I have somehow found myself doing a lighthearted talk on retro hacking this Wednesday. Would anyone here happen to know anything about it?
You must log in or register to comment.
Watch the movie Hackers, it’s basically a documentary. Roller blades, hacker dive bars, extreme fashion, custom boot screens, swirly 3D effects around you when you’re typing fast. It was rad…
Not exactly hacking, but other people made me remember it…
If you ran early software like a forum, often passwords/DMs/etc. weren’t encrypted in the database, so you could just look in your own database (or in the case of the perl-based forum I ran, the text files) and get people’s passwords and private messages. I remember my shock at seeing that when I was poking around the back end of my own forum, lol. Luckily for my users, I’m not an asshat, so I never got up to mischief with that. But I absolutely could have, and I know plenty of dudebros in IT who would/did.
I still operate today on the idea that once you interact with an online system, the admins of that system basically have everything you give them and there’s no privacy.
(Also, often if you, the user, “delete” something, usually what the system does is check a box for that data that is more or less a binary, “Is deleted? Y/N?”, and then shows/hides the data based on that flag being set. This is due to corporate customers crying if they delete something by their own fat fingers, but it means if you do intend to delete something, you should assume it’s not actually deleted, it’s just hidden from the view you, the user, have permissions to view. Of course this all depends on the specifics of the system you are interacting with, but I still default to assuming the “delete” function is just a flag that alters the view you see, not a true delete feature.)
The connection between Cap’n Crunch, phone system hacking, and Apple is a pretty important part of early hacking history.
“Draper heard about the whistle from other phreakers. The whistle easily played at 2600Hz, the perfect tone to, in Apple Inc. [co-founder Steve Wozniak’s words], “seize a phone line.”
Huh, I had always wondered why the hacking magazine was called 2600. Guess that explains it, neat!
I met Captain Crunch around 2012, really nice and still insanely curious about phone systems.
Out of the Inner Circle covered this real well. It was a book printed in the early 80’s
the phreaks will, they had tons of fun
captain crunch whistles and tape recorders were the golden keys and it was glorious lol
In the 90’s, companies were super lax on data security, retention, and destruction. In my city we had major IT players like INTEL, HP, Motorola, etc. We would dumpster dive and find whole computers full of data and no passwords. We were after the hardware so all our friends could play Doom MP, Quake, or later Unreal Tournament… so we usually wiped them but who knows what was in those things. It was a lot of e-waste and because of divers with bad intentions, now there’s incredibly strict corporate rules about data security/destruction.
Different topic but ewaste today is absolutely insane. People throw out working post-2015 “gaming laptops” - maybe a dead battery or something equally simple to fix.
I cannot speak for other countries, but here in America, I blame the fact that once family and personal computers became a big thing they stopped teaching about them in schools.
I know I never had a single class or subject related to using a computer. They just expected us to know how to use them.
They just expected us to know how to use them.
And they still do. The “kids these days and their compyooturs” fallacy. Irks me to my core.
I was fortunate to have a middle school typing and graphic design class, and in highschool I learned hardware troubleshooting and stuff (A+ equivalent IT work)…but that “career path” of flipping computers that people downloaded the wrong screensaver on kinda died out.
Still learned a lot though! If the I.T field was still hanging out with buddies in some dungeon nobody visited, I might be in that field today lol.
According to the movies it’s 90 percent just saying “I’m in” then you’re in.
Watch Hackers: Computer Outlaws
Not really hacking, but in the 90s you could usually just connect to a mail server and it would believe what you told it.
If you were careful you could just type an email directly: MAIL FROM, RCPT TO, etc.
I would write scripts at work to send spoof emails sometimes, you could put anything as the FROM address, like “info @ catfacts” or whatever.
Another “not really hacking” example is that when some companies first got an Internet connection, they would just allocate public IP addresses to everyone, no gateway or firewall. So you could browse any non-passworded smb shares just knowing the IP.
It’s not hacking. Most languages have the ability to send mail from any mail address. Poweshell example -
Send-MailMessage -from [email protected] -to [email protected] -subject "fuck you" -body "no really fuck you"My point was really how there was little to no verification on SMTP servers back then and that you could send mail with a simple terminal program, or, more practically, a script.
Not hacking, but using knowledge of the insecurity of SMTP servers of the time, to allow spoofing easy spoofing.
Not so easy to find SMTP servers to do that with now.
It was extremely easy to send a trojan file to a friend and if they would open it and you happen to know its IP you could remote do things like open its CD drive and at the same time have tons of malware in your PC but it was all worth to see them in the next day saying that the PC went abducted by aliens
At my fist big boy job my dad sent me one that locked out my keyboard and mouse then cranked the volume to 100% as it yelled “hey everyone, I’m watching porno over here” followed by a super loud moan. It was a quiet call center too. That moment still haunts my dreams.
Do you mean programming? Not that much different from a few years ago tbh. Vibe coding may have changed stuff since then. Otherwise, there was less emphasis on online services, so the upgrade cycle was slower and you had to test more before shipping. That was, perhaps, a good thing in terms of software reliability.
No, I mean hacking. Breaking into computers remotely, malware production, etc.
You might like “The Cuckoo’s Egg” by Clifford Stoll, about chasing down a break-in. There was less of an Internet then, so the phone network was a bigger target.
80s was all about the phones.
Phone phreaking, the 80’s were so fun. Stolen AT&T calling card numbers enabled you to call long distance for free at a time when calling the next city over could cost 30 cents a minute or more (equivalent to over a buck now). Hacking people’s answering machines was pretty easy. For youngsters, this was a device hooked up to your land line phone to give you voicemail. You could listen to your messages remotely by calling it and entering a password which was very short and limited to numbers. Some had to the capability to change the message that answered the phone. That made for lots of fun
30 cents per minute in the 80’s is like a dollar per minute today, maybe more.
I dunno, having payphones on every other street corner in the 80’s-90’s can seem like a foreign concept today.
That would be because the notion of having a pay phone on every corner is.
That is beside the point. The phone is just a pathway, the hacking is the same. The phone gets the hacker to the end user. Today the cellphon/tablet/pc is just a pathway to the end user.
When it comes to tech as much as everyone thinks it changes the more it stays the same.
My dad and his buddy devised a plan to get unlimited calls from phone booths to abroad. They drilled a 2 Deutschmark coin and put a fishing line through it. They figured out that the coin only drops after the allotted time is up, allowing the machine for there to be credit registered. But there was nothing preventing the coin from going upwards again. So they just kept pulling it out and then inserting the coin again. And re-dialing the international number. Like some petty comic book villains.
Money going online really changed the mood.
I recall a conference talk mentioning that the speaker (from a nordic country) told their friend to look at their online banking account, and then transferred them $-10. Either they were spotted or they disclosed it, I forget which, and luckily they were hired instead of jailed.
Money going online really changed the mood.
So true. Money spoils everything.
Damn
Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World" by Joseph Menn
If just looking for a casual, non-technical read, this is a good one. It led me to a few rabbit holes to dive down deeper.
It was exactly like the movie Hackers. 😅
Due to the nature of how the ARPAnet was born (lots of academic influence and the view of free sharing of information) outside the DOD infosec wasnt a thing, even then it was an after thought.
There was a healthy phone hacking community coming out of the 70s and into the 80s. Their techniques for getting free calls helped with exploiting the ARPAnet
There were pretty significant technology changes in the 90s with the WWW and the number of people and companies online leading to more opportunities and ways to exploit.
Wargames and Sneakers are pretty entertaining and while movies will give you a bit of a vibe.
If you can highly recommend you read
https://en.wikipedia.org/wiki/The_Cuckoo's_Egg_(book)
Really easy read and amazing true story
It wasn’t like the military had that much better OPSEC. The code to launch American nuclear weapons for over, 15 years was 00000000.
A few things I remember.
Nobody sanitised their inputs.
You could get through logins by making a database query check whether 1 = 1 instead of a password. You could put JavaScript into guest book fields to redirect people to whatever crazy site you wanted.
My university lecturer told me about a well known supermarket that built a shop front. They made it in such a way that you could change the numbers before they were submitted and it wasn’t validated on the back end. So free food.
