To know Stanley is to know his demon. If you know the other guy's demon, then maybe you'll come to know some of your own. You'll be able to separate reality from illusion. And then you won't do your cause, and yourself, more harm than good. Like poor d.a.m.ned Stanley from Chicago did.
The Federal Computer Investigations Committee (FCIC) is the most important and influential organization in the realm of American computer-crime. Since the police of other countries have largely taken their computer-crime cues from American methods, the FCIC might well be called the most important computer crime group in the world.
It is also, by federal standards, an organization of great unorthodoxy. State and local investigators mix with federal agents. Lawyers, financial auditors and computer- security programmers trade notes with street cops. Industry vendors and telco security people show up to explain their gadgetry and plead for protection and justice. Private investigators, think-tank experts and industry pundits throw in their two cents' worth. The FCIC is the ant.i.thesis of a formal bureaucracy.
Members of the FCIC are obscurely proud of this fact; they recognize their group as aberrant, but are entirely convinced that this, for them, outright WEIRD behavior is nevertheless ABSOLUTELY NECESSARY to get their jobs done.
FCIC regulars--from the Secret Service, the FBI, the IRS, the Department of Labor, the offices of federal attorneys, state police, the Air Force, from military intelligence--often attend meetings, held hither and thither across the country, at their own expense. The FCIC doesn't get grants. It doesn't charge membership fees. It doesn't have a boss. It has no headquarters--just a mail drop in Washington DC, at the Fraud Division of the Secret Service. It doesn't have a budget. It doesn't have schedules. It meets three times a year--sort of. Sometimes it issues publications, but the FCIC has no regular publisher, no treasurer, not even a secretary. There are no minutes of FCIC meetings. Non-federal people are considered "non-voting members," but there's not much in the way of elections. There are no badges, lapel pins or certificates of membership. Everyone is on a first-name basis. There are about forty of them. n.o.body knows how many, exactly. People come, people go--sometimes people "go" formally but still hang around anyway. n.o.body has ever exactly figured out what "membership" of this "Committee" actually entails.
Strange as this may seem to some, to anyone familiar with the social world of computing, the "organization" of the FCIC is very recognizable.
For years now, economists and management theorists have speculated that the tidal wave of the information revolution would destroy rigid, pyramidal bureaucracies, where everything is top-down and centrally controlled. Highly trained "employees" would take on much greater autonomy, being self-starting, and self-motivating, moving from place to place, task to task, with great speed and fluidity. "Ad-hocracy" would rule, with groups of people spontaneously knitting together across organizational lines, tackling the problem at hand, applying intense computer- aided expertise to it, and then vanishing whence they came.
This is more or less what has actually happened in the world of federal computer investigation. With the conspicuous exception of the phone companies, which are after all over a hundred years old, practically EVERY organization that playthe basis of this fear is not irrational.
Fear of hackers goes well beyond the fear of merely criminal activity.
Subversion and manipulation of the phone system is an act with disturbing political overtones. In America, computers and telephones are potent symbols of organized authority and the technocratic business elite.
But there is an element in American culture that has always strongly rebelled against these symbols; rebelled against all large industrial computers and all phone companies. A certain anarchical tinge deep in the American soul delights in causing confusion and pain to all bureaucracies, including technological ones.
There is sometimes malice and vandalism in this att.i.tude, but it is a deep and cherished part of the American national character. The outlaw, the rebel, the rugged individual, the pioneer, the st.u.r.dy Jeffersonian yeoman, the private citizen resisting interference in his pursuit of happiness--these are figures that all Americans recognize, and that many will strongly applaud and defend.
Many scrupulously law-abiding citizens today do cutting- edge work with electronics--work that has already had tremendous social influence and will have much more in years to come. In all truth, these talented, hardworking, law-abiding, mature, adult people are far more disturbing to the peace and order of the current status quo than any scofflaw group of romantic teenage punk kids. These law-abiding hackers have the power, ability, and willingness to influence other people's lives quite unpredictably. They have means, motive, and opportunity to meddle drastically with the American social order. When corralled into governments, universities, or large multinational companies, and forced to follow rulebooks and wear suits and ties, they at least have some conventional halters on their freedom of action. But when loosed alone, or in small groups, and fired by imagination and the entrepreneurial spirit, they can move mountains--causing landslides that will likely crash directly is any important role in this book functions just like the FCIC. The Chicago Task Force, the Arizona Racketeering Unit, the Legion of Doom, the Phrack crowd, the Electronic Frontier Foundation--they ALL look and act like "tiger teams" or "user's groups." They are all electronic ad-hocracies leaping up spontaneously to attempt to meet a need.
Some are police. Some are, by strict definition, criminals. Some are political interest-groups. But every single group has that same quality of apparent spontaneity--"Hey, gang! My uncle's got a barn--let's put on a show!"
Every one of these groups is embarra.s.sed by this "amateurism," and, for the sake of their public image in a world of non-computer people, they all attempt to look as stern and formal and impressive as possible. These electronic frontier- dwellers resemble groups of nineteenth-century pioneers hankering after the respectability of statehood. There are however, two crucial differences in the historical experience of these "pioneers" of the nineteeth and twenty-first centuries.
First, powerful information technology DOES play into the hands of small, fluid, loosely organized groups. There have always been "pioneers," "hobbyists," "amateurs," "dilettantes," "volunteers," "movements," "users' groups" and "blue-ribbon panels of experts" around. But a group of this kind--when technically equipped to ship huge amounts of specialized information, at lightning speed, to its members, to government, and to the press--is simply a different kind of animal. It's like the difference between an eel and an electric eel.
The second crucial change is that American society is currently in a state approaching permanent technological revolution. In the world of computers particularly, it is practically impossible to EVER stop being a "pioneer," unless you either drop dead or deliberately jump off the bus. The scene has never slowed down enough to become well-inst.i.tutionalized. And after twenty, thirty, forty years the "computer revolution" continues to spread, to permeate new corners of society. Anything that really works is already obsolete.
If you spend your entire working life as a "pioneer," the word "pioneer" begins to lose its meaning. Your way of life looks less and less like an introduction to something else" more stable and organized, and more and more like JUST THE WAY THINGS ARE. A "permanent revolution" is really a contradiction in terms. If "turmoil" lasts long enough, it simply becomes A NEW KIND OF SOCIETY--still the same game of history, but new players, new rules.
Apply this to the world of late twentieth-century law enforcement, and the implications are novel and puzzling indeed. Any bureaucratic rulebook you write about computer-crime will be flawed when you write it, and almost an antique by the time it sees print. The fluidity and fast reactions of the FCIC give them a great advantage in this regard, which explains their success. Even with the best will in the world (which it does not, in fact, possess) it is impossible for an organization the size of the U.S. Federal Bureau of Investigation to get up to speed on the theory and practice of computer crime. If they tried to train all their agents to do this, it would be SUICIDAL, as they would NEVER BE ABLE TO DO ANYTHING ELSE.
The FBI does try to train its agents in the basics of electronic crime, at their base in Quantico, Virginia. And the Secret Service, along with many other law enforcement groups, runs quite successful and well-attended training courses on wire fraud, business crime, and computer intrusion at the Federal Law Enforcement Training Center (FLETC, p.r.o.nounced "fletsy") in Glynco, Georgia. But the best efforts of these bureaucracies does not remove the absolute need for a "cutting-edge mess" like the FCIC.
For you see--the members of FCIC ARE the trainers of the rest of law enforcement. Practically and literally speaking, they are the Glynco computer-crime faculty by another name. If the FCIC went over a cliff on a bus, the U.S. law enforcement community would be rendered deaf dumb and blind in the world of computer crime, and would swiftly feel a desperate need to reinvent them. And this is no time to go starting from scratch.
On June 11, 1991, I once again arrived in Phoenix, Arizona, for the latest meeting of the Federal Computer Investigations Committee. This was more or less the twentieth meeting of this stellar group. The count was uncertain, since n.o.body could figure out whether to include the meetings of "the Colluquy," which is what the FCIC was called in the mid-1980s before it had even managed to obtain the dignity of its own acronym.
Since my last visit to Arizona, in May, the local AzScam bribery scandal had resolved itself in a general muddle of humiliation. The Phoenix chief of police, whose agents had videotaped nine state legislators up to no good, had resigned his office in a tussle with the Phoenix city council over the propriety of his undercover operations.
The Phoenix Chief could now join Gail Thackeray and eleven of her closest a.s.sociates in the shared experience of politically motivated unemployment. As of June, resignations were still continuing at the Arizona Attorney General's office, which could be interpreted as either a New Broom Sweeping Clean or a Night of the Long Knives Part II, depending on your point of
view.
The meeting of FCIC was held at the Scottsdale Hilton Resort. Scottsdale is a wealthy suburb of Phoenix, known as "Scottsdull" to scoffing local trendies, but well-equipped with posh shopping-malls and manicured lawns, while conspicuously undersupplied with homeless derelicts. The Scottsdale Hilton Resort was a sprawling hotel in postmodern crypto-Southwestern style. It featured a "mission bell tower" plated in turquoise tile and vaguely resembling a Saudi minaret.
Inside it was all barbarically striped Santa Fe Style decor. There was a health spa downstairs and a large oddly- shaped pool in the patio. A poolside umbrella-stand offered Ben and Jerry's politically correct Peace Pops.
I registerethey REALLY PAY ATTENTION, they are GRATEFUL FOR YOUR INSIGHTS, and they FORGIVE YOU, which in nine cases out of ten is something even your boss can't do, because as soon as you start talking "ROM," "BBS," or "T-1 trunk," his eyes glaze over.
I had nothing much to do that afternoon. The FCIC were beavering away in their conference room. Doors were firmly closed, windows too dark to peer through. I wondered what a real hacker, a computer intruder, would do at a meeting like this.
The answer came at once. He would "trash" the place. Not reduce the place to trash in some orgy of vandalism; that's not the use of the term in the hacker milieu. No, he would quietly EMPTY THE TRASH BASKETS and silently raid any valuable data indiscreetly thrown away.
Journalists have been known to do this. (Journalists hunting information have been known to do almost every single unethical thing that hackers have ever done. They also throw in a few awful techniques all their own.) The legality of 'trashing' is somewhat dubious but it is not in fact flagrantly illegal. It was, however, absurd to contemplate trashing the FCIC. These people knew all about trashing. I wouldn't last fifteen seconds.
The idea sounded interesting, though. I'd been hearing a lot about the practice lately. On the spur of the moment, I decided I would try trashing the office ACROSS THE HALL from the FCIC, an area which had nothing to do with the investigators.
The office was tiny; six chairs, a table.... Nevertheless, it was open, so I dug around in its plastic trash can.
To my utter astonishment, I came up with the torn sc.r.a.ps of a SPRINT long-distance phone bill. More digging produced a bank statement and the sc.r.a.ps of a hand-written letter, along with gum, cigarette ashes, candy wrappers and a day-old-issue of USA TODAY.
The trash went back in its receptacle while the sc.r.a.ps of data went into my travel bag. I detoured through the hotel souvenir shop for some Scotch tape and went up to my room.
Coincidence or not, it was quite true. Some poor soul had, in fact, thrown a SPRINT bill into the hotel's trash. Date May 1991, total amount due: $252.36. Not a business phone, either, but a residential bill, in the name of someone called Evelyn (not her real name). Evelyn's records showed a ## PAST DUE BILL ##! Here was her nine-digit account ID. Here was a stern computer-printed warning: "TREAT YOUR FONCARD AS YOU WOULD ANY CREDIT CARD. TO SECURE AGAINST FRAUD, NEVER GIVE YOUR FONCARD NUMBER OVER THE PHONE UNLESS YOU INITIATED THE CALL. IF YOU RECEIVE SUSPICIOUS CALLS PLEASE NOTIFY CUSTOMER SERVICE IMMEDIATELY!"
I examined my watch. Still plenty of time left for the FCIC to carry on. I sorted out the sc.r.a.ps of Evelyn's SPRINT bill and re-a.s.sembled them with fresh Scotch tape. Here was her ten-digit FONCARD number. Didn't seem to have the ID number necessary to cause real fraud trouble.
I did, however, have Evelyn's home phone number. And the phone numbers for a whole crowd of Evelyn's long-distance friends and acquaintances. In San Diego, Folsom, Redondo, Las Vegas, La Jolla, Topeka, and Northampton Ma.s.sachusetts. Even somebody in Australia!
I examined other doc.u.ments. Here was a bank statement. It was Evelyn's IRA account down at a bank in San Mateo, California (total balance $1877.20). Here was a charge-card bill for $382.64. She was paying it off bit by bit.
Driven by motives that were completely unethical and prurient, I now examined the handwritten notes. They had been torn fairly thoroughly, so much so that it took me almost an entire five minutes to rea.s.semble them.
They were drafts of a love letter. They had been written on the lined stationery of Evelyn's employer, a biomedical company. Probably written at work when she should have been doing something else.
"Dear Bob," (not his real name) "I guess in everyone's life there comes a time when hard decisions have to be made, and this is a difficult one for me--very upsetting. Since you haven't called me, and I don't understand why, I can only surmise it's because you don't want to. I thought I would have heard from you Friday. I did have a few unusual problems with my phone and possibly you tried, I hope so.
"Robert, you asked me to 'let go'..."
The first note ended. UNUSUAL PROBLEMS WITH HER PHONE? I looked swiftly at the next note.
"Bob, not hearing from you for the whole weekend has left me very perplexed..."
Next draft.
"Dear Bob, there is so much I don't understand right now, and I wish I did. I wish I could talk to you, but for some unknown reason you have elected not to call--this is so difficult for me to understand..."
She tried again.
"Bob, Since I have always held you in such high esteem, I had every hope that we could remain good friends, but now one essential ingredient is missing--respect. Your ability to discard people when their purpose is served is appalling to me. The kindest thing you could do for me now is to leave me alone. You are no longer welcome in my heart or home..."
Try again.
"Bob, I wrote a very factual note to you to say how much respect I had lost for you, by the way you treat people, me in particular, so uncaring and cold. The kindest thing you can do for me is to leave me alone entirely, as you are no longer welcome in my heart or home. I would appreciate it if you could retire your debt to me as soon as possible--I wish no link to you in any way. Sincerely, Evelyn."
Good heavens, I thought, the b.a.s.t.a.r.d actually owes her money! I turned to the next page.
"Bob: very simple. GOODBYE! No more mind games--no more fascination--no more coldness--no more respect for you! It's over--Finis. Evie"
There were two versions of the final brushoff letter, but they read about the same. Maybe she hadn't sent it. The final item in my illicit and shameful booty was an envelope addressed to "Bob" at his home address, but it had no stamp on it and it hadn't been mailed.
Maybe she'd just been blowing off steam because her rascal boyfriend had neglected to call her one weekend. Big deal. Maybe they'd kissed and made up, maybe she and Bob were down at Pop's Chocolate Shop now, sharing a malted. Sure.
Easy to find out. All I had to do was call Evelyn up. With a half-clever story and enough bra.s.s-plated gall I could probably trick the truth out of her. Phone-phreaks and hackers deceive people over the phone all the time. It's called "social engineering." Social engineering is a very common practice in the underground, and almost magically effective. Human beings are almost always the weakest link in computer security. The simplest way to learn Things You Are Not Meant To Know is simply to call up and exploit the knowledgeable people. With social engineering, you use the bits of specialized knowledge you already have as a key, to manipulate people into believing that you are legitimate. You can then coax, flatter, or frighten them into revealing almost anything you want to know. Deceiving people (especially over the phone) is easy and fun. Exploiting their gullibility is very gratifying; it makes you feel very superior to them.
If I'd been a malicious hacker on a trashing raid, I would now have Evelyn very much in my power. Given all this inside data, it wouldn't take much effort at all to invent a convincing lie. If I were ruthless enough, and jaded enough, and clever enough, this momentary indiscretion of hers--maybe committed in tears, who knows--could cause her a whole world of confusion and grief.
I didn't even have to have a MALICIOUS motive. Maybe I'd be "on her side," and call up Bob instead, and anonymously threaten to break both his kneecaps if he didn't take Evelyn out for a steak dinner p.r.o.nto. It was still profoundly NONE OF MY BUSINESS. To have gotten this knowledge at all was a sordid act and to use it would be to inflict a sordid injury.
To do all these awful things would require exactly zero high-tech expertise. All it would take was the willingness to do it and a certain amount of bent imagination.
I went back downstairs. The hard-working FCIC, who had labored forty-five minutes over their schedule, were through for the day, and adjourned to the hotel bar. We all had a beer.
I had a chat with a guy about "Isis," or rather IACIS, the International a.s.sociation of Computer Investigation Specialists. They're into "computer forensics," the techniques of picking computer-systems apart without destroying vital evidence. IACIS, currently run out of Oregon, is comprised of investigators in the U.S., Canada, Taiwan and Ireland. "Taiwan and Ireland?" I said. Are TAIWAN and IRELAND really in the forefront of this stuff? Well not exactly, my informant admitted. They just happen to have been the first ones to have caught on by word of mouth. Still, the international angle counts, because this is obviously an international problem. Phone-lines go everywhere.
There was a Mountie here from the Royal Canadian Mounted Police. He seemed to be having quite a good time. n.o.body had flung this Canadian out because he might pose a foreign security risk. These are cybers.p.a.ce cops. They still worry a lot about "jurisdictions," but mere geography is the least of their troubles.
NASA had failed to show. NASA suffers a lot from computer intrusions, in particular from Australian raiders and a well-trumpeted Chaos Computer Club case, and in 1990 there was a brief press flurry when it was revealed that one of NASA's Houston branch-exchanges had been systematically ripped off by a gang of phone-phreaks. But the NASA guys had had their funding cut. They were stripping everything.
Air Force OSI, its Office of Special Investigations, is the ONLY federal ent.i.ty dedicated full-time to computer security. They'd been expected to show up in force, but some of them had cancelled--a Pentagon budget pinch.
As the empties piled up, the guys began joshing around and telling war-stories. "These are cops," Thackeray said tolerantly. "If they're not talking shop they talk about women and beer."
I heard the story about the guy who, asked for "a copy" of a computer disk, PHOTOCOPIED THE LABEL ON IT. He put the floppy disk onto the gla.s.s plate of a photocopier. The blast of static when the copier worked completely erased all the real information on the disk.
Some other poor souls threw a whole bag of confiscated diskettes into the squad-car trunk next to the police radio. The powerful radio signal blasted them, too.
We heard a bit about Dave Geneson, the first computer prosecutor, a mainframe-runner in Dade County, turned lawyer. Dave Geneson was one guy who had hit the ground running, a signal virtue in making the transition to computer-crime. It was generally agreed that it was easier to learn the world of computers first, then police or prosecutorial work. You could take certain computer people and train 'em to successful police work--but of course they had to have the COP MENTALITY. They had to have street smarts. Patience. Persistence. And discretion. You've got to make sure they're not hot-shots, show-offs, "cowboys."
Most of the folks in the bar had backgrounds in military intelligence, or drugs, or homicide. It was rudely opined that "military intelligence" was a contradiction in terms, while even the grisly world of homicide was considered cleaner than drug enforcement. One guy had been 'way undercover doing dope-work in Europe for four years straight. "I'm almost recovered now," he said deadpan, with the acid black humor that is pure cop. "Hey, now I can say f.u.c.kER without putting MOTHER in front of it."
"In the cop world," another guy said earnestly, "everything is good and bad, black and white. In the computer world everything is gray."
One guy--a founder of the FCIC, who'd been with the group since it was just the Colluquy--described his own introduction to the field. He'd been a Washington DC homicide guy called in on a "hacker" case. From the word "hacker," he naturally a.s.sumed he was on the trail of a knife-wielding marauder, and went to the computer center expecting blood and a body. When he finally figured out what was happening there (after loudly demanding, in vain, that the programmers "speak English"), he called headquarters and told them he was clueless about computers. They told him n.o.body else knew diddly either, and to get the h.e.l.l back to work.
So, he said, he had proceeded by comparisons. By a.n.a.logy. By metaphor. "Somebody broke in to your computer, huh?" Breaking and entering; I can understand that. How'd he get in? "Over the phone-lines." Hara.s.sing phone-calls, I can understand that! What we need here is a tap and a trace!
It worked. It was better than nothing. And it worked a lot faster when he got hold of another cop who'd done something similar. And then the two of them got another, and another, and pretty soon the Colluquy was a happening thing. It helped a lot that everybody seemed to know Carlton Fitzpatrick, the data- processing trainer in Glynco.
The ice broke big-time in Memphis in '86. The Colluquy had attracted a bunch of new guys--Secret Service, FBI, military, other feds, heavy guys. n.o.body wanted to tell anybody anything. They suspected that if word got back to the home office they'd all be fired. They pa.s.sed an uncomfortably guarded afternoon.
The formalities got them nowhere. But after the formal session was over, the organizers brought in a case of beer. As soon as the partic.i.p.ants knocked it off with the bureaucratic ranks and turf-fighting, everything changed. "I bared my soul," one veteran reminisced proudly. By nightfall they were building pyramids of empty beer-cans and doing everything but composing a team fight song.
FCIC were not the only computer-crime people around. There was DATTA (District Attorneys' Technology Theft a.s.sociation), though they mostly specialized in chip theft, intellectual property, and black-market cases. There was HTCIA (High Tech Computer Investigators a.s.sociation), also out in Silicon Valley, a year older than FCIC and featuring brilliant people like Donald Ingraham. There was LEETAC (Law Enforcement Electronic Technology a.s.sistance Committee) in Florida, and computer-crime units in Illinois and Maryland and Texas and Ohio and Colorado and Pennsylvania. But these were local groups. FCIC were the first to really network nationally and on a federal level.
FCIC people live on the phone lines. Not on bulletin board systems--they know very well what boards are, and they know that boards aren't secure. Everyone in the FCIC has a voice- phone bill like you wouldn't believe. FCIC people have been tight with the telco people for a long time. Telephone cybers.p.a.ce is their native habitat.
FCIC has three basic sub-tribes: the trainers, the security people, and the investigators. That's why it's called an "Investigations Committee" with no mention of the term "computer-crime"--the dreaded "C-word." FCIC, officially, is "an a.s.sociation of agencies rather than individuals;" unofficially, this field is small enough that the influence of individuals and individual expertise is paramount. Attendance is by invitation only, and most everyone in FCIC considers himself a prophet without honor in his own house.
Again and again I heard this, with different terms but identical sentiments. "I'd been sitting in the wilderness talking to myself." "I was totally isolated." "I was desperate." "FCIC is the best thing there is about computer crime in America." "FCIC is what really works." "This is where you hear real people telling you what's really happening out there, not just lawyers picking nits." "We taught each other everything we knew."
The sincerity of these statements convinces me that this is true. FCIC is the real thing and it is invaluable. It's also very sharply at odds with the rest of the traditions and power structure in American law enforcement. There probably hasn't been anything around as loose and go-getting as the FCIC since the start of the U.S. Secret Service in the 1860s. FCIC people are living like twenty-first-century people in a twentieth- century environment, and while there's a great deal to be said for that, there's also a great deal to be said against it, and those against it happen to control the budgets.
I listened to two FCIC guys from Jersey compare life histories. One of them had been a biker in a fairly heavy-duty gang in the 1960s. "Oh, did you know so-and-so?" said the other guy from Jersey. "Big guy, heavyset?"
"Yeah, I knew him."
"Yeah, he was one of ours. He was our plant in the gang."
"Really? Wow! Yeah, I knew him. h.e.l.luva guy."
Thackeray reminisced at length about being tear-ga.s.sed blind in the November 1969 antiwar protests in Washington Circle, covering them for her college paper. "Oh yeah, I was there," said another cop. "Glad to hear that tear gas. .h.i.t somethin'. Haw haw haw." He'd been so blind himself, he confessed, that later that day he'd arrested a small tree.
FCIC are an odd group, sifted out by coincidence and necessity, and turned into a new kind of cop. There are a lot of specialized cops in the world--your bunco guys, your drug guys, your tax guys, but the only group that matches FCIC for sheer isolation are probably the child-p.o.r.nography people. Because they both deal with conspirators who are desperate to exchange forbidden data and also desperate to hide; and because n.o.body else in law enforcement even wants to hear about it.
FCIC people tend to change jobs a lot. They tend not to get the equipment and training they want and need. And they tend to get sued quite often.
As the night wore on and a band set up in the bar, the talk grew darker. Nothing ever gets done in government, someone opined, until there's a DISASTER. Computing disasters are awful, but there's no denying that they greatly help the credibility of FCIC people. The Internet Worm, for instance. "For years we'd been warning about that--but it's nothing compared to what's coming." They expect horrors, these people. They know that nothing will really get done until there is a horror.
Next day we heard an extensive briefing from a guy who'd been a computer cop, gotten into hot water with an Arizona city council, and now installed computer networks for a living (at a considerable rise in pay). He talked about pulling fiber-optic networks apart.
Even a single computer, with enough peripherals, is a literal "network"--a bunch of machines all cabled together, generally with a complexity that puts stereo units to shame. FCIC people invent and publicize methods of seizing computers and maintaining their evidence. Simple things, sometimes, but vital rules of thumb for street cops, who nowadays often stumble across a busy computer in the midst of a drug investigation or a white-collar bust. For instance: Photograph the system before you touch it. Label the ends of all the cables before you detach anything. "Park" the heads on the disk drives before you move them. Get the diskettes. Don't put the diskettes in magnetic fields. Don't write on diskettes with ballpoint pens. Get the manuals. Get the printouts. Get the handwritten notes. Copy data before you look at it, and then examine the copy instead of the original.
Now our lecturer distributed copied diagrams of a typical LAN or "Local Area Network", which happened to be out of Connecticut. ONE HUNDRED AND FIFTY-NINE desktop computers, each with its own peripherals. Three "file servers." Five "star couplers" each with thirty-two ports. One sixteen-port coupler off in the corner office. All these machines talking to each other, distributing electronic mail, distributing software, distributing, quite possibly, criminal evidence. All linked by high-capacity fiber-optic cable. A bad guy--cops talk a lot about "bad guys"--might be lurking on PC #47 or #123 and distributing his ill doings onto some dupe's "personal" machine in another office--or another floor--or, quite possibly, two or three miles away! Or, conceivably, the evidence might be "data- striped"--split up into meaningless slivers stored, one by one, on a whole crowd of different disk drives.
The lecturer challenged us for solutions. I for one was utterly clueless. As far as I could figure, the Cossacks were at the gate; there were probably more disks in this single building than were seized during the entirety of Operation Sundevil.
"Inside informant," somebody said. Right. There's always the human angle, something easy to forget when contemplating the arcane recesses of high technology. Cops are skilled at getting people to talk, and computer people, given a chair and some sustained attention, will talk about their computers till their throats go raw. There's a case on record of a single question--"How'd you do it?"--eliciting a forty-five- minute videotaped confession from a computer criminal who not only completely incriminated himself but drew helpful diagrams.
Computer people talk. Hackers BRAG. Phone-phreaks talk PATHOLOGICALLY--why else are they stealing phone-codes, if not to natter for ten hours straight to their friends on an opposite seaboard? Computer-literate people do in fact possess an a.r.s.enal of nifty gadgets and techniques that would allow them to conceal all kinds of exotic skullduggery, and if they could only SHUT UP about it, they could probably get away with all manner of amazing information-crimes. But that's just not how it works--or at least, that's not how it's worked SO FAR.
Most every phone-phreak ever busted has swiftly implicated his mentors, his disciples, and his friends. Most every white-collar computer-criminal, smugly convinced that his clever scheme is bulletproof, swiftly learns otherwise when, for the first time in his life, an actual no-kidding policeman leans over, grabs the front of his shirt, looks him right in the eye and says: "All right, a.s.sHOLE--you and me are going downtown!" All the hardware in the world will not insulate your nerves from these actual real-life sensations of terror and guilt.
Cops know ways to get from point A to point Z without thumbing through every letter in some smart-a.s.s bad-guy's alphabet. Cops know how to cut to the chase. Cops know a lot of things other people don't know.
Hackers know a lot of things other people don't know, too. Hackers know, for instance, how to sneak into your computer through the phone-lines. But cops can show up RIGHT UP YOUR DOORSTEP and carry off YOU and your computer in separate steel boxes. A cop interested in hackers can grab them and grill them. A hacker interested in cops has to depend on hearsay, underground legends, and what cops are willing to publicly reveal. And the Secret Service didn't get named "the SECRET Service" because they blab a lot.
Some people, our lecturer informed us, were under the mistaken impression that it was "impossible" to tap a fiber-optic line. Well, he announced, he and his son had just whipped up a fiber-optic tap in his workshop at home. He pa.s.sed it around the audience, along with a circuit-covered LAN plug-in card so we'd all recognize one if we saw it on a case. We all had a look.
The tap was a cla.s.sic "Goofy Prototype"--a thumb-length rounded metal cylinder with a pair of plastic brackets on it. From one end dangled three thin black cables, each of which ended in a tiny black plastic cap. When you plucked the safety-cap off the end of a cable, you could see the gla.s.s fiber--no thicker than a pinhole.