I have somehow found myself doing a lighthearted talk on retro hacking this Wednesday. Would anyone here happen to know anything about it?
You must log in or register to comment.
80s was all about the phones.
Phone phreaking, the 80’s were so fun. Stolen AT&T calling card numbers enabled you to call long distance for free at a time when calling the next city over could cost 30 cents a minute or more (equivalent to over a buck now). Hacking people’s answering machines was pretty easy. For youngsters, this was a device hooked up to your land line phone to give you voicemail. You could listen to your messages remotely by calling it and entering a password which was very short and limited to numbers. Some had to the capability to change the message that answered the phone. That made for lots of fun
30 cents per minute in the 80’s is like a dollar per minute today, maybe more.
I dunno, having payphones on every other street corner in the 80’s-90’s can seem like a foreign concept today.
My dad and his buddy devised a plan to get unlimited calls from phone booths to abroad. They drilled a 2 Deutschmark coin and put a fishing line through it. They figured out that the coin only drops after the allotted time is up, allowing the machine for there to be credit registered. But there was nothing preventing the coin from going upwards again. So they just kept pulling it out and then inserting the coin again. And re-dialing the international number. Like some petty comic book villains.
That would be because the notion of having a pay phone on every corner is.
That is beside the point. The phone is just a pathway, the hacking is the same. The phone gets the hacker to the end user. Today the cellphon/tablet/pc is just a pathway to the end user.
When it comes to tech as much as everyone thinks it changes the more it stays the same.
Late 80s early 90s I got into the database for our menus & recipes and changed ‘hot dog’ to ‘tibe steak smothered in underwear’ and then promptly forgot about it until one day months later with the storeroom clerk he was printing the monthly menus and inventory, lol and behold I laughed my ass off. He never even noticed because we just printed and filed the paperwork.
I also point around in areas that were ‘resteicted’ I found the ‘star wars’ game, and I would play it for hours on the midnight shift. Nothing like the old green screen games.
Insert Willem Dafoe meme Im something of a hacker myself
A few things I remember.
Nobody sanitised their inputs.
You could get through logins by making a database query check whether 1 = 1 instead of a password. You could put JavaScript into guest book fields to redirect people to whatever crazy site you wanted.
My university lecturer told me about a well known supermarket that built a shop front. They made it in such a way that you could change the numbers before they were submitted and it wasn’t validated on the back end. So free food.
It was extremely easy to send a trojan file to a friend and if they would open it and you happen to know its IP you could remote do things like open its CD drive and at the same time have tons of malware in your PC but it was all worth to see them in the next day saying that the PC went abducted by aliens
At my fist big boy job my dad sent me one that locked out my keyboard and mouse then cranked the volume to 100% as it yelled “hey everyone, I’m watching porno over here” followed by a super loud moan. It was a quiet call center too. That moment still haunts my dreams.
I would love to hear this talk!
The connection between Cap’n Crunch, phone system hacking, and Apple is a pretty important part of early hacking history.
“Draper heard about the whistle from other phreakers. The whistle easily played at 2600Hz, the perfect tone to, in Apple Inc. [co-founder Steve Wozniak’s words], “seize a phone line.”
Huh, I had always wondered why the hacking magazine was called 2600. Guess that explains it, neat!
I met Captain Crunch around 2012, really nice and still insanely curious about phone systems.
Out of the Inner Circle covered this real well. It was a book printed in the early 80’s
I recommend The Cuckoo’s Egg by Cliff Stoll as a good start.
Watch Hackers: Computer Outlaws
Not really hacking, but in the 90s you could usually just connect to a mail server and it would believe what you told it.
If you were careful you could just type an email directly: MAIL FROM, RCPT TO, etc.
I would write scripts at work to send spoof emails sometimes, you could put anything as the FROM address, like “info @ catfacts” or whatever.
Another “not really hacking” example is that when some companies first got an Internet connection, they would just allocate public IP addresses to everyone, no gateway or firewall. So you could browse any non-passworded smb shares just knowing the IP.
It’s not hacking. Most languages have the ability to send mail from any mail address. Poweshell example -
Send-MailMessage -from bill.gates@microsoft.com -to you@yourmail.com -subject "fuck you" -body "no really fuck you"My point was really how there was little to no verification on SMTP servers back then and that you could send mail with a simple terminal program, or, more practically, a script.
Not hacking, but using knowledge of the insecurity of SMTP servers of the time, to allow spoofing easy spoofing.
Not so easy to find SMTP servers to do that with now.
Was much easier as we all used password like 123456 or our first name.
imsosexy
My dad’s go to from the 1980s all the way up to his death in the 2020s was “fuckme42069” . He was an OG Neckbeard.
It was exactly like the movie Hackers. 😅
Due to the nature of how the ARPAnet was born (lots of academic influence and the view of free sharing of information) outside the DOD infosec wasnt a thing, even then it was an after thought.
There was a healthy phone hacking community coming out of the 70s and into the 80s. Their techniques for getting free calls helped with exploiting the ARPAnet
There were pretty significant technology changes in the 90s with the WWW and the number of people and companies online leading to more opportunities and ways to exploit.
Wargames and Sneakers are pretty entertaining and while movies will give you a bit of a vibe.
If you can highly recommend you read
https://en.wikipedia.org/wiki/The_Cuckoo's_Egg_(book)
Really easy read and amazing true story
It wasn’t like the military had that much better OPSEC. The code to launch American nuclear weapons for over, 15 years was 00000000.
According to the movies it’s 90 percent just saying “I’m in” then you’re in.
Money going online really changed the mood.
I recall a conference talk mentioning that the speaker (from a nordic country) told their friend to look at their online banking account, and then transferred them $-10. Either they were spotted or they disclosed it, I forget which, and luckily they were hired instead of jailed.
Damn
Money going online really changed the mood.
So true. Money spoils everything.
You could use telnet as example of a “historic vulnerability” in your talk.
My ISP would give you like 10 MB to build a personal website. You’d log in to the FTP server, and it would take you to your personal directory. From there, you could “cd …” and end up in the parent directory and access everybody’s data.
I wonder what the equivalent of this is today? Not meaning the same thing but what is incredibly insecure.
Probably cell phone interception and manipulation of cell service.
People. Social engineering is orders of magnitude easier than most default security configs.
That said, dumb security mistakes still happen regularly. Remember a few years ago when Missouri had a bunch of teachers’ personal data just in the HTML sent to every person visiting their site? When a journalist notified them, the govt tried to say he was hacker.
