On 29 June 1989, a security manager for the US telephone company Indiana Bell received an anonymous telephone call. In a menacing tone a young man’s voice informed him that he had planted bombs in several switching systems known as 5ESSs. ‘They’re set to blow on a national holiday. They could be anywhere in the country – it’s a sort of competition, a security test.’ On 15 January 1990 – Martin Luther King Day – AT–T’s long-distance telephone switching system went out of action for nine hours. About seventy million calls went uncompleted.
Three days later the United States Secret Service – an organisation originally set up to protect the President – mounted a nation-wide sweep, targeted in particular at a group calling itself the Legion of Doom. The bombs to which the menacing young man had referred were computer programs, not explosives. He was a hacker, a term that in The Hacker Crackdown refers to a few thousand talented but anarchically – sometimes criminally – inclined people, whose lives revolve around unauthorised access to computer systems. The New Hacker’s Dictionary would strongly disagree, and call him a ‘cracker’ – in which case I suppose the appropriate title would be The Cracker Hackdown.
Hackers in the Sterling sense communicate by email (electronic mail) using bulletin boards – individual computers, ‘nodes’ on the global network, which maintain files that anyone with a modem and the right phone numbers can dial up, read or write. They inhabit what the SF writer William Gibson calls ‘cyberspace’, the linked electronic interiors of the world’s computers. Cyberspace is real, even though it has no overt physical presence. The American telephone system lives in cyberspace. Its ‘switches’ are enormously complex computers, which automatically route calls to the far ends of the earth or the house next door, make charges to accounts, digitise conversations and interleave them with hundreds of others to fit more of them into limited numbers of phone lines, and then separate them all out again at the other end so that they can be understood. Hackers mostly see themselves as the electronic equivalent of Robin Hood. To the telcos – telephone companies – they are rats lurking in the cyberspatial wainscoting. The Secret Service didn’t take much serious notice of them – until Martin Luther King Day. The Hacker Crackdown concentrates on the AT–T crash, what led up to it, and what it led to. Sterling is a gripping writer – he is an SF author, best known for The Difference Engine, written with Gibson – and he really knows how to hook his reader and tell a story.
The antics of criminal-type hackers should not be confused with the activities of the far wider community of ‘serious’ computer programmers. I am writing this review during a visit to the University of Waterloo in Canada – one of the world’s great centres for real computing. I’m not actually visiting the computer science department: I’m at the Fields Institute for Research in Mathematical Sciences, a new international research centre recently set up by the Canadian Government. Waterloo is the home of one of the basic tools of the mathematical trade, the computer program MAPLE, which was developed here. It is a symbolic algebra program. Instead of just crunching numbers, MAPLE crunches symbols. It is widely used in mathematical research to carry out calculations that would otherwise be very tedious – and probably full of mistakes. MAPLE takes care of routine algebraic manipulations, leaving the user free to think.
It is the slang of people who make computer systems work rather than try to interfere with those systems – people who write software like MAPLE – that decorates the pages of The New Hacker’s Dictionary. These people refer disparagingly to any Sterling-type hacker as a ‘cracker n. One who breaks security on a system. Coined c. 1985 by hackers in defence against journalistic misuse of hacker (q.v.).’ The Dictionary is for browsing, for amusement, and for an insight into the creative but rather weird world of the true hacker. Do not attempt to read it from cover to cover or you risk serious brain damage (q.v.). Do not let it influence you into attempting deliberately to become a hacker, or to copy hacker slang: you will be merely a wannabe. That term is borrowed from Madonna fans; other hacker slang comes from mathematicians; and quite a lot – including the general mind-set – is shared with SF fandom: for example, IMHO, meaning ‘in my humble opinion’, and ha ha only serious, which is self-explanatory.
True hacker jargon must not be confused with the technobabble employed by suits to impress naive real users. It tends to have the surreal nature: ‘the Moof or dogcow is a semilegendary creature that lurks in the depths of the Macintosh Technical Notes Hypercard Stack V3.1 ... option-shift-click will cause it to emit a characteristic “Moof!” or “!fooM” sound. Getting to tech note #31 is the hard part.’ But some of its coinages deserve wider currency, such as the evocative phrases kicking dead whales down a beach, nailing jelly to a tree, and the tip of the ice-cube.
Hackers view anything crufty with contempt: they refer to the world’s most widely bought operating system, MS-DOS, as messdos (or sometimes in the UK as domestos); the doddering but unkillable language FORTRAN is Fortrash; and a diskless workstation (‘a class of botches including the Sun 3/50 designed exclusively to network with an expensive central disk server’) is a dickless workstation. Which naturally leads to SEX (Software EXchange), an activity that should not be carried out unprotected in case you catch a virus. Watch out too for the heisenbug, a programming error that disappears whenever you try to observe it, and the mandelbug, a bug so obscure that it appears non-deterministic. Avoid adding too many features to an already complex system, or you will be accused of feeping creaturism, one of many ways to end up in a pessimal situation. Learn how to overcome the textual limitations of email and convey your emotional state by sending an emoticon:
:-) smiley face
:-( frowney face
:-/ wry face
(turn the page sideways). Many hacker terms have double meanings, depending on context: for example, for the rest of us (from Apple Computer’s slogan advertising the Macintosh) can describe a spiffy product whose affordability shames the competition, or (used sarcastically) a spiffy but very overpriced product. The word spiffy is also ambiguous, implying either brilliant design or superficial flashiness.
Hackers despise crackers; but they also believe that crackers can operate only because of the stupidity of manglers (managers) and the greed of marketroids, who prefer putting together four-colour glossies to making sure that their products are secure. All of which brings me by a roundabout route to Approaching Zero, which is about hackers in the criminal sense. It’s not quite as gripping as Sterling’s book, but still a fascinating read. It’s informative about events in Europe and the former Soviet Union, and especially strong on computer viruses and their cousins – worms, Trojan horses and bombs.
The first documented attack of a computer virus occurred at the University of Delaware on 22 October 1987. (The Dictionary naturally disputes this: according to the Unix conspiracy theory, the Unix operating system was a virus invented by Bell Labs that spread by way of people and market forces rather than directly.) A virus is a program that lives within another program, which could be anything from a game to the computer’s operating system, and which spreads from machine to machine when humans trade disks. A worm is more clever, and propagates itself over the network. A bomb does nothing until some event – such as a particular date – triggers it; a Trojan horse is a virus that masquerades as something something more attractive – a game or a utility.
The word ‘virus’ tends to be used as a generic term for all such nasties. They can be benign – the virus Stoned, originating in New Zealand, merely displays the message ‘your PC is now stoned.’ Others cause serious damage, typically destroying the entire contents of the computer’s hard disk. One of the best known virus attacks – strictly, it was a worm – struck ARPANET, the network of the US Defence Department, on the evening of 2 November 1988. Three hours later computers at the Rand Corporation in Santa Monica slowed to a crawl. Within another two hours the same was happening at MIT, Purdue, Princeton, Stanford and the University of California at Berkeley. The infection spread onto MILNET, a military network, and to Internet, a link between four hundred different local networks, by which time some 60,000 computers were at risk. Three ad hoc teams were set up to fight the infection. They soon discovered that only two types of machine – SUN3s and VAXen (the accepted plural of VAX, by way of ox/oxen or possibly fox/vixen) – were affected). Within a few more hours they knew that the worm was benign: instead of destroying data, it was merely clogging up the network by producing enormous numbers of copies of itself.
It subsequently turned out that the worm had been written by Robert Morris Jr, son of the chief scientist at the National Computer Security Centre, in what he described as an innocent experiment that went wrong. It had exploited a bug in Berkeley Unix – specifically, in Sendmail, a program designed to transmit email across any network. (The Dictionary tells us that Berkeley Quality Software or BQS is a pejorative term, as is Berzerkely, used specifically with regard to the code written at Berkeley to run Unix on VAXen.) Instead of permitting only messages to be sent, Sendmail could be used to transmit active commands as well. So once the worm had safely installed itself in a new host, it could set to work, collecting the information it needed to transmit the infection again. The security implications of the bug in Sendmail were notorious among Unix programmers, but it had never been corrected, presumably because the manglers were relying as usual on security through obscurity. Ignore the bug, don’t fix it, don’t document it, hope nobody notices. (‘Besides, if they started fixing security bugs customers might begin to expect it and imagine that their warranties of merchantability gave them some sort of right to a system with fewer holes in it than a shot-gunned Swiss cheese, and then where would we be?’)
Approaching Zero relates many other harrowing virus tales. It is less sympathetic to the hackers than Crackdown, and portrays at least some of them as dangerous criminals, selling the KGB military information hacked from US government computers, and deliberately setting out to wreck the world’s computer systems – which include your bank account, your medical records, and your access to the 999 emergency service.
There are now over 2700 known viruses. If you want to get seriously worried, buy Approaching Zero and read about the Bulgarian virus factory. On the other hand, if you want to find out what really happened on Martin Luther King Day (and afterwards), and get seriously worried about a lot of other things, buy The Hacker Crackdown. To continue its Story: on 1 March 1990, the Secret Service raided Steve Jackson Games, a computer game publisher that employed 15 people and had an annual turnover of $500,000. It was looking for a ‘handbook of computer crime’, allegedly being published by the company. It took away every item of computing equipment, printers, disks, tapes that it could find. Highly sensitive information about the E911 system – an extended version of 911, the American equivalent of the 999 emergency number – was found on several hacker boards. AT–T valued this document at $79,449. A hacker with the handle (pseudonym) ‘Knight Lightning’ was charged with conspiracy, computer fraud, wire fraud, access device fraud and interstate transportation of stolen property. The maximum sentence for these crimes was 30 years. The E911 document was said by the prosecution to be so secret the jury was not permitted to see it.
Unfortunately, several embarrassing facts began to emerge as Knight Lightning’s show-trial progressed. The case finally collapsed when it turned out that a far more detailed document about the E911 system was available to anybody who rang a Bellcore toll-free number and paid $13. (Bellcore is the research branch of AT–T.) Knight Lightning was not found innocent: the case was simply dropped. His defence had cost him around $100,000. The ‘handbook of computer crime’ to be published by Steve Jackson Games was actually a harmless computer game called GURPS Cyberpunk.
According to Sterling’s reading of events – and he argues it very convincingly – the central issue in the USA has now become one of civil liberties. The Electronic Frontier Foundation, founded by Mitchell Kapor, funded in a substantial degree by Steve Wozniak (who started up Apple Computer) and John Gilmore (a pioneer of Sun Microsystems), has supported several hackers who have filed suit against the Secret Service. Steve Jackson, whose company was wrecked when its equipment was seized, is one of them. He has never been charged with any crime – but his equipment remains impounded.
One final thing. The Martin Luther King Day crash was not in fact caused by hackers. Indeed AT–T made it very clear at the time that they strongly suspected programmer error, and they were right. While the Secret Service was romping through the bulletin boards, AT–T’s patient detective work turned up the real cause of the problem. Buried deep inside a piece of software controlling its 4ESS switching stations, written in the computer language C, was a long do ...while loop. Inside the loop was a switch statement. Inside that was an if clause. Inside the if was a break command. It was supposed to break the if clause; but actually it broke the switch statement. Precisely one character of the code had been misplaced.
What that tiny error led to is a salutary tale for anybody who believes in the infallibility of computers. Each 4ESS switch had the same tiny flaw: if it received two phone calls within a hundredth of a second, a small piece of code would get garbled. But AT–T had sensibly provided for such an eventuality. Each switch would monitor itself, and if it got garbled, it would shut itself down, and go into fault-recovery mode. About forty seconds later, its software fully repaired, it would signal ‘OK, ready for work’ to all the other switches.
Which would treat that message as if it were a phone call. Which might just arrive within a hundredth of a second of another, real call. And shut down those switches. Within 40 seconds they’d be back up, sending OK messages to all the other switches. The more the switches shut down, the more OK messages they sent each other, so the more likely it was that one would arrive fatally close to a genuine call. Self-induced shutdowns, all caused by the switches’ own OK messages, cascaded through the network in a chain reaction.
Approaching Zero shows that we have a lot to fear from the activities of those (few) hackers who are genuinely malevolent. The Hacker Crackdown suggests that we have just as much to fear from programming errors – and that American citizens have far more to fear from their Secret Service.