prev
next
out of 4

Real Hackers - Harold

Embed Size (px)

Citation preview

  • 8/10/2019 Real Hackers - Harold

    1/4

    Guide to (mostly) Harmless Hacking

    Vol. 6 Real Hackers

    No. 2: Harold

    Harold (Fatal Error) is famous within the hacker scene nowadays for two things.

    He gained his education for the most part from the hacker culture. He doesn't have a computer science degree. With this street education, however, he has become the senior network engineer for the AGIS Internet backbone. This is an enterprise valued at over $1 billion. Since taking over as head engineer with AGIS, he has fixed security weaknesses that allowed attackers to shut parts or all of AGIS down four times in 1997. In addition, when Harold took over, spammers had beenplaguing AGIS. He since has tracked down and kicked off so many spammers that AGIS is now one of the most spam-free Internet backbones.

    Harold is also famed because, like all true hackers, he donates his services togood causes. Last October, he helped a small Internet service provider, Succeed.net, fight off a group of persistent attackers who were intent on driving BroncBuster (http://www.showdown.org/) off the Internet.Then this March he pitched in with logging software to help Rt66 Internet fightoff a barrage of attacks focused on shutting down the Happy Hacker web site (http://www.happyhacker.org/).

    Harold has pioneered a path that many hackers could follow. However, it's a path that calls for hard work and a burning desire.

    Harold began hacking in 1979. Back then he was a 12-year-old Detroit kid playing with the keypad of his phone. In 1983 he got his first computer -- a Timex Sinclair which used a tape recorder instead of a disk drive to hold programs. With it he began teaching himself the Basic programming language. That year his cousin got a Commodore 64 computer with a 300 baud modem. Later that year Harold built his own IBM PC. He was to go on to build hundreds of low-cost computers for his friends.

    Harold and his cousin parlayed this primitive equipment into a hacker group and,

    through the bulletin boards of the 80's, began sharing knowledge with hackers around the US. They also joined the 2600 club (nowadays reachable at http://www.2600.org/).

    Harold's own local hacker group grew, and began holding meetings at a local pizza parlor. His group included many young women -- as unusual then as it is today. As Harold puts it, "I used my computer to meet girls." It was at those pizza nights that he met the woman he would later marry. (They now are the parents of four.)

    Harold soon made a name for himself by writing text files on how to generate valid calling card numbers and by pirating voice mail systems for his friends. He blue boxed long distance calls and found his way around Telenet, an early network

    that had six-digit addresses for its hosts. (The far larger Internet uses twelve-digit addresses.)

    In August 1985, a visit from an FBI agent sidetracked Harold's hacker career. Harold had just turned 18, so he knew he could now get in serious trouble. Duringthis visit the agent asked Harold if he knew what a PIN register was. Harold knew all too well that meant the FBI had been recording the destinations of phone calls made from his home.

    The agent pulled out a 30 page printout. "In the month of February 1995, you mad

  • 8/10/2019 Real Hackers - Harold

    2/4

    e 3200 calls to this MCI 800 number. Why?"

    Harold pointed out to the agent that it is legal to call 800 numbers. Harold wouldn't tell the agent what he did after getting on that 800 number, however.

    The agent then pointed to one number, 40 digits long. "Can you tell me what youwere doing with that number?"

    Harold burst out laughing. "That's 'Mary Had a Little Lamb,' sir."

    The agent let Harold know that they were close to getting enough on him to makea bust. The two worked out a deal. The next day Harold enlisted in the US Army.

    Harold was able to turn his Army stint to his advantage. He went to electronicsschool at Ft. Jackson and became a multi-channel radio operator with the Patriot missile defense batteries.

    He also discovered ARPAnet.

    ARPAnet was the US military network that was eventually to evolve into today's Internet. Life was slow in the Patriot batteries. Harold recalls he typically "spent all day on ARPAnet... When you ran into people on ARPAnet, they were mostlypeople who shouldn't be there."

    That was back when few people would abuse their ARPAnet access. The military tolerated hackers because they often contributed free software and technical assistance. For example, within the first year of ARPAnet (1969), hackers had alreadybeen the first to invent email.

    After the Army, Harold settled into eight years of work as a computer programmer at a Detroit Mazda factory. On the side he ran a bulletin board. Eventually hewas running 64 phone lines of access for hundreds of paying customers. Ultimately he even provided them with Internet access.

    The Internet was to be what killed Harold's bulletin board. While working a full-time job, it was too hard to compete with the other Internet access providers that sprung up around 1994-5.

    Around then Harold made an extremely bad decision. He used his hacking talents to make some big, quick bucks. He figured it would be a one-time stunt. Then he went back to his usual life of harmless hacking.

    In 1995 Mazda offered voluntary layoffs with a benefit of 18 months at 80% pay.Harold jumped at the opportunity. He enrolled in the electronics school at the National Institute of Technology.

    But 1996 was the year his past caught up with him. One of his partners in the computer fraud scheme got a prison sentence. Harold got off with probation.

    That year Harold parlayed his recent education and hacker skills into two simult

    aneous full-time jobs. One was at Ameritech, the Michigan baby bell phone company. The other was at the recently created AGIS Internet backbone company. At both companies he was only able to get entry level jobs giving tech support, as he puts it, to people would "couldn't remember their passwords."

    After a short time on the exhausting schedule of these two full-time jobs, his AGIS supervisor, even though he knew of Harold's troubles with the law, promotedhim to a network engineer position. Harold quit the Ameritech job, and began devoting himself solely to understanding AGIS and its many challenges. 1997 was tobe a challenging year, indeed. Twice that spring massive email bombings filled u

  • 8/10/2019 Real Hackers - Harold

    3/4

    p the disks on the AGIS mail servers, crashing them. In April someone posted a password for an AGIS router on a hacker news group The mystery attacker claimed the password was "spamforall." Rumor has it that password was genuine.

    The problem was that the young, growing and hungry AGIS had signed contracts with Cyber Promotions, Inc., at the time the biggest spammer in the world; with Nancynet; and with several other spammers. The attacks were retaliation for AGIS serving these companies.

    Harold knew AGIS had problems that he could solve. However, as a junior networkengineer without an engineering degree, he didn't have the clout to persuade management to take the drastic security measures he knew they needed.

    June 4, 1997, was the day the AGIS Internet mail gateway backbone was taken outby -- whom? The attacker announced on a Usenet post "Today I wiped AGISGATE andall of AGIS's name servers. I will only stop until[sic] AGIS changes their policies... This means getting rid of all of their spammers

    -- most importantly Cyber Promotions."

    This was not good for Harold. Someone was assaulting AGIS -- and the company and FBI suspected an insider was committing the attacks. To be exact, Harold, given his past, worried he would become one of the suspects.

    With a wife and two toddlers to care for at the time, the prospect had to be frightening. Harold was fighting not just to prove he could solve the hacker problem -- he was fighting for his reputation.

    Then someone gained access to every router on the AGIS network. The attacker changed the configuration files to take the routers out of service. This blacked out the Internet to a million people, in some locations for over a day.

    Fortunately Harold was able to use his years of hacker skills to trace the attacks to the source of origin. He also persuaded his bosses that he was capable ofdoing what was necessary to set up the new AGIS network. Harold designed new hardware and set up s-key, a one-time password system, to secure the AGIS routers.He also built AGIS's Usenet distribution system, both the hardware and software.

    Harold was rewarded with promotion to senior network engineer -- and stock in the fast growing company. And -- he achieved all this while still on probation. Now that he had real power in the company, Harold's next goal was to rid AGIS of spammers. This was not an easy task. AGIS had to fight a lawsuit brought by Cyber Promotions that briefly got a court order to force AGIS to give them service. However, by December 1997, Harold could say "Now we probably have the least spamof any backbone."

    In early October 1997, Harold responded to a request from Carolyn Meinel to help Succeed.net, a small ISP in Yuba City, California. Succeed.net was under assault by a group of hackers who wanted to drive Bronc Buster (now at http://www.showdown.org/) off the Internet. The owner of that ISP, Robert

    Lavelock, refused to cave in to the attackers' demands and kick Bronc Buster off. Instead, he fought them. Harold helped them close their security holes and set up a logging system to help the FBI catch Bronc's assailants. For details on this war, which lasted three weeks, see the GTMHH on "Hacker Wars" at http://www.happyhacker.org/.

    This March, when Rt66 Internet came under attack by hundreds of computer criminals trying to shut down the Happy Hacker network, Harold pitched in again with logger/sniffer software.

  • 8/10/2019 Real Hackers - Harold

    4/4

    Today Harold likes to say, "I help create the Internet. I realize that everything I do affects a million customers." With newborn twin baby daughters, the end of probation, the achievement of ridding AGIS of spammers and computer criminals, and his role of white hat hacker riding to the rescue of the victims of computer crime, he has a lot of joy in his life. And the world is certainly a better place because of his work.

    Where are those back issues of GTMHHs and Happy Hacker Digests? Check out the official Happy Hacker Web page at http://www.happyhacker.org/. Us HappyHacker folks are against computer crime. We support good, old-fashioned hackingof the kind that led to the creation of the Internet and a new era of freedom of information. So please don't email us about any crimes you may have committed.We won't be impressed. We might even call the cops on you! To subscribe to Happy Hacker and receive the Guides to (mostly) Harmless Hacking, please email [email protected] with message "subscribe happy-hacker" in the body of your message. Copyright 1998 Carolyn P. Meinel . These Guides to (mostly) Harmless Hacking are, in the spirit of copyleft, free for anyone to forward, post, and print out -- just so long as you keep this info attached to this Guide so your readers know where to go to get free GTMHHs.


Hacks & hackers

Hacks & hackers

Technology
Emerald Bay Real Estate | Harold Noriega | 2014 Annual Market Report

Emerald Bay Real Estate | Harold Noriega | 2014 Annual Market Report

Documents
Hackers to Hackers Conference 4th. Ed. - Events

Hackers to Hackers Conference 4th. Ed. - Events

Documents
Real Life Hackers @ PechaKucha 20x20

Real Life Hackers @ PechaKucha 20x20

Internet
5 Ways Your Employees Will Invite Hackers Into Your Network · out on top. In real life, it’s rarely that difficult. Sure, if you look at the news, you might believe hackers are

5 Ways Your Employees Will Invite Hackers Into Your Network · out on top. In real life, it’s rarely that difficult. Sure, if you look at the news, you might believe hackers are

Documents
Ethereum hackers

Ethereum hackers

Documents
Hacking,hackers,hackin effects,top hackers,harmfull effects of hacking

Hacking,hackers,hackin effects,top hackers,harmfull effects of hacking

Education
2014 Car Hackers Handbook - OpenGarages Car Hackers Handbook - OpenGarages

2014 Car Hackers Handbook - OpenGarages Car Hackers Handbook - OpenGarages

Documents
(HACKING) Hackers Handbook

(HACKING) Hackers Handbook

Documents
Hackers and Hollywood

Hackers and Hollywood

Education
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers

Don't Drop the SOAP: Real World Web Service Testing for Web Hackers

Technology
real world web service testing for web hackers

real world web service testing for web hackers

Documents
NET for hackers

NET for hackers

Technology
Tracking Hackers

Tracking Hackers

Documents
Hackers evaluation

Hackers evaluation

Art & Photos
Real world web service testing for web hackers ©2012 Secure Ideas LLC |

Real world web service testing for web hackers ©2012 Secure Ideas LLC |

Documents
ISSUU+ +173+Hackers

ISSUU+ +173+Hackers

Documents
Hackers & hacktivism

Hackers & hacktivism

Technology
hackers informaticos

hackers informaticos

Technology
Hackers vs Hackers

Hackers vs Hackers

Software
Emerald Bay Real Estate - Harold Noriega | 547 Emerald Bay | Property Brochure

Emerald Bay Real Estate - Harold Noriega | 547 Emerald Bay | Property Brochure

Documents
Hackers 22

Hackers 22

Technology
Emerald Bay Real Estate - Harold Noriega | 132 Emerald Bay | Property Brochure

Emerald Bay Real Estate - Harold Noriega | 132 Emerald Bay | Property Brochure

Documents
Vol - hackers

Vol - hackers

Documents
hackers 2 hackers conference III · hackers 2 hackers conference III voip (in)security integrity attacks *caller-id spoofing *problem: easily spoofable/ not always checked / systems

hackers 2 hackers conference III · hackers 2 hackers conference III voip (in)security integrity attacks *caller-id spoofing *problem: easily spoofable/ not always checked / systems

Documents
hackers vs suits

hackers vs suits

Technology
Reference Hackers

Reference Hackers

Education
Hackers secrets

Hackers secrets

Technology
Hackers chocos

Hackers chocos

Technology
Growth Hackers

Growth Hackers

Documents