In Response To: Unplugged! The biggest hack in history
By John Simons, WSJ Interactive Edition
October 1, 1999 8:54 AM PT
The Phonemasters and I
In 1994, I was learning as much about computers and telphony as I could
possibly take in. Had an extra 500 page manual? I'd digest it in days.
Anything related to phones was of particular interest to me. For some
reason, the computers that ran the phone systems were interesting and
I found myself with an insatiable curiosity for them. Some called it
an obsession. Ironic that I hated talking on phones with anyone, even
with the people sharing new information about the systems I was learning
about. It didn't take long for me to move on to switches and systems
that were the core of the telephone network.
To this day, I can still say I never did anything harmful, destructive
or malicious to any phone or computer network out there. It was all about
learning the systems. The natural curiosity of a young man, focused on
technology that was becoming more and more widespread. It was about
knowledge, nothing else.
You find yourself a newcomer to the concept of hacking, new to technology
and learning. Who do you turn to? If you are truly into it because of
the love of the system, anyone willing to help. That is how I ran into
two of the 'phonemasters' back in 1994. Fortunate for me, I ran into some
of the best teachers I have ever encountered. Given that one of my primary
functions in my current professional life is teaching government agencies
and fortune 500 companies, that statement shouldn't be taken lightly.
I remember my first talk with one of the phonemasters. He was softspoken
from the beginning, talking with a cool and reserved voice. When it came
to phone systems, his voice became that of an expert. The information and
advice he passed on to me was flawless. If I didn't know better, I could
have easily believed he was an employee of the phone company, or some other
expert on the subject material. It didn't take long for our email to
lead to talking on the phone. We had maybe ten conversations over a year
long period. Each one an hour or more of us discussing phone systems
and the intracacies involved.
While i didn't know them as close friends, we were on a first name
basis for the conversations we had. Back then, a first name was a sure
sign of trust and/or respect. They trusted me, I respected and trusted
them implicitly. It started out talking with 'T' and eventually lead
to a handful of conversations with 'G' (two of the three 'phonemasters').
Simons says in his article that the Phonemasters had "Unlimited potential
for harm". While this is technically true, consider the long haul. Over
five years of having this powerful access, and what harm was done? None.
Like so many hackers, being malicious is not in their book. A sense of
power and exploring maybe, but causing harm to anyone just wasn't
considered. Simons goes on to tell us about FBI evidence that alleges
they had planned on breaking into the National Crime Information Center
(NCIC). So? They wouldn't be the first to compromise the FBI's pride
and joy of a network.
While the three 'phonemasters' were close friends, they periodically
reached out to talk to others. Often times imparting new bits of knowledge
to newcomers to hacking, they enjoyed teaching. None of them bragged
about their skills, demanded tribute or anything indicating they had
large egos. It was during these external talks that lead to the incident
Simons refers to on January 23. He writes: "On Jan. 23, while probing a
U S West telephone database, Cantrell, Bosanac, Lindsley and others
stumbled over a list of telephone lines that were being monitored by
law enforcement. On a lark, they decided to call one of the people --
a suspected drug dealer, says Morris -- and let him know his pager was
being traced by the police." The idea of notifying the owners of traced
lines actually came from another Mid West hacker who shared the deed
on a conference call with two of the phonemasters. Sorry, can't blame
them for that idea.
Side affects of their raid
"Morris hastily arranged for an FBI raid. On Feb. 22, 1995, agents
raided Cantrell's home, Lindsley's college dorm room, and burst into
Bosanac's bedroom in San Diego."
I remember this night quite well. A couple hackers I knew were in an
absolute state of panic. They were baffled over the raid and kept
wondering why they weren't recipients of an FBI visit of their own.
One of the hackers admitted to me that he too had been hacking some of
the same phone computers that the phonemasters had. He had even found
printouts of their activity in the trash can of a U.S. West Central
Office and later confirmed it was their activity that generated these
Another hacker in touch with the phonemasters paid me a visit that night.
He was openly sweating and a little out of breath. I quickly found out
that he had spent the day cleaning his place, in fear of impending FBI
raid. Throwing out over fourty technical manuals detailing the use of
various phone systems. He had also thrown out a wide range of hardware
and other extraneous equipment he felt were no longer needed. Some of
his friends were not thrilled with his decision. A veritable gold mine
of information was lost forever.
Three individuals are being charged with crimes related to this long
term intrusion. After half a decade of running through phone, credit
and every other system out there, a question emerges. Did they do it
alone? Of course not.
During on of my phone conversations with 'T', he told me about a night
he was dabbling on some system. He typed in a long command and received
an error message. Trying again and altering his syntax yielded no success
either. As he sat there pondering the correct command to type in, someone
else on the system did it for him. Alarmed at first, he wondered who
could have done it for him. Perhaps one of the other phonemasters he
thought? Not this time, instead, a legitimate phone technician was the
one to help. He went on to describe the hours of technical help the
phone company employee gave him. The whole time fully aware that his
student had no right to be on the system.
The sum of the charges...
While the three 'phonemasters' did break laws by intruding into these
sensitive and critical systems, there are a few things we need to
remember. If such vital and life saving systems are vulnerable to this
widespread and lengthy hack, why are we relying on them? Why hasn't
the government put more resources or some form of standards on these
mission critical systems?
Based on my limited conversations with them, I can say it is somewhat
comforting knowing these three were involved rather than malicious
hackers. More importantly, that these technically brilliant hackers
were at the keyboard. The systems they were in like the AT&T 1AESS
switch isn't the most fault tolerant system. Commands that go awry
have a tendancy to leave thousands of people without phone service.
Novice hackers finding themselves with the same hackers the
'phonemasters' enjoyed could have presented a real threat to citizens
When you read these articles, remember that the sum of their charges
do not paint a full picture of what kind of people they really are.