This
morning I was on Dutch radio (program OVT of VPRO). Using a radio fragment as flash
back in history on the subject of hacking, I was asked to comment. Exactly to
date, 27 years ago, on July 28, 1986 two 17 years hacked the Dutch consumer
system Viditel.
If you speak Dutch, listen to the interview.
The
two high school boys got into the system and were able to reach travel shops
and banks. It was an innocent hack. These days sentences for hacks are high and
persons behind Anonymous and Wikileaks are seen and treated as top criminals.
The
interview was cut short by the actuality of the death of Barnaby Jack. This US
hacker was a good guy, who loved to demonstrate how ATM spit out money at wish without
using a card at hackers’ conventions. More recently he got involved in medical
devices and and showed how sensitive these were. He was able to hack a pace
maker and send 380 Volt through a virtual heart. He worked in computer security
for companies like McAfee and IOActive.
Viditel
Barnaby
Jack was only eight years old when the Viditel hack took place in the
Netherlands 28 July 1986. Viditel was the first online consumer system which
was launched in 1980 on 7 August by the Dutch PTT, copying the British Prestel
system. It used a central computer , telephone line, telephone and adapted
television set for sending and receiving information.
The
Viditelcomputer was a GEC 408 2 with an internal memory of 384Kb and had six
disc units of 70Mb, good for 60.000 videotex pages. The system could serve 192 concurrent users
(something a present ISP would be unable to serve his clients with).
In
1986 the Viditelsystem was hacked by two boys, 17 years old. The hack was
reasonably simple, no rocket science, no logarythms. You just call up people
who have Viditel, tell them that you are representatives of the Dutch PTT and
ask them for their access codes and passwords. The trick is still used by
people representing themselves as Microsoft representatives who want to help
you speeding up your PC.
It
was not the first time the Viditel system was being hacked. IN 1983 it had been
already hacked from London by Hugo Cornwall, alias Peter Sommer, the author of Hacker’s Handbook
published in 1985. Hugo Cornwall visited an exhibition at which Prestel and
Viditel were demonstrated. By carefully checking the finger movements of the
British Telecom employeer, he was able to figure out the access code and password.
Before the end of the day Higo Cornwall had penetrated the Dutch system. In
fact it was not too difficult to crack the system, as the operator send on
passwords by fax for everyone to be seen.
Hacking in the eighties
Hacking started with getting
into the telephone system. One of the persons who did dthis was Susan
Headley in 1977. Hacking the telephone system was partly a sport, partly a way
to avoid telephone ticks tobe paid. From 1980 onwards computers were the subjects
of hacks. An early example was the breaking into a live television broadcast by
the BBC about computers, during which a small poem was projected on the screen.
This
incident was rather innocent, but by 1984 more tseps wer made. The Hamburg
based Computer Chaos Club (CCC) hacked the BTX system, the German counterpart
of Prestel and Viditel. The hackers succeeded to enter a bank’s system and put
in a routine which generated an access from the bank’s account to a CCC page every
three seconds. As the page had been valued on 10 DM the CCC made 134.000 DM
(roughly 75.000 euro). The bank had claimed before that the system was
absolutely safe to use. The CCC showed that the bank’s BTX system could ruin
any customer. The next day after publication the money was returned to the
bank.
In
the UK Prince Phillip’s e-mail box on Telecom Gold was hacked. The hackers were
able to detect the safelty level of the Prince and discovered that the password
consisted of the code 1234.
In
the Netherlands also computers were being hacked. Jan Jacobs, a free-lance
journalist, made contact from his study at home with the Government’s Institute
for Health and Environment, RIVM. Jacobs was able to look into confidential
medical dossiers of patients and many other data. An amateur hacker had lended
the access code and password to the journalist.
In
the same year two Delft students penetrated into the network of the PTT with 14
connected computers. Names of bad paying clients, secret numbers, but also
telephone numbers of private people, companies and government institutions
became public. The students, encouraged by Bob Herschberg, professor operating
systems, did not have bad intentions and only were willing to show the leaks in
the system. Soon after this hack the Dutch government started a commission to
research cybercriminality.
Criminal
hackers
By
the end of the eighties things became more serious. Hacking
became ambivalent. You had ethical hackers and criminal hackers. It
was shown by a group of hackers who accessed computers of the US government and
companies for access codes and passwords. Once they had these codes they
started to sell them to the Russian KGB. This was seen by Germany and the USA
as cybercriminality.
In
the late eighties and the beginning of the nineties criminal hacking could not
be prevented. Police statements on hacking still were type on old fashioned
typing machines. Even now criminal hacking is difficult to prevent as so many
parties, choices and mistakes are involved. The Dutch organisation for computing
the public transport ticket organisation chose for a low level security. Within
no time the system was cracked. Besdies you can secure a system, but theer are
always people who will transfer their codes to complete strangers. In order to
fight this habit you will have to start an awreness campaign.
Government as hacker
Hacking computer was a
playful business beginning 1980. But with the banking incident in
Hamburg in 1984 and the cybers espionage in 1989, hacking was beyond innocence.
Hacking was more difficult to discern into ethical and criminal hacking by the
day. And as government is using various information
systems, data can be compared and systems linked with each other. As such the
systems can be used to spy and check on citizens. Whistle blowers like
Assange, Manning and Snowdon have demonstrated that governments are becoming
hackers. This will put hacking into another and higher gear of the ethical
dimension: criminal and political. If you speak Dutch, listen to the interview.