The Bug! Magazine interviews: Phiber Optik
Number 0x02: 15/02/2007
[ --- The Bug! Magazine
_____ _ ___ _
/__ \ |__ ___ / __\_ _ __ _ / \
/ /\/ '_ \ / _ \ /__\// | | |/ _` |/ /
/ / | | | | __/ / \/ \ |_| | (_| /\_/
\/ |_| |_|\___| \_____/\__,_|\__, \/
|___/
[ M . A . G . A . Z . I . N . E ]
[ Numero 0x02 <---> Edicao 0x01 <---> Artigo 0x01 ]
.> 14 de Fevereiro de 2007,
.> The Bug! Magazine < staff [at] thebugmagazine [dot] org >
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The Bug! Magazine entrevista: Phiber Optik
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
.> 12 de Fevereiro de 2007,
.> The Bug! Magazine < staff [at] thebugmagazine [dot] org >
Once again the magazine comes with a heavy interviewee. If in the first issue we interviewed tbob, from the current underground hacker scene, this time we had the pleasure of interviewing an old international hacker, the legendary Phiber Optik, one of the most famous of all time, which makes us wonder what were we thinking when we came to consider interviewing Derneval Cunha for one of our issues.
We would like to send a sincere "thank you" to Phiber for collaborating with our magazine and showing his point of view on some subjects.
The Bug!: How and when your interest in phreaking and hacking started and when you had your first contact with the scene?
Phiber Optik: Well, my earliest experiences were back when I was originally looking for people with the same computer as me, to trade ideas about programming. I discovered BBSes, and found people discussing things like trading passwords. At that time, the passwords were mostly accounts to timesharing systems at their schools. I was always interested in telephones and how they worked, even before I had a computer. On those BBSes, I found text files that "underground" people had written, about phreaking, blueboxing, that sort of thing.
TB!: But, like, how could you afford all those phone bills?
Phiber: At first I called local BBSes, then from there I discovered ones further away, even in other states. To avoid huge bills, I found out about calling cards, but even in the beginning I couldn't use them because we only had rotary-dial phones. So I got a touch-tone phone a while later.
It's funny thinking about all the long distance, since now, in the US, long distance is included with your service, practically free. Back then, it was super expensive, so you had to find ways to communicate with people and BBSes and systems far away.
TB!: How do you think computer security industry and the hacker community have changed since Masters of Deception and the golden ages of hacking?
Phiber: Well, remember, when we were kids there was NO computer security industry. The only organized computer security was done internally by the government, mostly military. There was no corporate security industry, at all. It was common to find server on dialup with no passwords at all, and default login names.
About the changes on the hacker scene There is no comparison. We lived in a time when, at least at first, hacking was legal. When it became illegal, most people never got caught, because it was never really investigated unless hacking was used to commit real crimes, then the FBI got involved.
But we never had anything to do with people like that. Remember, hacking was legal until 1986 in the U.S. Kids living today will never know what that's like. Being able to hack into anything you could imagine, and no one would bother you about it. You could challenge yourself everyday with something more interesting.
Also, remember this: back then, we had SIMPLE computers connected to our TV sets. No windows, no mouse, nothing like that. When we found these big powerful machines to get access to, we wanted to learn Unix, and all the amazing operating systems that no longer exist. It was completely impossible to, for example, run a Unix server in your house. This was insane to even imagine. It was a different world from today. Today, kids can easily do all these things without any risk at all. Back then, we had to take ENORMOUS personal risk if we wanted to learn how to use these systems.
TB!: And how do you see hacking in 10 or 20 years? Can you predict something?
Phiber: If you mean underground hacking, I can see it completely disappearing. The U.S. government right now considers hacking to be terrorism. The government is out of control, and as long as hacking can be prosecuted as terrorism, I can see how people would no longer want to take such a tremendous risk.
TB!: But don't you agree while there is technology there will be hackers?
Phiber: Sure, but it will only be people experimenting with their own hardware, not trying to get into someone else's. And even then, the government here has tried several times to make it illegal to reverse engineer a product, even one that YOU OWN. If they win, it would be illegal to figure out how certain products work, even if you own them. They're insane.
TB!: Thank God we don't have these laws in Brazil :)
Phiber: You will, if it starts to happen and huge corporations complain to the government about it. Just like Telefonica blocking access to YouTube. If they can do that there, they're capable of doing anything. You've just been mostly lucky so far. The government here is a lot more paranoid about technology.
TB!: The hacker scene is reverting back toward to non-disclosure. What do you think about it?
Phiber: There's plenty of places where people discuss vulnerabilities. Sites, mailing lists, etc. I don't see any change. There are less people posting exploits, yes. But that's probably a good thing. If you can't exploit something even with a FULL DESCRIPTION of how the vulnerability works, then you're an idiot anyway. Still though, the majority of people who use exploits are troublemakers and not security people.
TB!: In your opinion, why the phreak scene had shrunk in the last fifteen years? Aren't technology enthusiasts interested in telephones anymore?
Phiber: People just aren't interested anymore. And the ones that are, just run their own PBX at home, like Asterisk.
Again, today kids can run their own equipment at home, most of them don't think there's any reason to risk breaking into someone else's switching system. In the old days, we didn't have these options.
TB!: Come on, you gotta confess it is nice to own someone else's switching system :)
Phiber: We got into more switching systems in more phone companies than anyone ever had, and probably anyone ever will. But we did it to learn about how the telephone network functioned.
Today, a kid can run his own VoIP switch at home, even start his own phone company if he was motivated. It's a different world.
TB!: Everybody knows VoIP environments have been targeted for a couple of years. In your opinion is VoIP exploitation the future trend of phreaking?
Phiber: Yes, there's definitely a huge area for exploration there. Already there have been a few cases of criminal fraud, at least one very large one. A guy was "reselling" stolen VoIP minutes. Since the long distance time was stolen, he was making 100% profit. But he was really stupid, buying big expensive cars, and spending all his illegal profit without even caring to hide it.
A really stupid criminal. It was in the news early last year I believe. Many VoIP companies have HORRIBLE security, just like any other company. In many cases even worse.
TB!: How do you feel hacking has the ability to effect upon your personality and everyday life? By the way, what are you up to these days?
Phiber: Well, it affects my everyday life because I'm paid as a security professional. It's my job.
TB!: Could you share with us a few memorable experiences you had with hacking/phreaking?
Phiber: Probably some of the most fun I had, I can remember was when I was blueboxing in the mid-80's. I had built a bluebox on a breadboard and wired it directly into my phone's mouthpiece.
I spent hours everyday calling all over the country looking for trunklines I could explore, using the map of area codes in the front of the phone book as a guide.
I even got some other people interested in doing it. Many people, even back then, thought that it wasn't possible to bluebox anymore, simply because most people just stopped talking about it. That was so strange.
TB!: We both know hackers and the media have been enemies for ages. So what is your opinion about journalists like John Markoff and the book Joshua Quittner and Michelle Slatalla wrote about Masters of Deception?
Phiber: Honestly, I could care less about Markoff. He's irresponsible and selfserving. Actually, I made so many friends with journalists back then. While I did get some negative publicity, I also got a lot of positive press also. When I was indicted, the government called a huge press conference, at a federal building. Journalists from all over the city were invited. The night before, I was giving a lecture about telecom history at a Manhattan college. A friend from NBC interviewed me, and told me that all the major journalists had been contacted that day that a major hacker indictment would be happening tomorrow. so, I called all my friends. We actually knew about our own indictment before anyone else, because they government told the media and the media told me. But the government underestimated my relationship with the media. Many media people came over to me, apologizing, wishing me well. They honestly felt bad about all this trouble. The government were real assholes, I remember. Many of the media people who I became friends with before the indictment didn't believe what the government was saying. It was all exaggeration and bullshit.
A few of us spent a lot of time telling Josh stories about things we did. Some of those stories are told in the book. But I think the events themselves were over-simplified, and he ended up telling it in such a way as to sell more books.
The government and the negative media was calling it a "hacker war". So he made it sound like there was a hacker war in the book. Because the notion was popular in the simple minds of the media. If THAT was a hacker war, then hacker wars happen just about every 5 minutes in the underground. Young people always get into bitter arguments with each other, whether it's online or in the street. This was no exception. Making it look like a hacker gang war was ridiculous and irresponsible.
The government underestimated my relationship with the media. Many media people came over to me, apologizing, wishing me well. They honestly felt bad about all this trouble. The government were real assholes, I remember. Many of the media people who I became friends with before the indictment didn't believe what the government was saying. It was all exaggeration and bullshit.
TB!: Do you still have any kind of relationship with former members of MOD?
Phiber: I'm still in contact with John and Eli, from time to time.
TB!: Do you have any proof that Erik Bloodaxe had narced on MOD and other hackers?
Phiber: Proof? He publicly admitted it on more than one occasion. It's public knowledge, no mystery. He later publicly apologized that I was included, when I realized that I had very little to do with his so-called "harassment". I still went to prison for a year, and he still contributed to helping the feds put me there.
TB!: Do you agree that most countries need computer crime reform in order to differentiate between 'criminal' hacking and 'exploration' hacking?
Phiber: Holland used to be this way. There used to be lots of countries that believed hacking was ok if it was to demonstrate. Holland, Germany, places like that. That's mostly changed today, of course. Then you have places like the U.S., where ALL online hacking, whether exploratory or not, is considered highly illegal. The only reform needed is to stop the government from being able to treat hackers as terrorists. Young people are naturally curious, they shouldn't ever be punished for it. Any parent can tell the difference between curiosity and crime. The government doesn't care about the difference, because their power comes from fear.
TB!: This one is off-topic: When the movie "The Urchin" will finally be released?
Phiber: It's already released, technically. It's supposed to be shown at a theatre in Manhattan soon, a small theatre. Also, I was told that they're trying to do a deal to get it shown on cable tv. It was released on DVD but I don't know if it's for sale yet.
TB!: This one isn't a question: You're invited to come to visit Brazil again. We're going to make another Phiberfest drinking Pitu!
Phiber: Sounds great, except for the Pitu! Horrible stuff! Let's make a deal, I'll come visit, but I'm in charge of buying the cachaca, ok?
TB!: And to finish, what would you say to a young kid interested in becoming a hacker?
Phiber: I would tell them to find whatever aspect of technology they're good at, and stick with it, no matter what other people say. Most important, always study the evolution of technology, not just the successes, but also the failures.
We don't need any more people making the same mistakes as previous generations of people. There's enough history in terms of technology for people to learn from, and make things better.