Warning, Ghost in the Wires

Although Kevin Mitnick’s criminal hacking days occurred mostly before the advent of the internet, his tales of computer chicanery and “phone freaking” are still relevant because it is still used today. In his book he explains that his purpose of hacking was never to steal source code and profit–but only for the thrill of it. Social engineering and hacking his way into systems became his addiciation. This hurt his family, especially his mother a great deal. As a teenager, he began by getting free telephone servicefor his mom’s apartment, later to connect to the great tech companies mainframes of the day: Sun Microsystems, Novell, and NetCom. Without going through sophisticated back doors, he used  zero-day exploits that others had reported to the developers but still were not fixed or patched along with social engineering to download the entire source code of their flagship products.

After spending time in jail, Kevin Mitnick now runs an IT Security Firm, and yes, he still hacks–but ethically. His purpose is to gain access to their network and explain to his clients how he was able to breach their security. Through obtaining an education as software developers, we can only prevent so many security holes in our code, like the ones Kevin used, because the users of the software must also update their software, maintain it correctly, and maintain a physically secure environment. Many of these measures are overlooked and can be avoided through training all users about proper secure system maintenance, such as the lectures that given now gives as an ethical hacker.

Advertisements

One thought on “Warning, Ghost in the Wires

  1. Although I hadn’t heard of Kevin Mitnick before your post, after following your links I’m glad to see that he’s now making ethical use of his expertise. To me his story shows the trade-offs that people in IT/CS must make to improve and become true technical masters. I’m definitely not advocating hacking, but Mitnick was obsessive, dedicated, and gave up many of his prime years to this hobby/habit, eventually becoming a very successful and useful anti-hacker consultant. In a similar way, we as aspiring computer scientists/software engineers must be dedicated and sometimes obsessive (while staying in the legal realm) to improve and excel.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s