| When I was 11 years old or so, I did not yet have a computer of my own but I had taken an interest in computers and wanted to learn more about them than just playing games. First and foremost I wanted to command computers to do my bidding. To create my own games and so on. So I read a couple of books and magazines and wrote a bunch on paper. My father had a computer that he would let me borrow at times. One time my father brought with him home a copy of the installer for a program called POV-Ray, an open source raytracer and together we used it to describe a couple of simple scenes and render them. Aside from that my interactions with real computers at the time remained limited to playing games, using MS Paint and a little bit of supervised web browsing. However my interest in learning about computers remained and my father encouraged this. He would bring with him print-outs from the internet about various things relating to computers. One time he had printed out a few pages from the website of the Chaos Computer Club. Those guys, the CCC, what they were able to do was amazing to me. They seemed like gods, well not quite gods but some sort of wizards or something. The movie The Matrix had also captivated me when I saw it. It remains one of my all time favorite movies to this day. At the age of 12 I got a computer of my own. It had a red rescue floppy, the contents of which I belived to be the entire installer for the Windows XP operating system. My father told me that the installer would weigh in at a lot more than the 1.44 MB that was able to fit on a floppy. I did not believe him. He was right of course, as I would come to understand a few years later -- the rescue floppy was booting the computer from a hidden partition and then the recovery stuff that was stored on that partition would take over and continue from there. Nonetheless, I had a blast and aside from a few misconseptions like the one mentioned, I learned a lot from having my own computer. Being able to restore Windows XP back to the factory state turned out to be very useful in the process of learning as I would regularily mess up my install in various ways that would lock me out of the computer or even make Windows unable to boot, but each time I would pop in the recovery disk and within 30 minutes to an hour or so I think the recovery program would have made the computer good as new. I lost a lot of data that way of course but little of it was of value to me anyway. The process of trying things and discovering and learning was much more important than my data. So on my computer I could experiment and if something broke there was no consequence. This would shape my attitude against computers. The lack of consequence however, not so. Fast forward to 2006, I was in high school. I finally learned to program thanks to TI-BASIC on the graphing calculators and a book about PHP, after previously while in midleschool having given up on programming when the C++ Hello World program I copied from a book didn't seem to work. (I had compiled it successfully but I had failed to understand that I would have to run it from a command prompt in order to see the output, so what happened was that when I double-clicked the executable, a command prompt opened itself, and as soon as the program finished it closed itself, leaving me to think that the black box that flashed on my screen meant that the program didn't work.) With the understanding I had gained from programming I figured maybe I would be able to create my own cracks for games and other pieces of software. After a bit of searching I came across a site called woodman.com, which had a bunch of tutorials on reverse engineering. I read them with great joy and after having followed guides and practiced on various crackme's, I downloaded a shareware program that had a serial protection on it and was able to crack it all on my own. Well, well, well. I am able to write software, I am able to crack other people's software. Now I think it's time that I look into network security. I bet there is some security issue with the school computers and I bet that the school will be happy when I tell them about it. Yes and no. There was a security issue, but the school did not enjoy me finding it nor what I did once I had found it. The first thing I did was I downloaded a collection of rainbow tables. Next I tried to boot one of the school computers with a boot-CD so that I could copy the LM hashes file if it existed on the computer. The school computers had a BIOS password and were configured not to boot from the CD-ROM drive. So I gave up on that and focused my attention on other things. Later one day when I booted one of the school computers, the boot process looked a bit different from what it used to (don't remember how, but probably it attempted network boot or something) and I figured that maybe I should try to enter the BIOS menu on this computer. The computer allowed access without a BIOS password. (The school IT administrator had disabled the BIOS password temporarily and had forgotten to re-enable it afterwards.) I shut down the computer again and the next day I brought a boot-CD. I booted from the boot-CD, found the file with the LM hashes and copied it to a USB stick. Brought it home and put my computer to work at using the rainbow tables I had downloaded. After some time (several hours, perhaps several days) the password cracking program had found a match for the password of the local Administrator user. At school I then tried to log in as Administrator on one of the computers using the password that the password cracker had found and it worked. Holy shit! Instead of telling the school about this, I decided that I should investigate what more I could do. Bad idea. If I had stopped at this point, perhaps the school would have been thankful indeed, who knows. So after a bit of pondering, I decided that I should install a keylogger on a bunch of the machines. I found something called FakeGina.dll online and was going to replace MSGina.dll with it. This triggered the antivirus software on the school computer which gave me a bit of panic. I logged off and didn't do anything out of the ordinary for a while, expecting that the school IT admin would have gotten a notification and that he was going to question me about it and that it wouldn't look good. (Continues in a child comment.) |
So when nothing happened for a while, I continued my investigation. I learned that by splitting a file so that you have a file with the first byte of the original file in it, a file with the first two bytes, a file with the first three bytes in it and so on, and then looking at which file in the sequence was the first to be discovered by the antivirus, you could learn what part of the file the antivirus was fingerprinting (nowadays antivirus is more sophisiticated and applies more than just fingerprinting but at the time at least the one they were using at school was operating in this fashion), and you could edit nearby values with a hexeditor hoping that the byte you changed would alter the fingerprint without breaking the program. If you were lucky a text string was part of the fingerprint and could be altered without consequence to the function of the program.
So with a version of FakeGina.dll that I had modified in the fashion just mentioned, I installed it on a few of the school computers. A handful of computers in one of the computer labs and a couple of classroom computers.
Because I had installed the keylogger on a couple of classroom computers and because teachers were using those computers, I ended up with the passwords of not other student accounts but also some teacher accounts.
I was about ready to tell the school about what I had found but not until I first bragged to some of my friends, a couple of which asked if they could have the admin password so that they could install some games on the school computers. Sure, why not. Just don't tell anyone about it, I said. Basic op-sec failure. If I didn't want others aside from my friends to know, I shouldn't have told my friends either.
One of the people I bragged to told one of his friends and that friend told the principal about it.
One of my friends heard that that other guy had told the principal about it because that other guy told other people that he'd told the principal. My friend sent me a message on facebook to warn me about it but I wasn't logged onto facebook so I was sitting at the computer lab blissfully unaware of what was going on. Even if I'd known it wouldn't have mattered. Once they know it's too late.
So one of the school staff marches into the computer lab with a stern look on her face, says "come with me". I paniced and looked around, considered jumping out of the window as we were only about half of a story above street level but decided that since none of the windows were open there was no point in trying that.
She escorts me out of the computer lab and I ask "what's going on", trying to sound normal but my voice was shivering. She didn't answer, just kept walking alongside of me guiding me towards the principals office.
I knew that the principal was a nice person so I hoped that I would be able to explain what my initial motivation had been and that I was sorry that I had gotten carried away.
The principal was a nice person but he was also concerned about what I'd done and the impact of it, and the fact that I had logged teacher passwords meant that I could in theory have altered report cards, and that that amounts to falsification of official documents or somesuch and so on.
In the end I was expelled from school for three days and the school reported me to the police.
At this point I had recently turned 18 years old so the school told me that they could not inform my parents of this without my consent, and neither would the police be able to, so I told them that I did not want them to inform my parents of it.
A couple of weeks later the school told me to go to a local police office for questioning, which I did. The police officer that questioned me was a likeable person. Not friendly but not hostile either. Simply serious and factual.
In the end, I was given a fine of about $600 and the incident was recorded on my criminal record, which up until then had been clean.
My father found out about it when a letter arrived in our mailbox, sealed and addressed to me but with the name of the governmental entity that collects fines on it. When I got home he was sitting at the table with the letter. He was visibly upset. He had not opened the letter because he couldn't but instead he told me to open it in front of him. I said I didn't want to but he said that I had to so I did. The letter did not say what it was about, just the amount of money I had to pay and when I had to pay. So instead I had to tell him everything and I did and he was upset with me for a very long time. Since then I have regained his trust.
At first I was upset that someone "ratted me out", as I saw it. Esecially since not only was he a friend of a friend, but he was also a person I had had classes with and while we were never friends perhaps, we did have some sort of bond through our shared passion for programming.
Over time, I have come to realize that his alerting the principal about what was going on was the best thing that could have happened.
I was headed down a path that could have landed me in a much worse position.
Thanks to him, it stopped there.
I am a different person now. My fasination with computers remains but I have learned to adhere to the policies and the laws that apply to systems, as well as being respectful of the privacy of others in a manner that I clearly wasn't when I thought it was ok to keylog the account credentials of my fellow students. (Thankfully though I never was tempted to read other peoples e-mail, personal files etc., and most of the other students in my school were impressed with, not mad at, what I'd done once it became known.)
Some of my recklessness and disregard may have been due to lack of maturity, some of it due to lack of experience (where up until then anything I did with a computer always was undoable with a red little floppy disk, since up until then only myself was affected by my actions on the computer). Still, as I said, I think that if it hadn't stopped when it did, I might have ended up a very different person.