A Reader's Reply to Captain Zap

by The Rancid Grapefruit

Query: "What happens to inept computer criminals who get caught?"

Answer: "They open up 'security' companies and start preaching to an extremely
gullible public usually casting themselves as some kind of 'hacker expert'
whereas the only thing they are 'experts' at is getting caught."

The opening comments have absolutely nothing to do with Captain Zap, whose
reputation is impeccable, and we most certainly would not want people to
misconstrue the comments as a vicious attack on his person. Lord, no...

Obviously, we disagree with Captain Zap's brilliant observations on the state
of "Hacking and Phreaking." If we did agree with him, we'd hardly be writing
this swell response, eh?

"The ongoing wave of computer crime that is being reported in the media around
the world shows" the shallowness of the media's never ending quest for
anything that will titillate a technology-ignorant public, and push up the
ratings of whatever publication or feed happens to be catering to the public's
fear of technology on that particular occasion.

"An Interpretation of Computer Hacking" is just that: Captain Zap's personal
opinion on the subject. In the first several paragraphs, Zap essentially
summarizes the opening chapter of almost any given "Beginner's Introduction to
Computers" and somehow manages to pass off observations that have already been
made a few hundred times as his own "ideas." The only real mystery to us is
why he decides on "16 Megabytes of RAM" as an arbitrary amount of memory that
"today's personal computers" are supposedly equipped with.

This leads into the "information is power" spiel, and the inevitable arrival of
ISDN wherein phones and computers will become one glorious entity and live
happily ever after.

All of this ends up with Zap giving you his opinion on "The Dawn of Phreaking,"
the usual mention of Draper and blue boxing, followed by a summary of the boxes
that matches slang to function, and terminating with a simplified account of
toll fraud where Zap babbles about the various OCC's for a while.

Although we were very impressed by the programming ingenuity of the supplied
"Wargames dialer" listing, and find ourselves constantly looking to the first
section of Zap's article when we feel lost or at a need for guidance, we will
regrettably have to let it stand. Since aside from the ill-chosen "highlights
of yesteryear" there is nothing there that hasn t been discussed or otherwise
summarized too many times in the past. As such it would be a waste of our time
to do so yet again.

Hacker Communications! Shhhhh! Secrets being exchanged!

While we don't dispute the fact that people do call each other, sometimes in
large groups hooked together on a conference (without paying for it, gasp!),
rarely is the purpose of a conference to "pass information over to other
hackers that can work on a problem and compare results and plan for more
tactical attacks to the target system." The usual reason a conference starts is
because one kid is bored and wants to talk to a bunch of his peers at the same
time. What takes places on almost any given conference is a bunch of screaming
kids harassing TSPS operators, calling pizza parlors in Europe, and in general
pranking or annoying anyone they can think of at the moment.

"Attacks" placed on Bell System computers are usually the result of one kid who
is not some genius; rather he's quite often the friend or relative of somebody
who understands the concepts involved, not only the commands - who thinks it
would be a blast to turn off CAMA on a few switches, or disrupt COSMOS
operations. All of this potential damage is made possible by the RBOCs
themselves, which provide extremely minimal security that is more of a study
in faulty security techniques and shoddy organization than any kind of
obstacle to the potential hacker.

While "computing power" is now within reach of a vast number of people, almost
all of that "vast number" are ignorant as to their system's potential. In fact,
most never get beyond running their spreadsheet or doing taxes on that
wonderful PC with "16 MB RAM." And if they ever do sink into the sordid depths
of depravity and actually try something awful like making a bit copy of someone
else's program and Xeroxing its manual, it's our personal belief that the world
will in all probability not come to an end. Of course, we could be wrong.

Almost all potential hackers are little kids with a lot of time on their hands,
and most of those kids will never get anywhere because they are not brilliant,
or in any way gifted regardless of what the public might think of them. The
vast majority of people that the public views as computer geniuses are quite
average teenagers whose only "skill" is calling up boards - with "better
security than most large computer systems" and blindly applying things they see
posted on them, without understanding what they are doing. Granted this is a
"threat," but it's the only threat that boards pose. And the only reason it's a
problem to begin with is because the "threatened" organizations or companies
have ridiculously bad security.

While it is true that more people now own personal computers than at any other
time in history, the overall effect of this influx of new hackers is
negligible. Instead of one kid annoying his local CO from information he found
on some board, there are 10 kids using the same information from the same board
to harass the same CO. In short, there is a deluge of "idiot savants" who are
capable of doing no more damage than trained chimps.

The Bulletin-Board Systems

Bulletin-board systems (BBSs) pose a possible threat for the simple reason that
the more highly skilled users will post potentially dangerous information in a
place where the "idiot savants" can read it. The better-versed user's reason
for posting it is ego gratification. Regardless of what he claims, the only
incentive he has to post this information is an ego boost. He already knows
that the "idiot savants" are going to do something stupid with the information,
at worst simply making it valueless, at best flexing their muscles and showing
their target how vulnerable they are to an outside attack.

Granted, if BBSs didn't exist, much of the trouble various people and companies
now experience would vanish along with the "idiot savants." But the only thing
the boards really do is provide a forum for the more intelligent users to bask
in the adoration of fools. They are not some great organized crime wave of the
future; they are simply used by several thousand bored kids, the great majority
of them trying to live out some kind of power trip while the remaining minority
congregates together because they like being surrounded by those they view as
their peers.

In summary, boards are a social medium not the forefront of some
well-orchestrated, nationwide attack on loopholes in "the system." Just about
any issue of Soldier of Fortune contains all the information you could possibly
want about where to obtain books on plastic explosives, nerve gas, special
weapons, electronic devices, and anything else that has been dreamed up. You
hardly need a BBS in order to have access to that kind of knowledge. In fact
most of the information posted on the "death and destruction" subs of boards is
a word-for-word copy of some article that originally appeared in one of these
books. The only crime taking place is copyright infringement.