One of the most pressing needs in all computers systems is computer security.
The penetration of a computer system can cause devastating losses. These
losses include losses in personal privacy,equiptment,capability,money,time
and opportunity. monetary losses due to computer-related crime and who you talk
to. compare this amount to the $50 million lost per year due to armed bank
robberies. The trend towards distributed systems present many new possibilies for security and privacy violations.
Computer criminals are becoming more and more sophisticated and learned in
their practice. According to the FBI, only about 1% of all computer crimes
are ever discovered, and those discovered,less than 5% leads to convictions.
Failures in some computer systems can cause world war,economic collapse,
nuclear power plant meltdown,or massive blackouts! These failures can be caused
by many factors. One major factor is the purposeful or accidental byproduct
of a computer crime. Computer crimes average 30 times more $ than others.
Computer crime or"phreaking" as a crime category is no doubt the most lucrative
and least risky of all crimes category Little of it is reported on the news,
and those cases reported are generally the more amateurish attempts.
"PHREAKING" is what a "phreak" does. In the 1960s, groups of "hippies,""radical
," etc., bored with the middle and upper class successes of their families
,engaged in wild,daring,and dangerous activities. These activities included
"ripping-off" (originally a hippie term) Ma Bell by making free long distance
and pay phone calls,using homebuilt, handheld Blue and Red boxes,respectiv-
ly. These perpetrators became known as "PHONE FHREAKS", and later, as "PHREAKS
". Their publication, TAP , founded by Abbie Hoffman and others,operated from
Room 603 147 w.42nd St. NYC,NY, until burglarized and burned out in 1983.
As the 1980s arrived, Ma Bell consideraly tightened security, and Red and
Blue boxes., phreaking has apparently leveled off. The primary phone phreak-
ing objective today is credit card fraud. One lady was recently billed
$109,000 for 15,000+ credit card calls in one month using her credit card
number, which,apparently, someone had overheard her say. Ma Bell readjusted
her bill to $47.00!
With the increasing popularity of small microcomputers,particulary the portable
and transportable kinds,communications between computers systems using modem/
phone hook-ups have also increased.
Hundreds of computer Bulletins Boards (BBS) now flourish all over the count-
ry. These permit computerists to use their computers to post messages and
software accessible by those permitted to use the BB(which may include the
general public or limited to some type of club,business or other special arrangement).
Most of the computer phone traffic is legal, but much of it is questionable,
and some clearly illegal. The primary purpose of some BBs is to transfer
information of mostly illegal application, such as credit card numbers,
passwords, copyrighted software, etc., and to put people in contact with each
other withe like questionable or illegal intentions.
Along with the increased use of BBs to facilitate criminal activity, is the increased activity of some people to use this information, and to develop their own, to penetrate systems not intended for their use.
The FBI and other legal authorities, and Ma Bell security are more closely
scrutinizing the activities of BBs. BBs have been raided and shut down.
Sting operations have been set up. Suspected BBs are regularly monitored
while nearly all others are periodically examined to gain intelligence
on phreakers, and those associated with underground radical organizations.
The Red and Blue Box Phreaker of yesterday has evolved into the Computer Phreaker of today. He is daring, intelligent and knowledgeable. He may
be reckless, or cool and systematic.
He is generally young, single, white, male, middle class, secure, highly
intelligent and a good student. The term, "whiz" is often used to describe
The term "Computer Phreaking" is steadily evolving from misusing a microcomputer and Ma Bell to penetrate other computer systems ala WAR GAMES, to a generalized term to cover all crimes in which a computer is programmed to act as an accomplice. Today, the bulk of computer phreaking is done by officers and employees of the Government, financial institutions, and large corporations for themselves or the institution which employs them, with little or no associaion with whiz kids, long distance phone calls and BBs.
DISCLAIMER: While every attempt has
been made to provide correct and complete information, we do not assume responsibility for any errors or omissions. We assume no liability whatever for loss or damage caused directly or indirectly, or alleged to be caused by the information found herein. COMPUTER PHREAKING is printed as is, and is printed for educational and entertainment purposes only. We do NOT recommend, suggest or encourage any illegal use of computers.
The following terms are used here:
ACCOUNT: Refers to savings, checking, credit, debit, inventory or general ledger account.
ATM: Automated or Automatic Teller Machine. A computerized cash dispenser/acceptor used to replace a bank clerk. One inserts an encoded debit card into the ATM's slot to initiate the transaction.
BB: Computer Bulletin Board. Functions similarly to other bulletin boards except that access is made by computers via phone/modem hook-ups.
DATA: Data in the generalized sense to include numerical data, messages and text. May be raw data or processed data (information).
EFTS: Electronic Fund Transfer System A gerneralized term that refers to all computerized banking operations involving the communication of financial information from one point to another.
Although EFTS has come to mean many diverse electronic automation projects,
it usually denotes ATMs,POSs, Automated Clearing Houses, and a type of national
banking or money settlement and clearing function.
FILE: A Computer File, which may be a computer program routine or data file. A data file is any computer file which is not a routine of program.
INSTITUTION: Refers to financial instutions, large corporations, government, and other businessess which rely upon computers.
KEY DATA: Refers to a data file record descriptor, such as name, address, account number, transaction number(ex. banking, Social Security #, VA #, etc.), part number, sales identitifier, department number, applicable discount rate, account number, vendor identifier, account type, privileges, activity status, expiration or monthly closing date, etc.
OS: Computer Operating System- the master software which manages and supervises computer operation. A UTILITY is a program used to perform frequent operations required by the OS and-or application programs, such as spooling, printer dump, file conversion etc. An APPLICATION PROGRAM is a program designed for a specific user application, such as a game, wordprocessor, general ledger, etc.
PAYMENT: Refers to a payroll, divident, interest, commission, loan, rent,
installment, account deposit, annuity, pension, disability, welfare, unemployment compensation, insurance, Social Security, etc. payment.
PERPETRATOR: Refers to one who perpetrates an action or crime, and includes all his accomplices and accessories.
POS: Point of Sale terminal. An ATM device used in stores to enter, verify
and debit the cost of purchases.
TARGET: Refers to the person (in the objective sense) targetted by the computer crime. The target may be a customer, client, patron, vendor, contractor, employee, employer, pensioner, stockholder, taxpayer, salesman, patient, welfare recipient, disability recipient, etc. Usually, Target refers
to the victim, but not always. Depending upon use, it may refer to an accomplice, or refer to one who neither gains nor loses by the crime but whose
participation is required.
TRANSACTION: Refers to the transfer of money between accounts or between an
account and a person. It also refers to adding and deleting a data file, or
changing a data file which ultimately affects the transfer of money.
The following terms are defined in context to their relationship to computer
ACCESS NUMBER: An Access Number is a secret phone, extension, account or
project number used to access a computer or program.
AUTHENTICATION PROCEDURES: (See section on this topic).
BODY SNATCHER: A Body Snatcher is a program whish takes a file, and automatically creates from it a Mutant. It may or may not destroy the original and rename the new one as the original.
BOMB: A Bomb is a program or program function which fails because of bug(s).
BUG: 1) A program mistake or defect.
2) An electronic surveillance device, wired or unwired.
BREAKAGE: Breakage is the bleeding off of small sums from numerous sources such as accumulating all the roundoffs from numerous savings accounts interest computations. Each data file may lose less than a penny but, in large banks, the total breakage losses can amount to $ Thousands per day.
CANDYMAN: A Candyman is a person who compromises key computer, accounting or purchasing personnel to obtain intelligence critical to computer penetration, usually with bribes of money or sex.
CHEESEBOX: A Cheesebox is an electronic device which, upon receipt of
a certain phone number or data sequence automatically switches a line to an
unauthorized line (perhaps to a Wiretap).
CHECKSUM: A Checksum is a sum derived from a summation check usually without regard to overflow. Checksums are very effective in detecting random, naturally caused errors but can be manipulated to not detect fraud errors. To minimize the probability of manipulation, make the Checksum also depended upon a key and-or random information.
1) STANDARD CYCLIC REDUNDANCY CHECK (CRC): The message is expressed as a polynymial, and is then divided by a small, fixed polynomial, "F". The remainder is the CRC. The CRC is then appended to the transmitted message. The combined message received must be evenly divisible by "F" to be correct.
2) MODULO ARITHMETIC SUM: The results of a Modulon operation.
CODE 10: A Code 10 is a procedure instituted by credit and debit card
issuers to stop fraud. If a merchant is suspicious of a customer, he calls
the card issuer for "verification." While on the phone, he says the words
"Code 10." He is automatically hooked up to security, which asks him a set of
questions requiring only "yes" and "no" answers.
COUNTERMEASURE: A Countermeasure is a defensive technique used to detect, prevent or expose crime.
CRASH: A Crash is similar to a Bomb but generally refers to a major OS or
program failure. Also caused by power failures.
DIVERSION: A Diversion is a secondary activity used to divert attention away
from a crime or perpetrator. Examples are staged crashes, program bugs, or other criminal activity.
EARMARK: An Earmark is a character(s) (ex. a non-printable character) used to
secretly identify files or data elements for special treatment. Earmarks
are used for fraud purposes. Earmarks can also be used as a Countermeasure.
ENCRYPTION SCHEMES: To encrypt data or text means to encode or encipher it.
Most savvy computer users do not rely solely upon passwords and complex signon procedures to protect their systems and software. They can be too easily
guessed or compromised.
The data or text is encoded using a "key" designed by the encoding scheme. The encoded or encrypted message is then transmitted. When it is received by an authorized receiver, a "key" is used to decode the data or text so that it is again meaningful. Uncoded or decoded data is called PLAINTEXT. Encoded data is called CIPHERTEXT.
GODFATHER or BIG-BROTHER: A Godfather or Big-Brother is a Trojan Horse
which modifies the OS, or a utility routine or program which performs an OS
function. When it is active, it takes over the control of certain OS or
utility functions. The controlled applications or utility program or
routine becomes a Zombie.
The primary illegal purpose of a Godfather is to
modify the function or programs without changing the code in the programs them-
selves. Thus, the programs will operate as designed when the Godfather is
absent, but differently when it is present. Godfathers can be designed to be
activated or deactivated by user entry (ex. pressing a certain key combination
EXAMPLE: A modification of the OS's printer output routine to intercept
all printer outputs and to screen out bogus transaction inputs. The OS code
is zapped to add an extra CALL or JUMP routine(s), which diverts the proces-
sing of printer outputs to the perpetrator's Godfather code located else-
where in memory or on disk or tape.
After the Godfather screens out all bogus transactions, it returns control
back to the OS printer routine to resume normal processing of output
KEY: A Key is a sequence of characters, which are combined with data to
change Plaintext to Ciphertext or vice versa. Encoded data requires knowledge
of the key to decode. Many encoding schemes are possible, the most pop-
ular methods use character substitutions, matrix operations, the U.S.
Government's Data Encryption Standard (DES), or Public Keys.
LAPPING: Lapping is a scheme in which meticulous record keeping and time
management permits the phreaker to deselect an existing target while selec-
ting a new one to minimize the risk of discovery and identification.
LOGIC BOMB: A Logic Bomb is a Trojan Horse which activates usually at a certain date or time, and destroys files, its host program or routine, and usually itself. An interesting application of Logic Bombs are in some commercial software packages. Most people do not want to spend $ Hundreds for a program without actually applying it themselves first.
The problem is, once you lend a program to a potential customer to try out, how do you collect payment for the program if the potential customer keeps it, and, how do you guarantee that he won't pirate your program? You install a Logic Bomb in the program. After the stolen program has been run for a certain amount of time, the program destroys itself.
Once the program is paid for, the programmer removes or deactivates the Logic Bomb.
MOLE: A Mole is a spy for another country, business or agency who infil-
trates an organization to steal national security information, trade secrets
strategies, files, money, etc., or to sabotage or create havoc.
MUTANT: A Mutant is created by a Body Snatcher, and closely resembles another file except for a few critical changes.
PASSWORD: A Password is a word or phrase that must be correctly entered into the computer for the computer to allow access to programs and-or data in the computer. Most computer security schemes rely upon more than one password to protect the system. There are basically two types of passwords:
A. ACCESS PASSWORDS: Passwords which level of access is dictated by assigned Protection Levels or Attributes.
B. UPDATE PASSWORDS: Passwords which permit the user "Total Privilege" in
the system. "Total Privilege" permits the user to execute, read, write, rename and kill files.
PATCH or ZAP: A Patch is a software modification, usually by using autility (ex. IBM'S SUPERZAP) to change the actual bytes of program or data stored on disk, tape or memory. Zaps are used to implant Trojan Horses, and to make other file changes.
PIRACY: Piracy is the theft of proprietary software or data. Many computer programmers now use sophisticated protection schemes, both hardware and software in nature, to protect their software from unauthorized duplication.
These techniques, however, are overcome by computer whizzes just about as fast as new methods appear, and they prevent authorized users from making needed backups in case the original program is destroyed.
The piracy of data from financial and government data banks is largely thwarted by the use of Passwords, complex Encryption schemes, Security Codes, Access Numbers, Authentication procedures, and dedicated lines. Still the piracy of data is widespread and increasing. Whatever scheme is devised by man to thwart penetration can also be undone by man.
PROTECTION LEVELS or ATTRIBUTES:
Access Passwords are assigned Protection Levels. These are:
A. EXECUTE: Only permits the user to execute a program, but not to read a data file.
B. READ: Permits the user to execute, AND to read data files.
C. WRITE: Permits the user to execute, read files, AND to write to data files.
D. RENAME: Permits the user to execute, read, write, AND to rename files.
E. KILL or TOTAL PRIVILEGE: Permits the user to execute, read, write, and
rename files AND to kill files.
Protection Levels are important because they allow you to assign access capability based upon the need of the user. For example, if a shipping clerk
needs to verify that an order was placed, he should not have the power to kill customer files.
PUBLIC KEY SYSTEMS: (See section on this topic).
SCRAMBLER: A Scrambler is a device which electronically scrambles data, usually by frequency inversion, frequency hopping, bandsplitting, or time division multiplexing.
SECURITY CODE: A Security Code is an identifier or combination used to access a computer or program.
SHAKE or LOSE: To Shake or Lose is to evade detection.
SILENT ALARM: A Silent Alarm is a computer system protection scheme that detects efforts to penetrate a computer system - particulary trial-and-error type efforts. Usually at least three sign-on attempts are permitted before an alarm is activated.
Unknown to the offender, the program enters a silent trap or interrupt routine, and a system alarm is activated. System and security personnel, the phone company, and-or law enforcement personnel are then notified, usually but not always immediatly.
Also, "entrapment" procedures are activated to determine who the offender is, and to record all that transpires. These usually consist of a phone trace and-or a "game" in which the violator is "roped" into playing. The "game" cleverly probes the perpetrator for indentifying information.
Of course, the alarm in not detectable by the violator. The Milwaukee "414" group was caught largely due to information derived from a Silent Alarm "game" in a California bank they penetrated.
SMOE: Surreptious Methods of Entry.
The art of penetrating a computer system without leaving a clue or evidence.
SOLO ARTIST: A Solo Artist is a soph-isticated criminal who words by himself.
TAP or WIRETAP: A Tap or Wiretap is an unauthorized monitoring circuit directly connected to a computer's communications line.
TRAPDOOR: A Trapdoor is a Trojan Horse which modifies an OS utility, or applications program to permit the use of an unauthorized Master Password(s) to gain access. This second Password penetrates by bypassing all other Passwords and security schemes used by the System - even after they've been changed!
Trapdoors are often installed by programmers to ease the development and troubleshooting of programs, or to assure access to them no matter who has them or how they are used. In WAR GAMES it was the placement of an easily guessed Trapdoor routine (his son's name was used as the password) by the eccentric program designer that permitted easy penetration.
TROJAN HORSE: A Trojan horse is a software routine which is insidiously implanted in a program or routine.
When a certain combination of events occur the Trojan Horse routine is activated and performs a function(s) alien or contrary to the true intention of the program. The "programming events" may include the date, the amount of time the program is run, a data entry or combination of data entries, the calling of a legitimate routine or combination of routines, or by certain keyboard entries.
The Trojan Horse is designed to periodically inspect for these "programming events", and upon their occurrence, to launch into special routines. Trojan Horses are frequently used to defraud. Examples of Trojan Horses are Logic Bombs, Trapdoors and Godfathers.
For example, when the targeted combination of programming events occur, the Trojan Horse in a bank's savings accounts program activates. It transfers a huge quantity of money to another account. It then changes or erases both itself from the program and the record of to whom the money was transferred. The money literally disappears with little or no trace! Trojan Horses are usually difficult to detect in program code, and to prevent.
How Destructive can Trojan Horses be? The type of penetration depicted in WAR GAMES is virtually impossible.
However, what if the Soviets penetrate our missile systems and plant Trojan Horses in the computer programs which control the launching of our intercontinental ballistic missiles?
When we try to launch these missiles against the Soviet Union, the Soviet Trojan Horses are activated, co-ordinates are changed, and our missiles destroy our own cities, or fail to launch! Were the Korean Airline passengers a victim of a Soviet Trojan Horse implanted in the Inertial Guidance computers - the same type of Inertial Guidance System used in our jets and missiles??
ZOMBIE: A Zombie is a program controlled by a Godfather.