• Choose a category
• All
• Classic-Fiction

We held our breath until the file was successfully transferred, then gave each other electronic high-fives over chat.

JSZ moved a copy of the file to a system in Europe in case some Well system admin happened to find the huge file and delete it. I also copied the file to a couple of other locations.

JSZ kept telling me that finding the simple backdoor he had set up for my access would be easy for Shimmy. I agreed: it was too easy to find. I suggested that we consider placing a more sophisticated backdoor in the operating system itself, where it would be much harder to detect.

“He’ll find it,” JSZ countered.

“Yeah, we could always get back in later the same way,” I said.

I logged off the system, and JSZ cleaned up, removing the simple backdoor and deleting all logs of our activity.

It was a very exciting moment. We had gotten into the security expert’s server—in my case, for the second time in little over a year. JSZ and I decided we would each examine Shimmy’s files independently and then report back to the other on what we found.

But no matter how careful we were to erase our tracks, I figured it was almost certain that Shimmy would stumble onto some telltale sign we had overlooked.

Sifting through Shimmy’s old emails, I came across messages back and forth between him and my nemesis, New York Times technology scribe John Markoff. The two of them had been exchanging emails going back to early 1991 about me—trading bits of information on what I was up to, as in an exchange in early ’92 that showed Shimmy had gone to the trouble of researching online for my ham radio license, call sign N6NHG. He also emailed Markoff asking whether the FCC had a rule against issuing ham radio licenses to a person convicted of a felony.

Why the two of them had such an interest in me was still a mystery. I had never met Shimmy, never interacted with him in any way except for the recent hacks into his system.

So why would the two of them be so interested in what I was doing?

I was right about one thing: Shimmy very quickly learned of our break-in. Because JSZ and I were both so focused on getting a copy of his files, we didn’t notice that he was running “tcpdump”—a network monitoring tool to capture all network traffic. We also didn’t notice that a program called “cron” was periodically emailing his system logs to Andrew Gross, Shimmy’s assistant. Gross realized the logs were getting smaller and tipped off Shimmy that something suspicious was going on. As soon as Shimmy looked through the logs, he realized he had been hacked.

It didn’t matter much. We had his files, and we would spend the days and weeks ahead carefully examining them.

Why would Shimmy be running a network monitoring tool to capture everything going through his server? Paranoia? Or was it a bait machine? Because he was so high-profile in the computer security world, he knew it was just a matter of time before someone would nail his butt with a clever new attack. I thought maybe it was a bait machine, left accessible so he could monitor all the incoming attacks and profile the methods being used. But in that case, why would he leave all his files on this machine, and even a network wiretapping tool called “bpf”—for Berkeley Packet Filter—that he had created for the United States Air Force, which could insert itself directly into an operating system without requiring a reboot?

Maybe he just underestimated his opponents and assumed no one would ever get in. It’s still a mystery.

Many people credit me with being the guy who developed the program that was used to hack into Shimmy’s servers using the IP spoofing attack. I’d be proud if I really had been the one who managed that rather astounding feat, and I’d be glad to take credit for it. But the credit’s not mine. Instead, that honor belongs to the wickedly clever JSZ, the guy who actually participated in developing the tool and used it for our Christmas Day break-in to Shimmy’s server.

I had enjoyed my time back