• Choose a category
• All
• Classic-Fiction

The contest was a straightforward challenge: You break in, you win the bucks. A good publicity stunt ... unless somebody was able to embarrass them and take the money. They were so sure of their product that they were even audacious enough to have a printout posted at the booth giving the account numbers and corresponding passwords to some accounts on the system. And not just regular user accounts, but all the privileged accounts.

lingo

TERMINAL-BASED SECURITY Security based in part on the identification of the particular computer terminal being used; this method of security was especially popular with IBM mainframe computers.

That was actually less daring than it sounds: In this type of setup, I knew, each terminal is plugged into a port on the computer itself. It wasn’t rocket science to figure out they had set up the five terminals in the conference hall so a visitor could log in only as a nonprivileged user—that is, logins were possible only to accounts without system administrator privileges. It looked as if there were only two routes: either bypass the security software altogether—exactly what the LOCK-11 was designed to prevent; or somehow get around the software in a way that the developers hadn’t imagined.

Taking Up the Challenge

Vinny and I walked away and talked about the challenge, and I came up with a plan. We wandered around innocently, keeping an eye on the booth from a distance. At lunchtime, when the crowd thinned out, the three developers took advantage of the break and took off together to get something to eat, leaving behind a woman who might have been the wife or girlfriend of one of them. We sauntered back over and I distracted the woman, chatting her up about this and that, “How long have you been with the company?” “What other products does your company have on the market?” and so on.

Meanwhile Vinny, out of her sight line, had gone to work, making use of a skill he and I had both developed. Besides the fascination of breaking into computers, and my own interest in magic, we had both been intrigued by learning how to open locks. As a young kid, I had scoured the shelves of an underground bookstore in the San Fernando Valley that had volumes on picking locks, getting out of handcuffs, creating fake identities—all kinds of things a kid was not supposed to know about.

Vinny, like me, had practiced lock-picking until we were pretty good with any run-of-the-mill hardware-store lock. There had been a time when I got a kick out of pranks involving locks, like spotting somebody who was using two locks for extra protection, picking the locks, and putting them back in the opposite places, which would baffle and frustrate the owner when he tried to open each with the wrong key.

In the exhibit hall, I continued to keep the young woman distracted while Vinny, squatting down at the back of the booth so he couldn’t be seen, picked the lock on the cabinet that housed their PDP-11 minicomputer and the cable terminations. To call the cabinet locked was almost a joke. It was secured with what locksmiths refer to as a wafer lock, notoriously easy to pick, even for fairly clumsy, amateur lock-pickers like us.

It took Vinny all of about a minute to open the lock. Inside the cabinet he found just what we had anticipated: the strip of ports for plugging in user terminals, and one port for what’s called the console terminal. This was the terminal used by the computer operator or system administrator to control all the computers. Vinny plugged the cable leading from the console port into one of the terminals on the show floor.

That meant this one terminal was now recognized as a console terminal. I sat down at the recabled machine and logged in using a password the developers had so audaciously provided. Because the LOCK-11 software now identified that I was logging in from an authorized terminal, it granted me access, and I was connected with system administrator privileges. I patched the operating