THE LAST LAUGH
When the Hub was created, AOL announced it would offer an online community
where young adults could "interact with their peers and actively create
and program content for the channel." Unfortunately, that's exactly what
happened when the hackers showed up.
But that's not the only case of AOL "asking for it". Seven
obscenely-named files were placed in the FTP directory of the manager of
AOL's Guide program. Maybe it had something to do with her unfortunate
choice of screen name.
"TeaseMee."
David Cassel
More Information
http://www.wco.com/~destiny/ftphack.htm
http://www.wco.com/~destiny/gwhack.htm
http://www.wired.com/news/culture/story/3309.html
~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~
Please forward with subscription information and headers. To subscribe
to this list, type your correct e-mail address in the form at the bottom
of the page at www.aolsucks.org -- or send e-mail to MAJORDOMO@CLOUD9.NET
containing the phrase SUBSCRIBE AOL-LIST in the the message body.
To unsubscribe from the list, send a message to MAJORDOMO@CLOUD9.NET
containing the phrase UNSUBSCRIBE AOL-LIST.
~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~