This latter definition is what these three legends do have in common.
John Thomas Draper: “If I do what I do, it is only to explore a system”.
This is the story of just some guy who found out that one of the little promotional toys on cereal boxes could be used to make long-distance free calls. In the early 70s, John Thomas Draper modified the promotional whistle of one of the Cap’n Crunch cereal boxes to make it emit a tone at 2,600 hertz: the same frequency AT&T used to notify that the trunk line was ready to route a new call. This made it easy for him to gain access as the operator of the line and, thus, study the national phone system.
With all the theory learnt, he then built the first blue box: a multifrequency tone generator that allowed him to pirate the phone line. Short after that, he was commonly known as Captain Crunch. “I don’t do that anymore at all. And if I do it, I do it for one reason and one reason only. I’m learning about a system. The phone company is a System”. These were the words of Draper during an interview for Esquire in October 1971, you can find it on www.crunchcreations.com.
In 1972, Draper was accused and arrested on fraud to the phone companies. However, by then he had already passed on all his knowledge to two young men called Steve Jobs and Steve Wozniak, who, before Apple, used to build and sell Blue Boxes. John Draper is remembered after Phreaking or phone hacking, but the fact that he, already in prison, created Apple’s EasyWriter code —the first word processor—often goes unnoticed.
Kevin Mitnick: from computer addict to leader of a cybersecurity company.
Esta es la histoThis is the story of a 16-year-old boy who broke the administrative security system of his school out of his obsession with IT systems. Although you might think that modifying his grades could be a perfect motive, he actually did it out of curiosity, just “to have a look”. Such curiosity granted him illegal access to generous number of systems. His targets were bigger and bigger every time: North American Air Defense Command, ARPAnet, Microcorp Systems, the security department of MCI Communications or Digital Equipment Corporation were just some of his victims. By 1991, Kevin Mitnick had already got front-page headlines on newspapers such as the New York Times.
In 1988, he was arrested and found guilty of fraud and illegal possession of long-distance access codes. The public prosecutor convinced the judge to forbid him the use of any kind of phone line, putting forward that he could access a computer from anywhere. On the request of Mitnick, the judge authorized him to call his lawyer and solicitor, his wife, his mother, and his grandmother and only under official supervision. His lawyer, on his behalf, convinced the judge that Mitnick had a computer addiction the same way alcoholics or drug addicts were addicted to such.
He was sentenced to 1 year of prison, after which he had to enrol in a 6-months program to treat his “addiction” to computers. During that time, he was not allowed to touch any computer or modem and lost over 45 kilograms. Today, he is the founder of Security Consulting LLC. The Pentest team headed by Mitnick is one of the most respected and some of the leading corporations and governments often hire their services. Lots of their clients appear on the Fortune 500 list.
ph4nt45m4: “We all have an inner hacker”.
This is the story of an 8-year-old child that found out that he could stick a chewing gum on a coin and use it to empty candy and toys vending machines, since, when introducing it in the gear, it would stick to it and never fall into the money box of the machine. He often used a plastic bag to fill it in but, once full, he would give it to the owner to let him know how easy it was to rob him just using a chewing gum. That little boy never understood why the owners didn’t like him, since he was just telling them that something wasn’t working like it should.
That child became a young man, and he was more and more interested in fixing things that did not work properly. One day, he found out that he could gain remote access to any device that had online shared resources and it became his new hobby for weeks. He would scan hundreds of IP ranges, thousands of ports and millions of Pings just searching for the one that would grant him free access to other devices.
That young man wasn’t quite aware of the fact that what he was doing was frowned upon. He would leave notes on the desks of the devices he could access, telling them they had a security breach and how to solve it. He could have modified, copied, or eliminated data, destroyed the system, or anything, really, but all he did was leave a helping note. Little did he know that one of them was going to report him.
Little did he know that their service provider’s infrastructures didn’t work as well as they should because they lived in a rural area, quite far from any urban core, just like the rural area he lived in. Little did he know that it was his neighbour that ended up reporting him. His relationship with that neighbour was actually quite good, he had even explained him how easy it was to gain access to remote servers, so he couldn’t believe his eyes when he knocked the door one day with the complaint sheet ready in his hand. He could imagine any other person incriminating him, but not his neighbour, who knew his only sin was being a little too curious. Luckily for him, it never got too serious —probably because his neighbour was a special forces commander—. Nowadays, this not-so-young man offers cybersecurity courses and training for companies.
This is the story of thousands of people who are product of what other people shared online. It is the story of all of those who devoted their time trying to understand how things work just to make them better. At the end of the day, a hacker is just a “person deeply skilled on IT management who investigates a computer system in order to notify failures and develop improvement techniques”, just as defined by the RAE.
In Cibinar, we like to keep in mind the moral in these three stories and the very essence of the definition. We have the mission of making the world a better, safer place and spreading our knowledge to all who may need it.