|
Esquire,
August 1995 v124 n2 p80(9)
Kevin Mitnick, unplugged.
(computer hacker)
Katie Hafner.
Abstract: Hacker Mitnick, who is now in jail, eluded law enforcement officials who sought him for breaking into some of the nation's most sophisticated computer systems. He was apprehended with the assistance of Tsutomu Shimomura, whose system was broken into by Mitnick.
Full Text: COPYRIGHT Hearst Corporation 1995
SUSAN THUNDER IS ON her third can of warm Pepsi, and it's barely past breakfast. We are in the dining room of the Silver Saddle Ranch and Club, a low-rent resort in the high Mojave Desert. Susan, I should explain, is an ex-hooker turned computer hacker. She is plotting revenge on Tsutomu Shimomura, the guy who finally caught her pal Kevin Mitnick, public enemy number one in the virtual world of computer networks. "Now, is Tsutomu gay or bi or what?" Susan asks, scrutinizing a well-thumbed
newspaper photo.
I tell her I'm pretty sure that he's straight.
"Oh," she says. Good. Maybe now she can really screw him over. Something sexual, a "medium-term, possibly long-term" revenge program.
After years spent dodging the FBI, Mitnick, thirty-one, has logged off and is sitting in jail in North Carolina, charged with one of the most audacious hacks ever recorded. Not only did he allegedly steal sensitive software, personal files, and more than twenty thousand credit-card numbers, but he also could have disrupted the global computer matrix of thirty million users known as the Internet. After breaking into computers from the West Coast to Europe, he was finally stopped by Shimomura,
thirty, a computer-security expert who freelanced for the military and who, not incidentally, had been a victim of one of Mitnick's hacks.
"This guy is an arrogant motherfucker," Susan says of Shimomura. "I'm sure he's pissed that Kevin got into his system. It's humiliating." The worst part, though, was that he wouldn't concede Mitnick's superiority. "If this guy was such a hotshot security expert," she says, "how come Kevin got in?"
Kevin Mitnick belongs to a loose confederation of computer outlaws, mavericks who have invented their own culture. In their moral universe, the act of theft is more valuable than the goods stolen; on-screen one-upmanship is the ultimate high. They would be inconsequential except that they have the expertise and cunning to breach the world's ever-more-complicated central nervous system: the computer networks that control the economy, commerce, defense, and government. And this makes people,
particularly the feds, nervous.
When the Internet was constructed in the seventies to link scientists at different universities, usefulness was the priority, not security. What is now seen as a systemic shortcoming was the Internet's best feature: few locked doors. Visions of a civil, free, open electronic community blossomed. Then human nature intervened and revealed a less romantic aspect. Mitnick has come to personify this; for years, he reigned as the renegade king of cyberspace, living his life through a liquidcrystal
display. From a simple laptop computer hooked to a cellular phone and modem, he ventured across the globe, into computers with double and triple locks, into office buildings, telephone switches, and living rooms. And, finally, into a prison cell.
I first encountered Mitnick, at least as an abstract concept, six years ago, when I was working on a book, Cyberpunk, about the computer underground. Mitnick had refused to speak with me unless I paid him. He became a ghostly presence as I visited his relatives, friends, and former friends in Los Angeles, meeting at odd hours in parking lots, paging them, or calling from one pay phone to another. I got lucky when a couple of L. A. cops who had come to loathe Mitnick handed me his police file.
From these sources, I pieced together this story.
The Phreak
KEVIN DAVID Mitnick was raised in Los Angeles. His parents split up when he was still young; his mother worked long hours as a waitress in a deli, and he seldom saw his father. Kevin grew up lonely, overweight, nearsighted, isolated, and prone to stomach troubles.
As a teenager, Kevin discovered phone phreaking--exploring and exploiting Ma Bell's computer systems, the Touch-Tone equivalent of joyriding. For a kid with Kevin's technical bent, phreaking was a perfect outlet. And for someone as socially maladroit as Kevin, it was a way to make some friends--among them one who called herself Susan Thunder and another who took on the name Roscoe. Kevin and his band of L. A. phreaks spent nights Dumpster-diving for computer manuals behind phone-company offices
and honing their "social engineering" skills. This is a euphemism for artfully conning passwords and other proprietary information from people by calling up and posing as a technician, secretary, or supervisor. Kevin was especially gifted at this. He knew how to call just the right person and say just the right thing--breezy chitchat with telephone operators, a collegial exchange of telco jargon with a line technician.
Many of the phreaks' early pranks were nasty but harmless. One favorite was to override directory assistance so that when people dialed for information, they got a phreak instead, asking: "Is that person white or black, ma'am? We have separate directories."
But by the early eighties, the good times had soured. In 1982, Susan testified in a case that ended in a conviction for Roscoe and probation for Kevin, both of whom were accused of stealing computer manuals from a Pacific Bell building. Roscoe later managed to get the conviction set aside and went on to work at a straight job as a computer manager. Susan drifted to Las Vegas, tried professional poker, and dabbled in the escort business. But Kevin drifted further into the dark side of the
computer world.
"All of us have been on the dark side," a friend of mine who is a respected computer scientist told me. Almost everyone in the field has succumbed to the temptation to cross the line and break in. It's an impulse that usually lasts about fifteen minutes. In Mitnick's case, it would last fifteen years.
When he was twenty-three, Mitnick met Bonnie Vitello, a charming, slightly older woman. On their first date, she told him where she worked, and Kevin laughed so hard he nearly choked: She worked for a phone company. The two married soon after, but their happiness was marred by Mitnick's repeated brushes with the law. In 1988, he was arrested again, this time on charges of stealing valuable software--the code for an operating system, the master program that controls how a computer works--from
Digital Equipment Corporation, one of the largest computer makers in the nation. An operating system provides a knowledgeable cyberthief with a blueprint of a company's computer network. Access to its source code gives him the keys to the safe.
It was this arrest that spawned the legend of Kevin Mitnick, uberhacker. Newspapers portrayed him as an electronic terrorist, capable of triggering a nuclear holocaust from a Touch-Tone telephone. He was placed in a maximum-security cell, where his use of the phone was heavily supervised. One imagines cages on his hands similar to the one over Hannibal Lecter's mouth. When I saw him in court, he looked harmless and scared.
In 1989, Mitnick was sentenced to a year in federal prison at Lompoc, California, and he got a break when a therapist suggested that he had little control over his behavior--like someone compelled to drink or shoplift. Mitnick, she argued, would benefit greatly from a six-month stay at a residential treatment center in Los Angeles. The judge agreed.
Kicking the Habit
WHILE GETTING directions to Gateways Beit T'Shuvah (in Hebrew, a "house of repentance") over the phone, I ask the social worker what part of L. A. it's in. "A bad part," she says. I finally find it, just west of downtown: a dilapidated, two-story wood-frame house. It was here that Kevin Mitnick spent several months after his release from Lompoc in 1989.
Harriet rossetto, the fifty-seven-year-old director of Beit T'Shuvah, meets me at the door. She is a slightly rumpled woman with short, unruly brown hair, dressed in jeans. She started Beit T'Shuvah eight years ago when she realized that Jewish ex-convicts with addiction problems had no place to go after prison. The program combines the teachings of Judaism with the classic twelve-step Alcoholics Anonymous model. Twenty-five men live there, clustering in the primitive kitchen and in an adjoining
common room. I have trouble picturing Kevin Mitnick--tough from behind a computer screen but pretty congenial in person--at home in such a place.
The hacker-as-addict theory has been widely ridiculed, but Rossetto points out that she has a broad definition of addiction, embracing everyone from alcoholics to overeaters to obsessive shoppers. When she first heard about Mitnick, she hadn't yet encountered this particular twist on addiction, but she recognized an important symptom: activity used to block out painful feelings of vulnerability and loneliness.
Much has been made of the fact that when Mitnick was arrested last February, he was in possession of 21,600 cred-it-card numbers. But there is no evidence that he used any of them. "This is well in keeping with addictive behavior," Rossetto tells me in her office, a large room furnished with comfortable castoffs. "The closest cousin to Kevin's affliction is gambling. It's not about money or winning; it's the action. Many people who work with computers are simiarly addicted, but they carry out
their addiction in a socially acceptable way."
I am inclined to agree with her. My own mother, a programmer, has described to me what it's like to sit in front of the screen and have four hours whiz by. I can imagine the tonic effect for someone like Mitnick. "He's powerful and important," Rossetto says. "He's no longer the fat kid with glasses from a poor and dysfunctional family.... I saw how lonely he was. He was a throwaway child who found contact and affection wherever he could."
Rossetto tried to convince Mitnick that when he left the home, he could look for a job in computer security. But he believed that people were too afraid of him to hire him.
He was right. In 1988, he'd been hired as an electronic-funds-transfer consultant at Security Pacific Bank in downtown L. A., but when a bank employee recognized his name, he was fired before his first day of work. Later, when he tried to attend an annual meeting for users of Digital computers, conference officials barred him.
Mitnick was released from the rehab program early, in the spring of 1990. Rossetto last saw him in early 1992, when he came back to L. A. after his half brother, Adam, died of a drug overdose. Shaken, depressed, and lonely, he visited Rossetto to talk about returning to Beit T'Shuvah. "I'm slipping," he said. She didn't see him again.
The Hacking Hooker
AT FIRST, the halfway-house therapy seemed to have helped Mitnick. On probation for three years, he couldn't so much as touch a computer, but once he showed he could control his behavior, he was allowed to hunt for computer work--provided a modem wasn't involved. By now, Bonnie had asked for a divorce, and Mitnick moved to Las Vegas, presumably to be near his mother and grandmother. He found a job at a local mailing-list firm, programming the Digital computers whose operating system he'd learned
so well. But without a modem, the days must have been bland.
In Las Vegas, Mitnick looked up his onetime nemesis, Susan Thunder. Susan surmises that Mitnick sought her out for her expertise in cracking "military systems," but I suspect he needed her for her social-engineering skills, which are considerable.
At six two, Susan towers over most other women. With long, straight blond hair, a full figure, and a big overbite, she is Joni Mitchell writ large. Her background is similarly expansive: An eighth-grade dropout turned Hollywood streetwalker, she fell in with phone phreaks, turned her attention to breaking into computers, then, incredibly enough, in 1994 was elected city clerk in a small California desert town.
Five Pepsis into our meeting, Susan is musing about something rarely pondered in cyberspace: physical presence.
The first time she saw Mitnick after so many years, she was shocked. He'd lost nearly a hundred pounds. "You know," she volunteers, "that hooker side of me always wondered if he was a good fuck." Indeed, she'd once tried to seduce Kevin, but he told her, curtly, that he wasn't interested in starting anything. "But I have no doubt that if I wanted to fuck him, I could have," she says. I've long known that you need to be wary of many of Susan's stories, but she tells this one with such shameless
moxie that I believe her.
Susan and I check into the Gold Coast, a no-frills hotel and casino on the south side of town favored by the locals. She stretches all seventy-four inches across the bed and begins leafing through the "Entertainers" section of the Yellow Pages in search of Ginger, a former colleague. She lingers over the photographs of women in various seductive poses. She claims to know a few of them and offers comments, as if looking through her old high school yearbook. She's hoping Ginger can send a few
tricks her way so she can make enough money to go visit Kevin in prison. Mitnick was arrested in North Carolina and was scheduled to go on trial in July. His mother and grandmother can't afford the trip, either, so he has to settle for calling them by phone several times a day. According to his grandmother, Reba, Mitnick hasn't been well. Shortly after his arrest, he broke out in yellow splotches. (Susan theorizes that the prison authorities might be using saltpeter to poison him.) Reba says
that every day, Kevin reads an article she sent him titled "One Day at a Time."
Things Fall Apart
THROUGHOUT the years in Las Vegas, Mitnick seemed to remain intensely loyal to only one friend, Roscoe, who has worked at the same L. A. auto-parts importer since I first met him six years ago. Mitnick stayed in regular touch with Roscoe after he went underground in 1992 and called him an hour after his arrest last February 15 to report that he was in jail.
The two met in 1978 over a hamradio channel. Mitnick's telephone expertise and general love of mischief caught Roscoe's fancy, and they became tight friends. He has lurked in the wings of Kevin's personal dramas ever since, a big brother and confidant.
As Mitnick sat in jail in North Carolina, I E-mailed Roscoe, asking if we might meet. I got this in reply:
"... At this juncture, I feel it only appropriate to call to your attention the fact that I'm not accustomed to dating married women. However, since I have known you from the past, I would be delighted to make an exception."
Returning to the subject of Kevin Mitnick after five years has been like walking into Kafka's closet--an image from his nightmare novel The Trial in which Joseph K. opens the door to a small storage room and sees a man poised to flog two others with a rod. Some time later, K. opens the same door and the three men are still there, in precisely the same position. A lot can happen in five years. For my part, I have divorced, remarried, had a child, moved to a different state, and written a book on
an unrelated topic. But the people who inhabit Kevin Mitnick's universe are all exactly as I left them.
Roscoe and I meet in South Pasadena. He has changed little from the stiff, mustachioed nerd I first met in 1989. It's unclear just when he quit the dark side--he always seems to have a grasp of what's going on in Mitnick's life. And yet, whenever Mitnick goes down, Roscoe simply goes on. One of the first things Roscoe reports to me is that a week before his arrest, Mitnick signed over the rights to his story to Roscoe, who is now at work on a book proposal. He has also been dabbling in something
called Speed Seduction--from what I can gather, talking a very good line very quickly to entice very goodlooking women into bed--and has published a booklet titled "Sensual Access: The High Tech Guide to Seducing Women Using Your Home Computer."
Mitnick moved back to L. A. in early 1992, after his half brother's death. He was living in an apartment near Malibu, working for his father, Alan, a general contractor who had a place in the same complex. But father and son didn't get along, and Mitnick went to work for a private-eye firm called Tel Tec Investigations. Tel Tec wasn't your run-of-the-mill spook firm--around the same time Mitnick joined, the owners were arrested on charges of suspicion of tapping into TRW computers to get
financial records. Roscoe thinks that as part of their plea bargain, the Tel Tec guys offered up Kevin Mitnick.
In September 1992, FBI agents raided Roscoe's home and workplace and Mitnick's apartment. The search warrant was based on alleged illegal access to a Pacific Bell computer. During the raid, agents seized computers, encrypted disks, and scores of documents. Claiming that the warrant was unfounded, Roscoe sued, demanding that the items be returned and that the warrant be quashed. The case is still pending.
Two months after the raid, a federal judge issued an arrest warrant for Mitnick for having violated probation for his 1989 conviction. There were two violations: unauthorized access to the Pac Bell computer and his association with Roscoe. At 5:30 one morning in early December 1992, three federal agents showed up at his door. They found his mother and her boyfriend but no Mitnick. His mother told the agents that her son had moved out.
That Christmas Eve, someone claiming to be a probation officer called the Department of Motor Vehicles in Sacramento and asked that three photographs be faxed to L. A., one of them of an informant who had tried to incite Mitnick and Roscoe to commit computer fraud. The caller had the DMV lingo down, complete with a legitimate "requester code." Unfortunately for the caller, the DMV had previously received another call requesting the same photographs. They checked the fax number the latest caller
had given. It was a Kinko's in Studio City.
Officials at the DMV dummied up a set of photos to fax, then dispatched two investigators to stake out the Kinko's. It wasn't an easy vigil. Sandwiched between strip malls on a congested stretch of Ventura Boulevard, the Kinko's shares a parking lot with a supermarket and video-rental shop. The investigators waited inside the Kinko's but had no luck. Finally, one of them saw a man leave the store with a fax and followed him into the parking lot, but the tail was spotted, and the man dropped the
papers and scurried away. The agents tried to chase him but lost him in the crowded parking lot filled with last-minute Christmas shoppers. The recovered documents were covered with finger-prints--Kevin Mitnick's. Nine months later, an L. A. judge issued a second warrant, setting bail at $1 million.
Going to Ground
AFTER the Kinko's incident, Mitnick became a true fugitive, moving from city to city, taking on a new identity in each new place, paying cash for everything. He typically moved to university towns, rented a furnished apartment in a student neighborhood, and took a job with a hospital, usually as a computer troubleshooter. Authorities believe he was in Colorado for a time, then Seattle. The fact that computers have gotten much smaller and more powerful helped make the operation mobile. Mitnick
could accomplish a lot with a laptop, a cellular phone, and a modem, hiding his tracks by cloning new numbers (reprogramming a phone with purloined numbers) and routing his calls through far-flung dialing areas. Getting onto the Internet was easy enough: He just dialed a local Internet-service provider, logged on, hacked his way into full privileges on the system, then kept a low profile by finding rarely used accounts. From there, thanks to telnet, a feature that enables users to hop from
computer to computer, Kevin Mitnick could go anywhere in the world.
Betrayed
MITNICK soon struck up a rather bizarre relationship with one of his hacking targets--Neill Michael Clift, an unassuming thirty-year-old software engineer in Stockport, England. Clift is a computer-security hobbyist who spends much of his spare time plumbing the depths of Digital operating systems in search of flaws, and this earned him Mitnick's special attention.
Mitnick's interest in Clift had actually begun in the 1980s, when Mitnick was intercepting internal E-mail traveling among Digital employees and recognized Clift as a rich source of security-bug secrets. The night before Mitnick's first major arrest, in 1988, he had been busy beating a path into Clift's computers. It's possible he put an electronic bookmark there before the police came, perhaps with the intention of someday picking up where he'd left off.
In 1993, he did. Posing as a well-known Digital engineer, he phoned Clift and ladled on the flattery. He explained that the company was going to be recruiting engineers and wanted to know if Clift would be interested. Clift told him to send him E-mail at a computer in Loughborough, England, and Mitnick did, posing this time as a different engineer. To draw Clift in, he offered him information that Clift recognized as proprietary to Digital. It worked. Before long, they had exchanged decryption
keys so that each could read the other's encoded transmissions. Mitnick asked for--and got--nearly every security flaw that Clift had discovered in the previous months.
After weeks of exchanging E-mail with the impostor, Clift asked a few pointed technical questions. When his correspondent seemed slightly adrift, he grew suspicious and probed the path the mail was taking. It wasn't going to a computer at Digital at all but to a machine at the University of Southern California. Even though he was six thousand miles away and in another country, Clift immediately suspected it was Kevin Mitnick. Who else could it be? He knew Mitnick had been out of jail for some
time, and if this was he, he'd already conned Clift out of scores of secrets. Embarrassed and in fear of losing his job, Clift cut off the correspondence.
Then, in the summer of 1994, Mitnick called Clift--not just once but every day for weeks, both at Clift's office and at his home. Clift took the calls, partly because he wanted to hear just how much Mitnick knew. Surprisingly candid, Mitnick told Clift how he had gotten into his machines, bragging in detail about how he had tracked him down. He told Clift that he had full, albeit unauthorized, access to computers at Netcom and the WELL, two Internet-service providers based in California, and was
using them as his launchpad to other computers. He recited a grocery list of programs he had stolen from Clift and Digital throughout the years.
From what he had heard about Mitnick, Clift had expected to encounter a maniac. But Mitnick was friendly and relaxed, hardly an edgy criminal; their talks sometimes lasted three, four, even five hours.
Clift came to look forward to conversations with Kevin. But what Clift didn't tell Mitnick was that he'd called the FBI. As always, Mitnick found out somehow. Kevin was furious and hurt--he had erected a friendship, at least by his definition, and had taken a great risk in doing so. He wrote to Clift: "You are a paranoid bastard.... Too bad we can't be friends, that would have been nice, but all you want to do is help them bust me." Then he disappeared from the screen.
The Ninth Life
IN LATE 1994, just as his telephone marathons with Clift were ending, Mitnick once again narrowly escaped capture. He was in Seattle, living under the name Brian Merrill and working at a clinic as a computer troubleshooter. Two investigators with a local cellular-service company, looking into a spate of fraudulent phone calls, trailed the thief to his apartment via his phone signal. Using a scanning device, they listened in on a long, spirited conversation he was having with someone in Colorado.
The two were discussing a computer system they wanted to crack.
One month later, still unaware that their man was Kevin Mitnick, the Seattle police, accompanied by Secret Service agents, returned with a search warrant. They staked out the apartment for two hours before breaking down the door. No one was home, and electronic gear lay strewn around the room, all of which they seized--laptop, modems, cell phones, battery packs, manuals, chips, and chip-programming equipment--leaving the warrant on the kitchen table. All the while, Mitnick may have watched from
nearby. By the time word reached Seattle from the FBI that they'd found America's most wanted cybercriminal, it was too late. Mitnick, once again, was gone. Only he'd just spent his ninth life.
"Your Technique Is No Good"
TSUTOMU SHIMOMURA is an elfin man with jet-black hair that flows well past his shoulders. His parents, both biochemists, shuttled their two children between Japan and the U. S. Shimomura picked up his parents' affinity for the sciences. He dropped out of high school at fourteen to work in Princeton's astrophysics department, then enrolled at Cal Tech as a physics undergrad. Before he could graduate, Los Alamos National Laboratory offered him a postdoctoral position. He was nineteen. He then went
to the San Diego Supercomputer Center on a year's sabbatical from Los Alamos and stayed. His new colleagues found him driven, with little tolerance for slow thinkers.
When Shimomura first arrived at the center, he was twenty-five and extremely demanding. Though the staff complained about him, he was deemed too valuable not to keep on. Among his friends, he is famous for his obsessive concentration; he's been known to expound for hours on the virtues of the best in-line-skating wheels. Then there are his computers. Shimomura has about thirty, of which half a dozen are running at any one time. He also possesses a devilish knowledge of cell phones--eviscerating
them to see how they work, using programming commands not listed in the user's manual, and, dancing on the edge of the law, converting them into scanners capable of listening in on others' conversations.
Throughout the years, Shimomura developed a fascination with the complexities of computer security. When the Supercomputer Center had a problem with break-ins a few years ago and called in the FBI, Shimomura impressed the agents, and they started calling him as a consultant, as did the Air Force and the National Security Agency. He was considered one of the best minds in the country. So no one was more surprised when his system was infiltrated--on Christmas Day, no less--than Shimomura himself.
One of the first things an electronic prowler typically does is delete system logs--the inventory of the jobs the computer has been working on--so that his victim cannot go back and retrace his footprints. But the person who broke into Shimomura's computer was unaware that Shimomura had taken an extra precaution: A copy of his log files was regularly E-mailed to a safe spot on another computer on his network. Andrew Gross, a University of California at San Diego graduate student employed at the
center who regularly monitored Shimomura's log files, was at home for the holidays in Tennessee when he decided to check his E-mail the day after Christmas. When he saw that the log, ordinarily a record that should be growing, was actually shrinking, he knew it had been tampered with.
Shimomura was on the road to Lake Tahoe for a few weeks of skiing when Gross reached him on his cell phone. "I think we have a problem," Gross said and told him what he'd seen. Both got on planes for San Diego.
It took them several days to figure out what had happened. The intruder had used a method called Internet Protocol address spoofing. IP spoofing depends on the fact that computers on a given network are often programmed to recognize one another and to disallow access from an outside computer unless that computer is designated as another trusted machine--similar to an admonition not to speak to strangers. A spoofing attack exploits a flaw in the networking software that allows a computer to be
fooled into thinking it is communicating with a familiar computer.
The Internet works by breaking data into groups of digital "packets," each of which is enclosed in an electronic envelope that contains addressing information. The IP-spoofing method essentially falsifies the sender's return address. The intruder logged on to a computer at Loyola University in Chicago (a stranger to the target machine). He then posed as one of Shimomura's personal computers in San Diego, using an electronic address unique to that computer. Once the rogue computer at Loyola had
taken on the identity of a trusted machine, it told the target machine to trust every other host on the Internet. This allowed the impostor to enter Shimomura's other computers and have free run of the system. Dozens of Shimomura's files were copied.
"We were more than mildly surprised," says Gross. "Between Tsutomu and me, we've covered his machines for pretty much everything imaginable and then some."
Gross and Shimomura both knew about the technique but had never seen it used. There was even some doubt in the community as to whether IP spoofing, which involves delicate timing, would even work. "But it turns out," says Gross, "that on days when the Internet is less traveled, it's possible." Christmas Day, perhaps the one day of the year when families manage to convince the resident wirehead to log off, was apparently no random choice. Nor was the identity of the intruder much of a mystery.
Shimomura, like anyone in computer security, was well aware of Kevin Mitnick's reputation, but he did not immediately suspect him. A couple of months earlier, someone had broken into a friend's computer; the attacker was trying to steal Shimomura's code for turning a phone into a scanner. At around the same time, one of Shimomura's own computers had gotten a few pokes, but they weren't terribly sophisticated. Then, on Christmas Day, someone had gone after the phone code again and taken
Shimomura's home directory, which contained his E-mail and several security tools. But the complex nature of the Christmas attack made Shimomura doubt that Mitnick could have written a program to carry out the spoof. He must have found it somewhere or gotten it from somebody.
After Shimomura and Gross set up some additional protection for the machines, they returned to their respective vacations. Shimomura saw the whole thing as a giant annoyance: "It was something I didn't want to deal with. I wanted to go do something else."
Then, on December 27, a message was left on his voice mail: "My technique is the best," came a male voice in an odd, slightly cockney accent. "Damn you. I know sendmail technique. Don't you know who I am? Me and my friends, we'll kill you." Then another voice came on: "Hey, boss, my kung fu is really good." Three days later came a second voice-mail message: "Your technique will be defeated. Your technique is no good." Shimomura took the messages and made them available through the Internet for
all to hear.
Shimomura might have dropped the matter if it hadn't been for what a man named Bruce Koball found in his account on the WELL. On January 27, Koball, an organizer of an annual conference called Computers, Freedom and Privacy, got a notice from WELL managers that an automated program called Disk Use had flagged one of CFP's accounts as taking up too much disk space. This struck him as odd because he seldom used that account. When he looked, he saw that it was indeed bloated and that the owner of
the files was Tsutomu Shimomura. Koball called Shimomura, and Shimomura confirmed that those files had been stolen from his computer. The intruder had somehow acquired what are called "root" privileges on the WELL, which means he had the run of the place. He had stashed his booty in the CFP account because it was used so seldom. The frightening part about his having full access to the WELL was that if he felt like it, he could bring the system crashing down. So far, he hadn't.
The intruder was logging on to the WELL routinely, apparently comfortable that his wanderings were going undetected. Here was an opportunity to monitor the interloper closely. Gross and then Shimomura flew to San Francisco and set up shop in a back room at WELL headquarters in Sausalito. The two monitored the intruder, watching each character as it was typed. It was not a garden-variety break-in. In most cases, someone has a few files he might be interested in, spends most of the time
haphazardly joyriding around the system, then leaves. But this intrusion was far more widespread. The WELL wasn't the only target. The thief had also taken control of computers at InterNex and Netcom, two Internet-service providers in the Bay Area.
When it finally became clear that the attacker's launchpad for the sessions was actually Netcom, the team packed up and moved the operation down the peninsula to San Jose. From Netcom's headquarters, they saw the intruder name files ("japboy" was one favorite, while "fucknmc"--Fuck Neill Michael Clift--was his password of choice), cruise through places he had already been, and poke at places he still wanted to get into. One of the Netcom files he had was a customer-account record containing the
credit-card numbers. He routinely searched through the E-mail of about a dozen people, including that of my Cyberpunk coauthor, New York Times reporter John Markoff, who was following the chase closely. When they saw that he was looking for text that contained the letters "itni," they knew for sure: It was Kevin Mitnick.
A CRUCIAL PIECE of information came a few days into the watch. An assistant U. S. attorney in San Francisco issued subpoenas of telephone-company calling records. The records showed that the calls were coming from a local Netcom dial-in site in Raleigh, North Carolina. They were originating from a cellular telephone hooked to a modem. By 1:00 A.M. on February 13, Shimomura was in Raleigh, in the passenger seat of a truck driven by a Sprint Cellular technician, his lap piled with homemade
scanning and homing equipment. This included a surveillance device rigged out of an Oki cell phone, a palm-top computer to control the Oki, and the Sprint technician's cellular scanner, with an antenna for detecting signal strength like a Geiger counter. Shimomura considers that part of the chase trivial. "It's like finding a light-bulb in the dark," he says.
Within thirty minutes, they'd homed in on the Players Club apartments, a three-story complex near the airport. When he turned things over to the FBI to make the arrest, Shimomura advised the agents to move swiftly to reduce the time Mitnick would have to destroy evidence. But the feds waited two days before trying to find the right apartment. Finally, at 2:00 A.M. on February 15, they knocked on the door of apartment 202. It took Mitnick five minutes to open it. When he did, he demanded to see a
search warrant. They had one, but for the wrong apartment. The prosecutors would have to talk to a federal magistrate to get a valid warrant, but the agents had already pushed their way inside. Mitnick was under arrest. He would see the man who tracked him down only once, in court, at his prearraignment hearing. "Hello, Tsutomu," he said. "I respect your skills." Shimomura didn't respond.
Not an Elegant Solution
SUSAN THUNDER once told me, "Your ass is the only thing you can sell and still have after you've sold it." The same might be said of software. It's the only thing you can steal and still leave behind, because what you're taking is a copy. This is a common line of defense among lawyers who represent computer criminals. When I visited Kevin's lawyer, a genial, middle-aged criminal-defense attorney named John Yzurdiaga, I was sure he'd trot out that line. But he didn't. In fact, Yzurdiaga, who has
the beaten-down look of a man who has spent a lot of time around a lot of rough characters, seemed more than a little mystified and overwhelmed by the case and confessed that he didn't know much about computers.
I'd gone to L. A. to talk to Yzurdiaga about interviewing Kevin, who was still waiting to go to trial. After politely dashing any hopes I had of getting to his client, Yzurdiaga bought me lunch. Over gazpacho and salad, I raised some questions that had been nagging at me. Whom in Colorado was Mitnick talking to that night in Seattle? Everyone I had spoken with seemed to agree that the taunting threats on Shimomura's voice mail last December were not left by Mitnick. Emmanuel Goldstein, a friend
of Mitnick's who publishes 2600, a magazine for hackers, told me he knows who left the messages, and it wasn't Mitnick. If Kevin didn't write the IP-spoofing program, who did? After Kevin's arrest, it was inevitable that newspapers would tell the story of Shimomura versus Mitnick in the style of a fifties western. Mitnick is the bad guy because we need to have a bad guy, though it's actually possible that he didn't do some of the things he is being blamed for. More to the point, our
preoccupation with him may be an easy distraction, diverting our attention from those lurking in cyberspace whose intentions are far more malicious than his. Mitnick, it may turn out, is just the one who keeps getting caught.
After doing his lawyerly duty and proclaiming his client's innocence, Yzurdiaga, a man who has defended people accused of far more heinous acts, threw up his hands. He said he couldn't understand just how bad these crimes could be, no matter who committed them. After all, no one was physically harmed. Nothing was sold. Nobody profited. And what is a suitable punishment? If convicted of cellular-phone fraud and possible further charges, Mitnick could face decades in prison. Even Shimomura thinks
that is "not an elegant solution." Roscoe's lawyer, a brash man named Richard Sherman, dispenses with elegance altogether. "You know what they should do to Kevin Mitnick? Kevin Mitnick should have his pants taken down for six months so everyone can see what a little weenie he has."
Getting In
IFINALLY MET Kevin Mitnick--in a virtual fashion--when he called the Tom Snyder radio show from Las Vegas in 1991. I was on a promotional tour for Cyberpunk, and Mitnick was apparently so irked by some of it that he called the show to air his grievances. He was polite and friendly and even waited patiently when Snyder broke for a commercial. We had a brief, tense exchange. When Snyder cut him off to take another call, Mitnick slipped back into the ether.
Now, four years later, came a chance for a real meeting. Disregarding Yzurdiaga's categorical thumbs-down, I flew to North Carolina. Cyberpunk was going into a new printing, and I owed Mitnick a chance to correct any errors of fact. I decided to deliver to him a copy of the book myself--that was the ostensible mission. For years, he'd been a phantom in my life. Now, at least, I knew where he was.
I drove to the Players Club apartment complex, where Mitnick had been living when he was arrested. Set in the lush Carolina pines, the apartments were clean and new, the grounds immaculate. I could imagine his relief at arriving here, with the possibility and promise of nearby Research Triangle Park, the area's own Silicon Valley. The search of Mitnick's place after the arrest had produced a book on the best companies to work for in America and forty-four job-application letters.
The Johnston County Jail is in Smithfield, thirty miles east of Raleigh. When I arrived, I pushed the intercom button and explained to a disembodied woman's voice that I was here to deliver a book. "We don't accept books for federal prisoners," she said. "The marshal's office has to approve it."
I called the marshal's office. "Well," said the deputy I reached, "if the U. S. attorney's office has nothing against it, neither do I." I called the U. S. attorney's office. "I don't have a say in who can visit," the attorney in charge of the case told me. "Call the defense attorneys." I called the public defender's office in Raleigh and was told that Mitnick's lawyer was in a meeting. I called the marshal back. "I'll call the captain," he said. The wall had cracked.
I walked next door to the sheriff's office, and within a few minutes a man in uniform was whisking me upstairs. The bars closed behind us. "Shouldn't I sit in there?" I asked, pointing to the visitors' room. "Oh, no, don't bother with that," he replied and directed me straight into the warden's office. "Come right in here." Southern hospitality at its finest. Bars, floor to ceiling, painted yellow and blue, were everywhere. A jailer stepped into the hallway, cupped his hands, and yelled up:
"Nitwick!" The others corrected him: "Mitnick."
"Mitnick!" he repeated. Kevin emerged a few moments later, wearing a bright orange jumpsuit several sizes too big over a turquoise T-shirt. His brown, wavy hair, unsuccessfully pulled back into a small ponytail, was in a frenzy. He had gone three or four days without shaving. Otherwise, his face had a healthy ruddiness. No yellow splotches.
As he approached me, he looked suspicious and extremely confused. "Kevin," I stammered, "I'm Katie Hafner." I held up the book like an ID card.
He backed away a bit. "I can't talk to you. Orders from my attorneys." But he couldn't help himself. "How did you get in?" he asked, incredulous. I mumbled something about the book. "Even my friends can't get in." Both of us were smiling. For Mitnick, life must be a constand board game, and, as he did with Shimomura, he'll stop and admire a good move. "I can't say anything to you," he said. Then he shook his head.
"How did you get in?"
|