Hacking M***********s!!

Who is this guy?

John Draper (aka Captain Crunch)

John Draper (aka Captain Crunch)

World’s first ‘phreaker’ In 1972, he discovered a toy whistle in a box

of Cap’n Crunch cereal produced a 2600 hz tone which provided access to ATT’s long distance network

Developed the ‘blue box’ tone generator

John Draper (aka Captain Crunch)

Arrested by the FBI and sent to prison numerous times for phreaking

Stephen Wozniak, a student at Berkeley, manufactured and sold the blue box to make money to finance the first Apple computer Wozniak also called the Pope using a blue box

Where is Captain Crunch now? Founder of ShopIP which sells the CrunchBox firewall system (endorsed by Steve Wozniak)

Who is this Guy?

Robert Morris, Jr.

Released Morris worm in 1988 First major Internet Worm Cornell University student (released the worm

through MIT)

Morris worm exploited vulnerabilities in sendmail, fingerd, rsh/rexec and weak passwords Infected 6000 Unix machines Damage estimate: $10m - $100m

Robert Morris, Jr.

Robert Morris, Jr.

First person to be tried and convicted under the 1986 Computer Fraud and Abuse Act Received 3 years probation and a $10,000 fine

CERT was created in response to the Morris worm

Morris’s father was chief security officer for the National Security Agency (NSA)

Where is he now? A professor at MIT, of course!

Who is this Guy?

Fugitive Hacker Started as a ‘phreaker’

Inspired by John Draper (Captain Crunch)

Using a modem and a PC, he would take over a local telephone switching office

Kevin Mitnick

Kevin Mitnick

Arrested multiple times Breaking into Pacific Bell office to steal passwords

and operator’s manuals Breaking into a Pentagon computer Stealing software from Santa Cruz Operation (SCO) Stealing software from DEC

Fled when FBI came to arrest him for breaking terms of probation

“The Lost Boy of Cyberspace”

Tsutomu Shimomura helped track down the fugitive Mitnick in 1995. This was documented in the book and movie Takedown.

Kevin served 5 years in federal prison

Where is he now? Author and co-founder of security firm called ‘Defensive Thinking’

His book

Kevin Mitnick

“The simple truth is that Kevin never sought monetary gain from his hacking, though it could have proven extremely profitable. Nor did he hack with the malicious intent to damage or destroy other people's property. Rather, Kevin pursued his hacking as a means of satisfying his intellectual curiosity and applying Yankee ingenuity. These attributes are more frequently promoted rather than punished by society.”

…excerpt from Kevin’s WEB site

Hacker party

Captain Crunch with ‘friends’ Kevin Mitnick and Stephen Wozniak

Who is this Guy?

David Smith: Author of the Melissa Virus

Virus released in March, 1999 A ‘macro virus’

Infects Microsoft Word document Spread via Microsoft Outlook Requires user to open attachment Sends itself to first 50 entries in address book

Relatively non-destructive

Melissa Virus

Damage estimated at $80 million One of earliest viruses to be spread by email Smith was caught within a week

FBI working with AOL Smith sentenced to 20 months in jail and a

$5000 fine Could have been 10 years in jail, but he agreed to

help FBI catch other hackers

Melissa Virus

"When I posted the virus, I expected that any financial injury would be minor and incidental," he said.

Where is he now? Serving time at the federal prison in Fort Dix, N.J.

David Smith (Melissa virus)

Onel de Guzman – accused of releasing the I LOVE YOU (Love Bug) virus

Who is this Guy?

Infected 45 million computers in May 2000 Clogged e-mail world-wide Destroyed music/graphics files Damage estimated as high as $10 billion Replicates itself through:

E-mail Internet Chat Shared drives

I Love You Virus

De Guzman was a former student at the AMA Computer College in the Philippines. Failed to graduate because AMA professors rejected

his thesis which described a program which steals internet passwords

Admitted he may have ‘accidentally’ released the virus

Where is Guzman now? All charges were dismissed because the Philippines had no anti-hacking laws in place when the crime occurred

I Love You virus