Ghost in the Wires
Kevin Mitnick with William L. Simon (August, 2011)
Little, Brown and Company, 413 pages
Kevin Mitnick is a liar. In fact, he wrote the book on lying (well, a book on lying, called The Art of Deception). I’m not trying to call his character into question, but the fact should be noted. In his younger days, Mitnick’s obsession with exploring telephone and computer systems allowed him to maintain a very casual relationship with the truth, one that found him impersonating cops and telephone company employees alike. His hacking was always more than just knowing his way around an operating system and exploiting security vulnerabilities — he could think on his feet and weave fictions out of thin air, which made him a natural "social engineer." He probably spent as much time on the phone talking telephone companies and state agencies out of sensitive information as he did behind the keyboard, exploiting vulnerabilities in software.
While we can’t be certain of the extent of his exploits, an approximate list could include: breaking into computer systems owned by Sun Microsystems, DEC, NEC, Motorola, and Nokia; getting his hands on documents relating to Pacific Bell’s SAS (Switch Access Services, which could be used to wiretap phone lines); and of course a number of crimes related to his being a fugitive (including identity theft). Mitnick has always maintained that he never profited from his crimes — and there is no proof that he ever did. So how did he become "the most dangerous hacker in America?"
Kevin Mitnick is a liar — in fact, he wrote the book on lying
The overwhelming impression that one gets from his autobiography, Ghost In The Wires, is that the young Kevin Mitnick had a tendency to rub people the wrong way. And that this particular talent of his got him into quite a bit of trouble. It was a squabble over a $150 bet (well, several $150 bets — which Mitnick had an annoying habit of always winning) with friend and fellow hacker Lenny DiCicco that prompted the latter to hand his onetime friend over to the FBI. His initial detention hearing brought a number of incredible accusations from the government, including: hacking the NSA and Defense Department computers; tampering with a judge’s TRW report; planting a false news story about Security Pacific National Bank’s losing millions of dollars in retaliation for not hiring him; and repeatedly harassing Kristy McNichol. This was also when the prosecution made its famous claim that Mitnick could "whistle into a telephone and launch a nuclear missile from NORAD." The judge ordered Mitnick held without bail, because he posed a serious threat to the community when "armed with a keyboard." In fact, he was held in solitary confinement for more than eight months — the only way to assure he couldn’t access a phone. This lasted until he accepted a plea deal, at which point he was sentenced to one year, to be served at a minimum security facility (presumable by this point NORAD had learned how to secure its missiles against whistles). This arrest did not scare Mitnick straight, mind you, but it did make him resolve never to go back to "the hole."
For his next brush with the law, Mitnick can thank "Eric Heinz," aka Agent Steal (real name: Justin Tanner Petersen), a fashion victim and possible sex addict whose milieu was the Sunset Strip, where he picked up women while dressed like an extra from the cult film The Decline of Western Civilization Part II: The Metal Years. (It was the late 1980s, mind you.) Peterson was a hacker and FBI informant who was being paid to help build a case against Mitnick, which resulted in a bench warrant issued on December 15, 1992. Mitnick was eventually tracked to a Kinkos Copies, barely escaping investigators as they chased him though the streets of Studio City.
Hacking, which made Mitnick a fugitive, was now essential to his freedom
One could probably make the argument that hacking and phone phreaking (its telco-centric equivalent) are, in their purest form, apolitical; mere tests of intellectual prowess. Indeed, the Kevin Mitnick in this book is no wild-eyed radical, but then again he is only one type of hacker. And sure, hacker culture may not be illegal, but many hackers are willing to break the law in pursuit of "the deep satisfaction that could be derived from a game of skill," and Mitnick was no exception. While there are a certain number of hackers who proudly declare themselves "white hats" and take care to always walk the straight and narrow, for another segment of the community hacking will always be a quasi-legal pursuit, and for some it’s a downright political act. Indeed, one of the first phreaking magazines, Youth International Party Line, was co-founded by radical activist Abbie Hoffman in 1971, who believed (as many did at the time) that since the Federal telephone excise tax was being used to help fund the Vietnam war, it followed that ripping off the phone company was to strike a blow at the war itself. My own forays into the culture began with the dial-up BBSs of the 1980s and early 1990s, where I’d come across publications like Phrack and 2600, and groups with names like the Legion of Doom, Masters of Deception, and the Cult of the Dead Cow. Making my way through cyberspace at 300 baud (the modem being free when I joined Quantum Link), the electronic frontier was anything but apolitical. I found the mixture of radical ideas, hacking, mischief, and oftentimes bratty arrogance extremely exciting. Concurrently, law enforcement around the country were beginning to learn about the same groups and the same people that I was meeting — and they did not share my excitement. In 1985, police started using their own bulletin boards in sting operations (the first being Underground Tunnel in Austin, Texas) and in a much-publicized case in 1989, a West German hacker working for the KGB was arrested for breaking into corporate and government computers in the United States. In 1990, the United States Secret Service initiated Operation Sundevil, a nationwide crackdown on hackers that encompassed roughly fifteen cities (and led to several unsuccessful prosecutions). At roughly the same time, the Secret Service raided Steve Jackson Games in Austin, Texas, because at some point agents began to believe that one of its roleplaying games was a manual for committing cybercrime. In short, there was a lot of paranoia and misinformation in the air, and it was just at this time that Mitnick was becoming well known.
As I made my way through Ghost it began to dawn on me that, while the reader was getting plenty of details as to how Mitnick committed his crimes, there is very little here to suggest why he kept hacking, despite consistently losing jobs, losing his wife, and eventually losing his freedom. But there are clues: at the beginning of the book he mentions the "abusive men" his mother dated while he was young, and he wonders if they "had anything to do with my growing up to a life defying authority figures." Aside from that and a mention of his father and uncles being "salesmen with the gift of gab," with whom he shared "the gene that gave me the ability to talk people into doing things for me," he paints a picture of a strangely idyllic childhood full of magic tricks, scamming free bus rides, and getting his ham radio license. There is something somewhat poignant about the kid who was content ditching school to hang out at Henry Radio or spend the day exploring the city’s bus routes, which was for him "a bit like being on a holiday." The conclusion that one draws from what he’s written about his early life is that he was a highly intelligent child with little direction and few consequences to his actions, and that he carried these traits well into adulthood.
If Ghost is a little short on the author’s psychological motivations, Jonathan Littman’s 1996 book The Fugitive Game helps flesh out some of the details that Kevin alluded to in his book. Mitnick was very close to his mother and grandmother (both offered invaluable support during his years on the lam), but his family was not without its share of dysfunction. Alan Mitnick, Kevin’s father, had several brushes with the law (including forgery, battery, and grand theft), while Kevin’s uncle was a heroin addict who was probably involved in the fatal overdose of his step-brother, Adam (the last item was also discussed in Mitnick’s book in heartbreaking detail). And I don’t know if this next story is germane to the this point, but it’s too good not to share: according to Littman, "Mitnick’s stepfather was an active member of the radical Jewish Defense League. When Mitnick was eight or ten his stepfather would take him out into the desert near Los Angeles and let him watch while they fired automatic weapons at posters of Hitler."
Mitnick goes into great detail discussing his various hacks and "social engineering" escapades, and a lot of it is pretty impressive and eye-opening. Still, I have to caution you upfront: when you read this book, you just might find yourself bogged down in details, such as a Unix .rhosts hack that was probably patched right around the time AOL for Windows NT was launched. That said, I did read and enjoy all three-hundred-plus pages. Then again, I’m a sucker for nerd nostalgia — and I’m guessing that some of you are too.
These days, the "world’s most dangerous computer criminal" mantle would probably go to high-profile "hacktivists" such as LulzSec, with agendas that couldn’t seem more different than those of the original Darkside Hacker. Still, I’m pretty sure that whatever motivated Mitnick isn’t all that different from what motivates this new breed of hackers, even if the modern groups are more interested in chaos than in discovery. As long as there are computers, there will be hackers — people motivated by a need to learn, to test themselves, and to exert some sort of control in a world where many people feel powerless. And as Kevin Mitnick’s book shows, hackers do grow up, they do change, and — if they’re lucky — there’s a job waiting for them after prison.