Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security

Mitnick Calls for Hacker Stories 242

ram writes "Famed hacker and master social engineer Kevin Mitnick has been commissioned to write a new book following the success of his first text The Art of Deception. The new book, tentatively titled 'The Art of Intrusion' will tell the stories of real hacks, with the names of attackers obscured to protect them from the authorities and their victims. Mitnick has called on retired hackers to come forward with their stories, offering a $500 (283) prize for the best story that makes it into the book, and a $200 payment for all stories that make the final draft."
This discussion has been archived. No new comments can be posted.

Mitnick Calls for Hacker Stories

Comments Filter:
  • by Pingular ( 670773 ) on Sunday December 21, 2003 @05:46AM (#7778252)
    He is a famous hacker because he got caught [takedown.com]. There are thousands of hackers much better (if that's the right word), so why does he get all the attention?
    • by Crypto Gnome ( 651401 ) on Sunday December 21, 2003 @05:49AM (#7778256) Homepage Journal
      er, the 'attention' (most especially from the media) occured as a direct result of his being caught, or were you not paying attention at the time?

      Hiding under a particularly large rock?

      Or perhaps you were on your way here from (for example) Europa?
    • by modpod ( 733098 ) on Sunday December 21, 2003 @05:52AM (#7778267)
      because he was held without a trial for so long.... and eh, in the mid 90's people in the phreaking/hacking community decided to rally behind him. that part, i don't remember the specifics of. also, he was one of the first publicly discussed (newsmedia, websites) individuals banned from computer or electronic device use. funny sidenote, in highschool several years back, i was testing innoculate's latest patches for the school (without telling the network admin bumblehead), and i ended up being banned from touching all electronics at school nearly indefinitely! they wouldn't even let me troubleshoot a printer or a vcr... fools. it was funny though, and i was the first such case in the school district. go figure.
      • Yes, he was held without a trial for a very long time.

        But that is reason to condemn the authorities, not praise Mitnick.

        Master social engineer? Are you people on drugs? The man doesn't even rate as script kiddie material!

        You want to worship/revile a man for truly sinister acts with a computer? Go pick on somebody like a Pug Winokur.
    • by Anonymous Coward

      He is a famous hacker because he got caught. There are thousands of hackers much better (if that's the right word), so why does he get all the attention?

      Because, he was considered a martyr. I remember 2600 was reporting that the original sentence (total amount of charges) could add up to 465 years in prison, or some astronomical number. He was extremely brazen in his ability, and it really isn't that interesting of a story. I prefer better stories. For example, when Wired reported about the LOD wars,

      • It was unjust to have Mitnick held w/out bail/trial for years, that they were charging him for millions of dollars on behalf of companies who did not even report such losses in Annual Reports, asinine how they would not allow him/his lawyers to copy the HD of evidence they had of him (they wanted him to give them the pw to decrypt the info). ETc etc etc. However, Bernie S.'s story was more interesting to me than Mitnick's. He wasn't doing anything to defraud the phone company. He was simply selling somethi
    • by Anonymous Coward
      Well you didn't say so explicitly, but I've heard, even from the mouth's of some of the best hackers, the notion that the best hackers never get caught, and only bad hackers do get caught. I don't really buy into this logic, I think anyone can get unlucky. I mean, being a good hacker and never getting caught is like getting an ace and a face card in black jack - but you can still have a winning hand without that.

      I also disagree there are thousands of hackers better than Mitnick. There are better hacker

      • definitely had skills

        actually i am a little curious

        i remember reading about things he had done (e.g. "mitnick attack" (connection hijacking?) where IIRC you take down a genuine host by basically DoS-ing a legitimate machine and then impersonate that machine, made possible because the TCP increment value was predictable and not random)

        it definitely took an understanding of the way TCP etc. worked in order to come up with something like that (i guess it was really him who came up with it and not something
    • Bold highwaymen (Score:5, Interesting)

      by AllenChristopher ( 679129 ) on Sunday December 21, 2003 @07:25AM (#7778445)
      There have been a couple of ideas put forward in response to your question... my feeling is that Mitnick isn't famous because he was caught, but because he dared to go for the big score, and because he ran.

      Running from the authorities using his advanced level of hacking skill, creating new IDs and such as he went, having stolen the data for the intellectual thrill of it, not for financial gain, then improperly held by a vengeful government... That's a classic tale. I don't know if it's a true story, but that was the popular perception at one point.

      In the 18th century, there was, in England, an absolute adoration of the highwayman. There were courteous highwaymen like Dick Turpin, whose victims had only this regret: that they could not have met him under other circumstances and been friends. There were brutal highwaymen, like Jack Sheppard, who was noted for his violence and for escaping Newgate with fetters on his limbs. There were gallant highwaymen, like Claude Duval, whose arrest was supposedly mourned by women across the country.

      Other countries and that and other times have had the same respect for any bold thief. John Dillinger is the best modern example.

      And as for getting caught, the populace believes that if you live bravely enough as a criminal, you WILL eventually get caught. That's really the basis of the admiration. If you could simply escape the government by being strong enough, as in the 1200s, you'd only be feared as a danger to all. It's the assurance of eventual capture that gives living on the edge its glamour. This, in particular, applies to Mitnick where it wouldn't to a mere modern carjacker, because we know the carjackers aren't caught. There are so many muggers and rapist and straight-up burglars who prey on the populace directly and succeed that we can't respect them. We fear them. A bank robber or a hacker can go after the big score, the wealth of the very rich, and leave us entertained participants.

      There are, of course, plenty of major criminal hackers who do get away with it, as with any other crime, hackers we never hear about because they stayed safe, played it smart all the way. Some of them may be reading this now. Hi boys... you're assumed to be mean of spirit, not to have aimed high enough to get caught, mere embezzling rats or at most a sort of criminal investment banker. How does that feel?

      Eventually the statute of limitations will start to run out on modern hackers who have done some pretty cool things, and we'll start to read the full stories of the ones who did go for the big score and get away with it in the Net age, just as we now revere some of the early phreakers who dared and won. Until then, the successful hacker will remain the province of fiction.

      It's also interesting to note that in the 19th century, it was felt that the effect of the poems and plays about thieves had the same deleterious effect that comic books, rock music and video games were later held to have.

      This post is reacher for 600 words, though, and beyond this I might as well write a properly-researched article, so I'll leave it here.

      • and five years from now, when the patriot act iv is released, and the terrorism clauses include hacking and no time limit?

        Have no trust that yer asses are covered by such limitations. until death

    • There are thousands of hackers much better (if that's the right word), so why does he get all the attention?

      Because they aren't known? :-)

      I guess media has made Mitnick famous and that's why. But I'd be very interested in hearing of another hacker, whose hacks has been fairly well documented.
    • by Anonymous Coward on Sunday December 21, 2003 @10:02AM (#7778944)
      He is famous because he got caught and, perhaps more importantly, because the authorities either decided to make an "example" of him or were actually deluded by the exaggerated portrayals and feared him.

      Note that reading "The Art of Deception" is very enlightening as to what Kevin's skills and knowledge are really focused on. As someone with more than enough technical knowledge, but very limited social engineering skills (and no particular desire) to actually break into systems (I often find holes and create exploits, but only on my own systems, and I report them to the project or vendor), I can appreciate what his skills are, how they differ from mine, and how totally detached from reality the common perceptions about the danger of technical vs. social hacking skills are.

      I think that the reason Kevin got caught is because he wasn't acting rationally - he wasn't hacking for profit, with the appropriate caution to avoid getting caught, but because he was driven to it. He was probably far more active than cautious hackers. He probably misestimated the level of efforts that would be used to track him, because prior to his case, there weren't many high-profile cases.

      It doesn't necessarily imply anything, good or bad, about his skills. Perhaps about his judgement at the time.
  • I wonder if (Score:5, Insightful)

    by dan dan the dna man ( 461768 ) on Sunday December 21, 2003 @05:48AM (#7778255) Homepage Journal
    he will take care to protect the identities of the targets too. I can see no end of trouble when "A Big Co." finds out they were completely rooted and had no idea..

    IANAL - lets say for the sake of argument I was an ex-hacker with a story to tell that ended up in print. Even with this much vaunted anonymity I would still be worried about publically confessing my misdeeds. Especially in the UK where hacking offences can be covered with anti-terrorist legislation these days.
  • Wait a second... (Score:5, Insightful)

    by JamesD_UK ( 721413 ) on Sunday December 21, 2003 @05:49AM (#7778257) Homepage
    Sounds like a cheap and easy way to write a book if you ask me.

    1. Get others to produce the content of your book
    2. Publish
    3. ???
    4. Profit!

    • by Crypto Gnome ( 651401 ) on Sunday December 21, 2003 @05:56AM (#7778280) Homepage Journal
      Books in one sense are very much like music.

      Anyone can write a book, can even get it published.

      However, of the thousands (hundreds of? or is it millions?) of books published every year, FAR too many of them SUCK for one reason or another.

      Having published one, and being comissioned for another based on the strength of the first, this is likely (though not guaranteed) to Not Suck.

      Even so, profit is by no means guaranteed.
      • by dipipanone ( 570849 ) on Sunday December 21, 2003 @08:08AM (#7778518)
        What, you think Mitnick actually *wrote* his first book himself?

        Perhaps he did, but given how modern publishing works, I'd be very surprised if that were true. These works are most likely ghostwritten attempts to cash in on his outlaw celebrity status (as told to A. Hack) and the follow-up is another attempt to capitalize on the Mitnick brand(tm) and its status in the burgeoning script kiddie market.

        You don't really think an editor commissioned this book because its likely to be a valuable contribution to culture, do you?
        • I'd almost believe that Mitnick wrote the first book himself - at least the draft. The first book covers the same ground repeatedly, and his summarizations in the ends of each chapter certianly sound like him.
    • Welcome to Slashdot, chief . . .

      For what it's worth, I have a good story involving some (requested, of course) intrusion testing on a senior security worker at Microsoft's personal web server that came about because of a Apache vs. IIS argument on IRC. Pity it was just a simple application of RainForestPuppy's modified UNICODE exploit (read: a script-kiddie hack), or I'd submit it . . .
    • 1: Get advertised on /. 2: Thereby, get others to produce the content of said book 3: Give $200 to all making "the finals", thereby getting their personal info. (Where did you say I should send the money?) 4: Sell personal details & story to company in question 5: Profit, profit, profit
    • Indeed! Someone should use that idea to create a news web site for nerds.
    • That's a good point. Why aren't the newspapers taking the time and money to stage the events they cover? Pretty lazy just waiting for something to happen before they write about it.

      Seriously, though, publishers do just what you've suggested:

      1. Commission someone to write a book for you.
      2. Publish.
      3. Give the author a tiny little bit of the money, and keep the rest.
      4. Profit!

      There's no ??? because it's a well-established model, but the the Profit! is optimistic... many books don't earn enough money to

    • That's the model that Scott Adams has been using for about 15 years with Dilbert. He ran out of ideas after the first two years but at that point he was popular enough that people sent him screwy stuff that was happening in cube-farms. Now I admit he is brilliant at putting them in a humorous context, but they're not necessarily all his ideas.

      This sig best viewed in a drunken stupor.
    • by gustgr ( 695173 )
      How can he totally trust on the histories he will receive ? Asking the history sender for details ? Do you guys think that a very imaginative mind can came up with a 'fantasy' history and got it published and no one (including Mitnik) note that it is fake ? Details and checking with the press publications doesn't asure that the content really happened. I would like to know how reliable are the histories.
    • Re:Wait a second... (Score:4, Informative)

      by jsailor ( 255868 ) on Sunday December 21, 2003 @10:25AM (#7779046)
      AGREED. I published a book and paid out a much greater sum to contributors than what Mr. Mitnick is offering. Especially for the components that will make is book interesting to a wider audience. The key with publishing is to attract as large as an audience as possible - which the anecdotal stories will certainly help to do because they give the masses an insight into the hidden world.

      In general, royalties for U.S. sales are 5-10% of the sale price of the book from the publisher - usually 50-55% off of the cover price. Foreign sales often yield a fixed price per unit sold. Really geeky books have an audience of 5,000-10,000 readers. Mass market geek books 2-10 times that. The anecdotes will push this book well beyond that. I rant, but do the math and you'll see that $200 and $500 is very exploitive.
    • it's not just "cheap" in this sense. think about it. miserable $200 if your contribution gets into that book? what kind of book advance would you think he got?

      $500 for the BEST story that gets in? you have got to be kidding.

      how many stories will he be able to include in the book? 10? 20? 30? so for an outlay of, say, $6000 or so he will be able to tack on to the cover a blurb about how the book is chock ful of real, exciting, etc. etc. stories "From the Dark Underside Of The Internet!!!!"

      is that wo
  • by Janek Kozicki ( 722688 ) on Sunday December 21, 2003 @05:49AM (#7778259) Journal
    IT people and security-concerned people will hopefully learn a lot from this book.

    good to see security improving as the time passess....
    • IT people and security-concerned people will hopefully learn a lot from this book.

      good to see security improving as the time passess....

      Changing people's mindset won't happen that easily.
      People will be idiots about it for a long long time -- it's not part of our genetics or culture to inherently distrust delegation and unconfirmed communication. We haven't even caught up with the invention of the phone yet, and people believe whoever is on the other side is who they say they are.

      In the mean time, we

  • Confirmation (Score:5, Insightful)

    by Tango42 ( 662363 ) on Sunday December 21, 2003 @05:51AM (#7778263)
    How does he intend to confirm the stories are true? If he is trying to keep indentities quiet, he is going to have problems confirming them.
    • Re:Confirmation (Score:3, Insightful)

      by bruthasj ( 175228 )
      Easy. Just look up all the cracking activities that have occurred in the last five years via google or the library (newspaper articles). Then seek after the stories in a more specific way. Find out who did it. Interview them. Cover up their names and place their extremely detailed intrusion technique.

      The confirmation can be had by the sys admin saying, "Yep! That corresponds to the logs we had!" If someone really wanted to get that nitpicky.

      I'd even recommend that Kevin meet these people in a completel
  • nice gig (Score:5, Funny)

    by Anonymous Coward on Sunday December 21, 2003 @05:51AM (#7778264)
    Let's see...I'll give away a few hundred dollars for some stories of hacks, put them in a book and make thousands of dollars from it. I think he's still a damn good social engineer.
  • by Animaether ( 411575 ) on Sunday December 21, 2003 @05:52AM (#7778268) Journal
    1. Perform illicit activity (crime: 'hacking' or 'cracking' for those who prefer that term)
    2. Get away with it.
    3. Get paid for story publishing.
    4. Profit!!!

    Seriously though, as I'm sure many of these hackers/crackers will be heralded as (demi-)heroes by many visitors of Slashdot, and I understand that often the sentences for those caught are ridiculous, it should not be forgotten that they -did- commit a crime.

    Now, they were 'smart' enough to not get caught for that crime, too. Which means they can gloat about their hack/crack in private of with tight friends or do whatever the heck they want with it already.

    But now they're getting paid to talk about those hacks/cracks - and retain their anonimity ?

    There's something very wrong with that picture, in my humble opinion.
    • This [amazon.com] is only different in that he doesn't hide behind anonymity.

      Face it , people..... Break Laws + Write Book = Profit is a well known and often-used formula.
    • by nathanh ( 1214 ) on Sunday December 21, 2003 @06:11AM (#7778317) Homepage
      Seriously though, as I'm sure many of these hackers/crackers will be heralded as (demi-)heroes by many visitors of Slashdot

      Why would you think that? Whenever there's a Mitnick story on Slashdot the overwhelming majority of posts say "he got what he deserved" and "hackers are good, crackers are bad". I very rarely see anybody defend what Mitnick did; in fact, I don't think I've ever seen anybody defend what Mitnick did.

      If anything, I would say the "Slashdot meme" is strongly opposed to criminal acts with computers.

      • by Anonymous Coward

        Whenever there's a Mitnick story on Slashdot the overwhelming majority of posts say "he got what he deserved"

        He was arrested, convicted and sentenced in 1989 for doing something that at the time wasn't a crime; kept in solitary confinement for months on end; eventually released and was arrested again in 1992 for supposedly breaking parole conditions (he didn't); imprisoned for years without charge or trial and eventually has to incriminate himself to be released. Meanwhile he has to idly stand by why S

    • Seriously though, as I'm sure many of these hackers/crackers will be heralded as (demi-)heroes by many visitors of Slashdot, and I understand that often the sentences for those caught are ridiculous, it should not be forgotten that they -did- commit a crime.

      Yeah, that used to mean something. Nowadays, who hasn't downloaded an MP3?

    • The ideal list would be
      • 1 Perform Illicit Activity
      • 2 Get Caught
      • 3 Plea Bargain/Turn States Evidence
      • 4 Get let off lightly (and I use that term loosely)
      • 5 Write book detailing the exciting life you've led
      • 6 Write second book, detailing others who've had similar lives
      • ... Public speaking engagements, TV Shows, etc ad-infinitum ...

      Although in this particular case, I believe he skipped 3 entirely and did not do spectacularly well on item 4 either.

      Remember people, don't take shortcuts!!!

  • Interesting... (Score:5, Interesting)

    by puddpunk ( 629383 ) <puddpunk@gmail.com> on Sunday December 21, 2003 @05:53AM (#7778271) Homepage
    Personally, I could see this turn of events coming. Having read books such as Cyberpunk and Takedown and watched that doco "Freedom Downtime" I've drawn the conclusion that Kevin appears to be more "misguided" than dangerous and also more "attention seeking" than a model hacker for script kiddies to chase after.

    I must admit though, I would be _very_ interested to read this book when it hits the press :)
  • by Pollux ( 102520 ) <speter&tedata,net,eg> on Sunday December 21, 2003 @05:56AM (#7778278) Journal
    ...and I'll be happy to give to you some kinda fish story. Yea, there was that time back in '83 where some buddies and I were sitting 'round our dorm room and thought, "Hey, how long's it been since someone's busted into Langley's database?" And so, we all tossed five bucks in a pot for the first to break in and find the SS# of the Director of the CIA...

    Really, how are you gonna know that these stories are actually real?
  • Cheap content (Score:3, Insightful)

    by Andy Smith ( 55346 ) on Sunday December 21, 2003 @06:01AM (#7778287)
    Even if the book includes as many as 100 stories, that's only $20,000. We can be sure that Mitnick will be making a lot more than that, and the publisher will be making much, much more.

    Don't most honest, law-abiding people nowadays disapprove of criminals profiting from their crimes? Well it sure seems like Mitnick is profiting from his crimes with this book because the publisher is using his name to sell it.

    Kinda cheap and sleazy if you ask me, which you didn't.
    • > Don't most honest, law-abiding people nowadays disapprove of criminals profiting from their crimes?

      Yes, but most people don't consider mitnick a criminal - I can't actually remember what he did (I did know, I just forget :/ ), but whatever it was he's been somewhat over-punished for it.
    • Actually, it'd be $20,300 because the best story gets $500. But your point's valid, I'm just being a dick.
      • Actually, it'd be $20,300 because the best story gets $500. But your point's valid, I'm just being a dick.
        hehe, at first I put in brackets "plus $300" but I thought that would prompt a flood of replies saying it was $500 and I'd have to reply and explain the difference, so I took it out :-)
  • by Krapangor ( 533950 ) on Sunday December 21, 2003 @06:02AM (#7778295) Homepage
    was a typical social engineering story.
    Some hacker wanted to haxor some local republican servers. But these things turn out well secured, so he needed some physical access to the boxes. So he claimed to be a fundamentalist protestant (well, he didn't put it this way obviously) and asked the local repubs for some help for anti-abortion protests. He convinced the people to paint transparents in the server room. Ownage occured mysteriously. Well, not so mysteriously, 'cos the FBI got him in the end.
    To save his honour, it must be said that he indeed turned up at the anti-abortion protest, even throwing some tomatoes.
    Well, he was a crazy Nader follower. Quite funny , when you think about it - the hacker helped in the repubs due to the bad press in the end. And even Nader helped Bush by sucking votes away from Gore. These ecos can be very strange some times.
  • by leoaugust ( 665240 ) <<leoaugust> <at> <gmail.com>> on Sunday December 21, 2003 @06:05AM (#7778301) Journal

    Four of his years inside were served before he was even tried, and he was forced to endure eight months in solitary confinement because "the government said I could start a nuclear war if I had access to a telephone," Mitnick says.

    Holy cow, is this serious ?

    But, just imagine if J. Reno could come up with the Nuclear War stuff for Mitnick, what a field day J. Ashcroft would have had if he had a chance ... Or maybe Ashcroft is already having a S&M ball. It is all so secretive nowadays.

    Lucky Mitnick...

    • For Serious: Another "wild one" often passed around whas that he could phreak the phone system by whistling into the handset.

      Yup! they seriously thought he could blow a consistent and exact 2600Hz (amongst other requisite frequencies) with just his mouth.

      As opposed to, for example, hypothetically, some cheap crappy plastic whistle from a box of Captain Crunch.
      • by ChaoticLimbs ( 597275 ) on Sunday December 21, 2003 @06:57PM (#7782348) Journal
        Actually, I learned how to dial the telephone by whistling and vocalizing two different notes at the same time. I used to amaze my friends by dialing for pizza using only my voice and whistle. It's a wierd kind of whistle but with loads of practice and careful listening to and copying a standard touch tone telephone, I think anyone could do it.
        Never underestimate the power of a geek with no social life.
        And that's the ONLY thing I will admit to. Note non-anonymous post.
  • by bain ( 1910 ) on Sunday December 21, 2003 @06:05AM (#7778303) Homepage Journal
    An anonymous coward sends him detailed information about how his own computer was hacked and information sent to Tsutomu Shimomura, causing his capture.
  • by rf0 ( 159958 ) * <rghf@fsck.me.uk> on Sunday December 21, 2003 @06:05AM (#7778304) Homepage
    Well d00d I got this l33t tool called t3ln3t. I connected to other people computers and got things like "SSH-1.99-OpenSSH_3.7.1p2". The 0th3r kidi33s were like. "D00D!!". I was like w0ah. I am so l33t

    Rus
  • Crazy Legal Question (Score:5, Interesting)

    by Crypto Gnome ( 651401 ) on Sunday December 21, 2003 @06:07AM (#7778310) Homepage Journal
    So, if someone breaks the law, and then tells you about it afterwards (but before they're brought to justice) doesn't that make you (in legal terms) an accessory after the fact?
  • by bain ( 1910 ) on Sunday December 21, 2003 @06:15AM (#7778326) Homepage Journal
    Setup a Machine and they can hack into it to submit their stories.

    This way if they are good enough not to be traced, the chances are good they actually did something real. It also removes most of the possible "script kiddies" submittions ;P
  • by SexyKellyOsbourne ( 606860 ) on Sunday December 21, 2003 @06:28AM (#7778359) Journal
    We all know Mitnick is in quite a bit of trouble, but the fact that he's a good social engineer still persists. He was traumatized in jail, and most of what he was severely punished for was probably due to non-cooperation, in that "hacker" attitude, with very influential people. Most likely, he got out of such things by giving in and cutting deals.

    Before you send in any good stories, be they fact or fiction, think of this: what if FBI / Homeland Security agents are on the case working with Mitnick, reading those letters that will supposedly go into the book and tracing who sent them? They've been known to do similar things to get people to brag before, which is the easiest way to catch people, or at least make it seem that way. With John Ashcroft and Tom Ridge in the government, they will stoop to any low to put hackers, whom they view as terrorists, behind bars.
  • best hack... (Score:3, Interesting)

    by Anonymous Coward on Sunday December 21, 2003 @06:38AM (#7778377)
    use Social Engineering to get "hackers" to publicly brag about their illicit activities, in exchange for modest "prizes."

    collect reward money AND complete parole obligations.

    retire.
  • Famed hacker and master social engineer Kevin Mitnick has been commissioned to write a new book following the success of his first text The Art of Deception.

    Famed doctor and master of friendship Charlie Manson has been commisioned to write a new book following the success of his first text Medicine for Beginners.
  • im a paid hacker (Score:4, Interesting)

    by Anonymous Coward on Sunday December 21, 2003 @06:43AM (#7778389)
    I'm an active penetration tester, have been for some years. I can tell you now that from all the testing i've completed (including lots of clients in the financial sector and govt.) I wouldnt even be entertaining the idea of remotely telling anonymous tale stories. The risk is just too great. And for a measily $200?

    Give me a break.

    When you've proven to a client that millions could potentially be stolen, the last thing you'd want to do is discuss it in a book, anonymously or not.

  • by Pingo ( 41908 ) on Sunday December 21, 2003 @06:45AM (#7778395)
    I think he needs the anonymous hacker contributions as a smokescreen for some of his old unknown hacks.

    This guy has probably done more than he is accused for and has got an urge to brag about all his hacks. Doing so might get him into more legal trouble and he needs some anonymous hackers as legal frontends. //Pingo

    • by juuri ( 7678 ) on Sunday December 21, 2003 @10:55AM (#7779204) Homepage
      Look this stuff is just crazy.

      I used to be very involved in the scene years ago under many names: juuri, syy, ^_, y, y-windoze and on and on. Mitnick was not this legendary figure people are making him out to be. Those who were around then know of others who did much more than him and got away with a fuckload more. Thinking he is using this as smokescreen is giving him some status as legendary.

      The truth of the matter is most hackers absolutely paled in comparison to stuff done by the phreaks of the 80s. Even before the rise of the script kids there was very little original stuff going on. One person would figure something out and use it for a few months before trading it to someone else and then it would enter the scene.

      You guys need to understand back then yp was everywhere and insecure, nfs was completely exploitable in many ways, telnet daemons were retarded (-fr00t anyone?), hosts abounded with +s in the hosts.equiv, firewalls didn't exist, source routing still worked and on and on. Even back then secured hosts were easily comprimised by finding a single account on a badly secured host, just like today.

      It always pains me on slashdot when these articles come up and people fall all over themselves to heap praise on people like Mitnick who were nothing more than petty opportunists with a good sense of trading. Mitnick getting caught also ended a lot of the fun for many of on networks; most people don't recall the extreme lockdown that went into effect on well.com and other community sites of the time.
  • it's worked before (Score:4, Informative)

    by proradium ( 731111 ) on Sunday December 21, 2003 @06:53AM (#7778401)
    http://www.underground-book.com/ this style of book has been done before (in australia anyway) and with relative success. The best part about that book was how the author made it available for the public to d/l. an interesting read ...
  • Mitnick has called on retired hackers to come forward with their stories, offering a $500 (283) prize for the best story that makes it into the book, and a $200 payment for all stories that make the final draft.

    Meanwhile, he makes $500k off book sales.
  • by ayjay29 ( 144994 ) on Sunday December 21, 2003 @07:07AM (#7778414)
    ...he's got a job with the FBI now.

  • by FyRE666 ( 263011 ) on Sunday December 21, 2003 @07:34AM (#7778459) Homepage
    ... I can take money out of Kevin's bank account any time I like ;-)
  • If you don't like the thought of helping Mitnick make any more money why not help dr k with his hacker tales book [fastweb.co.uk]
    Not only is Dr K a dude but he is also a little more in touch with the hacker scene. I particulary like his fuck computers let's hack talk and brumcon [brum2600.net]
  • Money. (Score:2, Interesting)

    by JVStalin ( 671988 )
    Hackers would get more money writing for SysAdmin. [samag.com]
  • Back in the BBS days my leet friend was a warez courier. To facilitate this a certain amount of phreaking was required. At the time there was no Computer Misuse Act [hmso.gov.uk]. He was eventually arrested. The cops had a list of all the alleged phone calls. Each one constituted a separate criminal offence. They had to read him the entire list of calls and he had to answer 'yes' or 'no' to whether he agreed he had made the call. It took them *ten* hours.

    It turned out the only thing they could charge him with was 'thef

  • by dr_canak ( 593415 ) on Sunday December 21, 2003 @08:09AM (#7778520)
    I may have posted this link some time ago, but I think it's worth a repost. "Underground" by Suelette Dreyfus is, to me, a very interesting book looking at the hacking/cracking culture of the mid 1980's.

    It follows the stories of several hackers/crackers in Australia, Germany, and the United States. To me, it really reads more like an ethnographic anthropological study, than about hacks per se. But I found it very interesting. And best of all, the entire book is available for free:

    http://www.underground-book.com/

    in a download version.

    jeff
    • Crap, seems to be slashdotted already. Damn.

      I gobble up stories like these, and I'm sure I'll read Mitnicks compiled book when it comes out. For me, and I'm sure many others who were involved in the "scene" in the late 80's, early 90's this stuff is pure war story material. It's much like how people that were involved in any major war (WWII, Vietnam) get obsessive over movies like Full Metal Jacket and whatnot. You can see yourself in the people depicted in the stories.

      Back in the day, as another post
  • I wonder whether Mitnick will have to edit and typeset some of his work on a typewriter, since he can't touch a computer...
  • Does our friend Kevin have a PGP/GPG key that he would like used for these stories? I'm assuming many FBI resources will be concentrated on his ISP's chain of routers to the Internet to compromise the identities of any 'good' hackers that write in.

    I'd hate to stifle the book, and can almost guarantee that I'll buy it, but I'd like to make sure that people are able to protect their identities and not unwittingly reveal incriminating information about themselves.
  • by tarnin ( 639523 ) on Sunday December 21, 2003 @10:13AM (#7778986)
    For people like us (slashdotters) these books are mostly tales and overly obvious statements. Interesting and sometimes fun to read. That's about it.

    To people NOT like us (read: small/mid company admins and even some larger company admins) alot of this is actually an eye opener. Case in point: Some of you may know that I work for a smaller, privatly owned ISP. Because of this, we cater to a bunch of mid/small businesses. I have suggested his first book for them to read. I have gotten no less than 20 call backs after they read the book with statements like "Wow, I never even thought of that!" and "Thanks for the book tip! Helped me out alot and we have tightned up security with our staff." You're lucky to find a semi-competent admin in companies this small (or an admin at all) let alone one who understand or has even heard of social engineering or any type of specific attack out side of what the main stream media reports.

    Keep in mind that alot of admin in these companies have heard DoS and DDoS before, maybe even the names of a few well know worms but they don't even know what they stand for or what they do. They are nothing more than the catch phrase of the week. Books like this are pretty invaluable to them as they are not written from a tech stand point (Hardening Cisco comes to mind) and are eaisly understood and easy to put into practice by someone who is the admin because they know what HDD stands for or were hired on the lowest possible salary.

    Don't get me wrong here, these are not the end all be all security books but they are a great boon to the customers that I service.
  • by Curious__George ( 167596 ) on Sunday December 21, 2003 @10:32AM (#7779075)
    People are getting all righteously indignant and aren't seeing the real purpose of this offer. By appearing to anonymously post OTHER'S stories, he will be free to publish HIS OWN stories under some cover. He will be able to use the journalist's right to conceal the names of his sources to protect himself - and yet still tell his stories. I'm sure he will still use a few others, but the only ones that he can know really happened for sure are those HE performed.

    Curious George
  • Ho hum (Score:4, Insightful)

    by fw3 ( 523647 ) on Sunday December 21, 2003 @10:50AM (#7779179) Homepage Journal
    As somebody suggested above, the likely actual motivation for this is probably Mitnick's restriction from profiting on describing his own criminal activities.

    As I see it Mitnick remains of the same mindset as when he first showed off his cracking skills to a group of peers and was surprised when they turned him in.

    Among his various complaints about his treatment by the Feds are that he was held without bail (gee, can you say 'established flight-risk'?), and that they held onto all of his computers (gee, after he declined to provide the encryption keys needed to access them as evidence?).

    He's also clear about being bitter toward the author of 'Takedown' (advice, "never get in an argument with someone who buys ink by the barrel and paper by the train-car") and Shimomura(sp?) (Let's see, you break into lots of machines, eventually you come up against someone better'n you and now you complain that they exact some revenge?)

    His notoriety seemingly guarantees a certain audience for he and his publisher to profit.

    Personally I've got no desire to help this guy along. In the excerpts from his book he has the brass to include himself in the 'hacker' ethic of places like LCS, Berkeley, JPL. Sorry, that image doesn't pass.

  • Chicken Soup for the Hacker's Soul.
  • Hacker or Cracker? (Score:2, Informative)

    by radar2k2 ( 632371 )

    It sounds like this book is going to be about crackers and cracking and not hackers and hacking.

    Common usage tends to blur the meaning between the two concepts but I thought here on slashdot at least there was some instance that the two not get confused.

  • Fame found Kevin Mitnick when the US government made an example of him, incarcerating him for five years for computer based offences. Four of his years inside were served before he was even tried, and he was forced to endure eight months in solitary confinement because "the government said I could start a nuclear war if I had access to a telephone," Mitnick says.

    If it really is possible to start a nuclear war from a telephone, I must ask, who's the genius who attached our nuclear weapons systems to the pho

  • Mitnick's not a hacker. We keep bitching about people who use 'hacker' when they mean 'cracker' and yet we ourselves don't use the right term?

    Mitnick's a cracker, pure and simple. If he didn't make his living back then off of crime, he sure as hell is did it later by writing a book about it.

    I don't see much of a difference between this book and "send me your stories of how you robbed some people in an alley and I'll give you $500." Except, of ocurse, that a bunch of immature of hypocritical punks will
  • by maelstrom ( 638 ) * on Sunday December 21, 2003 @01:26PM (#7780159) Homepage Journal
    I haxx0red the GIBSON. Ph33r m3, I AM 31337.

Keep your boss's boss off your boss's back.

Working...