Personal Computer News


Hacker's Handbook Part 2

 
Published in Personal Computer News #105

The targets that attract the loving attention of the experts of computer communications described in PCN's second exclusive extract from The Hacker's Handbook.

Hacker Targets

The targets that attract the loving attention of the experts of computer communication described in PCN's second exclusive extract from The Hacker's Handbook

Wherever hackers gather, talk soon moves from past achievements and adventures to speculation about what new territory might be explored.

On-line Hosts

On-line services were the first form of electronic publishing: a series of big storage computers act as hosts to a group of individual databases by providing not only mass data storage and the appropriate 'search language' to access it, but also the means for registering, logging and billing users. Typically, users access the on-line hosts via a phone number which links into a public data network using packet switching.

The on-line business began almost by accident; large corporations and institutions involved in complicated technological developments found that their libraries simply couldn't keep track of relevant new scientific papers, and decided to maintain indices on computer. One of the first was the armaments and aircraft company, Lockheed.

In time the scope of these indices expanded and outsiders were granted access. Other organisations with similar information-handling requirements asked if space could be found on the computer for their needs. Eventually Lockheed and other recognised the beginnings of a quite separate business; in Lockheed's case it led to the foundation of Dialog, which today acts as host and marketing agent for almost 300 separate databases.

Originally on-line hosts were accessed by dumb terminals rather than by VDUs. Today the trend is to use front-end intelligent software on an IBM PC which allows the naive user to pose his/her questions informally while offline. The software then redefines the information request into the formal language of the on-line host and then goes on-line via an auto-dial modem to extract the information as swiftly and efficiently as possible.

On-line services require the use of a whole series of passwords: the usual NUI and NUA for PSS, another to reach the host, yet another for the specific information service required.

The categories of on-line service include bibliographic, which merely indexes the existence of an article or book - you must then find a physical copy to read; and source, which contains the article or extract thereof. Full-text services not only contain the complete article or book but will, if required, search the entire text.

Financial Services

The financial world can afford more computer aids than any other non-governmental sector.

Over ten years ago Reuters put together the first packages which gave some questioning power to the end user. Each Reuters Monitor is intelligent, containing a mini and some firmware which accepts and selects the stream of data from the host at the far end of the leased line, marshalls interrogation requests and takes care of the local display. There is little point in eavesdropping into a Reuters line unless you know what the terminal firmware does.

The first sophisticated Stock Exchange prices 'screens' used modified closed circuit television technology. But London now uses Topic, a leased line variant on viewdata technology, though with its magazine-like arrangement and auto-screen refresh, it has as much in common with teletext as Prestel. Topic carries about 2,500 of the total 7,500 shares traded in London, plus selected analytical material from brokers.

Datastream represents a much higher level of sophistication: using its £40,000 plus pa terminals you can compare historic data - price movements, movements against sector indices, etc - and chart the results.

The hacker's reward for getting into such systems is that you can see share and other prices on the move. None of these prices is confidential. However, this situation is likely to change as there will be electronic prices services giving privileged information to specialist share dealers.

All these services are only available via leased lines; City professionals would not tolerate the delays and uncertainties of dial-up facilities. However, dial-up ports exist for demonstrations, exhibitions, engineering and as back-up - and a lot of hacking effort has gone into tracking them down.

Business Information

Business information is usually about the credit-worthiness of companies, company annual reports, trading opportunities and market research. The biggest electronic credit data resource is owned by the international company Dun & Bradstreet: during 1985-86 it is due to spend £25m on making its data available all over Europe.

In addition, all UK companies quoted on the London Stock Exchange and many others who are not, have a report and analysis available from ICC (Inter-Company Comparisons) who can be accessed via on-line dial-up through a viewdata interface and also by Datastream customers. Dun & Bradstreet also have an on-line service called KBE covering 20,000 key British enterprises.

Prodigious quantities of credit and background data on US companies can be found on several of the major on-line hosts. A valid phone number, passwords and extracts from the operations manual of one of the largest US services, TRW, sat on some hackers' bulletin boards for over twelve months during 1983 and 1984 before the company found out.

According to the Washington Post, the password and manual had been obtained from a Sears Roebuck national chain store in Sacremento. Some hackers claimed they were able to alter credit records, but TRW maintains that telephone access to its systems is designed for read-only operations alone, updating of files taking place solely on magnetic tape.

University Facilities

In complete contrast to computers that are used to store and present data are those where the value is to deliver processing power to the outside world. Paramount among these are those installed in universities and research institutes.

Although hackers frequently acquire phone numbers to enter such machines, what you can do once you are there varies enormously. There are usually tiers and banks of passwords, each allowing only limited access to the range of services. It takes considerable knowledge of the machine's operating system to break through from one to another.

However, the hobbyist bulletin board system quite often provides passwords giving access to games and the ability to write and run programs in exotic languages.

In the UK, many important university and research institution computers have been linked together on a special data network called SERCnet. SERC is the Science and Engineering Research Council. Although most of the computers are individually accessible via PSS, SERCnet makes it possible to enter one computer and pass through to others.

Banking

Prominent among public fantasies about hackers is the one where banks are entered electronically, accounts examined and some money moved from one to another.

Most 'remote stealing' from banks or illicit obtaining of account details touch computers only incidentally and involve straightforward fraud, conning or bribery of bank employees. For hackers, however, the very considerable effort that has been made to provide security makes the systems a great challenge in themselves.

In the UK, the banking scene is dominated by a handful of large companies with many branches. Cheque clearing and account maintenance are conducted under conditions of high security with considerable isolation of key elements.

In the United States direct attacks on banks have been much easier because the technology adopted is much cruder and more use is made of public phone and telex lines. One of the favourite techniques has been to send fake authorisations for money transfers.

The trick is to spot weaknesses in the cryptographic systems used in such authorisations. The specifications for the systems themselves are openly published; one computer security expert, Leslie Goldberg, was recently able to take apart one scheme and show that much of the 'key' that was supposed to give high level cryptographic security was technically redundant.

There are, however, a few areas where banking is becoming vulnerable to the less mathematically literate hacker. A number of international banks are offering their big corporation customers special facilities so that their Treasury Departments can have direct access to their account details via a PC on dial-up.

Telebanking is now available via Prestel and some of its overseas imitators. Although such services use several layers of passwords to validate transactions, if those passwords are misacquired, the bank account becomes vulnerable.

Electronic Mail

Electronic mail services work by storing messages created by some users until they are retrieved by their intended recipients. The ingredients of a typical system are: registration/logging on facilities, storage, search and retrieval, networking, timing and billing.

Electronic mail is an easy add-on to most mainframe installations, but in recent years various organisations have sought to market services to individuals, companies and industries where electronic mail was the main purpose.

The system software in widest use is that of ITT-Dialcom. It's the one that runs Telecom Gold.

In the Dialcom/Telecom Gold service, the assumption is made that most users will want to concentrate on a relatively narrow range of correspondents. Accordingly, the way it is sold is as a series of systems, each run by a "manager": someone within a company. The manager is the only person who has direct contact with the electronic mail owner and he in turn is responsible for bringing individual users on to his system - he can issue mailboxes direct, determine tariff levels and put up general messages.

In most other services, every user has a direct relationship with the electronic mail company.

The basic systems tend to be quite robust and hacking is mainly concentrated on second-guessing users' IDs. But increasingly their customers are using PCs and special software to automate logging-in. The software packages, of course, have the IDs nicely pre-stored...

Government Computers

Among hackers themselves the richest source of fantasising revolves around official computers like those used by the tax and national insurance authorities, the police, armed forces and intelligence agencies.

Although I know UK phone phreaks who claim to have maanged to appear on the internal exchanges used by Century House (M16) and Curzon Street House (M15) and have wandered along AUTOVON, the US secure military phone network, I am not aware of anyone bold or clever enough to have penetrated the UK's most secure computers.