| 籍貫: | 美國加州的洛杉磯 | ||
閱讀凱文·米特尼剋 Kevin Mitnick在百家争鸣的作品!!! | |||
凯文·米特尼克
凯文·米特尼克第一次接觸計算機: 在他十幾歲的時候,米特尼剋還買不起自己的計算機,他衹能賴在一傢賣無綫電的小商店裏,用那裏的樣品及調製解調器來撥號到其它計算機。
自己獨特的工具:在潛逃的三年裏面,米特尼剋主要靠活聯網中繼聊天工具(IRC)來發佈消息以及同朋友聯繫。
鮮為人知的事實:米特尼剋曾被判到社區治療中心治療一年,在這段時間為了戒掉自己的計算機癮,他曾經登記參加了一項專為各種癮君子準備的12步計劃。
凱文·米特尼剋 - 經歷
天賦英才
米特尼剋3歲時,其父母離異,這段經歷,令小米特尼剋的性格變得孤僻。70年代末,13歲的米特尼剋(當時他還在上小學)喜歡上了業餘無綫電活動,在與世界各地無綫電愛好者聯絡時,他領略到了跨越空間的樂趣。他很快對社區”小學生俱樂部“裏唯一的一臺電腦着了迷,並因此掌握了豐富的計算機知識和高超的操作技能。這個被老師們一致認為聰明,有培養前途的孩子,卻幹了一件令大人們震驚的事:他用學校的計算機闖入了其他學校的網絡。從此,小米特尼剋離開了學校。
入侵的成功,令米特尼剋興奮不已。他用打工賺的錢購買了一臺當時性能不錯的計算機,並以遠遠超出其年齡的耐心和毅力,闖入了神秘的黑客世界。15歲時,米特尼剋成功入侵了“北美空中防務指揮係統”的主機。這次入侵,成為黑客歷史上的一次經典之作。
入侵“北美空中防務指揮係統”不久,米特尼剋又成功破譯美國“太平洋電話公司“在南加利福尼亞洲通訊網絡的“改戶密碼”。少年頑皮的天性,令他隨意更改這傢公司的電腦用戶,特別是知名人士的電話號碼和通訊地址。一時間,用戶們被折騰得哭笑不得,太平洋公司也不得不連連道歉。公司終於發現這不是電腦出了故障,而是有人破譯了密碼,但他們修改密碼的補救措施在米特尼剋面前已是雕蟲小技了。
首次被捕
連續的成功案例,令米特尼剋信心大增。他將目標鎖定到了美國聯邦調查局(FBI)的電腦網絡上。一天,米特尼剋發現FBI的特工們正調查一名電腦黑客,便饒有興趣地偷閱特工們的調查資料,看着看着突然大吃一驚:被調查者竟然是他自己!米特尼剋立即施展渾身解數,破譯了聯邦調查局的“中央電腦係統”密碼,每天認真查閱“案情進展情況的報告”。不久,米特尼剋就對特工們不屑一顧了,他開始嘲笑這些特工人員,對幾個負責調查的特工不屑一顧,並惡作劇地將他們的資料改成十足的罪犯。不過,憑藉先進的“電腦網絡信息跟蹤機”,特工人員還是將米特尼剋捕獲了。當特工們發現這名弄得他們狼狽不堪的黑客竟是一名不滿16歲的孩子時,無不驚愕萬分。 由於當時網絡犯罪還是很新鮮的事,法律上鮮有先例,法院衹將米特尼剋送進了少年犯管教所。他成了世界上第一個“電腦網絡少年犯”。
被FBI通緝
很快,米特尼剋就被假釋了。不過,他並未收手,1983年,因非法通過ARPA網進入五角大樓的電腦網絡而被判在青年管教所6個月。1988年因為入侵數字設備公司DEC再度被捕。1990年,他把目光投嚮了一些信譽不錯的大公司。在很短的時間裏,他連續進入了美國5傢大公司(Sun、Novell、NEC、Nokia和Motorola)的網絡,修改計算機中的用戶資料。正當警方準備再度將其逮捕時,米特尼剋卻忽然消失,過起了流亡的地下生活。
為盡快將起捉拿歸案,1993年,聯邦調查局設下圈套,利用一名被收買的黑客,誘使米特尼剋犯案,以圖再次把他捕獲。米特尼剋在不知內幕的情況下又一次入侵一傢電話網,FBI在慶幸他們設局成功時,米特尼剋卻再次輕鬆進入FBI的內部網並很快快識破他們的圈套而逃之夭夭。為此,美國聯邦調查局立即在全國範圍發出了對他的通緝令。米特尼剋因此成為第一個被美國FBI通緝的計算機黑客而引起世人關註。 1994年7月,米特尼剋被《時代》雜志選為封面人物。媒體稱其為無所不能,可以隨時發動電腦戰爭的超人。此時他已被列入FBI十大通緝犯的行列。
滑鐵盧
1994年12月25日,消失的米特尼剋再次出手,這次他的目標是聖迭戈超級計算機中心。因為這次攻擊,米特尼剋獲得了“地獄黑客”的稱號。也因為這次攻擊,米特尼剋激怒了一位著名的計算機安全專傢----下村勉,從而導致了他一生中最大的滑鐵盧。 下村勉是一位日籍計算機專傢,當時他負責聖迭戈超級計算機中心計算機數據的安全。米特尼剋的入侵行為使他非常震怒,為輓回自己的損失和教訓米特尼剋,下村勉這位計算機高手决定利用自己精湛的安全技術幫FBI將米特尼剋繩之以法。
這是一場高手之間的較量,一場沒有刀光劍影的超智商的較量。下村勉經過潛心追蹤終於在1995年2月14日發現了米特尼剋的蹤跡,並利用激將法引米特尼剋上當而將其緝獲。在法庭上,米特尼剋對這位尊敬的科學家表現出了由衷的欽佩。因這次行動,下村勉被美國媒體稱為美國最出色的電腦安全專傢。
聯邦法院以25宗非法竊取電話密碼、盜用他人信用證號碼和闖入他人網絡的罪名起訴米特尼剋,而且未經審判就將米特尼剋關押了4年半。這段時間,米特尼剋一直被關押在監獄裏而不得保釋,這是美國司法史上對一名高智商罪犯所采取的最嚴厲的措施。
不過監獄鎖得住人,卻鎖不住技術。米特尼剋不知從哪兒弄來了一臺AM/FM收音機,將其改造後居然能竊聽監獄管理人員的談話......監獄不得不在1997年將他單獨關押在一間牢房內。
保釋
米特尼剋的入獄,不僅沒有讓這個不安全的網絡變得安全,反而讓一群技術高超的計算機黑客結成了一個聯盟。1997年12月8日,世界各地支持米特尼剋的黑客們要求 美國政府釋放米特尼剋。他們宣稱,如果要求得不到滿足,他們將啓動已經通過網絡置入世界許多電腦中的病毒。令網絡瞬間癱瘓。如果米特尼剋獲釋,他們將提供病毒的破解法。黑客們甚至專門建立了一個叫“釋放米特尼剋”的網站(www.kevinmitnick.com),為他的出獄作倒計時。
2001年1月,米特尼剋在承認自己曾犯有電話竊聽和利用計算機欺詐、非法竊取計算機網絡資料的罪行後,獲得了監視性的釋放。起獲釋放後必須遵守:不準觸摸計算機、手機以及其他任何可以上網的裝置;必須呆在加州中部,不準到其他地方旅行;至少在7年時間裏不準談論黑客技術,不能講述從黑客經歷中獲得的任何好處。
米特尼剋出獄後,正逢2000年地球黑客(簡稱H2K)大會召開,儘管他本人並沒能親臨大會現場,但他仍然在洛杉磯發表了電話講話,無數的黑客和激進分子將兩間會議廳擠得水泄不通。
政府官員在越來越嚴重的網絡安全面前,不得不請出米特尼剋,希望他提供黑客攻擊電腦網絡的內幕信息,以提高政府電腦網絡的抗黑客攻擊能力。 現在米特尼剋已經嚮政府保證改邪歸正,不過他的傳奇經歷,已令他成為訖今為止黑客史上最出色的計算機高手。正如一位辦案人員在評價米特尼剋時所說的:電腦與他的靈魂之間似乎有一條臍帶相連。這就是為什麽衹要他在計算機面前,他就會成為巨人的原因。
凱文·米特尼剋 - 主要成就
他是第一個在美國聯邦調查局“懸賞捉拿”海報上露面的黑客。他由於衹有十幾歲,但卻網絡犯罪行為不斷,所以他被人稱為是“迷失在網絡世界的小男孩”。
2002年,對於曾經臭名昭著的計算機黑客凱文·米特尼剋來說,聖誕節提前來到了。這一年,的確是Kevin Mitnick快樂的一年。不但是獲得了徹底的自由(從此可以自由上網,不能上網對於黑客來說,就是另一種監獄生活)。而且,他還推出了一本剛剛完成的暢銷書《欺騙的藝術》(The Art of Deception: Controlling the Human Element of Security)。此書大獲成功,成為Kevin Mitnick重新引起人們關註的第一炮。
凱文·米特尼剋 - 評價
稱號:“電腦神童”“頭號電腦黑客”
曾有“電腦恐怖分子”之稱
在所有的黑客中,凱文·米特尼剋是最具傳奇色彩的人物。好萊塢甚至將他搬上了銀幕。在他15歲的時候,僅憑一臺電腦和一部調製解調器就闖入了北美空中防務指揮部的計算機係統主機。美國聯邦調查局將他列為頭號通緝犯,並為他傷透了腦筋。可以說,米特尼剋是真正的少年黑客第一戶。
凱文·米特尼剋 - 語錄
巡遊五角大樓,登錄剋裏姆林宮,進出全球所有計算機係統,摧垮全球金融秩序和重建新的世界格局,誰也阻擋不了我們的進攻,我們纔是世界的主宰。 ——凱文·米特尼剋
In the late 20th century, he was convicted of various computer- and communications-related crimes. At the time of his arrest, he was the most-wanted computer criminal in the United States.
Computer hacking
At age 12, Mitnick used social engineering to bypass the punchcard system used in the Los Angeles bus system. After a friendly bus driver told him where he could buy his own ticket punch, he could ride any bus in the greater LA area using unused transfer slips he found in the trash. Social engineering became his primary method of obtaining information, including user names and passwords and modem phone numbers.
Mitnick gained unauthorized access to his first computer network in 1979, at 16, when a friend gave him the phone number for the Ark, the computer system Digital Equipment Corporation (DEC) used for developing their RSTS/E operating system software. He broke into DEC's computer network and copied DEC's software, a crime he was charged with and convicted of in 1988. He was sentenced to 12 months in prison followed by three years of supervised release. Near the end of his supervised release, Mitnick hacked into Pacific Bell voice mail computers. After a warrant was issued for his arrest, Mitnick fled, becoming a fugitive for two and a half years.
According to the U.S. Department of Justice, Mitnick gained unauthorized access to dozens of computer networks while he was a fugitive. He used cloned cellular phones to hide his location and, among other things, copied valuable proprietary software from some of the country's largest cellular telephone and computer companies. Mitnick also intercepted and stole computer passwords, altered computer networks, and broke into and read private e-mail. Mitnick was apprehended in February 1995 in North Carolina. He was found with cloned cellular phones, more than 100 clone cellular phone codes, and multiple pieces of false identification.
Confirmed criminal act
Using the Los Angeles bus transfer system to get free ride
Evading the FBI
Hacking into DEC system(s) to view VMS source code (DEC reportedly spent $160,000 in cleanup costs)
Gaining full administrator privileges to an IBM minicomputer at the Computer Learning Center in Los Angeles in order to win a bet
Hacking Motorola, NEC, Nokia, Sun Microsystems and Fujitsu Siemens system
Alleged criminal act
Stole computer manuals from a Pacific Bell telephone switching center in Los Angele
Read the e-mail of computer security officials at MCI Communications and Digital
Wiretapped the California DMV
Made free cell phone call
Hacked Santa Cruz Operation, Pacific Bell, FBI, Pentagon, Novell, California Department of Motor Vehicles, University of Southern California and Los Angeles Unified School District systems.
Wiretapped FBI agents, according to John Markoff; although this is denied by Kevin Mitnick.
Arrest, conviction, and incarceration
After a well-publicized pursuit, the FBI arrested Mitnick on February 15, 1995, at his apartment in Raleigh, North Carolina, on federal offenses related to a 2½-year period of computer hacking.
In 1999, Mitnick confessed to four counts of wire fraud, two counts of computer fraud and one count of illegally intercepting a wire communication, as part of a plea agreement before the United States District Court for the Central District of California in Los Angeles. He was sentenced to 46 months in prison plus 22 months for violating the terms of his 1989 supervised release sentence for computer fraud. He admitted to violating the terms of supervised release by hacking into PacBell voicemail and other systems and to associating with known computer hackers, in this case co-defendant Louis De Payne.
Mitnick served five years in prison — four and a half years pre-trial and eight months in solitary confinement — because, according to Mitnick, law enforcement officials convinced a judge that he had the ability to "start a nuclear war by whistling into a pay phone". He was released on January 21, 2000. During his supervised release, which ended on January 21, 2003, he was initially forbidden to use any communications technology other than a landline telephone. Mitnick fought this decision in court, eventually winning a ruling in his favor, allowing him to access the Internet.
Under the plea deal, Mitnick was also prohibited from profiting from films or books based on his criminal activity for seven years.
Mitnick now runs Mitnick Security Consulting LLC, a computer security consultancy.
Controversy
Mitnick's criminal activities, arrest, and trial, along with the associated journalism were all controversial.
Though Mitnick has been convicted of copying software unlawfully and possession of several forged identification documents, his supporters argue that his punishment was excessive. In his 2002 book, The Art of Deception, Mitnick states that he compromised computers solely by using passwords and codes that he gained by social engineering. He claims he did not use software programs or hacking tools for cracking passwords or otherwise exploiting computer or phone security.
Two books explored the allegations: John Markoff and Tsutomu Shimomura's Takedown, and Jonathan Littman's The Fugitive Game. Littman made four main allegations:
journalistic impropriety by Markoff, who had covered the case for the New York Times based on rumor and government claims, while never interviewing Kevin himself.
overzealous prosecution of Mitnick by the government
mainstream media over-hyping Mitnick's actual crime
Shimomura's involvement in the matter being unclear or of dubious legality
Further controversy came over the release of the movie based on the book by John Markoff and Tsutomu Shimomura, with Littman alleging that portions of the film were taken from his book without permission.
The case against Mitnick tested the new laws that had been enacted for dealing with computer crime, and it raised public awareness of security involving networked computers. The controversy remains, however, and Mitnick is often cited today as an example of the quintessential computer criminal.
Supporters of Mitnick have asserted that many of the charges against him were fraudulent and not based on actual losses.
Media
In 2000, Skeet Ulrich and Russell Wong portrayed Kevin Mitnick and Tsutomu Shimomura in the movie Track Down, which was based on the book Takedown by John Markoff and Tsutomu Shimomura. The DVD was released in September 2004.
A fan-based documentary named Freedom Downtime was created in response to the corporate-based documentary Track Down.
Mitnick is the co-author, with William L. Simon, of two computer security books:
The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceiver
The Art of Deception
He and his co-author are currently writing Kevin's autobiography, to be titled "Ghost in the Wire"