My FBI file was for hacking into my school district's AS/400 that handled my school's attendance and grading system. Somehow using a public IP address with no access restrictions allowed a clear telnet path in from home. Compounding username and passwords that were all the same for every employee. I didn't change a thing, just LOLed and told someone. Bad mistake.
This was the late 90s.
Oh well, 2 week suspension and kicked off the computers for less than a year. A nice conference with FBI, police, my parents, IT and school administration. Fun times.
I learned my lesson to not talk about such things because their egoes were too fragile.
When they decided to give students in their website design class ftp accounts on the district wide web/email server running an ancient version of Debian, they didn't disable the shell, just added a login script to a menu for pine, etc. for people who telnetted in, which I'm sure the sysadmin was proud of. However, a few fast CTRL-C's broke out of his script menu loop and got me a shell, and they didn't shadow protect their password files. Ran it through john the ripper and had half the district's e-mail passwords in a default dictionary file including the root pw in a few minutes. LOLed and never told anyone about that.
I had sysadmin rights on my school’s Windows servers after some very simple social engineering (for a 10 year old). The real irony was that I was called to the principal’s office on multiple occasions because I seemed to be able to fix things on the network that the local “admin” (e.g. music teacher) couldn’t.
Fun times indeed.
It completely ruined my respect for authority figures. Which in retrospect has been the most valuable outcome from being the local “that kid from Wargames”
I was in high school from 2007 to 2011. Half of it in rural Alabama, the other half in the Bay.
Even being in the tech capital of the world, the school administration's views on technology and information access were so backwards. Our school basically didn't allow accessing any websites that weren't on some allowlist. Teachers had accounts to bypass the content filter.
We had a game design class that happened after school. Usually that period was reserved for making up classes you failed, but ROP courses that didn't align with the district's curriculum goals were taught as well.
Needless to say, pretty much every resource we needed was blocked. So the teacher would give out his content filter bypass credentials, because the school wouldn't entertain any exceptions to students not being allowed to have them even though they knew there were classes on campus that would have tremendous difficulty. A couple of times a student would leak the credentials to others on campus and it'd take all of 5 minutes to get to everyone on campus via social media.
They'd always treat everyone who knew the bypass accounts as "guilty unless proven otherwise". I ended up in detention a few times for even knowing it. Parents complained to the school a bunch, school just always blanket said "bypassing the content filter as a student is against policy for any reason. No exceptions."
Makes me think back to 1st grade in 1999 when I was first given internet access and being told not to use Google because "it wasn't safe". Couldn't have been that bad because it took another half decade for me to inadvertently end up on the "adult" part of the internet.
Had a similar problem with feeling betrayed by authority figures when I was called in to be questioned about a hacking incident while in middle school just because I was good at VB in programming glass. Can really ruin a kid's confidence for years to come in case anyone in such position is reading this now.
Public network shares, cain&abel, learning about NTLM downgrading and well, these were the days when Wifi was "new" and wireless B and G was considered wow, 54mbps.
Back then, everything really felt like magic.
Old netsend trick, pre windows xp SP2.
There were enough stories at this time online that I knew it was best to say nothing. Did nothing bad, just explored, learned quite a few things and well was surprised how really easy it was to do things.
Nowadays, I feel kids won't/don't get that chance to explore - which is sad. Internet is curated through apps and "enagement" user experience and cloud services/SAAS.
Maybe they can spot a lifetime link to a google sheets master password document. ;)
When I was 11 I social engineered the son of the computing teacher to get all the admin passwords. Then I fucked around with a whole bunch of stuff and showed a friend. When they figured out it'd been hacked they weren't sure who did it, but my buddy broke down very quickly and let them know lol.
I was banned from the computer lab for the whole of my secondary school years. It didn't matter though, because when I was 12 (~1989) the headmaster dropped computing from the school curriculum as "computers are a passing fad". They just used the computers for typing up essays after that.
I found the password to my teacher's eBoard[1] in 4th grade (a five digit code) and started changing things as a practical joke. Then I started seeing more five digit codes just written on Post-it notes…
This reminds of a Costco bug I discovered, it appears that they fixed it lol.
So, Costco runs AS/400 in stores, and their online store is in .Net MVC. I worked with both technologies and often have to communicate with AS/400 devs and they are close to their retirement so little fucks are given. Plus, working with DB2 is annoying in general, the .NET data provider from IBM is expensive and sucks.
Now onto the bug, when you purchased items online at a discount, you were able to return to store at a full price as their systems were not communicating that a discount was applied. I returned several items, but did not realize until I bought a laptop that was $400 off and tried returning it. I ended up calling Costco and letting them know. Unfortunately, they didn't give me any lifetime membership or a good citizen award.
If any Costco devs read this and know about this send me some love.
Costco still has issues of resolving discounts on a return. I won't state the bug explicitly but I had a conversation with them about how they refunded me a significant amount I never paid on a large purchase and showed them the delta via receipts. Local management was appreciative but didn't seem to have an idea of how to proceed to make things right. Ultimately they said my account would be flagged as owing the difference so the next time I shopped I would be charged for the incorrect refund. The problem is that that didn't work either and I don't shop there often. I tried to do the right thing but ultimately it ends up being their responsibility to handle it when the customer is standing right in front of them showing their loss of revenue.
I met someone many years ago who bragged that they did this with sales tax. They purchased expensive items at Costco in Oregon, paying 0% sales tax, and then returned those items in Washington and received a full refund plus 10% sales tax. This was the first time I met a person who appeared normal but lacked social mores against fraud.
I'd expect Costco would require receipts for returns, even for online purchases, like most stores. Then the store would only refund the amount after discounts. But perhaps Costco is more trusting of their customers because they have to pay for membership.
> I learned my lesson to not talk about such things
I like how you shared how you learned lesson to not share mischievous activities with people in the same post you then go and share more things you haven't been caught for.
This is going on your permanent school record! /s
That's great. I know even as of recent of 2021 I've seen some places that had 0 security on things.
> I like how you shared how you learned lesson to not share mischievous activities with people in the same post you then go and share more things you haven't been caught for
American public schools are quite adept at teaching distrust in authority, particularly in bureaucrats. That doesn't mean distrust in everybody.
I think this is especially prevalent in schools. You'll see things like this even for things that aren't related to computers. When I was a kid, drugs in your locker were your drugs, even though breaking into the lockers was trivial and stashing drugs in other people's lockers was the way business was done.
I wouldn't have told the school of a theft I witnessed even if I knew there were cameras recording the entire thing. You're guilty unless you can prove someone else was more guilty and they're not really concerned about the truth of the matter so they're not trying to help you.
When I was 11 or 12 we had a bunch of old Windows (2000?) boxes with a shared network folder — all the students' files were in the same folder. I had just learned about basic batch file "programming" so I made one called Change Your Grades Click Here!!.bat which asked for your username and password (we had individual accounts on the Mac computers) and saved them to a hidden text file in the same folder. Most people didn't fall for it, but I got one girl's login that actually worked, which scared the shit out of me, and I deleted the program. (I really wanted to tell her that "emma" is not a good password, but I thought it wouldn't turn out well for me.)
A few years later, I cracked the admin password (with a Ophcrack live USB) for a silly reason: they had the machines mostly locked down, and I wanted to change the desktop background hahah. I remember being quite disappointed in the sysadmins that the admin password for all the machines in school was a common dictionary word, cracked in 30 seconds.
Oh, once I met a guy who identified as a "hacker" (in the sense of breaking into systems illegally) and he told me (then a young teen) to "have my fun" before I turned 18 and then to stop, which in retrospect was very good advice.
When dsl was deployed into my town, it was mostly for doctors offices and the local hospitals.
I was one of the first normal citizens to get dsl internet. I opened windows explorer, and saw all the hospitals and doctors office network folder shares, with patient data.
> I got one girl's login that actually worked, which scared the shit out of me, and I deleted the program. (I really wanted to tell her that "emma" is not a good password, but I thought it wouldn't turn out well for me.
With all due respect for HN policy of nuanced, Intelligent debate.
> I learned my lesson to not talk about such things because their egoes were too fragile.
At my university in the early 90s I went the white hat route and had tons of fun. I managed to convince the computing center folks to give me a student job in the Unix group, and then spent the next three years hacking their systems and getting a pat on the back when I did it.
I cracked all the passwords in my MS-DOS based computer programming class by modifying the boot floppy. It was pointless since the assignments were easy and I had perfect grades in that class, and the only thing this allowed me to do was steal other peoples' homework. But eh, boredom....
I also figured out how to auto-crawl the networks of all the schools in our district, which, as a self 15 year old whose only experience was non-networked DOS, is still a proud accomplishment. The only things I found were a bunch of printer management, some office form templates, and a cool video game that was like sim-moonbase.
But then my teacher found the file in my home dir called passwords.txt, and I was busted. Oh well. Instead of an FBI file, I got a detention, and I had to teach him how to write-protect the boot floppies so no one else could do what I had. (he didn't need to know that you could reverse the write-protection with a piece of electrical tape)
> I didn't change a thing, just LOLed and told someone
> Oh well, 2 week suspension
God damn, these idiot school people have no fucking clue that someone who points out a security flaw to you without inflicting any harm is actually doing something good, and that behavior should be encouraged and rewarded.
BRB, preparing my YC S22 application: "BugBakeSale"
"We're bug bounties for America's school districts: HackerOne for the K12 market. The product is free if you let our corporate partners, who also fund the bounties, recruit the winners."
I had two friends that did similar in the early 2000s, except that while the school knew there was a breach, they never caught who did it. Had all student social security numbers, grades, attendance, etc pulled into a thumb drive on the school network. I imagine this happened a lot around various school districts, especially in that time when school networks were less secure.
With all the shenanigans I was into as a turn of the century high school student, I'm incredibly lucky to have never had a (known) FBI run-in.
At my first high school I was expelled for selling teachers a boot floppy that disabled the district's security software (Fortress) on their machine.
At my second high school I was busted twice, once for selling CDs with a much anticipated unreleased movie, and the second time for finding (and copying) a network share that had every student's school photo from that year before they could even purchase it.
Nevermind all the unsavory nonsense I did outside of school and was luckily never busted for.
Good times indeed. I got into similar mischief, but my school didn't really mind. I got a slap on the wrist, because they were to prestigious to court negative attention. Then I got into similar shit in college. I reported it and got lucky again. The guy in charge of their cybersecurity program invited me to take his class which was all master's students and phd candidates as a freshman. I would have bombed as it was all over my head cryptography/math, but at the time I did some extracurricular research that got me a passing grade.
Oh yes. I remember the embarrassment / horror of having the admin just creepily poking my shoulder when at the computer and gently saying: "Hey, I promise I will NOT report you for antyhing, if you just tell me what the hell you just did with our network!"
I had no idea what I had done, honestly, I just sent a large ping packet to some IRC-user. Turns out it killed some vital things in the network.
Also the admin leaving anonymous FTP enabled with write access. That was one weekend with an extreme amount of illegal stuff apparently uploaded via the schools FTP, but that was my classmate which was involved in and not me.
This was at the time when people had dial-up at home so the 256kBps connection at school was awesome.
Late 80s and my junior high school computerized attendance reporting (and some grades) through shared documents on a 'teacher' Appletalk share I had access to (because I set it up!) Well now... ;) Honestly though I never did any of that sort of thing for profit, I managed to satisfy my needs selling disks with games on them and then turning a blind eye when people were playing them during class hours (I was basically used as a free labour resource by the school so I don't feel bad about that in the slightest.) Ah, the things we did when we were teenagers...
I was punished three times for computer curiosity before I learned my lesson. No good deed goes unpunished, especially when it makes somebody powerful look bad.
Seriously, they would have deserved that the school mysteriously becomes littered with printed (or typed) sheets of paper explaining how to access the system and change everyone’s grade.
If it were me, for the second time I would have considered adding a file to everyone’s FTP account (including the admins & professors themselves) explaining how they too can escalate to root.
ouch. I once tried to grab a password file remotely that made the whole computer network crash for some reason. They found out it was me and they said, "please don't do that again." I was really lucky.
I was in junior high early 90s when I got into trouble with my school's networks. Setup was Novell Netware, DOS 6.x. I was never a Netware expert by any means, but by that time I'd been using DOS at home for quite a number of years and knew my way around pretty well. Anyways, the network crashed. I got accused of causing the crash because a teacher had seen me with "a black screen open", aka a DOS prompt. Our Netware setup didn't allow for direct DOS access; we had a limited set of DOS apps from a menu we could run. Well, among those apps was WordPerfect for DOS. There was some function key combo that'd suspend WordPerfect and dump you at a DOS command prompt (I forget the key combo, but we all had those keyboard templates at the time that listed out the various commands helpfully, right in front of you, at school, even!).
Well, being at a DOS prompt was enough circumstantial evidence for me to get suspended for a week (no FBI record, AFAIK). My parents, despite being strict, were also fair and asked me point blank, "Did you have anything to do with what you're being accused of?". Told them no, I was just at a DOS prompt (probably to play either nibbles or gorillas - those classic BASIC games). To their credit, their opinion was if I was going to serve the time, I might as well know how to do the crime (know, not actually do). I had already been tagging along to continuing education computer classes my mom was attending, but my parents started buying me more and more computer books. It got me started down the programming path. I'd already been pretty friendly with our sysadmin at school and he knew I had nothing to do with what happened and hadn't accused me, but the school needed a scape goat, and I was it. He felt bad for me and choose to help me out with my learning, too, instead of continuing the punishment. He gave me a copy of the software he used for after hours remote access over direct dialup. Think it was called Carbon Copy? It was basically just telnet over dialup that allowed me direct access to his PC on the network after hours before I even knew what telnet was. So, I'd connect after dinner and play around for hours as network admin. It wasn't multiprocessed, so I had to be patient. Typically when I'd log in, he was running a nightly backup manually that he'd kick off before he left for the night. I just had to wait for it to complete, then I could do whatever I wanted. I had full access to the grading/attendance system. I could message teachers as other teachers, etc. I could have granted admin access to anyone, but I was smart enough to never touch my own account, instead, created fake admin users and used those, instead. I'd hide files in plain sight using the ALT+255 trick to embed a nonprintable character in file/directory names. You could see them, you just couldn't directly access them without renaming them for most programs. Fun times. I never did anything destructive, though I could have easily.
Security in the 90s was a joke. They were good times, indeed :)
I continued my shenanigans into college. College was my first encounter with Windows NT networks & l0phtcrack. I remember one night, walking into my dorm room with the SAM file from a lab PC on a floppy. I popped it into my own PC, started cracking the passwords, expecting it to run all night. As I got up from my PC to head down for dinner, I was surprised to see that I'd already cracked the administrator password. It was just a 5 character password that was the building code & room number for campus IT. I already knew better than to do anything from my own PC, only ever worked from different lab PCs in different buildings and under assumed accounts. Never reported anything, either, for fear of reprisal.
> I learned my lesson to not talk about such things because their egoes were too fragile.
Yip, ego's and people talk are the downfall of many an innocent `self-education` in the area of IT security.
Post 80's and laws started to change, prior, in the UK it was theft of electricity being the only way to nail some people. Crazy fun times.
Though I do miss the old phone system per-say, outdials, wardialing, things like that, was common with many and just seemed more mysterious as you could only learn thru word of mouth or self-education as no books or internets and BBS's were not as cheap in the UK or common as we never had the official free local calls aspect as you fine folks had in the US.
Do recall a chap getting kicked out of college for doing something I'd done previously, just that he had a bigger ego and not as delicate with the power to steal the admin password. Which involved an ICL George 3 OS mainframe in the times of very large disc platters and admin console journaling that had no encryption. so they rotated discs without adding extra wear of zeroing the previous content, only the file table so you could end up with a user disc platter that had formally been used as a admin console jounal reposatory and could create files without zeroing and dump the previous contents of the disc of that way...which eventually got you the admin password.
Do recall few instances of work related cases in which I needed to do things so, kinda hacked what I needed (resourcefulness) like upon a DPS7 Honeywell mini computer in which needed the admin password to do something and nobody had it at hand at that time of night and the passowrds were kept in a file that was encrypted so I worked out the encryption key by looking at the file as was poor encryption and text files have lots of spaces so saw a pattern with the word OPERA in and tried and tada, got what I needed. The spooked admin next day wondered how I did it so I told him fully, he then went and redid the encryption and challenged me to see if that was secure, I looked at the encrypted file and kinda worked out by the patterning that it had been encrypted twice....yes with the same password OPERA only encrypted with that and then encrypted again with the same. Educational for all back then. Today, not as easy to do that, but still a great story of times of old.
My ego prevents anything else and was an ethical hacker and the 90's was an era in which, we white hats would and was the internet security, bringing down pedo's and bad actors like that that frequented some platforms with ease (looking at you AOL). So whilst illegal per-say, was case of no real official policing of such things as we do today.
But darn, some things learned and worked out, well zero day exploits back then were not as financially economical as they are today and heck, and some never really appreciated how long they would stay obscured from the wild.
I also liked hardware back then, was also fun and many a hidden switch to get a feature you would normally pay silly money for some engineer to `install` though was just some hidden switch was not that uncommon. Heck even today you get kit that is same inside with a model up just adding some small thing and example would be some Fluke multimeters that you effectively pay hundred for a small capacitor and another digit on the outer shell, is a good example current today.
Fun times indeed, but darn, goalposts always moving.
The UNIX family of operating system (Unices) historically stored passwords in /etc/passwd, which was readable (but passwords were soon hashed, i.e. passed through a one-way function to obfuscate them).
Eventually, shadow passwords were introduced to have the passwords themselves stored in another place with stricter access rights (readable only by the sysadmin or their group), so even the hashed versions were inaccessible to normal souls, whereas other information traditionally kept in /etc/passwd - e.g. the user's full name - could and can still be retrieved from that file by making it widely readable - just without the passwords, which were moved to the "shadows".
> Could you please explain what this means? Googling didn't reveal much.
An classic UNIX /etc/passwd file is readable by all local users and in the past used to contain the password hashes. One can download these hashes and crack the passwords offline. At some point the problem was recognized and password hashes were moved to special /etc/shadow file which is accessible only to root and members of shadow group making /etc/passwd useless for extracting passwords.
A quarter century later, statute of limitations expired, systems long gone and replaced with entirely different vendors/technology, nobody cares except you.
A person I know studied in East Germany in the early 80s via a very limited exchange program. After the wall came down, she requested her Stasi file.
It was fascinating what was in the file - lots of misunderstandings and misinterpretations. For example, she was upset when the Challenger exploded, and this mystified the Stasi informers who had previously identified her as a pacifist (in their minds, the Shuttle was 100% military).
Similarly, she was trying to research what happened to a relative who had remained in Germany in the late 30s, and whether she had died of natural causes or been sent to the camps. The Stasi file was filled with speculations on the details of this "sleeper agent" with whom she was trying to establish contact.
All this to say that from the mindset of a spy, everything is spy-craft. Everyone's world-view shapes their interpretation of events and reality itself. Was the shuttle a military venture? Partly. Was it also a tool for science? Yup. But the functionaries who looked at her data in the heat of the cold war certainly couldn't see those distinctions.
For what it's worth, she was able to get her Stasi file, but has never been able to get a copy of her FBI file.
This might be a good way to explain my discomfort with online tracking.
Machines categorising you based on your behaviour, without your knowledge nor your consent. It's not so bad when it serves you ads (unless it sells alcohol to alcoholics), but there's no telling what similar algorithms would say about you in the hands of a rogue government. They can find vulnerable people, people who hate certain people [0], people who talk to certain people or hold certain ideas.
What makes it even more terrifying is that machines can categorise people much faster, based on a much broader set of information. It's not just informants and paper reports, but computers processing and connection millions of data points.
I'm bringing all of my data together[1], and the result is a graph of every place I've visited, every conversation I've had, everything I looked up, every book I've read, every transaction I've made, every video I've watched and everyone I've talked to. There's even more data about me in the wild, and if you combined it with other people's data, you could figure out even more about my every move.
It's a good thing that the Stasi was a few decades early.
There's a beautiful song by Vienna Teng called The Hymn of Acxiom[1][2] that covers this nicely. It's in the form of a hymn sung by the data collecting machine itself. It starts off like a message of love and reassurance, but the reassurance unravels as it goes on, until finally we reach the double meaning of it all: "Embrace you for all you’re/your worth"
Somebody hears you
You know that inside
Someone is learning the colors of all your moods to
(say just the right thing and) show that you’re understood
Here you’re known
Leave your life open
You don’t have to hide
Someone is gathering every crumb you drop
These (mindless decisions and) moments you long forgot
Keep them all
Let our formulas find your soul
We’ll divine your artesian source (in your mind)
Marshal feed and force (our machines will)
To design you a perfect love —
Or (better still)
A perfect lust
O how glorious, glorious:
A brand new need is born
Now we possess you
You’ll own that in time
Now we will build you an endlessly upward world
(reach in your pocket) embrace you for all you’re worth
Is that wrong?
Isn’t this what you want?
I hold that we still have not imagined (not even in science fiction) the horrors totalitarian governments are now capable of in a fully-networked, computer-brokered society.
One other funny detail is that most of the Stasi file was handwritten notes in pencil. The vast majority of it was crap. It seems that a lot of her associates were obligated to report on her to the Stasi, but either couldn't or didn't want to give any details that would be harmful to anyone.
Much of it was along the lines of "[fellow student] says [subject] was disinclined to denounce rent-control as a counter-revolutionary ploy during a late-night discussion with [other student]." or "[room mate] overheard [subject] calling her family in the US, and did not hear any overt discussion of politics."
The Stasi was, especially in the end, exponentional invasive. Meaning they approached allmost anyone in any slightly important position and put pressure on them, to work with them to report on their collegues. (In the end, there were 90 000 of them, with a population of only 16 million).
"you help us (and socialism) and we help your career - or you decline and good luck with your career, or
the carrer of your partner. Your children ..."
The results were mainly those worthless reports.
But if you were on the hook once - they could pressure you into more, if they really were interested in your peers and not just routine surveillance of everyone.
But could you live with knowing you send one to prison for telling a bad joke about the government?
So many still declined, to work with them and suffered the consequences.
In either case, the massive surveillance was well known, it was assumed that everything you say loudly - got recorded.
but has never been able to get a copy of her FBI file
This can be confusing because there are various bewildering options, some of which are slower (or outright ineffective for personal records) than others but getting FBI records is comparatively straightforward once you've navigated the maze. I did it a few years ago and they sent me a CD's worth of stuff, plus a note of things they had not sent me or had redacted with instruction on challenging their decisions on these.
I'm not positive, but I seem to recall she said that she requested files, but just got back a folder of redacted sheets only showing a few dates and her name scattered throughout.
I wonder how much of that was just regular Stasi bureaucrats trying to keep their job. If everyone on their watchlist was a potential spy, then maybe their bosses stay scared enough to keep them employed? Or maybe that was the metric they used for promotions, and it inevitably became a target, resulting in a massive inflation of potential "spies" within the bureaucracy.
Anyone who is interested in this stuff should watch The Lives of Others (2006). It is unfathomable just how deeply entrenched Stasi was in every affair of citizens in East Germany. No organization in history has perhaps been as effective as them at spycraft, at least of their own people.
Hey, my mother was in almost exactly the same situation and has been talking to people about it. They should get in touch, although I'm not sure how to do that.
This story (assuming it's true) should serve as an excellent example of why you need privacy even if you think that you don't. In peace time the NSA is only looking for "terrorist" and leaves everyone alone, but in case of war they would start creating lists for any and everything. All it takes is one "tough" agent trusting their gut feeling/algorithm based on your browsing history and shopping habits to put a target on your back and you are done.
EDIT: Replacing "if there's any truth to it" by "assuming it's true". I did not mean to imply that the author made up the whole story and thought both expressions were equivalent.
The "if there is any truth to it" remark was unnecessary. The author was very well known on the net when it was a much smaller place (the old Usenet days), and implying that he made it up is, to say the least, impolite.
You may know him but I did not, so I erred on the safe side and added the "if there is any truth to it" as it's a much safer default to assume that everything I read on the Internet is possibly made up.
I believe that this happened, but I don’t think that details are accurate. Specifically stories told by FBI agents. Memory is flawed, kids tend to exaggerate things(he was 11 at the time). As far as I understand, it was retold
him by his mother, etc.
Yeah, he's for real, and I heard him tell this story (and a number of others) about 40 years ago, for what that's worth. In addition to his other info on the web mentioned elsewhere here, there are also quite a selection of his files from the Stanford AI Lab (SAIL) system, that have been pulled off of old backup tapes, and with permission appear at https://www.saildart.org/LES (note the 3-letter account name, and 3-letter, single-level subdirectory names that you can click down into).
Cool. I mean, wow, that's a great old resource. I like https://www.saildart.org/[OLD,LES]/ (always interested in what academic researchers at stanford and berkeley were doing around the time I was born, especially machine learning)
"and you are done" While I agree about the need for privacy, I don't think this story is a good argument for it. One of the interesting aspects of this story is that the main actual consequence of this privacy invasion was that he got his glasses back.
I was wondering where all that traffic suddenly came from. As for those neighborhoods that were raided: the 'new' City Hall of Amsterdam is built right on top of one of the largest of them. Not a house left standing of those blocks.
Seems like the safest bet would be to fully inventory every human, know everything about them as well or better than they do, and then, once you're highly assured of their safety to the commonwealth of the country monitor them for even the slightest changes in their disposition or regular pattern of activity.
Of course, you would have to completely disregard any concept that people would have a freedom to privacy to do that, and you would also have to account for natural changes over time.
People make new friends, get exposed to new ideas, and gradually change no matter how hard you try to lock them in a box. The data storage and processing requirements to monitor America's 350 million people would be understated as staggering, the man hours for perfect enforcement incalculable, and even if you reached Pareto parity (monitoring 80% of the highest-risk individuals 100% of the time) you're still going to have people slip through the cracks.
I would place a $100 bet on this already being the practice of the 3 letter agencies and if they haven't fully rolled it out I would hazard an extra tenner on that they're within 5 years of completing it as long as their funding isn't disrupted.
The only defense most of us have against it is that we're not individually interesting so we probably never register as more than a blip on a hard drive somewhere under most circumstances, human eyes never prying into the worlds we make for ourselves.
Where this apparatus gets really interesting is the addition of AI.
Suddenly cross-referencing pockets of activity in the giant trove of permanently stored data can be done for every citizen, not just ones of interest.
You can start modeling and simulating behavior off that data to predict future actions like in Minority Report.
But if you look far enough into the future on that trend and link it into Microsoft's recent patent on resurrecting dead people as AI chatbots from social media data, the treasure trove of all online activity for every citizen becomes a curious anthropological artifact as the people in it die off.
Did you have a nuclear scientist on the verge of a fusion breakthrough die before they could finish their paper? Just feed the entirety of their digital life into the system and extrapolate the non-digital using generalized "human experience" models built off everyone else to resurrect a copy of them (or many copies) in a simulated continuation of their day to day thinking and working.
Very few people fully understand the extent of the digital footprints we are leaving behind in the context of trends in big data.
The data we are leaving behind in mass collection will eventually take on (literally) new life.
Very good point. Everything is framed under the status quo. If shit hits the fan, all those assumptions immediately fly out the window. If the writ of habeas corpus is suspended, NSA instantly transforms from shady to Stasi.
In a section headed by an anime girl, he claims to have, "figured out when and how a bunch of other fantasies got into our DNA and will shortly post an article on this web site that will explain how that happened, why it is causing modern humans to make billions of bad decisions each day, and how we and our descendants are likely to be wiped out soon unless we begin dealing with this problem in a rational way."
Then there's a weird picture of his face, which is how he thinks he'll look in 2043, when "he plans to croak at age 112".
On his bucket list page,
"My choice as a troublemaker will be to get shot in the back while running away from an jealous husband in May 2043".
Let me die a youngman's death
not a clean and inbetween
the sheets holywater death
not a famous-last-words
peaceful out of breath death
When I'm 73
and in constant good tumour
may I be mown down at dawn
by a bright red sports car
on my way home
from an allnight party
Or when I'm 91
with silver hair
and sitting in a barber's chair
may rival gangsters
with hamfisted tommyguns burst in
and give me a short back and insides
Or when I'm 104
and banned from the Cavern
may my mistress
catching me in bed with her daughter
and fearing for her son
cut me up into little pieces
and throw away every piece but one
Let me die a youngman's death
not a free from sin tiptoe in
candle wax and waning death
not a curtains drawn by angels borne
'what a nice way to go' death
The Cavern referenced in the poem is a music club in which the Beatle played at the time, now it's tourist trap with canned pop music (what Brits call "cheesy music").
>> My mother told the investigators how glad she was to get the glasses back, considering that they cost $8. The sourpuss did a slow burn, then said “Lady, this case has cost the government thousands of dollars. It has been the top priority in our office for the last eight weeks. We traced the glasses to your son from the prescription by examining the files of all optometrists in the San Diego area.” He went on to say that they had been interviewing our friends and neighbors for several weeks.
Around 1983, me and a few friends were into "war dialing". We found a bank, did about a half-day of research (default logins for popular systems used by banks), and were able to get into the system. We all got bored and stopped poking around after a day or so - we were kids, none of us understand anything about banking. But one kid continued to poke around for months, and he was making changes, too - like, creating his own "backdoor" accounts. Well, naturally we all got caught, not because of some technical task force or anything, but rather because the one kid was bragging about it on a bunch of local BBS's. Then he ratted out the rest of us.
Keep in mind this was around 1983; it was a different time - "computer crimes" didn't really exist, nor the people to investigate them. And that's basically how we all escaped any significant consequences. I was totally unaware of all this at the time, but it was explained to me later in life (by my mother, who is still bitter about it - sorry, mom; you bought me the Commodore 64! LOL) that the FBI didn't really consider it a crime because nothing was stolen. The local cops proposed "trespassing", but we never stepped foot in the bank; we didn't even know where it was.
Thankfully this was just prior to the release of "War Games". Everything changed after that movie. Law enforcement started to pay attention. There were stories about the FBI investigating kids on local BBS's, thinking they were working for the Soviet Union, trying to access military secrets or something like that.
Lesson learned: "We traced the glasses to your son from the prescription by examining the files of all optometrists in the San Diego area." - if you want your possessions found, you can either attach a note with your home address or an AirTag... or simply something _so_ sketchy that an intelligence agency delivers your stuff together with an awesome story.
A gangster was in prison, when he received a letter from his mother. "We miss you very much, and it will be hard for your father to till the garden without you." "Don't do that, that's where I buried the guns!" he wrote back. A while later he received another note: "Some men from the prison completely dug up our garden looking for those guns, but they didn't find anything." "I know, mama. It was the least I could do for you."
A friend of mine in 1997 got arrested for poking around in air force computer systems. He was charged with a felony not because he did any damage but because it cost $40k to track him down. He also had to pay that back.
"Once again, when computer crime enters the equation, circumstances seem to change. In May of 1997, Wendell Dingus was sentenced by a federal court to six months of home monitoring for computer crime activity. Among the systems he admitted to attacking were the U.S. Air Force, NASA and Vanderbilt University. What is different about this case is the court's order for Dingus to repay $40,000 in restitution to the Air Force Information Warfare Center (AFIWC) for their time and effort in helping to track him."
Readit News
Oh well, 2 week suspension and kicked off the computers for less than a year. A nice conference with FBI, police, my parents, IT and school administration. Fun times.
I learned my lesson to not talk about such things because their egoes were too fragile.
When they decided to give students in their website design class ftp accounts on the district wide web/email server running an ancient version of Debian, they didn't disable the shell, just added a login script to a menu for pine, etc. for people who telnetted in, which I'm sure the sysadmin was proud of. However, a few fast CTRL-C's broke out of his script menu loop and got me a shell, and they didn't shadow protect their password files. Ran it through john the ripper and had half the district's e-mail passwords in a default dictionary file including the root pw in a few minutes. LOLed and never told anyone about that.
Good times, the 90s....
It completely ruined my respect for authority figures. Which in retrospect has been the most valuable outcome from being the local “that kid from Wargames”
Even being in the tech capital of the world, the school administration's views on technology and information access were so backwards. Our school basically didn't allow accessing any websites that weren't on some allowlist. Teachers had accounts to bypass the content filter.
We had a game design class that happened after school. Usually that period was reserved for making up classes you failed, but ROP courses that didn't align with the district's curriculum goals were taught as well.
Needless to say, pretty much every resource we needed was blocked. So the teacher would give out his content filter bypass credentials, because the school wouldn't entertain any exceptions to students not being allowed to have them even though they knew there were classes on campus that would have tremendous difficulty. A couple of times a student would leak the credentials to others on campus and it'd take all of 5 minutes to get to everyone on campus via social media.
They'd always treat everyone who knew the bypass accounts as "guilty unless proven otherwise". I ended up in detention a few times for even knowing it. Parents complained to the school a bunch, school just always blanket said "bypassing the content filter as a student is against policy for any reason. No exceptions."
Makes me think back to 1st grade in 1999 when I was first given internet access and being told not to use Google because "it wasn't safe". Couldn't have been that bad because it took another half decade for me to inadvertently end up on the "adult" part of the internet.
Back then, everything really felt like magic.
Old netsend trick, pre windows xp SP2.
There were enough stories at this time online that I knew it was best to say nothing. Did nothing bad, just explored, learned quite a few things and well was surprised how really easy it was to do things.
Nowadays, I feel kids won't/don't get that chance to explore - which is sad. Internet is curated through apps and "enagement" user experience and cloud services/SAAS.
Maybe they can spot a lifetime link to a google sheets master password document. ;)
I was banned from the computer lab for the whole of my secondary school years. It didn't matter though, because when I was 12 (~1989) the headmaster dropped computing from the school curriculum as "computers are a passing fad". They just used the computers for typing up essays after that.
It looks like they realised they were out of their depth and found someone who could help. Were they wrong to trust you?
Edit: I may have misunderstood your post. Did you mean:
A. The principal and the music teacher asked you to help out a few times because they knew you were skilled
B. You were always the first suspect when anything went wrong
I understood it as A. If so I really don't see how you'd lose respect for them over that.
[1] https://www.eboard.com
It sounds like they were right to trust you? Doesn't sound like you ever did anything bad with admin credentials. And you even used it to fix stuff.
So, Costco runs AS/400 in stores, and their online store is in .Net MVC. I worked with both technologies and often have to communicate with AS/400 devs and they are close to their retirement so little fucks are given. Plus, working with DB2 is annoying in general, the .NET data provider from IBM is expensive and sucks.
Now onto the bug, when you purchased items online at a discount, you were able to return to store at a full price as their systems were not communicating that a discount was applied. I returned several items, but did not realize until I bought a laptop that was $400 off and tried returning it. I ended up calling Costco and letting them know. Unfortunately, they didn't give me any lifetime membership or a good citizen award.
If any Costco devs read this and know about this send me some love.
I like how you shared how you learned lesson to not share mischievous activities with people in the same post you then go and share more things you haven't been caught for.
This is going on your permanent school record! /s
That's great. I know even as of recent of 2021 I've seen some places that had 0 security on things.
American public schools are quite adept at teaching distrust in authority, particularly in bureaucrats. That doesn't mean distrust in everybody.
I wouldn't have told the school of a theft I witnessed even if I knew there were cameras recording the entire thing. You're guilty unless you can prove someone else was more guilty and they're not really concerned about the truth of the matter so they're not trying to help you.
A few years later, I cracked the admin password (with a Ophcrack live USB) for a silly reason: they had the machines mostly locked down, and I wanted to change the desktop background hahah. I remember being quite disappointed in the sysadmins that the admin password for all the machines in school was a common dictionary word, cracked in 30 seconds.
Oh, once I met a guy who identified as a "hacker" (in the sense of breaking into systems illegally) and he told me (then a young teen) to "have my fun" before I turned 18 and then to stop, which in retrospect was very good advice.
I was one of the first normal citizens to get dsl internet. I opened windows explorer, and saw all the hospitals and doctors office network folder shares, with patient data.
Yeah, big telecom internet company too.
With all due respect for HN policy of nuanced, Intelligent debate.
"Wimp"
At my university in the early 90s I went the white hat route and had tons of fun. I managed to convince the computing center folks to give me a student job in the Unix group, and then spent the next three years hacking their systems and getting a pat on the back when I did it.
I also figured out how to auto-crawl the networks of all the schools in our district, which, as a self 15 year old whose only experience was non-networked DOS, is still a proud accomplishment. The only things I found were a bunch of printer management, some office form templates, and a cool video game that was like sim-moonbase.
But then my teacher found the file in my home dir called passwords.txt, and I was busted. Oh well. Instead of an FBI file, I got a detention, and I had to teach him how to write-protect the boot floppies so no one else could do what I had. (he didn't need to know that you could reverse the write-protection with a piece of electrical tape)
> Oh well, 2 week suspension
God damn, these idiot school people have no fucking clue that someone who points out a security flaw to you without inflicting any harm is actually doing something good, and that behavior should be encouraged and rewarded.
"We're bug bounties for America's school districts: HackerOne for the K12 market. The product is free if you let our corporate partners, who also fund the bounties, recruit the winners."
He gave the reason why, fragile ego.
At my first high school I was expelled for selling teachers a boot floppy that disabled the district's security software (Fortress) on their machine.
At my second high school I was busted twice, once for selling CDs with a much anticipated unreleased movie, and the second time for finding (and copying) a network share that had every student's school photo from that year before they could even purchase it.
Nevermind all the unsavory nonsense I did outside of school and was luckily never busted for.
If anyone else reading can learn vicariously, this line is almost universally true and manifests itself in a multitude of ways.
I had no idea what I had done, honestly, I just sent a large ping packet to some IRC-user. Turns out it killed some vital things in the network.
Also the admin leaving anonymous FTP enabled with write access. That was one weekend with an extreme amount of illegal stuff apparently uploaded via the schools FTP, but that was my classmate which was involved in and not me.
This was at the time when people had dial-up at home so the 256kBps connection at school was awesome.
Deleted Comment
If it were me, for the second time I would have considered adding a file to everyone’s FTP account (including the admins & professors themselves) explaining how they too can escalate to root.
Well, being at a DOS prompt was enough circumstantial evidence for me to get suspended for a week (no FBI record, AFAIK). My parents, despite being strict, were also fair and asked me point blank, "Did you have anything to do with what you're being accused of?". Told them no, I was just at a DOS prompt (probably to play either nibbles or gorillas - those classic BASIC games). To their credit, their opinion was if I was going to serve the time, I might as well know how to do the crime (know, not actually do). I had already been tagging along to continuing education computer classes my mom was attending, but my parents started buying me more and more computer books. It got me started down the programming path. I'd already been pretty friendly with our sysadmin at school and he knew I had nothing to do with what happened and hadn't accused me, but the school needed a scape goat, and I was it. He felt bad for me and choose to help me out with my learning, too, instead of continuing the punishment. He gave me a copy of the software he used for after hours remote access over direct dialup. Think it was called Carbon Copy? It was basically just telnet over dialup that allowed me direct access to his PC on the network after hours before I even knew what telnet was. So, I'd connect after dinner and play around for hours as network admin. It wasn't multiprocessed, so I had to be patient. Typically when I'd log in, he was running a nightly backup manually that he'd kick off before he left for the night. I just had to wait for it to complete, then I could do whatever I wanted. I had full access to the grading/attendance system. I could message teachers as other teachers, etc. I could have granted admin access to anyone, but I was smart enough to never touch my own account, instead, created fake admin users and used those, instead. I'd hide files in plain sight using the ALT+255 trick to embed a nonprintable character in file/directory names. You could see them, you just couldn't directly access them without renaming them for most programs. Fun times. I never did anything destructive, though I could have easily.
Security in the 90s was a joke. They were good times, indeed :)
I continued my shenanigans into college. College was my first encounter with Windows NT networks & l0phtcrack. I remember one night, walking into my dorm room with the SAM file from a lab PC on a floppy. I popped it into my own PC, started cracking the passwords, expecting it to run all night. As I got up from my PC to head down for dinner, I was surprised to see that I'd already cracked the administrator password. It was just a 5 character password that was the building code & room number for campus IT. I already knew better than to do anything from my own PC, only ever worked from different lab PCs in different buildings and under assumed accounts. Never reported anything, either, for fear of reprisal.
Yip, ego's and people talk are the downfall of many an innocent `self-education` in the area of IT security.
Post 80's and laws started to change, prior, in the UK it was theft of electricity being the only way to nail some people. Crazy fun times.
Though I do miss the old phone system per-say, outdials, wardialing, things like that, was common with many and just seemed more mysterious as you could only learn thru word of mouth or self-education as no books or internets and BBS's were not as cheap in the UK or common as we never had the official free local calls aspect as you fine folks had in the US.
Do recall a chap getting kicked out of college for doing something I'd done previously, just that he had a bigger ego and not as delicate with the power to steal the admin password. Which involved an ICL George 3 OS mainframe in the times of very large disc platters and admin console journaling that had no encryption. so they rotated discs without adding extra wear of zeroing the previous content, only the file table so you could end up with a user disc platter that had formally been used as a admin console jounal reposatory and could create files without zeroing and dump the previous contents of the disc of that way...which eventually got you the admin password.
Do recall few instances of work related cases in which I needed to do things so, kinda hacked what I needed (resourcefulness) like upon a DPS7 Honeywell mini computer in which needed the admin password to do something and nobody had it at hand at that time of night and the passowrds were kept in a file that was encrypted so I worked out the encryption key by looking at the file as was poor encryption and text files have lots of spaces so saw a pattern with the word OPERA in and tried and tada, got what I needed. The spooked admin next day wondered how I did it so I told him fully, he then went and redid the encryption and challenged me to see if that was secure, I looked at the encrypted file and kinda worked out by the patterning that it had been encrypted twice....yes with the same password OPERA only encrypted with that and then encrypted again with the same. Educational for all back then. Today, not as easy to do that, but still a great story of times of old.
My ego prevents anything else and was an ethical hacker and the 90's was an era in which, we white hats would and was the internet security, bringing down pedo's and bad actors like that that frequented some platforms with ease (looking at you AOL). So whilst illegal per-say, was case of no real official policing of such things as we do today.
But darn, some things learned and worked out, well zero day exploits back then were not as financially economical as they are today and heck, and some never really appreciated how long they would stay obscured from the wild.
I also liked hardware back then, was also fun and many a hidden switch to get a feature you would normally pay silly money for some engineer to `install` though was just some hidden switch was not that uncommon. Heck even today you get kit that is same inside with a model up just adding some small thing and example would be some Fluke multimeters that you effectively pay hundred for a small capacitor and another digit on the outer shell, is a good example current today.
Fun times indeed, but darn, goalposts always moving.
Very fancy, everyone was using elm and you got pine.
Could you please explain what this means? Googling didn't reveal much.
Eventually, shadow passwords were introduced to have the passwords themselves stored in another place with stricter access rights (readable only by the sysadmin or their group), so even the hashed versions were inaccessible to normal souls, whereas other information traditionally kept in /etc/passwd - e.g. the user's full name - could and can still be retrieved from that file by making it widely readable - just without the passwords, which were moved to the "shadows".
See also https://en.wikipedia.org/wiki/Passwd, section "Shadow file" for more details.
An classic UNIX /etc/passwd file is readable by all local users and in the past used to contain the password hashes. One can download these hashes and crack the passwords offline. At some point the problem was recognized and password hashes were moved to special /etc/shadow file which is accessible only to root and members of shadow group making /etc/passwd useless for extracting passwords.
Deleted Comment
And yet here we are, talking about it.
It was fascinating what was in the file - lots of misunderstandings and misinterpretations. For example, she was upset when the Challenger exploded, and this mystified the Stasi informers who had previously identified her as a pacifist (in their minds, the Shuttle was 100% military).
Similarly, she was trying to research what happened to a relative who had remained in Germany in the late 30s, and whether she had died of natural causes or been sent to the camps. The Stasi file was filled with speculations on the details of this "sleeper agent" with whom she was trying to establish contact.
All this to say that from the mindset of a spy, everything is spy-craft. Everyone's world-view shapes their interpretation of events and reality itself. Was the shuttle a military venture? Partly. Was it also a tool for science? Yup. But the functionaries who looked at her data in the heat of the cold war certainly couldn't see those distinctions.
For what it's worth, she was able to get her Stasi file, but has never been able to get a copy of her FBI file.
Machines categorising you based on your behaviour, without your knowledge nor your consent. It's not so bad when it serves you ads (unless it sells alcohol to alcoholics), but there's no telling what similar algorithms would say about you in the hands of a rogue government. They can find vulnerable people, people who hate certain people [0], people who talk to certain people or hold certain ideas.
What makes it even more terrifying is that machines can categorise people much faster, based on a much broader set of information. It's not just informants and paper reports, but computers processing and connection millions of data points.
I'm bringing all of my data together[1], and the result is a graph of every place I've visited, every conversation I've had, everything I looked up, every book I've read, every transaction I've made, every video I've watched and everyone I've talked to. There's even more data about me in the wild, and if you combined it with other people's data, you could figure out even more about my every move.
It's a good thing that the Stasi was a few decades early.
[0] https://www.propublica.org/article/facebook-enabled-advertis...
[1] https://nicolasbouliane.com/projects/timeline
[2] https://www.youtube.com/watch?v=QF-7WiLykGM
Deleted Comment
Much of it was along the lines of "[fellow student] says [subject] was disinclined to denounce rent-control as a counter-revolutionary ploy during a late-night discussion with [other student]." or "[room mate] overheard [subject] calling her family in the US, and did not hear any overt discussion of politics."
"you help us (and socialism) and we help your career - or you decline and good luck with your career, or the carrer of your partner. Your children ..."
The results were mainly those worthless reports. But if you were on the hook once - they could pressure you into more, if they really were interested in your peers and not just routine surveillance of everyone.
But could you live with knowing you send one to prison for telling a bad joke about the government?
So many still declined, to work with them and suffered the consequences.
In either case, the massive surveillance was well known, it was assumed that everything you say loudly - got recorded.
Deep chilling effect.
This can be confusing because there are various bewildering options, some of which are slower (or outright ineffective for personal records) than others but getting FBI records is comparatively straightforward once you've navigated the maze. I did it a few years ago and they sent me a CD's worth of stuff, plus a note of things they had not sent me or had redacted with instruction on challenging their decisions on these.
EDIT: Replacing "if there's any truth to it" by "assuming it's true". I did not mean to imply that the author made up the whole story and thought both expressions were equivalent.
His Wikipedia page: https://en.wikipedia.org/wiki/Les_Earnest
If he had been a 30 years old Japanese weirdo that likes to keep "codes" in his wallet I am pretty sure the story would be very different.
If you say so.
Of course, you would have to completely disregard any concept that people would have a freedom to privacy to do that, and you would also have to account for natural changes over time.
People make new friends, get exposed to new ideas, and gradually change no matter how hard you try to lock them in a box. The data storage and processing requirements to monitor America's 350 million people would be understated as staggering, the man hours for perfect enforcement incalculable, and even if you reached Pareto parity (monitoring 80% of the highest-risk individuals 100% of the time) you're still going to have people slip through the cracks.
I would place a $100 bet on this already being the practice of the 3 letter agencies and if they haven't fully rolled it out I would hazard an extra tenner on that they're within 5 years of completing it as long as their funding isn't disrupted.
The only defense most of us have against it is that we're not individually interesting so we probably never register as more than a blip on a hard drive somewhere under most circumstances, human eyes never prying into the worlds we make for ourselves.
Suddenly cross-referencing pockets of activity in the giant trove of permanently stored data can be done for every citizen, not just ones of interest.
You can start modeling and simulating behavior off that data to predict future actions like in Minority Report.
But if you look far enough into the future on that trend and link it into Microsoft's recent patent on resurrecting dead people as AI chatbots from social media data, the treasure trove of all online activity for every citizen becomes a curious anthropological artifact as the people in it die off.
Did you have a nuclear scientist on the verge of a fusion breakthrough die before they could finish their paper? Just feed the entirety of their digital life into the system and extrapolate the non-digital using generalized "human experience" models built off everyone else to resurrect a copy of them (or many copies) in a simulated continuation of their day to day thinking and working.
Very few people fully understand the extent of the digital footprints we are leaving behind in the context of trends in big data.
The data we are leaving behind in mass collection will eventually take on (literally) new life.
And honestly, when was the last time of any significant duration when the US was not involved in a military conflict?
Dead Comment
https://web.stanford.edu/~learnest/
http://web.stanford.edu/~learnest/bucket/
In a section headed by an anime girl, he claims to have, "figured out when and how a bunch of other fantasies got into our DNA and will shortly post an article on this web site that will explain how that happened, why it is causing modern humans to make billions of bad decisions each day, and how we and our descendants are likely to be wiped out soon unless we begin dealing with this problem in a rational way."
Then there's a weird picture of his face, which is how he thinks he'll look in 2043, when "he plans to croak at age 112".
On his bucket list page,
"My choice as a troublemaker will be to get shot in the back while running away from an jealous husband in May 2043".
Very weird stuff.
When I'm 73 and in constant good tumour may I be mown down at dawn by a bright red sports car on my way home from an allnight party
Or when I'm 91 with silver hair and sitting in a barber's chair may rival gangsters with hamfisted tommyguns burst in and give me a short back and insides
Or when I'm 104 and banned from the Cavern may my mistress catching me in bed with her daughter and fearing for her son cut me up into little pieces and throw away every piece but one
Let me die a youngman's death not a free from sin tiptoe in candle wax and waning death not a curtains drawn by angels borne 'what a nice way to go' death
Source: https://en.wikipedia.org/wiki/Roger_McGough
The Cavern referenced in the poem is a music club in which the Beatle played at the time, now it's tourist trap with canned pop music (what Brits call "cheesy music").
[0]: https://web.stanford.edu/~learnest/earth/fantasy.html
[1]: https://web.stanford.edu/~learnest/earth/fantasies.html
It's great; it's called wit. :)
If you want a more conventional boring bio, there's https://en.wikipedia.org/wiki/Les_Earnest
Mom: "And how is that foolishness my problem?"
Keep in mind this was around 1983; it was a different time - "computer crimes" didn't really exist, nor the people to investigate them. And that's basically how we all escaped any significant consequences. I was totally unaware of all this at the time, but it was explained to me later in life (by my mother, who is still bitter about it - sorry, mom; you bought me the Commodore 64! LOL) that the FBI didn't really consider it a crime because nothing was stolen. The local cops proposed "trespassing", but we never stepped foot in the bank; we didn't even know where it was.
Thankfully this was just prior to the release of "War Games". Everything changed after that movie. Law enforcement started to pay attention. There were stories about the FBI investigating kids on local BBS's, thinking they were working for the Soviet Union, trying to access military secrets or something like that.
https://attrition.org/~jericho/works/security/crime_punishme...
"Once again, when computer crime enters the equation, circumstances seem to change. In May of 1997, Wendell Dingus was sentenced by a federal court to six months of home monitoring for computer crime activity. Among the systems he admitted to attacking were the U.S. Air Force, NASA and Vanderbilt University. What is different about this case is the court's order for Dingus to repay $40,000 in restitution to the Air Force Information Warfare Center (AFIWC) for their time and effort in helping to track him."
Can we just take a moment to appreciate that name?