A hacker that was...
In 1994, I was convicted by the US District Court in
Alaska for "computer hacking". This is a copy of the Anchorage
Daily News report of when I was indicted:
Hacker accused of computer fraud
A 20-year-old Anchorage man has been charged with four counts
related to computer fraud. Donald Max Fanning is accused of
breaking into a computer system at a Seattle-based company and
illegally charging phone calls to the Federal Aviation
Administration and MarkAir. The charges also allege that
Fanning stole property from Elmendorf Air Force Base and
illegally obtained a password that could have allowed him to
break into a government computer. Fanning is scheduled to be
arraigned in U.S. District Court today.
Daily News staff report
Hacker gets 20-month sentence
By S.J. Komarnitsky
Daily News Reporter
An Anchorage man convicted of computer hacking has been sentenced
to 20 months in federal prison.
Donald Max Fanning was also ordered to pay $21,000 in restitution
and perform 200 hours of community service.
Fanning, 20, pleaded guilty in June to two counts of computer fraud,
one count of fradulant use of an access device, and theft of U.S.
Assistant U.S. Attorney Jim Torgerson said the charged included stealing
computer equipment from Elmendorf Air Force Base, illegally charging
more than $1,700 in long-distance calls to the Federal Aviation
Administration and MarkAir, and breaking into a Seattle-based computer
company. (Typist: I know this to be Tera Computer)
Fanning also posted the code he used to charge calls to the FAA on
a voice-mail system.
Torgerson said Wednesday that most of the money - about $14,000 -
would go to the Air Force to cover the cost of the stolen equipment.
An additional $4,800 would go to the Seattle company to repay its costs
in tracking Fanning down, while the remainder would be given to the FAA
and MarkAir to pay for the phone calls.
Fanning will be on probation for three years following his release.
As part of his sentence, he will not be allowed to own or use any
computer during that time.
Well when all was said and done, I did pay $21,000 in
(and was liable for it long after my probation was over - paid in full in 2003). After appealing the sentence during a process that started while I was still in prison (Federal Correctional Institution: Lompoc, CA.) the 9th Circuit Court of Appeals did find that the sentence was unreasonable in regards to computer use and was modified to not being able to use the Internet instead.
But for the record: The equipment was "borrowed" since the USSS/FBI and AFOSI (Air Force Office of Special Investigation) recovered the hardware from my house. The costs to Tera Computer were not for "tracking me down" but their claimed costs to "secure their systems" according to the pre-sentence report done by the US Probation Office.
All things being equal, the world was very insecure back then. None of the systems noted here required any "true skill" to access. Of course the reason I was even caught was by trusting people I shouldn't have... and the reason for getting time vs. my co-defendant was due to their "plea bargaining" and some serious threats trying to convict me on other counts such as hacking the Secret Service, the Anchorage Telephone Utility, MacTel Cellular where their ESN/NAM database was held, various college institutions, etc...
But I have done my part for National Security back then by helping identify and securing critical US Air Force systems which were vulnerable when some Colonel decided that their computer systems should be public on the "Internet" (then NSFNet) while it was in it's initial infancy.
So ended my experiences as a hacker of old and for the rest of us "Operation: SunDevil II" ended. Many of us gave up our younger ways at that time. Basically we grew up and grew old from hacking that was.
But it's my sincere belief that none of us outgrew hacking itself. It's a mindset that grew from outside-the-box thinking. Today, we're called geeks or hackers but it's in a different context than "cruncher" or "cracker".
So to those men and women of yesteryear: My thanks for making it fun and memorable. It was a blast to be part of that time. :-)
So what am I doing now? Basically probably the same as you but with a twist. If you know me, you know I'm a unconventional thinker and do'er. My current projects are:
- Asterisk PBX - http://www.asterisk.org
- Telephreak.Org - http://www.telephreak.org
- This site and the BBS for this system - http://bbs.00100100.net
The latter is from my desire to get back to basics. In the Internet we know, social networks that cluster around cities are convoluted. The best example would be craigslist.org. Tho I do admire the site and the concept, the implementation of it being a social network is poor in my opinion.
So, I'm working on "recreating" the bbs as a form local social networking. To do this, i'm investigating a couple different possibilities but the most promising is a piece of software that was created in the "hey-day" of dial-up BBS's. This software is called "Synchronet" written by Rob Swindell. The software did have a commercial phase but now it's been totally open-sourced by Rob. What makes this software interesting is that it already has a web interface as well as the terminal interface accessable via telnet. It also has a few other interfaces including POP3 and Gopher.
The system is online now for your review. It's named "Terminal Frost" in reference to the Pink Floyd song as well as the Atari 8-bit system I ran in Denver when I was a boy. Eventually, I'd like to bring aspects of that system back to this one. That system ran the Carina // bbs system on an Atari 130XE modified to 320K and used Bob Puff's "Black Box" for it's hard disk interface.
[2022 edit:] While I still do keep interest in BBS's, I don't have the bandwidth or desire to bring a system of old back
online in it's exact form from 1990. Instead, I'm working in the background on bringing aspects of it into the current era.
Plenty of places provide the nostalgia fix. But what I'm hoping to do is build systems that allow for community to re-engage in a similar way that you could with the BBS of then and even interoperate with the diaspora of hardware both then and now without issue. Similar ideas are the "Hacking International Networks and Systems using VoIP" or my 2011 talk at DEFCON 17 "AAPL - Automated Analog Telephone Logging". My current work is to update these talks with a better global scan of the entire PSTN network using audio samples processed by machine learning stacks once we are able to process and eliminate PSTN numbers from mobile cellular carriers.