The Art of Deception - LightNovelsOnl.com
You're reading novel online at LightNovelsOnl.com. Please use the follow button to get notifications about your favorite novels and its latest chapters so you can come back anytime and won't miss anything.
FROM KEVIN MITNICK.
True friends.h.i.+p has been defined as one mind in two bodies; not many people in anyone's life can be called a true friend. Jack Biello was a loving and caring person who spoke out against the extraordinary mistreatment I endured at the hands of unethical journalists and overzealous government prosecutors. He was a key voice in the Free Kevin movement and a writer who had an extraordinary talent for writing compelling articles exposing the information that the government doesn't want you to know. Jack was always there to fearlessly speak out on my behalf and to work together with me preparing speeches and articles, and, at one point, represented me as a media liaison.
This book is therefore dedicated with love to my dearest friend Jack Biello, whose recent death from cancer just as we finished the ma.n.u.script has left me feeling a great sense of loss and sadness.
This book would not have been possible without the love and support of my family. My mother, Sh.e.l.ly Jaffe, and my grandmother, Reba Vartanian, have given me unconditional love and support throughout my life. I am so fortunate to have been raised by such a loving and dedicated mother, who I also consider my best friend. My grandmother has been like a second morn to me, providing me with the same nurturing and love that only a mother could give. As caring and compa.s.sionate people, they've taught me the principles of caring about others and lending a helping hand to the less fortunate. And o, by imitating the pattern of giving and caring, I in a sense follow the paths of their lives. I hope they'll forgive me for putting them in second place during the process of writing this book, pa.s.sing up chances to see them with the excuse of work and deadlines to meet. This book would not have been possible without their continued love and support that I'll forever hold close to my heart. deadlines to meet. This book would not have been possible without their continued love and support that I'll forever hold close to my heart.
How I wish my dad, Alan Mitnick, and my brother, Adam Mitnick, would have lived long enough to break open a bottle of champagne with me on the day this book first appears in a bookstore. As a salesman and business owner, my father taught me many of the finer things that I will never forget. During the last months of my Dad's life I was fortunate enough to be able to be at his side to comfort him the best I could, but it was a very painful experience from which I still have not recovered.
My aunt Chickie Leventhal will always have a special place in my heart; although she was disappointed with some of the stupid mistakes I've made, nevertheless she was always there for me, offering her love and support. During my intense devotion to writing this book, I sacrificed many opportunities to join her, my cousin, Mitch Leventhal, and her boyfriend, Dr. Robert Berkowitz, for our weekly Shabbat celebration.
I must also give my warmest thanks to my mother's boyfriend, Steven Knittle, who was there to fill in for me and provide my mother with love and support.
My dad's brother clearly deserves much praise; one could say I inherited my craft of social engineering from Uncle Mitch.e.l.l, who knew how to manipulate the world and its people in ways that I never even hope to understand, much less master. Lucky for him, he never had my pa.s.sion for computing technology during the years he used his charming personality to influence anyone he desired.
He will always hold the t.i.tle of the grand-master social engineer.
And as I write these acknowledgements, I realize I have so many people to thank and to express appreciation to for offering their love, friends.h.i.+p, and support. I cannot begin to remember the names of all the kind and generous people that I've met in recent years, but suffice it to say I would need a computer to store them all. There have been so many people from all over the world who have written to me with words of encouragement, praise, and support. These words have meant a great deal to me, especially during the times I needed it most.
I'm especially thankful to all my supporters who stood by me and spent their valuable time and energy getting the word out to anyone who would listen, voicing their concern and objection over my unfair treatment and the hyperbole created by those who sought to profit from the "The Myth of Kevin Mitnick."
I have had the extraordinary fortune of being teamed up with best-selling author Bill Simon, and we worked diligently together despite our different work patterns. Bill is highly organized, rises early, and works in a deliberate and well-planned style. I'm grateful that Bill was kind enough to accommodate my late-night work schedule. My dedication to this project and long working hours kept me up well into the early morning that conflicted with Bill's regular working schedule.
Not only was I lucky to be teamed with someone who could transform my ideas into sentences worthy of a sophisticated reader, but also Bill is (mostly) a very patient man who put up with my programmer's style of focusing on the details.
Indeed we made it happen. Still, I want to apologize to Bill in these acknowledgments that I will always regret being the one, because of my orientation to accuracy and detail, who caused him to be late for a deadline for the first and only time in his long writing career. He has a writer's pride that I have finally come to understand and share; we hope to do other books together.
The delight of being at the Simon home in Rancho Santa Fe to work and to be pampered by Bill's wife, Arynne, could be considered a highlight of this writing project. Arynne's conversation and cooking will battle in my memory for first place. She is a lady of quality and wisdom, full of fun, who has created a home of warmth and beauty. And I'll never drink a diet soda again without hearing Arynne's voice in the back of my mind admonis.h.i.+ng me on the dangers of Aspartame, Stacey Kirkland means a great deal to me. She has dedicated many hours of her time a.s.sisting me on the Macintosh to design the charts and graphics that helped give visual authority to my ideas. I admire her wonderful qualities; she is truly a loving and compa.s.sionate person who deserves only the good things in life. She gave me encouragement as a caring friend and is someone who I care deeply about. I wish to thank her for all her loving support, and for being there for me whenever I needed it.
Alex Kasper, Nexs.p.a.ce, is not only my best friend, but also a business partner and colleague. Together we hosted a popular Internet talk radio show known as "The Darkside of the Internet" on KFI AM 640 in Los Angeles under the skillful guidance of Program Director David G. Hall. Alex graciously provided his invaluable a.s.sistance and advice to this book project. His influence has always been positive and helpful with a kindness and generosity that often extended far beyond midnight. Alex and I recently completed a film/video to help businesses train their people on preventing social engineering attacks.
Paul Dryman, Informed Decision, is a family friend and beyond. This highly respected and trusted private investigator helped me to understand trends and processes of conducting background investigations. Paul's knowledge and experience helped me address the personnel security issues described in Part 4 of this book.
One of my best friends, Candi Layman, has consistently offered me support and love. She is truly a wonderful person who deserves the best out of life. During the tragic days of my life, Candi always offered encouragement and friends.h.i.+p. I am fortunate to have met such a wonderful, caring, and compa.s.sionate human being, and want to thank her for being there for me.
Surely my first royalty check will go to my cellular phone company for all the time I spent talking with Erin Finn. Without a doubt, Erin is like my soul mate.
We are alike in so many ways it's scary. We both have a love for technology, the same tastes in food, music, and movies. AT&T Wireless is definitely losing money for giving me all the "flee nights and weekend" calls to her home in Chicago. At least I am not using the Kevin Mitnick plan anymore.
Her enthusiasm and belief in this book boosted my spirits. How lucky I am to have her as a friend.
I'm eager to thank those people who represent my professional career and are dedicated in extraordinary ways. My speaking engagements are managed by Amy Gray (an honest and caring person who I admire and adore) David Fugate, of Waterside Productions, is a book agent who went to bat for me on many occasions before and after the book contract was signed; and Los Angeles attorney Gregory Vinson, who was on my defense team during my years-long battle with the government. I'm sure he can relate to Bill's understanding and patience for my close attention to detail; he has had the same experience working with me on legal briefs he has written on my behalf.
I have had too many experiences with lawyers but I am eager to have a place to express my thanks for the lawyers who, during the years of my negative interactions with the criminal justice system, stepped up and offered to help me when I was in desperate need. From kind words to deep involvement with my case, I met many who don't at all fit the stereotype of the self-centered attorney. I have come to respect, admire, and appreciate the kindness and generosity of spirit given to me so freely by so many. They each deserve to be acknowledged with a paragraph of favorable words; I will at least mention them all by name, for every one of them lives in my heart surrounded by appreciation: Greg Aclin, Bob Carmen, John Dusenbury, Sherman Ellison, Omar Figueroa, Carolyn Hagin, Rob Hale, Alvin Michaelson, Ralph Peretz, Vicki Podberesky, Donald C. Randolph, Dave Roberts, Alan Rubin, Steven Sadowski, Tony Serra, Richard Sherman, Skip Slates, Karen Smith, Richard Steingard, the Honorable Robert Talcott, Barry Tarlow, John Yzurdiaga, and Gregory Vinson.
I very much appreciate the opportunity that John Wiley & Sons has given me to author this book, and for their confidence in a first-time author. I wish to thank the following Wiley people who made this dream possible: Ellen Gerstein, Bob Ipsen, Carol Long (my editor and fas.h.i.+on designer), and Nancy Stevenson.
Other family members, personal friends, business a.s.sociates who have given me advice and support, and have reached out in many ways, are important to recognize and acknowledge. They are: J. J. Abrams, David Agger, Bob Arkow, Stephen Barnes, Dr. Robert Berkowitz, Dale Coddington, Eric Corley, Delin Cormeny, Ed c.u.mmings, Art Davis, Mich.e.l.le Delio, Sam Downing, John Draper, Paul Dryman, Nick Duva, Roy Eskapa, Alex Fielding, Lisa Flores, Brock Frank, Steve Gibson, Jerry Greenblatt, Greg Grunberg, Bill Handle, David G.
Halt, Dave Harrison, Leslie Herman, Jim Hill, Dan Howard, Steve Hunt, Rez Johar, Steve Knittle, Gary Kremen, Barry Krugel, Earl Krugel, Adrian Lamo, Leo Laporte, Mitch Leventhal, Cynthia Levin, CJ Little, Jonathan Littman, Mark Maifrett, Brian Martin, Forrest McDonald, Kerry McElwee, Alan McSwain, Elliott Moore, Michael Morris, Eddie Munoz, Patrick Norton, Shawn Nunley, Brenda Parker, Chris Pelton, Kevin Poulsen, Scott Press, Linda and Art Pryor, Jennifer Reade, Israel and Rachel Rosencrantz, Mark Ross, William Royer, Irv Rubin, Ryan Russell, Neil Saavedra, Wynn Schwartu, Pete s.h.i.+pley, Joh Sift, Dan Sokol, Trudy Spector, Matt Spergel, Eliza Amadea Sultan, Douglas Thomas, Roy "Ihcker, Bryan Turbow, Ron Wetzel, Don David Wilson, Darci Wood, Kevin Wortman, Steve Wozniak, and all my friends on the W6NUT (147.435 MHz) repeater in Los Angeles.
And my probation officer, Larry Hawley, deserves special thanks for giving me permission to act as advisor and consultant on security-related matters by authoring this book.
And finally I must acknowledge the men and women of law enforcement. I simply do not hold any malice towards these people who are just doing their jobs.
I firmly believe that putting the public's interest ahead of one's own and dedicating your life to public service is something that deserves respect, and while I've been arrogant at times, I want all of you to know that I love this country, and will do everything in my power to help make it the safest place in the world, which is precisely one of the reasons why I've written this book.
FROM BILL SIMON.
I have this notion that there is a right person out there for everyone; it's just that some people aren't lucky enough ever to find their Mr. or Ms. Right. Others get lucky. I got lucky early enough in life to spend a good many years already (and count on spending many more) with one of G.o.d's treasures, my wife, Arynne.. If I ever forget how lucky I am, I only need to pay attention to how many people seek and cherish her company. Arynne--I thank you for walking through life with me.
During the writing of this book, I counted on the help of a loyal group of friends who provided the a.s.surance that Kevin and I were achieving our goal of combining fact and fascination into this unusual book. Each of these people represents true and loyal value and knows he or she may be called on as I get into my next writing project. In alphabetical order: JeanClaude Beneventi, Linda Brown, Walt Brown, It. Gen. Don Johnson, Dorothy Ryan, Guri Stark, Chris Steep, Michael Steep, and John Votaw.
Special recognition goes to John Lucich, president of the Network Security Group, who was willing to take time for a friend-of a-friend request, and to Gordon Garb, who graciously fielded numerous phone calls about IT operations.
Sometimes in life, a friend earns an exalted place by introducing you to someone else who becomes a good friend. At literary agency Waterside Productions, in Cardiff, California, Agent David Fugate was responsible for conceiving the idea for this book, and for putting me together with co-author-turned-friend Kevin.
Thanks, David. And to the head of Waterside, the incomparable Bill Gladstone, who manages to keep me busy with one book project after another: I'm happy to have you in my corner.
In our home and my office-at-home, Arynne is helped by an able staff that includes administrative a.s.sistant Jessica Dudgeon and housekeeper Josie Rodriguez.
I thank my parents Marjorie and I. B. Simon, who I wish were here on earth to enjoy my success as a writer. I also thank my daughter, Victoria. When I am with her I realize how much I admire, respect, and take pride in who she is.
Scanned by kineticstomp -----------------------------.
Supplement by swift [Chapter 1 -Banned Edition]
Kevin's Story By Kevin Mitnick I was reluctant to write this section because I was sure it would sound self-serving. Well, okay, it is self-serving. But I've been contacted by literally hundreds of people who want to know "who is Kevin Mitnick?". For those who don't give a d.a.m.n, please turn to Chapter 2. For everybody else, here, for what it's worth, is my story.
Kevin Speaks Some hackers destroy people's files or entire bard drives; they're called crackers or vandals. Some novice hackers don't bother learning the technology, but simply download hacker tools to break into computer systems; they're called script kiddies. More experienced hackers with programming skills develop hacker programs and post them to the Web and to bulletin board systems. And then there are individuals who have no interest in the technology, but use the computer merely as a tool to aid them in stealing money, goods, or services. Despite the media-created myth of Kevin Mitnick, I'm not a malicious hacker. What I did wasn't even against the law when I began, but became a crime after new legislation was pa.s.sed. I continued anyway, and was caught. My treatment by the federal government was based not on the crimes, but on making an example of me. I did not deserve to be treated like a terrorist or violent criminal: Having my residence searched with a blank search warrant; being thrown into solitary for months; denied the fundamental Const.i.tutional rights guaranteed to anyone accused of a crime; being denied not only bail but a bail hearing; and being forced to spend years fighting to obtain the government's evidence so my court appointed attorney could prepare my defense.
What about my right to a speedy trial? For years I was given a choice every six months: sign a paper waiving your Const.i.tutional right to a speedy trial or go to trial with an attorney who is unprepared; I chose to sign. But I'm getting ahead of my story. Starting Out my path was probably set early in life. I was a happy-go-lucky kid, but bored. After my father split when I was three, my mother worked as a waitress to support us. To see me then an only child being raised by a mother who put in long, harried days on a sometimes-erratic schedule would have been to see a youngster on his own almost all his waking hours. I was my own babysitter. Growing up in a San Fernando Valley community gave me the whole of Los Angeles to explore, and by the age of twelve I had discovered a way to travel free throughout the whole greater L.A. area. I realized one day while riding the bus that the security of the bus transfer I had purchased relied on the unusual pattern of the paper-punch that the drivers used to mark day, time and route on the transfer slips. A friendly driver, answering my carefully-planted question, told me where to buy that special type of punch. The transfers are meant to let you change buses and continue a journey to your destination, but I worked out how to use them to travel anywhere I wanted to go for free. Obtaining blank transfers was a walk in the park: the trash bins at the bus terminals were always filled with only-partly-used books of transfers that the drivers tossed away at the end of their s.h.i.+fts. With a pad of blanks and the punch, I could mark my own transfers and travel anywhere that L.A. buses went. Before long, I had all but memorized the bus schedules of the entire system. This was an early example of my surprising memory for certain types of information; still, today I can remember phone numbers, pa.s.swords and other items as far back as my childhood. Another personal interest that surfaced at an early age was my fascination with performing magic. Once I learned how a new trick worked, I would practice, practice, and practice until I mastered it. To an extent, it was through magic that I discovered the enjoyment in fooling people. From Phone Phreak, to Hacker my first encounter with what I would eventually learn to call social engineering came about during my high school years, when I met another student who was caught up in a hobby called phone phreaking. Phone phreaking is a type of hacking that allows you to explore the telephone network by exploiting the phone systems and phone company employees. He showed me neat tricks he could do with a telephone, like obtaining any information the phone company had on any customer, and using a secret test number to make long-distances calls for free actually free only to us--I found out much later that it wasn't a secret test number at all: the calls were in fact being billed to some poor company's MCI account).
That was my introduction to social engineering-my kindergarten, so to speak. He and another phone phreaker I met shortly thereafter let me listen in as they each made pretext calls to the phone company. I heard the things they said that made them sound believable, I learned about different phone company offices, lingo and procedures. But that "training" didn't last long; it didn't have to. Soon I was doing it all on my own, learning as I went, doing it even better than those first teachers. The course my life would follow for the next fifteen years had been set.
One of my all-time favorite pranks was gaining unauthorized access to the telephone switch and changing the cla.s.s of service of a fellow phone phreak.
When he'd attempt to make a call from home, he'd get a message telling him to deposit a dime, because the telephone company switch received input that indicated he was calling from a pay phone.
I became absorbed in everything about telephones-not only the electronics, switches, and computers; but also the corporate organization, the procedures, and the terminology. After a while, I probably knew more about the phone system than any single employee.
And, I had developed my social engineering skills to the point that, at seventeen years old, I was able to talk most Telco employees into almost anything, whether I was speaking with them in person or by telephone. My hacking career started when I was in high school. Back then we used the term hacker to mean a person who spent a great deal of time tinkering with hardware and software, either to develop more efficient programs or to bypa.s.s unnecessary steps and get the job done more quickly. The term has now become a pejorative, carrying the meaning of "malicious criminal." In these pages I use the term the way I have always used it in its earlier, more benign sense. In late 1979, a group of fellow hacker types who worked for the Los Angeles Unified School District dared me to try hacking into The Ark, the computer system at Digital Equipment Corporation used for developing their RSTS/E operating system software. I wanted to be accepted by the guys in this hacker group so I could pick their brains to learn more about operating systems. These new "friends" had managed to get their hands on the dial-up number to the DEC computer system. But they knew the dial-up number wouldn't do me any good: Without an account name and pa.s.sword, I'd never be able to get in. They were about to find out that when you underestimate others, it can come back to bite you in the b.u.t.t. It turned out that, for me, even at that young age, hacking into the DEC system was a pushover. Claiming to be Anton Chernoff, one of the project's lead developers, I placed a simple phone call to the system manager. I claimed I couldn't log into one of "my" accounts, and was convincing enough to talk the guy into giving me accessing and allowing me to select a pa.s.sword of my choice. As an extra level of protection, whenever anyone dialed into the development system, the user also had to provide a dial-up pa.s.sword. The system administrator told me the pa.s.sword. It was "buffoon,"
which I guess described what he must have felt like later on, when lie found out what had happened. In less than five minutes, I had gained access to Digital's RSTE/E development system. And I wasn't logged on as just as an ordinary user, but as someone with all the privileges of a system developer. At first my new, so-called friends refused to believe I had gained access to The Ark. One of them dialed up the system and shoved the keyboard in front of me with a challenging look on his face. His mouth dropped open as I matter-of-factly logged into a privileged account. I found out later that they went off to another location and, the same day, started downloading source-code components of the DEC operating system. And then it was my turn to be floored. After they had downloaded all the software they wanted, they called the corporate security department at DEC and told them someone had hacked into the company's corporate network. And they gave my name. My so-called friends first used my access to copy highly sensitive source code, and then turned me in.
There was a lesson here, but not one I managed to learn easily. Through the years to come, I would repeatedly get into trouble because I trusted people who I thought were my friends. After high school I studied computers at the Computer Learning Center in Los Angeles.
Within a few months, the school's computer manager realized I had found a vulnerability in the operating system and gained full administrative privileges on their IBM minicomputer. The best computer experts on their teaching staff couldn't figure out how I had done this. In what may have been one of the earliest examples of "hire the hacker," I was given an offer I couldn't refuse: Do an honors project to enhance the school's computer security, or face suspension for hacking the system. Of course I chose to do the honors project, and ended up graduating c.u.m Laude with Honors. Becoming a Social Engineer some people get out of bed each morning dreading their daily work routine at the proverbial salt mines. I've been lucky enough to enjoy my work. In particular you can't imagine the challenge, reward, and pleasure I had in the time I spent as a private investigator. I was honing my talents in the performance art called social engineering-getting people to do things they wouldn't ordinarily do for a stranger-and being paid for it. For me it wasn't difficult becoming proficient in social engineering. My father's side of the family had been in the sales field for generations, so the art of influence and persuasion might have been an inherited trait. When you combine an inclination for deceiving people with the talents of influence and persuasion you arrive at the profile of a social engineer. You might say there are two specialties within the job cla.s.sification of con artist. Somebody who swindles and cheats people out of their money belongs to one sub-specialty, the grifter. Somebody who uses deception, influence, and persuasion against businesses, usually targeting their information, belongs to the other sub-specialty, the social engineer. From the time of my bus transfer trick, when I was too young to know there was anything wrong with what I was doing, I had begun to recognize a talent for finding out the secrets I wasn't supposed to have. I built on that talent by using deception, knowing the lingo, and developing a well-honed skill of manipulation.
One way I used to work on developing the skills in my craft (if I may call it a craft) was to pick out some piece of information I didn't really care about and see if I could talk somebody on the other end of the phone into providing it, just to improve my talents. In the same way I used to practice my magic tricks, I practiced pretexting. Through these rehearsals, I soon found I could acquire virtually any information I targeted. In Congressional testimony before Senators Lieberman and Thompson years later, I told them, "I have gained unauthorized access to computer systems at some of the largest corporations on the planet, and have successfully penetrated some of the most resilient computer systems ever developed. I have used both technical and non-technical means to obtain the source code to various operating systems and telecommunications devices to study their vulnerabilities and their inner workings." All of this was really to satisfy my own curiosity, see what I could do, and find out secret information about operating systems, cell phones, and anything else that stirred my curiosity.
The train of events that would change my life started when I became the subject of a July 4th, 1994 front-page, above-the-fold story in the New York Times.
Overnight, that one story turned my image from a little known nuisance of a hacker into Public Enemy Number One of cybers.p.a.ce. John Markoff, the Media's grifter "Combining technical wizardry with the ages-old guile of a grifter, Kevin Mitnick is a computer programmer run amok." (The New York Times, 7/4/94.) Combining the ages-old desire to attain undeserved fortune with the power to publish false and defamatory stories about his subjects on the front page of the New York Times, John Markoff was truly a technology reporter run amok.
Markoff was to earn himself over $1 million by single-handedly creating what I label "The Myth of Kevin Mitnick." He became very wealthy through the very same technique I used to compromise computer systems and networks around the world: deception. In this case however, the victim of the deception wasn't a single computer user or system administrator, it was every person who trusted the news stories published in the pages of the New York Times.Cybers.p.a.ce's Most Wanted Markoff's Times article was clearly designed to land a contract for a book about my life story. I've never met Markoff, and yet he has literally become a millionaire through his libelous and defamatory "reporting" about me in the Times and in his 1991 book, Cyberpunk. In his article, he included some dozens of allegations about me that he stated as fact without citing his sources, and that even a minimal process of fact-checking (which I thought all first-rate newspapers required their reporters to do) would have revealed as being untrue or unproven. In that single false and defamatory article, Markoff labeled me as "cybers.p.a.ce's most wanted," and as "one of the nation's most wanted computer criminals," without justification, reason, or supporting evidence, using no more discretion than a writer for a supermarket tabloid. In his slanderous article, Markoff falsely claimed that I had wiretapped the FBI (I hadn't); that I had broken into the computers at NORAD (which aren't even connected to any network on the outside); and that I was a computer "vandal," despite the fact that I had never intentionally damaged any computer I ever accessed. These, among other outrageous allegations, were completely false and designed to create a sense of fear about my capabilities. In yet another breach of journalistic ethics, Markoff failed to disclose in that article and in all of his subsequent articles-a pre-existing relations.h.i.+p with me, a personal animosity based on my having refused to partic.i.p.ate in the book Cyberpunk In addition, I had cost him a bundle of potential revenue by refusing to renew an option for a movie based on the book. Markoff's article was also clearly designed to taunt America's law enforcement agencies.
"...Law enforcement," Markoff wrote, "cannot seem to catch up with him...." The article was deliberately framed to cast me as cybers.p.a.ce's Public Enemy Number One in order to influence the Department of Justice to elevate the priority of my case. A few months later, Markoff and his cohort Tsutomu s.h.i.+momura would both partic.i.p.ate as de facto government agents in my arrest, in violation of both federal law and journalistic ethics. Both would be nearby when three blank warrants were used in an illegal search of my residence, and be present at my arrest. And, during their investigation of my activities, the two would also violate federal law by intercepting a personal telephone call of mine. While making me out to be a villain, Markoff, in a subsequent article, set up s.h.i.+momura as the number one hero of cybers.p.a.ce. Again he was violating journalistic ethics by not disclosing a preexisting relations.h.i.+p: this hero in fact had been a personal friend of Markoff's for years. My first encounter with Markoff had come in the late eighties when he and his wife Katie Hafner contacted me while they were in the process of writing Cyberpunk, which was to be the story of three hackers: a German kid known as Pengo, Robert Morris, and myself.
What would my compensation be for partic.i.p.ating? Nothing. I couldn't see the point of giving them my story if they would profit from it and I wouldn't, so I refused to help. Markoff gave me an ultimatum: either interview with us or anything we hear from any source will be accepted as the truth. He was clearly frustrated and annoyed that I would not cooperate, and was letting me know he had the means to make me regret it. I chose to stand my ground and would not cooperate despite his pressure tactics. When published, the book portrayed me as "The Darkside Hacker." I concluded that the authors had intentionally included unsupported, false statements in order to get back at me for not cooperating with them. By making my character appear more sinister and casting me in a false light, they probably increased the sales of the book. A movie producer phoned with great news: Hollywood was interested in making a movie about the Darkside Hacker depicted in Cyberpunk. I pointed out that the story was full of inaccuracies and untruths about me, but he was still very excited about the project. I accepted $5,000 for a two-year option, against an additional $45,000 if they were able to get a production deal and move forward. When the option expired, the production company asked for a six month extension. By this time I was gainfully employed, and so had little motivation for seeing a movie produced that showed me in such an unfavorable and false light. I refused to go along with the extension. That killed the movie deal for everyone, including Markoff, who had probably expected to make a great deal of money from the project. Here was one more reason for John Markoff to be vindictive towards me. Around the time Cyberpunk was published, Markoff had ongoing email correspondence with his friend s.h.i.+momura. Both of them were strangely interested in my whereabouts and what I was doing. Surprisingly, one e-mail message contained intelligence that they had learned I was attending the University of Nevada, Las Vegas, and had use of the student computer lab. Could it be that Markoff and s.h.i.+momura were interested in doing another book about me? Otherwise, why would they care what I was up to? Markoff in Pursuit Take a step back to late 1992. I was nearing the end of my supervised release for compromising Digital Equipment Corporation's corporate network. Meanwhile I became aware that the government was trying to put together another case against me, this one for conducting counter-intelligence to find out why wiretaps had been placed on the phone lines of a Los Angeles P.II firm. In my digging, I confirmed my suspicion: the Pacific Bell security people were indeed investigating the firm. So was a computer-crime deputy from the Los Angeles County Sheriff's Department. (That deputy turns out to be, co-incidentally, the twin brother of my co-author on this book. Small world.) About this time, the Feds set up a criminal informant and sent him out to entrap me. They knew I always tried to keep tabs on any agency investigating me. So they had this informant befriend me and tip me off that I was being monitored. He also shared with me the details of a computer system used at Pacific Bell that would let me do counter-surveillance of their monitoring. When I discovered his plot, I quickly turned the tables on him and exposed him for credit-card fraud he was conducting while working for the government in an informant capacity. I'm sure the Feds appreciated that! My life changed on Independence Day, 1994 when my pager woke me early in the morning. The caller said I should immediately pick up a copy of the New York Times. I couldn't believe it when I saw that Markoff had not only written an article about me, but the Times had placed it on the front page. The first thought that came to mind was for my personal safety-now the government would be substantially increasing their efforts to find me. I was relieved that in an effort to demonize me, the Times had used a very unbecoming picture. I wasn't fearful of being recognized they had chosen a picture so out of date that it didn't look anything like me! As I began to read the article, I realized that Markoff was setting himself up to write the Kevin Mitnick book, just as he had always wanted. I simply could not believe the New York Times would risk printing the egregiously false statements that he had written about me. I felt helpless. Even if I had been in a position to respond, I certainly would not have an audience equal to the New York Times s to rebut Markoff's outrageous lies. While I can agree I had been a pain in the a.s.s, I had never destroyed information, nor used or disclosed to others any information I had obtained. Actual losses by companies from my hacking activities amounted to the cost of phone calls I had made at phone-company expense, the money spent by companies to plug the security vulnerabilities that my attacks had revealed, and in a few instances possibly causing companies to reinstall their operating systems and applications for fear I might have modified software in a way that would allow me future access. Those companies would have remained vulnerable to far worse damage if my activities hadn't made them aware of the weak links in their security chain. Though I had caused some losses, my actions and intent were not malicious ... and then John Markoff changed the world's perception of the danger I represented. The power of one unethical reporter from such an influential newspaper to write a false and defamatory story about anyone should haunt each and every one of us. The next target might be you.
After my arrest I was transported to the County Jail in Smithfield, North Carolina, where the U.S. Marshals Service ordered jailers to place me intthe hole'-solitary confinement. Within a week, federal prosecutors and my attorney reached an agreement that I couldn't refuse. I could be moved out of solitary on the condition that I waived my fundamental rights and agreed to: a) no bail hearing; b) no preliminary hearing; and, c) no phone calls, except to my attorney and two family members. Sign, and I could get out of solitary. I signed.The federal prosecutors in the case played every dirty trick in the book up until I was released nearly five years later. I was repeatedly forced to waive my rights in order to be treated like any other accused. But this was the Kevin Mitnick case: There were no rules. No requirement to respect the Const.i.tutional rights of the accused. My case was not about justice, but about the government's determination to win at all costs. The prosecutors had made vastly overblown claims to the court about the damage I had caused and the threat I represented, and the media had gone to town quoting the sensationalist statements; now it was too late for the prosecutors to back down. The government could not afford to lose the Mitnick case. The world was watching.
I believe that the courts bought into the fear generated by media coverage, since many of the more ethical journalists had picked up the "facts" from the esteemed New York Times and repeated them. The media-generated myth apparently even scared law enforcement officials. A confidential doc.u.ment obtained by my attorney showed that the U.S. Marshals Service had issued a warning to all law enforcement agents never to reveal any personal information to me; otherwise, they might find their lives electronically destroyed. Our Const.i.tution requires that the accused be presumed innocent before trial, thus granting all citizens the right to a bail hearing, where the accused has the opportunity to be represented by counsel, present evidence, and cross-examine witnesses. Unbelievably, the government had been able to circ.u.mvent these protections based on the false hysteria generated by irresponsible reporters like John Markoff. Without precedent, I was held as a pre-trial detainee-a person in custody pending trial or sentencing-for over four and a half years. The judge's refusal to grant me a bail hearing was litigated all the way to the U.S. Supreme Court. In the end, my defense team advised me that I had set another precedent: I was the only federal detainee in U.S. history denied a bail hearing. This meant the government never had to meet the burden of proving that there were no conditions of release that would reasonably a.s.sure my appearance in court. At least in this case, federal prosecutors did not dare to allege that I could start a nuclear war by whistling into a payphone, as other federal prosecutors had done in an earlier case. The most serious charges against me were that I had copied proprietary source code for various cellular phone handsets and popular operating systems. Yet the prosecutors alleged publicly and to the court that I had caused collective losses exceeding $300 million to several companies. The details of the loss amounts are still under seal with the court, supposedly to protect the companies involved; my defense team, though, believes the prosecution's request to seal the information was initiated to cover up their gross malfeasance in my case. It's also worth noting that none of the victims in my case had reported any losses to the Securities and Exchange Commission as required by law. Either several multinational companies violated Federal law-in the process deceiving the SEC, stockholders, and a.n.a.lysts--or the losses attributable to my hacking were, in fact, too trivial to be reported. In his book he Fugitive Game, Jonathan Li wan reports that within a week of the New York Times front-page story, Markoff's agent had "brokered a package deal" with the publisher Walt Disney Hyperion for a book about the campaign to track me down. The advance was to be an estimated $750,000. According to Littman, there was to be a Hollywood movie, as well, with Miramax handing over $200,000 for the option and "a total $650,000 to be paid upon commencement of filming." A confidential source has recently informed me that Markoff's deal was in fact much more than Littman had originally thought. So John Markoff got a million dollars, more or less, and I got five years. One book that examines the legal aspects of my case was written by a man who had himself been a prosecutor in the Los Angeles District Attorney's office, a colleague of the attorneys who prosecuted me. In his book Spectacular Computer Crimes, Buck Bloombecker wrote, "It grieves me to have to write about my former colleagues in less than flattering terms.... I'm haunted by a.s.sistant United States Attorney James Asperger's admission that much of the argument used to keep Mitnick behind bars was based on rumors which didn't pan out." He goes on to say, "It was bad enough that the charges prosecutors made in court were spread to millions of readers by newspapers around the country. But it is much worse that these untrue allegations were a large part of the basis for keeping Mitnick behind bars without the possibility of posting bail?" He continues at some length, writing about the ethical standards that prosecutors should live by, and then writes, "Mitnick's case suggests that the false allegations used to keep him in custody also prejudiced the court's consideration of a fair sentence." In his 1999 Forbes article, Adam L. Penenberg eloquently described my situation this way: "Mitnick's crimes were curiously innocuous. He broke into corporate computers, but no evidence indicates that he destroyed data. Or sold anything he copied. Yes, he pilfered software but in doing so left it behind." The article said that my crime was "To thumb his nose at the costly computer security systems employed by large corporations." And in the book The Fugitive Game, author Jonathan Littman noted, "Greed the government could understand. But a hacker who wielded power for its own sake ... was something they couldn't grasp." Elsewhere in the same book, Littman wrote: U.S. Attorney James Sanders admitted to Judge Pfaelzer that Mitnick's damage to DEC was not the $4 million that had made the headlines but $160,000. Even that amount was not damage done by Mitnick, but the rough cost of tracing the security weakness that his incursions had brought to DEC's attention. The government acknowledged it had no evidence of the wild claims that had helped hold Mitnick without bail and in solitary confinement. No proof Mitnick had ever compromised the security of the NSA. No proof that Mitnick had ever issued a false press release for Security Pacific Bank. No proof that Mitnick ever changed the TRW credit report of a judge. But the judge, perhaps influenced by the terrifying media coverage, rejected the plea bargain and sentenced Mitnick to a longer term then even the government wanted. Throughout the years spent as a hacker hobbyist, I've gained unwanted notoriety, been written up in numerous news reports and magazine articles, and had four books written about me. Markoff and s.h.i.+momura's libelous book was made into a feature film called Takedown. When the script found its way onto the Internet, many of my supporters picketed Miramax Films to call public attention to the inaccurate and false characterization of me. Without the help of many kind and generous people, the motion picture would surely have falsely portrayed me as the Hannibal Lector of cybers.p.a.ce.
Pressured by my supporters, the production company agreed to settle the case on confidential terms to avoid me filing a libel action against them.
Final Thoughts Despite John Markoff's outrageous and libelous descriptions of me, my crimes were simple crimes of computer trespa.s.s and making free telephone calls.
I've acknowledged since my arrest that the actions I took were illegal, and that I committed invasions of privacy. But to suggest, without justification, reason, or proof, as did the Markoff articles, that I had deprived others of their money or property by computer or wire fraud, is simply untrue, and unsupported by the evidence. My misdeeds were motivated by curiosity: I wanted to know as much as I could about how phone networks worked, and the ins and outs of computer security. I went from being a kid who loved to perform magic tricks to becoming the world's most notorious hacker, feared by corporations and the government.
As I reflect back on my life for the last thirty years, I admit I made some extremely poor decisions, driven by my curiosity, the desire to learn about technology, and a good intellectual challenge. I'm a changed person now. I'm turning my talents and the extensive knowledge I've gathered about information security and social engineering tactics to helping government, businesses and individuals prevent, detect, and respond to information security threats. This book is one more way that I can use my experience to help others avoid the efforts of the malicious information thieves of the world. I think you will find the stories enjoyable, eye-opening and educational.
Kevin Mitnick _____________________________.
Mitnick's Lost Chapter Found By Mich.e.l.le Delio wired.com, Nov. 05, 2002 A missing chapter from hacker Kevin Mitnick's recent book has been published on the Internet.
The chapter was originally slated to be the first chapter in Mitnick's new book, The Art of Deception , , but was not included in the published version of the book. but was not included in the published version of the book.
Chapter One appeared only in about 300 unbound galley copies that publis.h.i.+ng company Wiley distributed to the media several months before releasing the book, according to a Wiley spokeswoman.
The publisher decided to remove the chapter shortly before releasing the book.
Wiley representatives were unable to comment immediately on why the chapter was pulled.
The chapter contains the first recounting by Mitnick of his life as a hacker and a fugitive, as well as his arrest, trial and life in prison.
The chapter also includes allegations by Mitnick that John Markoff, technology reporter for The New York Times The New York Times, printed malicious stories about Mitnick during the hacker's years as a fugitive.
The missing chapter was first made publicly available late Sat.u.r.day in a Yahoo discussion group called "Kevin's Story." It has since appeared on other websites.
Mitnick said he didn't know who had posted the chapter online. E-mails to the yahoo.com address listed with the original post went unanswered.
"I feel pretty good about the chapter being available," Mitnick said. "For a long time I was portrayed as the Osama bin Laden of the Internet and I really wanted to be able to tell my side of the story. I wanted to be able to explain exactly what I did and what I didn't do to people who thought they knew me."
Much of the material in the "missing chapter" details Mitnick's dealings with Markoff.
Of primary concern to Mitnick is that Markoff "failed to acknowledge a preexisting relations.h.i.+p" with Mitnick in a July 4, 1994, story that appeared on the front page of The New York Times. The New York Times.
Markoff's story described Mitnick as a highly dangerous hacker capable of breaking into critical government computers and stressed that Mitnick had so far easily evaded law enforcement officials.
Mitnick charges that Markoff was angry at him because of a failed movie deal based on Markoff's 1991 book, Cyberpunk: Outlaws and Hackers on the Cyberpunk: Outlaws and Hackers on the Computer Frontier. Computer Frontier.
At the time of publication, Mitnick disputed the book's veracity but later accepted $5,000 of a total $50,000 offer to act as a consultant for the movie based on the book because he needed the money.
Two years later, when the studio wanted to renew the contract, Mitnick, by then employed, refused to renew. That refusal, according to Mitnick and two sources familiar with the incident, caused the deal to die.
Mitnick said Markoff should have mentioned the failed business deal in his subsequent articles on Mitnick. He also contends that many of the hacks attributed to him by Markoff never happened.
"But trying to prove that you didn't hack something is impossible if people believe you're skilled enough to evade detection," Mitnick said.
Markoff flatly refused to comment on any of Mitnick's allegations in Chapter One.
Mitnick said he wished the chapter could have been published with the book, but that he respected his publisher's decision.
"But obviously, the Internet is a great way to get uncensored, unfiltered information out to the world," Mitnick added. "I'm counting the days until I can go online again."
Mitnick has been banned from using the Internet as a condition of his supervised release. He's free to go online again on January 21, 2003, after close to eight years offline.
The first site he'll visit is his girlfriend's blog.
"She tells me she's been doc.u.menting our entire relations.h.i.+p online," Mitnick said. "I'd love to know what she's been saying about me."