...of today. I really wanted to understand what are the protocols used, how does the phone talk to the communications network, how does the whole thing operate? And I thought maybe I could modify the firmware for the code in my phone and make it more difficult for the government to track me.
For example, there are certain methodologies the government uses, like any time your phone is on, it is communicating with the mobile telephone company. I wanted to be able to toggle that off and on, so take my phone offline and do extra things to it. At the time I had that idea, but I never went through with it because I was so busy hacking. It was pretty much the trophy. Once I got the source code, that Motorola phone intrigued me. I looked at it, read through it, and tried to understand what I could understand.
After that I went after other different cell-phone companies and it really was about the trophy. It was the challenge of getting in and getting the code, storing it at USC [University of Southern California] in Los Angeles, and moving on to the next one. That's how I got caught.
The USC administrators noticed that a lot of their disk space was being used and their systems were breached and they called the FBI. The companies themselves didn't realise they were hacked. It was USC that discovered it. I didn't spend any time trying to hide it. That was my downfall.
Did know what you were doing was illegal?
I started hacking back in the seventies and there were no laws against phreaking or hacking. In school, my parents and other people actually encouraged it. There were no ethics taught.
If you could hack into the school's computer you were considered a whiz kid. Today, if you do it, you get expelled or they call the cops. It was like a reward of intellect back when I got started. Then they criminalised it later.
I was so hooked into the adventure of the hacking game, doing it for a number of years even though it became illegal. It was thrilling, adventurous. It was all about solving the puzzle, using intellect to get around obstacles. It was like a huge game.
What would you do differently if you could go back in time?
In hindsight, I wouldn't do what I did because now I'm much smarter and wiser, and I caused a lot of network and systems administrators a lot of headaches undeservedly. It was the wrong thing to do.
But at the time there was no such thing as penetration testing and no school curriculum on security. You had to be self-taught. That's how I learned about security and systems — through hacking. I took the wrong road in doing it. I wouldn't repeat it.
Today there are degrees, penetration testing, books on the subject. At the time, a lot of companies and universities didn't give much thought to security.
When I was 17 years old, the phone company was so livid with me for hacking its systems — and not hacking through a computer but through social engineering and calling and controlling touch phones or calling employees.
There were no laws against it. They actually yanked out the phones in our house, and I was living with my mom at the time. I was in high school. They wouldn't let us have a phone and cited California Public Utilities Commission rules that if there's fraud or abuse the phone company can yank the phone.
Rather than stop my activities I figured I would one-up them. We were living in a condo. The condo had unit numbers and we were unit 13. I went to the hardware store and got the numbers 1, 2, and a B for unit 12B. I called the phone company and told them the builder had built another unit in the condo complex.
Then the phone company came out and installed a phone for a new subscriber in 12B under my name or my mother's. Then we had a phone for two weeks and one day it just went dead. The phone company was livid because I had done this elaborate thing to trick them. After about six months we got the phone service back but we could only make outgoing calls.
Let me ask about your time in jail. How much time did you serve and what was that like?
I served five years, and I ended up in solitary confinement for a year because a federal prosecutor told the judge that if I got to a phone I could connect to Norad [North American Aerospace Defense Command] and somehow launch an ICBM [intercontinental ballistic missile]. So the judge, reflecting on the movie War Games, put me in solitary confinement.
I think it was a strategy they used to get me to plead out or cooperate. I was held for four and a half years without a trial. I spent a lot of time focused on the defence and reading cases and serving as assistant to my attorney. At the end of the day I realised justice is economic — unless you have enough money to properly mount an effective defence you always lose.
I wanted to admit that I was hacking, but the intention and the purpose of it wasn't fraud because to commit a fraud you have to convert property to your own use and benefit, to profit. In my case that was lacking. I was doing it for the trophy.
I was cloning my cell phone to random subscribers and dialling into computers from the cell phone. The purpose wasn't to make free calls — it was to...
