Ask Kevin Mitnick

Okay, Kevin Mitnick is getting back online and can start taking email tomorrow, January 21. We've spoken with Kevin by phone, and he agrees that a Slashdot interview is a fine way to help celebrate his return to the Internet, especially since he has a book to sell and a consulting business to build. (Don't forget: Kevin hasn't been able to make much money for a number of years, and has a lot of lost time to make up for.) One question per post, please. We'll email Kevin 10 of the highest-moderated questions, and post his answers shortly after he gets them to us.

How about....

[Psx29 (538840)]

What is the first thing that you have done with access to the internet?

Re:How about....

[EinarH (583836)]

He prob. had to do the same that everyone else is doing each time they are back from vaccation:-->
Delete spam. Tons of spam.

No Offense meant, but..

[ackthpt (218170)]

No offense meant,but

he has a book to sell and a consulting business to build. (Don't forget: Kevin hasn't been able to make much money for a number of years, and has a lot of lost time to make up for.)

Knowing all this as the result of your choice, would you choose this path again? If so, why?

What do you say?

[PhysicsGenius (565228)]

I've heard that you've expressed regret over the actions that landed you in jail and I think I even heard you say that you think you were in the wrong. So how do you respond to the hundreds of wannabes who hacked sites "in your honor" and wore "Free Kevin" shirts at the risk of repelling girls? Do you owe them anything, even a little guidance towards the straight and narrow?

Thoughts

[ScannerBoy (174488)]

At any point did you consider leaving the computer world behind to search out other means of makeing a living such as teaching, history, construction...?

Or is is the old, I just gotta do this feeling?

Life Without the Internet

[by Anonymous Coward]

In Cuckoo's Egg, Cliff Stoll siad that in some cases life is better without the internet. Did you find any advantages to life without it?

What's Different?

[theGreater (596196)]

I wonder what the largest single difference between going in and coming out will be for KM. What kind of access to infotech did he have while inside? Was he at least able to keep abreast of current trends?

-theGreater Ponderer.

Your finest moment in court

[cluge (114877)]

What would you say was your finest moment in court? While you seem to have been pretty much beat up by the court system I'm quite sure you must have had a shining moment or 2, either as a defendant, or perhaps an expert witness?

Yes?

[egoff (636181)]

How do you think that your sentence has changed you, and the way you view your society?

Do you feel...

[Shads (4567)]

... that current laws against technology abuse are adaquete and what kind of changes do you feel should be made if not?

Skill sets?

[inteller (599544)]

How have you been able to maintain current skill sets while you were in the clink and after you got out? Is there any one skill set (programming, etc) that you plan to get current on?

How do you find it?

[riflemann (190895)]

So now that you've been back online for what's probably a few days by the time you read this:

What do you think of todays internet?

Re:How do you find it?

[mstyne (133363)]

He loves ... San Dimas!!

Which OS?

[DocStoner (236199)]

Are you using WindowsXP, MacOS 10.2, (insert Distribution here)Linux, or your old personal favorite... Sun?
Hmmm, maybe you will try them all? You are a sneaky one.

Scapegoat Sweepstakes?

[Bonker (243350)]

Kevin, you've said and many of us feel that you had the book thrown at you to try to deterr other wouldbe hackers and crackers from plying their craft.

How many of the charges brought against you were unfair? What do you feel would have been a fair set of charges to levy against you?

The more things change...

[sterno (16320)]

Looking abck at the last 8 years that has left you unable to use the Internet, do you feel that this deprevation has had any positive benefits on you? Did you have to find other hobbies that you now enjoy to while away the hours you used to spend hacking?

The slammer

[UVABlows (183953)]

Is the pen as bad as it is made out to be? Did you ever run in to trouble or not get along with the other inmates? Is there any advice that you can offer to any slashdotters that have to serve some time that you wish you had known?

Welcome back.

Your wrongs...

[jamienk (62492)]

2600 and others (even you) often say that it is true that you did some things that were wrong, but nothing anywhere near as bad as what you were accused of and nothing warranting the treatmeant you got. But from a self-critical point of view: what was it that you did that was "wrong" and what punishment would have been fair?

Free Kevin!

[cioxx (456323)]

Question: Do you feel, not being able to use the internet and generally spending so much time incarcerated, set you back on your knowledge? Case in point, 5-6 years ago Linux was still in its infancy. Do you ever get amazed how much OSS community has accomplished in such a short period of time?

Was Your Penalty Fair and Will It Deter?

[mikehihz (555979)]

Seeing that you have taken some responsibility for your actions, do you think your penalty was fair and will a penalty like you received, fair or not, deter others from following in your footsteps?

Future vs Past

[PovRayMan (31900)]

I'm curious to know, do you believe your whole case would have been held differently had the crimes been committed in the year 2000 under newer laws rather than the ones of your time?

How do you see yourself?

[Astrogen (16643)]

There has been alot of press, and over the years you have been a hero, and a Martyr to thousands of geeks and hackers, in addition to phone phreaks and anti establishment movements.

In what light and or combination of these types do you see yourself now, is that different from how you were 20 years ago, and do you see yourself as a champion of these things in the future or do you intend to just mix back into society and get a "normal" life back (after your book of course)?

The speed of change

[zwoelfk (586211)]

Although social engineering has changed very little since before your unfortunate experience (perhaps only slightly in awareness of the value of the information), the state-of-the-art in hacking (in the more technical, not criminal sense) and even general-purpose programming has changed significantly. Do you feel as though you are at a disadvantage compared to those who have made every attempt (though truly impossible) to keep up? If so, what's your strategy for regaining your edge?

As a side note, if you're interested in game programming, let me know!! :)

Prison Life

[SloppyElvis (450156)]

This is really a barrage of questions. What did the other prisoners think when they learned the nature of your detainment? Did you tell them you were in for armed robbery to toughen your rep? How would you rate Hollywood's penchant for prison portrayal, accurate, or way off the mark? Also, were you able to follow developments in computing through books; were you granted such a right?

still possible

[adamruck (638131)]

given the state of technology today, and some of the recent new laws passed, do you think that the path that you took would still be possible today?

clueful authorities?

[jeffy124 (453342)]

Several months ago we had a warez guy in (Chris Tresco) for a /. interview [slashdot.org], and I'd like to ask the same question I did he:

>How clueful are they?
>In your opinion, how did the each party (prosecution, your lawyer, and most
>important - the judge) look when it came to their understanding of
>technology? Did they know every nook and cranny, or seem lost in a maze of
>confusion? Do you think an understanding of the issues in question was a
>significant factor in court proceedings?

I know you spoke of this briefly in that lost chapter of your book, in that the companies who said they were victimized significantly overstated their losses (and admitted to it), and the judge went beyond prosecution's suggestion for punishment. But I'm curious to know how competent you think the feds are in these types of legal matters.

For better or worse...

[crashnbur (127738)]

For better or worse, what is the most important thing that you have learned that applies to us all?

Philosophical changes

[OneStepFromElysium (549625)]

Have your recent law-related experiences (for lack of a more elegant term) brought about any major philosophical changes in your life ? By this, I mean not necessarily computer related changes, but in all aspects of your perception of the world.

Did you know you'd get caught?

[Motherfucking Shit (636021)]

My question, in a nutshell: Did you know that you were going to get caught?

I guess what I'm most curious about is whether you knew the risks and took them anyway, or whether you thought you were covering your tracks and that the risks were minimal. It would be interesting to know if you knew you'd eventually get busted or whether you thought you were relatively "safe" from discovery.

question

[BlackArrow (61347)]

Do you think you made a deffinitive impact on security policies today, or do you think that most companies still have a lot to learn about security?

Seeing..

[Maeryk (87865)]

As how you have spent 8 years involved in a situation that seems by all accounts to have been an overblown kangaroo court, do you feel the government needs a specific branch specifically to deal with "cybercrime", and if so, how would you see it laid out, ideally, and why?

Maeryk

Was signing away your rights vs early trial

[bungo (50628)]

Kevin,

I enjoyed your bio, it's a pitty it was cut from your book.

Can you tell me why it was better to stay in prison and sign away your rights, than to go to trial early with a less prepared lawyer?

Weren't you just keeping yourself in prison longer that you should have been?

Do you really think that you would have got an even worse treatment if you went to trial earlier?

Question about Trust

[Neck_of_the_Woods (305788)]

I realize that you may have put your cracking days behind you but can you really address the question of trust in the computer security industry.

How has your move into the security industry been recieved by the establishment, and how have you been dealing with the obvious question of you being trusted in the very area you manipulated.

Social Engineering

[JeanBaptiste (537955)]

I know that many of your exploits were due to social engineering as well as exploiting known holes in hardware/software. You write heavily about s.e. in your book as well.

Do you think that social engineering still plays as big a part now as it did in your heyday? Moreso maybe?

Re-Educating yourself for today's tech world.

[Kaypro (35263)]

What has been the biggest stumbling block or surprise, if any, in attempting to re-educate yourself into today's tech world.

Published Stories vs. Reality

[Dirk Pitt (90561)]

I've read a number of editorial writers that have stated that the outright menacing portrayal of you in writings such as Hafner's Cyberpunk is twisted fiction at best. To the thousands of people who've derived opinions of you based on these works, what would you say in response?

What's it like?

[Pii (1955)]

Slashdot has no shortage of technological "Rock Stars" (Linus, ESR, RMS, Bruce Perins, etc), but most of them didn't attain their fame as a result of being prosecuted to the fullest extent allowable by law...

You are a notable exception. What's it like being a rock star, and how great is it that you'll now be able to fully capitalize on your fame in the financial sense? Would you be in as promising a position today had you not run afoul of the law?

Out of the Loop

[dev_sda (533180)]

Kevin, you've been seperated from computers by law, yet now you are running a consulting business. This would suggest that you have some level of expertise with computer technologies that did not exist or existed in fairly immature version of their current incarnations.

How did you/do you stay current on technologies without actual experience, and was it difficult without having an opportunity to put theory into practice?

Security Precautions

[DohDamit (549317)]

What security precautions are you going to use to prevent bad people from hacking into your company's systems?

Big question

[GMontag (42283)]

What is the password to my PayPal account? I forgot it a while back.

Thanks in advance!

Social Engineering

[dr_dank (472072)]

I read your book and attended H2K2 last summer (I look forward to seeing you speak at the next one). I meant to ask this question to the Social Engineering panel:

Do you have any stories about Social Engineering gone awry? That is, a situation where the mark saw right through your ruse and you just couldn't pull it off.

Welcome back Kevin

[T-Kir (597145)]

There was a very interesting (and well balanced) program about you I saw in England a while ago, and in it it mentioned that you were put into solitary confinement (AFAIK) for 6 months, and weren't allowed to use (let alone go near) a telephone under the misaligned fear that you could "blow up the country with one call".

My question is: How does it make you feel when there are such ignorant and misinformed people who are in a position of authority (i.e. judges, police, government) and are there any ways in which you can use your experience to change these attitudes/problems for the good?

Did rehabilitation work?

[squarooticus (5092)]

Having read numerous accounts of your activities, both favorable and not, my impression is that your punishment was well deserved.

My question is therefore, "Did you learn that it is wrong to intentionally destroy others' work for your own amusement? If so, what part of the punishment was most effective? And, if not, what additional punishment might have changed your mind?"

This is a serious question. I'm not just trolling.

Do u have a keygen for Wind0zes xp?

[teamhasnoi (554944)]

From what I have read, it seems that you did more with social engineering than you did with actual hacking. What would you say your greatest strength is with regards to using hardware/software? Your greatest weakness?

How Do You Plan on Getting Up to Speed?

[bloxnet (637785)]

If have read a bit about you, so I know that you were no slouch back in the days prior to your incarceration and release...but if you have actually stuck with the limits of your probation how are you planning to jump into consulting again?

Don't get me wrong, but you can only advise people on social engineering and easy passwords for so long...what kind of knowledge did you already have on PKI, VPNs, Firewalls, IDSes? There seems to be so much that has changed that just a cursory understanding of the principles behind these technologies does not seem sufficient to serve as a consultant (or at least one I would pay for)

Since so much has changed radically in the last few years, how have you kept up or do you plan to keep up at the moment? I can't see just reading a book on the latest OS specs and administrative tasks and being able to consult on them without hands on experience, and in your case you have quite a few years of language, os, security, and other operational technology advances to get up to speed with, etc.

So basically....what's you game plan to get back to a modern day equivalent of the proficiency you had several years ago?

Time Flies

[jjwahl (81757)]

Time flies and the pace of change is ever increasing in this industry. Certainly the landscape of the computer world has changed dramatically since you were last able to lay your hands on a keyboard.
Yours is a unique perspective - almost like a kid that has had full run of the candy store and was taken outside and forced to watch (face pressed to the glass). Now you're allowed back in to a drastically changed candy landscape. (Pardon the candy analogy, but I'm fond of sugary things).

In your opinion, what technology has changed the greatest since you were actively involved in the scene?

What will be your primary technology focus when you get back online - in terms of getting back up to speed?

Do you feel intimidated at the prospect of catching up on so many things? Are there areas that you will simply ignore out of necessity but would like to learn more about if you had the time?

Do you have any desire to hack just for the joy of hacking/discovery or have you been turned off of that in light of the consequences?

Thank you for your answers and welcome back!

public opinion

[k2enemy (555744)]

you have done an amazing job at garnering support and sympathy from the public, but how will we ever know if you deserve it? the only person that knows your true motives is you. with your social engineering skills and drive to see how far you can push things, wouldn't changing an entire public's opinion be the ultimate social hack?

Addiction

[SUB7IME (604466)]

Commonly, high-risk activities are found to be addictive. Would you say that you were addicted to 'hacking' and social engineering? If so, did your lengthy sentence give you enough time to get over that addiction, or do you still feel the pangs of desire?

Unauthorized?

[_ph1ux_ (216706)]

While you were incarcerated - were there any attempts at unauthorized access to your ports? How did you manage to secure these ports from would be DoS attacks? Did you have to do a lot of social engineering to keep them safe?

Re:What are the ten worst Windows vulnerabilities?

[TheAwfulTruth (325623)]

Since this is slashdot and since Open Source and Linux are more our concern here, shouldn't the question be:

"What are the ten worst Linux vulnerabilities to hacking, how would you attack such systems, and what has to be done with Linux to prevent such vulnerabilities?"

Surely you don't actually believe that Linux is unhackable? Wouldn't finding out what Linux's weakest areas are and fixing them before Linux becomes widspread enough on "Dumb User" hardware that it becomes the next great hacking target?