Slashdot Mirror
Ask Kevin Mitnick
Okay, Kevin Mitnick is getting back online and can start taking email tomorrow, January 21. We've spoken with Kevin by phone, and he agrees that a Slashdot interview is a fine way to help celebrate his return to the Internet, especially since he has a book to sell and a consulting business to build. (Don't forget: Kevin hasn't been able to make much money for a number of years, and has a lot of lost time to make up for.) One question per post, please. We'll email Kevin 10 of the highest-moderated questions, and post his answers shortly after he gets them to us.
What is the first thing that you have done with access to the internet?
I've heard that you've expressed regret over the actions that landed you in jail and I think I even heard you say that you think you were in the wrong. So how do you respond to the hundreds of wannabes who hacked sites "in your honor" and wore "Free Kevin" shirts at the risk of repelling girls? Do you owe them anything, even a little guidance towards the straight and narrow?
At any point did you consider leaving the computer world behind to search out other means of makeing a living such as teaching, history, construction...?
Or is is the old, I just gotta do this feeling?
--Should work--
In Cuckoo's Egg, Cliff Stoll siad that in some cases life is better without the internet. Did you find any advantages to life without it?
I wonder what the largest single difference between going in and coming out will be for KM. What kind of access to infotech did he have while inside? Was he at least able to keep abreast of current trends?
-theGreater Ponderer.
What would you say was your finest moment in court? While you seem to have been pretty much beat up by the court system I'm quite sure you must have had a shining moment or 2, either as a defendant, or perhaps an expert witness?
"Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
How do you think that your sentence has changed you, and the way you view your society?
... that current laws against technology abuse are adaquete and what kind of changes do you feel should be made if not?
Shadus
How have you been able to maintain current skill sets while you were in the clink and after you got out? Is there any one skill set (programming, etc) that you plan to get current on?
So now that you've been back online for what's probably a few days by the time you read this:
What do you think of todays internet?
Sparks:Gadget:Beer Maker
Are you using WindowsXP, MacOS 10.2, (insert Distribution here)Linux, or your old personal favorite... Sun?
Hmmm, maybe you will try them all? You are a sneaky one.
...where's the best place to get some sweet WaR3Z, d00d???//
Honestly, though. Do you think your return to the internet should be a 'celebration'? You -did- break the law, why should we be happy you are back on the saddle again?
Kevin, you've said and many of us feel that you had the book thrown at you to try to deterr other wouldbe hackers and crackers from plying their craft.
How many of the charges brought against you were unfair? What do you feel would have been a fair set of charges to levy against you?
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
Looking abck at the last 8 years that has left you unable to use the Internet, do you feel that this deprevation has had any positive benefits on you? Did you have to find other hobbies that you now enjoy to while away the hours you used to spend hacking?
This sig has been temporarily disconnected or is no longer in service
Is the pen as bad as it is made out to be? Did you ever run in to trouble or not get along with the other inmates? Is there any advice that you can offer to any slashdotters that have to serve some time that you wish you had known?
Welcome back.
<high-level position here>
<name of stupid small company here>
2600 and others (even you) often say that it is true that you did some things that were wrong, but nothing anywhere near as bad as what you were accused of and nothing warranting the treatmeant you got. But from a self-critical point of view: what was it that you did that was "wrong" and what punishment would have been fair?
There have been many books writen trying to detail the escapades of early computer hackers, usually portraying them as pranking youth involved in gang like wars for power and street prestige.
Knowing what you do from all your escapades, do you enjoy reading fiction that is generally classified as "cyber punk"?
Question: Do you feel, not being able to use the internet and generally spending so much time incarcerated, set you back on your knowledge? Case in point, 5-6 years ago Linux was still in its infancy. Do you ever get amazed how much OSS community has accomplished in such a short period of time?
I'm curious to know, do you believe your whole case would have been held differently had the crimes been committed in the year 2000 under newer laws rather than the ones of your time?
----------
Check out my blackbox styles
Although social engineering has changed very little since before your unfortunate experience (perhaps only slightly in awareness of the value of the information), the state-of-the-art in hacking (in the more technical, not criminal sense) and even general-purpose programming has changed significantly. Do you feel as though you are at a disadvantage compared to those who have made every attempt (though truly impossible) to keep up? If so, what's your strategy for regaining your edge?
:)
As a side note, if you're interested in game programming, let me know!!
Do you feel any trepidation about returning to the online world at this point? With such a lengthy absence there have been numerous technological and paradigm changes. Do you feel you've been able to keep up to date (more or less) with current trends or is there a sense of "catch up" that you feel?
This is really a barrage of questions. What did the other prisoners think when they learned the nature of your detainment? Did you tell them you were in for armed robbery to toughen your rep? How would you rate Hollywood's penchant for prison portrayal, accurate, or way off the mark? Also, were you able to follow developments in computing through books; were you granted such a right?
I'm more concerned about social engineering than technical security problems. What methods of attack exists and what kind of measures do you think a company must take in order to prevent them?
given the state of technology today, and some of the recent new laws passed, do you think that the path that you took would still be possible today?
Selling software wont make you money, selling a service will.
Several months ago we had a warez guy in (Chris Tresco) for a /. interview, and I'd like to ask the same question I did he:
>How clueful are they?
>In your opinion, how did the each party (prosecution, your lawyer, and most
>important - the judge) look when it came to their understanding of
>technology? Did they know every nook and cranny, or seem lost in a maze of
>confusion? Do you think an understanding of the issues in question was a
>significant factor in court proceedings?
I know you spoke of this briefly in that lost chapter of your book, in that the companies who said they were victimized significantly overstated their losses (and admitted to it), and the judge went beyond prosecution's suggestion for punishment. But I'm curious to know how competent you think the feds are in these types of legal matters.
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
Have your recent law-related experiences (for lack of a more elegant term) brought about any major philosophical changes in your life ? By this, I mean not necessarily computer related changes, but in all aspects of your perception of the world.
My question, in a nutshell: Did you know that you were going to get caught?
I guess what I'm most curious about is whether you knew the risks and took them anyway, or whether you thought you were covering your tracks and that the risks were minimal. It would be interesting to know if you knew you'd eventually get busted or whether you thought you were relatively "safe" from discovery.
"BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
What should our society and/or educational system do to better channel insatiably curious folks like you and me towards activities that society views as "helpful" and "beneficial," rather than "dangerous" and "criminal"?
BTW, I shook your hand at RSA 2002--I'll send you $10 if you can figure out who I am....
Do you think you made a deffinitive impact on security policies today, or do you think that most companies still have a lot to learn about security?
"If you only knew the POWER of the DARK SIDE!"
What are your thoughts about TCPA Initiative / Palladium? Do you see it as a destructive force in the computing industry?
As how you have spent 8 years involved in a situation that seems by all accounts to have been an overblown kangaroo court, do you feel the government needs a specific branch specifically to deal with "cybercrime", and if so, how would you see it laid out, ideally, and why?
Maeryk
Feminine Protection? What is that? A chartreuse flame thrower?
Kevin,
I enjoyed your bio, it's a pitty it was cut from your book.
Can you tell me why it was better to stay in prison and sign away your rights, than to go to trial early with a less prepared lawyer?
Weren't you just keeping yourself in prison longer that you should have been?
Do you really think that you would have got an even worse treatment if you went to trial earlier?
"The best part? I became an ordained minister while not wearing pants." -- CleverNickName
I realize that you may have put your cracking days behind you but can you really address the question of trust in the computer security industry.
How has your move into the security industry been recieved by the establishment, and how have you been dealing with the obvious question of you being trusted in the very area you manipulated.
Neck_of_the_Woods
#/usr/local/surf/glassy/overhead
What are the ten worst Windows vulnerabilities to hacking, how would you attack such systems, and what has to be done with Windows to prevent such vulnerabilities?
Lawrence Person (lawrencepersonh@gmailh.com (remove all "h"s to mail)
http://www.lawrenceperson.com/
You have a unique perspective on the world of technology, and especially the world of information security. As someone who has been removed from the world for quite some time, what has changed the most about the world (esp. with respect to technology and security) since the time you were first incarcerated? What were the biggest culture shocks to you when you were released from prison? Were you able to keep current on the world of technology while in prison? If so, how was what you read in prison different from what you actually saw?
__________________________________________
Take comfort in your ignorance.
Grandmaster Plague
I know that many of your exploits were due to social engineering as well as exploiting known holes in hardware/software. You write heavily about s.e. in your book as well.
Do you think that social engineering still plays as big a part now as it did in your heyday? Moreso maybe?
Back when you were on last, Hotmail was an independent company, no one knew what the GO network was, NetNanny was just an idea, .coms could go no where but up, p2p was underground, everything was free, and no one had pened the term 'cyber terrorism'.
How is the 'net different now from the last time and are you going to miss it?
SecondPageMedia - Wha
Yes, I know it's only supposed to be one question per post, but I think these are pretty well related.
I can't say that I don't give a fuck. I've just run out of fuck to give.
What has been the biggest stumbling block or surprise, if any, in attempting to re-educate yourself into today's tech world.
Eddy.WriteLinux.Com
You are a notable exception. What's it like being a rock star, and how great is it that you'll now be able to fully capitalize on your fame in the financial sense? Would you be in as promising a position today had you not run afoul of the law?
For those that would die defending it, Freedom
has a sweet taste that the protected will never know.
Kevin, you've been seperated from computers by law, yet now you are running a consulting business. This would suggest that you have some level of expertise with computer technologies that did not exist or existed in fairly immature version of their current incarnations.
How did you/do you stay current on technologies without actual experience, and was it difficult without having an opportunity to put theory into practice?
What security precautions are you going to use to prevent bad people from hacking into your company's systems?
However, the questions still stand, albeit slightly modified. How difficult do you think it will be to find clients willing to accept your work, given your infamy? And, how long do you feel it will take you to catch up to the point where you can compete with other companies that are out there?
I can't say that I don't give a fuck. I've just run out of fuck to give.
Kevin,
Have you considered writing about your pursuit by system admins and law enforcement types? I read about you in a few "hacker" books. The only title I can remember now is "Takedown" by Tsutomu Shimomoura. I would find it interesting to read about how much you knew about his pursuit of you. Do the terms of your release even allow to do this? (Slashdot readers, don't buy Takedown. It's a travesty of a book. Tsutomu comes across as extremely annoying, and spends half the book describing where they went to lunch. I was cheering for Kevin by the end.)
I read your book and attended H2K2 last summer (I look forward to seeing you speak at the next one). I meant to ask this question to the Social Engineering panel:
Do you have any stories about Social Engineering gone awry? That is, a situation where the mark saw right through your ruse and you just couldn't pull it off.
Where does the school board find them and why do they keep sending them to ME?
There was a very interesting (and well balanced) program about you I saw in England a while ago, and in it it mentioned that you were put into solitary confinement (AFAIK) for 6 months, and weren't allowed to use (let alone go near) a telephone under the misaligned fear that you could "blow up the country with one call".
My question is: How does it make you feel when there are such ignorant and misinformed people who are in a position of authority (i.e. judges, police, government) and are there any ways in which you can use your experience to change these attitudes/problems for the good?
Are you local? There's nothing for you here!
Kevin,
I was first introduced to your story by reading "The Fugitive Game" written my Jonathan Littman, and I wanted to ask you how close Mr. Littman came to showing your side of the events. The impression I got from the book was that it was rather egocentrically oriented around the author, and put him in a light of being a hero while you were put in a somewhat-villian like set. What are your thoughts in the way you were portrayed in this book, and how close to the truth does it fall?
Having read numerous accounts of your activities, both favorable and not, my impression is that your punishment was well deserved.
My question is therefore, "Did you learn that it is wrong to intentionally destroy others' work for your own amusement? If so, what part of the punishment was most effective? And, if not, what additional punishment might have changed your mind?"
This is a serious question. I'm not just trolling.
[ home ]
From what I have read, it seems that you did more with social engineering than you did with actual hacking. What would you say your greatest strength is with regards to using hardware/software? Your greatest weakness?
If have read a bit about you, so I know that you were no slouch back in the days prior to your incarceration and release...but if you have actually stuck with the limits of your probation how are you planning to jump into consulting again?
Don't get me wrong, but you can only advise people on social engineering and easy passwords for so long...what kind of knowledge did you already have on PKI, VPNs, Firewalls, IDSes? There seems to be so much that has changed that just a cursory understanding of the principles behind these technologies does not seem sufficient to serve as a consultant (or at least one I would pay for)
Since so much has changed radically in the last few years, how have you kept up or do you plan to keep up at the moment? I can't see just reading a book on the latest OS specs and administrative tasks and being able to consult on them without hands on experience, and in your case you have quite a few years of language, os, security, and other operational technology advances to get up to speed with, etc.
So basically....what's you game plan to get back to a modern day equivalent of the proficiency you had several years ago?
Time flies and the pace of change is ever increasing in this industry. Certainly the landscape of the computer world has changed dramatically since you were last able to lay your hands on a keyboard.
Yours is a unique perspective - almost like a kid that has had full run of the candy store and was taken outside and forced to watch (face pressed to the glass). Now you're allowed back in to a drastically changed candy landscape. (Pardon the candy analogy, but I'm fond of sugary things).
In your opinion, what technology has changed the greatest since you were actively involved in the scene?
What will be your primary technology focus when you get back online - in terms of getting back up to speed?
Do you feel intimidated at the prospect of catching up on so many things? Are there areas that you will simply ignore out of necessity but would like to learn more about if you had the time?
Do you have any desire to hack just for the joy of hacking/discovery or have you been turned off of that in light of the consequences?
Thank you for your answers and welcome back!
You need people like me so you can point your fucking fingers, and say "that's the bad guy."
you have done an amazing job at garnering support and sympathy from the public, but how will we ever know if you deserve it? the only person that knows your true motives is you. with your social engineering skills and drive to see how far you can push things, wouldn't changing an entire public's opinion be the ultimate social hack?
Commonly, high-risk activities are found to be addictive. Would you say that you were addicted to 'hacking' and social engineering? If so, did your lengthy sentence give you enough time to get over that addiction, or do you still feel the pangs of desire?
Apple? x86? Linux? Windows?
How are you going to get even?
or if I was a lawyer:
"Imagine a person in your situation. How would they get even?"
You will have to pry my proprietary software $$$ from my cold dead hands!
- Hackers
, which I was written with some interestingly similar parallels to your own life...I read a story where you were an expert witness for a trial in Las Vegas over redirected telephone calls. The defense called in to question if you really had hacked into the phone system. On a break, you ran to some old 'storage' locker and retrieved a printout of accounts and passwords or something.
What was the story behind your part that trial? (And how much stuff do you have in storage?)
Despite your legendary status as a cult hero within the geek community, we all know that to remain viable, we must all remain up to date on latest/greatest trends, tools, skills, terminology, etc. Let's be honest, we gain skill and knowledge re: computers by using/interfacing/reading about them. After your long absence from the computer world, how viable do you imagine yourself being? Admittedly, your name alone will open a lot of doors, but if your skills don't keep the door open, you may find yourself back outside. How have you kept current, and how do you plan to get yourself back up to speed with changes that have occured since you were forced offline?
whiel your computer skills could be put to very usefull legal computer uses in the next deaced or so I am sure you meet with peole who are leary given your past convictions..
What have you learned about selling yourself in this environment to overcome the objectections about your criminal convictions that might be of use to other slashdotters?
Side Note: some of us slashdotters have minor run ins with law in our past that coudl obviously if they are using computer kislls within the law make use of what you have learned in this area, Kevin..
Don't Tread on OpenSource
I remember a not so long ago slashdot article talking about one of the laptops the feds seized had encrypted data they couldnt' access. What was the key size? I'd feel warm and cozy if you said 512 or smaller, since most of us now use 1024.
During your escapades which eventually landed you in hot water, you used the EFF account at The WELL to hide the files you stole from T. Shimomura. I'm still trying to figure out why the heck you did that. A simple "last" would have shown you that that was an active account, and you could have guessed that the user was probably technically savvy enough to notice the sudden spike in disk usage. Was that just an act of hacker hubris, or were you just not paying attention? Ultimately, it's what led to your downfall (FBI monitoring your keystrokes, live tracing of IP's) so I am well and truly curious.
-jim
It's been a few years since you were exposed to the IT scene in general and the security scene in particular.
You are now in a sense our Rip van Winkle in this regard, and I'd like to know what your initial impressions are about the status quo regarding attitudes towards security (now and then), and changes you've perceived in levels of implemented security (gained, of course, from reading, not practising:-) ), etc.
Describe our world for us as seen by someone who only knew it 8 years ago. Has the baby matured into something to be proud of?
Blearf. Blearf, I say.
Essentially, you have been in limbo in terms of technology for the past 8 years, having missed the biggest revolution of computing since it's inception (ie. the Internet).
I've been a hardcore programmer for the past 10 years, and even I find it difficult to keep up with all these new technologies, terms, etc, and I spend around 3 hours a night after work just dedicated to investigating new technologies.
Where you able to keep up with technology during your incarceration and probation period by just reading books, or were you even allowed to read books? How soon do you think it will take you to re-absorb enough knowledge and, more importantly, experience to make yourself useful in today's world?
I am preparing to leave the tech world for a while to pursue my dream of a PhD in a decidedly non-tech field, cultural geography. Sure, you can use a computer to do this sort of work, but it doesn't involve BGP flapping and hacking 200 lines of perl. One of the caveats I have received from tech friends is that moving away from the tech field, even temporarily, will kill me when I come back, if I come back. Personally, I don't think so as I will still being using the internet, blah, blah, blah. I just won't have a pager screaming all night and I won't be grepping log files for errors.
My question is this: How do you feel that your incarceration has hurt you with regard to all the new-fangled stuff that has cropped up over the last 10 or so years? Even more interesting to me is: do you think that being removed from the tech world enhances your perspective on matters or hurts it or both?
Comparing it to Windows will be a moot point, since El Dorado is going to have a 40% larger code base than XP.
Mr. Mitnick:
There are some people who feel that it is unfair for you to use your reputation as an infamous cracker to sell books and build your new consulting business. They argue that you are being given a level of free publicity and exposure that other law-abiding citizens simply would not receive. How would you respond to these accusations? Do they concern you at all? Deep in your heart do you feel that it's unfair you are getting all this extra-special treatment but are willing to accept it anyhow because you need whatever help you can get? Do you feel that it's acceptable to accept some unusual help building your business because you were subject to equally unusual/extreme punishment?
Moderators: this is not a troll. I think this is a legitimate question that many people here would like answered.
GMD
watch this
The evolution of the online world is an apparently gradual process to most of us who get on the internet many times each day. You have had a unique experience in that you stepped out of that world for a number of years before being allowed to step back in. We all know that technology improves a great deal in as little as a few months, so the differences between the online world you left and that which you are re-joining must be large (in degree and in number).
Which of these differences are the most significant, and have any of these changes been a step backward?
Given my assumption that most of your exploits were due to your uncanny ability to lie, should you even be consider a hacker at all? I may be wrong, but it seems that social engineering was / is your only true skill. That is not enough to cut it in the world of security consulting at this time, so how exactly do you intend to utilize your "skill set" to make a living now?
I'm a long time user of nyx.net. In 1994 you made a mess of the system that many people relied on to access the Internet. This system was and is, free Internet access for everyone. Your actions caused unpaid voluteers a lot of time and effort and shut down many people's only access to the Internet at a time when there were no other options. See :
http://www.nyx.net/history.html
ROFLMAO.
A half-serious question: "If the statute of limitations has expired, and/or your lawyers think you're safe from double jeopardy... What was the passphrase to all those files the DoJ couldn't (or wouldn't admit to being able to) decrypt after all these years?"
Did spending an extensive period of time away from computers make you realize that you might just move away one day? or are you still fascinated like the first geek was?
Sure, he's served his time. That doesn't mean he suddenly needs to be treated like a hero now that he's out. I know somebody who recently got out of prison after being convicted of pedophillia. He's done his time, but he's still screwed because nobody trusts him. But does that mean we should parade him around as a hero too?
During your pre-trial detainment, you were put into solitary confinement. The government was afraid that you could start a nuclear war with a mere telephone call. Do you think that was within your skills at the time or were they just afraid of their own fears?
Travis
At the risk of destroying all of my karma and having a swarm of 2600 guys wearing free kevin shirts coming after my bandwidth I dare to ask the question which I think we are all thinking
What do you have to offer the security world after being in the clinker for so long. I do not doubt your oldschool skills in any sense, however tthe field of security and networking which you plan on consulting for has changed dramatically in the past few years.
What do you have to offer still? Despite your fame and being unargueably the cybercrime scapegoat, what skills do you possess that will benefit the security world in 2003? Have you had your relatives print 0-day exploits as well as your email? Do you have knowledge of current OS's and the security flaws they possess?
This is not a cheapshot at your abilities, however a simple question of how in the fast changing world of technology you have been able to maintain skills while not being able to touch a computer? By Moore's law you are way behind!
[I can picture a world without war, without hate. I can picture us attacking that world, because they'd never expect it]
I was the one that discovered your presence on our network at Security Pacific.
Later one, one of the staff had a phone conversation with you. You only spoke with DTMF beeps, but the gist of the conversation was our asking you why you broke in...
and your answer was, apparently, to get the source code for the Supervisor Series, which BTW is now publicly available at DECUS.
So, I have two questions for you:
1. Was that really the reason for the break in?
2. Did you know that you had managed to get to the production machines, doing back-end securities processing? If so, what stopped you from doing more damage?
BTW... for what it's worth: I feel you deserved the jail time, you didn't deserve the unconstitutional railroading you got.
Laugh at my Lisp and I keeell you.
A lot has changed over the last 8 years. While you haven't been able to use computers or the Internet, I'm sure that you have been able to keep up with books and other reading.
I'm sure that there is something new that you just can't wait to get your hands on. What is it and why?
I have seen the movie Takedown about your story. I was curious was that movie accurate? In the movie you seem to be poking fun at the security guy (who's name I can't spell) and harrising him. Was this really what happened or hollywood drama added to sell the movie?
Good luck with your consulting buisness Kevin.
- zeno@cgisecurity.com
Believe me, if I started murdering people, there would be none of you left.
You were given a notebook PC, with no net connection of course, by the court to work on during your Net-exile. What was on this PC? What OS was it running? And were you able to install any new software on it, or have software installed for you? The follow-up question, of course, is "and how many nethack characters did you ascend?" :)
I'm not sure if you went to a prison or jail. Its possible you ended up in whats commonly known as a "white collar prison", which might make my question lame, but...
I'm curious about how your time was spent during your years behind bars. Did you take to reading to pass the time? Pick up crafts or lift weights?
I'm also curious about relationships you might have made. I think we are all familiar with the common inmates profile - some career criminals, some violent, some drug related - in *general*, poor and uneducated americans. I don't know what sort of background/upbringing you had, but i wonder if you had trouble making connections to people within the system, and in the connections you made - did you find it difficult to explain exactly why you were there? Did you get any respect for your talents in the computer field?
Check out this
To what extent do you think the movie War Games encouraged hacker culture amongst those of us in the 30s-ish age group? (Personally, the l33t h@x0rz I know all cite the grade-changing scene as at least ONE of their inspirations...)
"Stop throwing the Constitution in my face, it's just a goddamned piece of paper!" - George W. Bush Nov. 2005
OK, Kevin, so what's the real story? I know what I read in Wired, in exceprts from Takedown, and in endless 2600 articles. But give me the straight scoop: what's your side of the story, why you ended up in jail?
You've practically been granted sainthood by 2600. They started a movement that culminated in every geek in America pulling for you. But your fifteen minutes are up. Only us geeks are listening. Give us the straight scoop.
I was in Raleigh the day you got busted, and I vaguely remember the litany of offenses they named on WRAL when they showed your perp walk. You broke the law, right? You stole credit card numbers? You stole files from Shimomura's computer? (Which, yes, seems a bit less serious when I get fucking SPAM with files from random clueless people's computers, but that's a finer point and the law is notoriously bad about fine points.)
Clearly you've got skills, and I'm really looking forward to reading your book. But a movement based on your going to jail? Were you really, honestly, truly unjustly persecuted? Or, on reflection, did you crimes against society genuinely require some time in the pokey?
In order to be an effective social engineer, you have to become a different person in order to successfully complete an objective. What kind of person did you have to become in order to survive physically, mentally, and emotionally in prison? How did you deal emotionally with solitary? Were you able to use your skills to get along better with other inmates and the guards?
The media has portrayed you as a master Hacker. Do you consider yourself a hacker? Is there a difference between social engineering and hacking? I ask becuase you indicated in an interview posted on 2600 that you were "admittedly light" in programming skills. What are your thoughts on this?
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
Reformed or not, what advice would you give to the budding nerd youth that want to follow in your (and others) footsteps and become a hacker?
There is no spork.
I assume there are people who are watching your actions now ... even this interview and its responses. Who do you know is watching you and who do you suspect is watching? As someone experiencing government surveillance first hand, just how bad is it?
--- Jason Olshefsky
Karma: Poser (mostly affected by adding this line long after everyone else did)
Anyone here who wouldn't be in trouble if every one of their computer and copyright related "offenses" came to light can throw the first stone. Ever downloaded an unlicensed MP3 plugin for Redhat 8? Ever renamed irc to emacs to violate a school policy on computer use?
While you where away, p2p networks have become a very popular form of file sharing on the internet. Unfortunatley many people wish to put this to an end. What is your opinion of p2p networks and rights that should be associated with using them. Also what is your opinion of DRM (digital Rights Management) and the RIAA ?
if all else fails...install linux
Namely, what are you views on activist use of hacking/cracking to promote political views?
Have you watched the new movie 'Catch Me If You Can'?
Handratty plays a very important role in getting Abiganle to work for the FBI while serving his sentence. Did you have anyone like Handratty around you or was the environment too hostile?
I copied this sig.
When I saw the picture next to the CNN story about you getting back online, I thought they had made a mistake. The guy in the nice suit with little glasses couldn't be the geeky Kevin I remember. My question is: Do you have a fashion or image consultant?
And a little hint for someone that hasn't gotten email in a while, Staci doesn't really want you to test her new webcam for her.
Good luck.
-B
From what I understand you are positioning yourself in the world of consulting and authoring.
If this ends up being a success for you, do you think that you will be able to look at your past with a positive, learning experience, point of view and can you see yourself letting go of some of the grudges spawned by the events leading to your sentencing?
How often do you wear a "Free Kevin" shirt? does your car have a Free Kevin bumpersticker on it? Did you ever have the urge to buy into your own merchendise? (And if so, did you actually have to pay for it?) ... teknofile.org
http://www.teknofile.org/
I'm sure that, with all the things you were forced to give up being away from any contact with computers for as long as you were, there were plenty of things you quickly got used to being without, and things you probably even forgot existed. However, I'm sure there were some things you really missed.
Of all the things you had to do without, what one thing about computers and the Internet did you miss the most?
Your Servant, B. Baggins
Q: How did you get into those NORAD computers, and how accurate was War Games?
(NOTE: yes, the above was just a joke, please put down your flamethrowers)
But seriously, now that all this is more or less over, how do you feel about John Markoff? Do you hold a grudge, or have you moved on? How about Tsutomu Shimomura?
"You cannot simultaneously prevent and prepare for war." -- Albert Einstein
I assume you've read the book Takedown. My question is, how close to reality was the story?
Is there anything specific that stands out as complete and utter BS?
Kevin,
How free are you to tell us what you really think about things, and how much is your freedom of speech being moderated by the terms of your parole? For example, if you felt that (this is purely hypothetical), in response to IP issues you believed in taking actions that might be interpreted as criminal, would there be reprecussions for you if you stated them here?
I was wondering, even though you were not allowed near a machine or the Internet, how did you keep up to date with the latest developments on tech-related issues?
This I'm sure will be the first question that will come to mind when anyone considers paying for your services as a security expert. i.e.: how can you help a company when you have been "out of the loop" all these years? I figure that since most security concerns are usually on the social engineering side that this will not be a big deal, but when it comes to other more technical aspects, how will you be able to help them?
So... you tell us... How do you rate your own computer engineering skills? It's obvious what you think of your social engineering skills (and rightly so). But... how do you rate your own technical skills in such areas as logical thinking, programming ability, problem solving ability, creative solutions to complex technical problems, understanding of current protocols, methods, etc.
OK, check with your lawyers but as I'm sure you know the statue of limitations for computer crimes (not otherwise associated with violent crimes) is 4 years in most every state. So, with that in mind; can you tell us some of the coolest hacks you've ever done? Most especially; any so well done that they have gone undiscovered (and unprosecutable now)?
What would you be doing now if you had never gotten caught? describe what you think your trajectory would have been and when you would have had to make a change to avoid getting arrested.
Man the poets down here don't write nothing at all, they just stand back and let it all be.
-Springsteen
It's clear that you will have a unique position in the field of security having been a former hacker, and I imagine you will do quite well for yourself financially. However, the price you have paid is readily apparent. Do you consider this to be a fair trade? With so many security positions available to former hackers such as yourself, could hacking be considered a 'good career move'?
Having done a bit in israels army a while back,what is your take on recent events there?
*Repent!Quit Your Job!Slack Off!The World Ends Tomorrow and You May Die!
I think that you have said that you were not driven by money and that you enjoyed the challenge. There's another activity that is financially unrewarding and challenging: writing free software. Have you ever thought of using your skills in this direction? It's got one further advantage, too: they don't put you in prison for it (yet)!
Hi and welcome back to freedom,
I have read on your site about the quite expeditive way your "pre-trial period" was handled by justice and how justice in its "moral" sense did not fulfill its job and how some of your essential rights were clearly denied to you.
After the 11/9 events, the new US national security directives, big corporations more and more trying to gain control over their users, what does your expertise in computer security and probably deep knowledge of obscure corporate and state practises (open wiretaps for example) incline you to think about the future of civil liberties in the US and as a whole (if you think you know anything worth telling about Europe for example) ?
And do you think you would accept to talk about in public if asked to do so by associations or political parties wishing to communicate on the subject ?
What other crazy stuff did they think you could do while you were there?
Being called a dork on Slashdot must be like being called the retard in special ed.
Have you seen the movie "Catch Me If You Can"? If so, do you see any similarities between the main character of that movie and your own life? And what are the differences between the two stories (aside from the obvious of the era and the fact you did not actually steal $$$)?
"dope will get you through times of no money better than money will get you through times of no dope"
How did you write the book without a computer? Hand written then transcribed, typewriter, or were electronic typewriters allowed?
What i have seen you ran your laptops on win3.11 and win95. Are you today running win XP or do you prefer e.g. linux?
Do you now feel like a Count of Monte Cristo who just left prison?
86 +5 posts (at this time)! Mod up questions that not only sound insightful but are also interesting (and I don't mean that purely in the moderation sense). For example, it might be important if we know how he feels about his own actions- but does anybody really care?
The whole internet boom-and-bust thing happened while you were Off Net, and the economy's worked it's way back down to about what it was before you got caught.
What's it been like watching it from the outside? Do you have any perspectives that are different from what people experienced going through it?
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
The time, April 1994. The place - Colorado Supernet (think *.csn.org) in Boulder, Colorado. I was a green as hell newbie sysadmin on my second job out of college. One day, federal marshals show up with search warrants and lawyers from a large, American electronics manufacturer. They are looking for stolen PROM code for cell phones, and they think it is on our machines (it was). It turns out someone did some "human engineering" on a gullible IT person somewhere and downloaded the code without having to crack anything. This person then backtracked through a long list of hacked accounts across the Internet to cover their tracks.
The search process shut SuperNet down for almost three days. We couldn't answer the phones, check email, or even touch our servers. It seemed certain that this was the last straw in a long list of problems, and that the company would fold. In a panic, I quit that job two weeks later. That was a bad decision, as it turns out, but one I still hold the mysterious cracker responsible for. That person changed my life, and not for the better.
So, was it you?
- Necron69
If such a system gets built, how likely do you think that it will get compromised, how quickly will this happen and what techniques do you think would be used?
It must have been hell reading reviews and watching other people (your girlfriend) play with all the new computer technology out there...
What new technology was on your wish list this year, and what new or old tools/tech would you put on the list for the kids today who want to become as masterful with systems as you once were ?
"Whoever would overthrow the liberty of a nation must begin by subduing the freeness of speech."--Benjamin Franklin
What is the most significant thing you have learned or appreciated anything since the time you were released from prison because of computer inactivity?
Do you feel like you'll be given an unhindered chance to be 'free', Or do you think that the vague state of some US technology laws would be used against you if the opportunity presents itself?
Follow up to that question; are you more or less likely to work on a project that could be construed as a (for example) DMCA violation because of your past?
There are some people that if they don't know, you can't tell 'em.
Any plans to write a book about your early experiences becoming a hacker, your exploits and what it was like to be living on the run from the feds? Or is "The Fugitive Game" to be considered your authorized story?
Frankly this personal, social, exploration story is the book I think many of us would like to see, though of course I bought "Art of Deception."
On that note, did you ever receive any compensation from John Markoff or from any of the print/film versions of "Takedown"?
on a non-networked computer? WHat could he do???
What a defeatist attitude for a hacker. Come on, part of the hacker ethic is to do more than anyone could imagine with the most meagre resources. A few minutes reflection and I'm sure you could come up with a few ideas. Make a few not very far fetched assumptions #1 Assume the encrypted data is the most sensitive/incriminating/useful data that he had - secrets he drudged up in his hacking exploits, passwords maybe programs such as virii, trojan horses etc... #2 Assume he has sympathetic hacker friends out there willing engage in attacks for him. A phone call to a friend with some user names & passwords could lead to interesting results - a tap on the prosecutors phone would allow Kevin to really "assist his own defense." Something by the way WELL within the capablities of someone with information found on the UNencrypted portion of kevins hard drive. A trojan horse in a file he provides to his lawyers who open it at their location WITH net access is a little more difficult but all the more appealing because of the challenge. Blackmailing some executive that doesn't want his wife/shareholders/coworkers/competitors to know something Kevin has found during one of his exploits could be a windfall for his legal defense fund. Use some imagination.
Yes, that's paranoid, but then again this is a guy that had thoroughly compromised the systems he attacked. His control over the phone system was total, he knew when he was tapped and allegedly tapped the phones of investigators & generally screwed around with the phone service of people that pissed him off. He read the emails of the DEC security team that was tracking his exploits. He made the (credible coming from him) claim that he had screwed up the credit records of the FBI agents trailing him. And he not only refused to give prosecutors access to the files (understandable) but he also refused to tell the court *anything* about the encrypted information. I suppose if I thought his hacking was cute harmless pranks I wouldn't care but I wouldn't trust him without very stringent oversight. Which was the final result (and still the cause of great bitching and moaning)
The case against granting him bail was obvious and overwhelming on it's face.
Then spend 15 minutes to hold the hearing, deny him bail, and that's that.
I've already agreed that this would have been the best way to deal with the situation. BUT I can't get all worked up over it in this case. It would have been an empty formality given his history and Kevin has nobody but himself to blame for that history. That the judge made a summary judgement just based on the immediately obvious merits of the situation was perhaps unfair but a hearing wouldn't have changed the result nor was it's denial as grave a breach of his civil liberties as his breathless hyperbole of Kevins star-struck admirers would suggest.