[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Saw the Tsutomu and John show... (Mitnick haters skip this)
Saw the Stanford seimnar given by Tsutomu Shimomura and John Markoff,
on the subject of Tsutomu's pursuit of Kevin Mitnick. While not a
technical seminar on the vulnerablities of TCP and system services,
the talk was quite interesting and I recommend it to you, if they bring
it to a campus or bookstore near you.
Markoff began with brief bio of Mitnick, with stories of the
legendary 8BBS in the late 70's, and how Mitnick started his
"career" as a phone phreak, exploting his understanding of social
processes inside companies (whom to spy on or dupe to get
confidential information.) Tsutomu played a hilarious and
vile sounding taunt left on his answering machine after a breakin
(presumably Mitnick, but never stated, perhaps for legal reasons).
Markoff's presentation was interesting, but pretty much old hat for
people who read his stories or the Mitnick chapter of the
Hafner/Markoff text _Cyberpunk_. Markoff did mention that Mitnick was
_Anton Chernoff_ on 8BBS, something I do not recall in Markoff's
previous writings.
Then Tsutsomu described how he got involved in the case, after a friend
of his asked for help. He illustrated his tracking of Mitnick with
logfiles and realtime-captured vt100 transcripts of Mitnick's
breakin attempts and talk sessions with associates. These were quite
hilarious, as Mitnick apparently took his breakins very personally, and
planned various nasty pranks to play on Tsutsomu and Markoff. (Note to
TS, please equip your VT100 playback with bigger fonts or get a
magnifier program for your laptop, as is used by the visually impaired,
as it was very hard to read the material, especially the obscenities
and vulgar personal remarks you did not dignify with reading ;-)
I particularly liked the low key and realistic image of Mitnick;
neither evil genius nor master technician (TS speculates that Mitnick
could not have written his Morris/Bellovin IP ISN spoofer or other
tools, but rather had a standard collection of breakins that he
mechanically applied to the companies whose data his desired) Mitnick's
main skills were his understanding of how tech companies work, and his
updating of the phone-phreak "social engineering" techniques, applied
to software developers instead of telco people. They also managed to
convey how throughly unpleasant and mean-spirited Mitnick is (contrast
with the poor oppressed boy picture given by Bloombecker's text).
Tsutomu mentioned that much source material for the investigation,
including a Java version of the vt100 transcript player with
many Mitnick intercepts, will be available from www.takedown.com
(which does not appear to be up yet.) The cite is
Takedown, Tsutomu Shimomura with John Markoff, Hyperion 1996.
ISBN 0-7868-6210-6.
Cheers, Andy ([email protected])