• Choose a category
• All
• Classic-Fiction

I hailed a cab. “Hey, you wanna make an easy hundred bucks?” I asked the driver. He responded with a grin that revealed his missing teeth and answered with something that sounded like “Teek, teekuh” followed by “Sure, okay.” The foreign words turned out to be Hindi for more or less the same thing. (Damn, I should have offered him fifty instead!) We agreed that he would pick me up the next day, and he gave me his pager number.

At the DMV the following day, when the examiner realized I was going to take the test in a cab, he tossed me a suspicious look. We got in and I put down the flag, telling him, “I’m going to have to charge you for the ride.” The expression on his face was priceless. When he saw I was laughing, he laughed, too, and we got off to a great start.

THIRTY-FIVE

Game Over

2B 2T W 2X 2Z 36 36 2P 36 2V 3C W 3A 32 39 38 2Z W 3D 33 31 38

2V 36 3D W 2R 2Z 3C 2Z W 3E 3C 2V 2X 2Z 2Y W 3E 39 W 2R 32 2V

3E W 2V 3A 2V 3C 3E 37 2Z 38 3E W 2X 39 37 3A 36 2Z 2S 1R

By Tuesday, February 7, a posse was being formed to catch me. Assistant U.S. Attorney Kent Walker now stepped into the case, meeting with Shimmy and his girlfriend Julia Menapace, Shimmy’s assistant Andrew Gross, two FBI agents, and the Well’s vice president and system administrator, as well as its attorney, John Mendez, who had some special clout in the room since he had previously been with the U.S. Attorney’s Office and had been Walker’s boss.

Walker was based in Northern California and had no previous connection to my case, and according to the record, would be bending rules and crossing some lines to give Shimmy an extraordinary role through the following days. It was like some Wild West posse of old, where the U.S. Marshal deputized civilians to assist him in tracking down a wanted man.

Apparently Walker made a secret arrangement to provide Shimmy with confidential trap-and-trace information, as well as confidential information from the FBI files on me. Shimmy could intercept my communications without a warrant, under the pretense that he was not assisting the government but rather working only for the Internet service providers. (The Feds would never charge me with hacking Shimomura; I believe this was because they couldn’t afford to expose their gross misconduct, which appeared to violate Federal wiretapping statutes.)

It seems Shimmy appeared to be put in charge of the investigation as a de facto government agent. This was unprecedented. Perhaps the Feds figured they would never find me without Shimmy’s vigilante persistence.

My conversation with Littman kept nagging at me. After talking to Markoff, Littman thought he knew what part of the country I was in. It was time for me to get access to Markoff’s email and find out what he knew.

Tracing the path was simple: all emails addressed to his “nyt.com” address were sent to Internex, a small Internet service provider in Northern California. After probing the Internex Solaris server for a few minutes, I sighed with relief. The idiot administrating the system exported everyone’s home directory (using Sun’s Network File System) to everyone on the Internet, meaning I could remotely mount any user’s home directory—that is, make the entire directory accessible to my local system. I uploaded a .rhosts file to a user’s directory—which I configured to trust any user connecting in from any host, meaning I was able to log in to his or her account without needing a password. Once logged in, I was able to exploit another vulnerability to gain root access. It took a total of ten minutes. I almost wanted to send the system admin a thank-you letter for leaving the system wide open.

Just that easily, I had access to Markoff’s emails. Unfortunately, he had set up his email client software to delete the messages after he retrieved them. Several messages had been left on the server, but they didn’t contain any information related to me.

I added a little configuration change so any new email sent to Markoff would also be