Ask Kevin Mitnick

Okay, Kevin Mitnick is getting back online and can start taking email tomorrow, January 21. We've spoken with Kevin by phone, and he agrees that a Slashdot interview is a fine way to help celebrate his return to the Internet, especially since he has a book to sell and a consulting business to build. (Don't forget: Kevin hasn't been able to make much money for a number of years, and has a lot of lost time to make up for.) One question per post, please. We'll email Kevin 10 of the highest-moderated questions, and post his answers shortly after he gets them to us.

No he's been waiting for

hot teen nympho's, an MBA in 2 weeks and penis enlargement offers.

I bet his email account is full! 100,000 spams just waiting for him to return...

How about....

What is the first thing that you have done with access to the internet?

Re:How about....

Great. We can watch him on live TV trying to remember which password he used for his email...

Re:How about....

I see it going something like this:

TechTV Host: Okay Kevin, here's your computer, you have the controls. You said you were thinking about browsing a few web sites?

Kevin: Yes. I think I'd like to try Yahoo. ...tapettytaptap... a few seconds pass

Kevin: Ah. Here we go. Hmm. This is odd, it doesn't look like the screenshots I've seen in magazines...

Kevin displays shock and surprise.

Kevin: It looks like a hundred pages of CREDIT CARD NUMBERS! Hey, what's going on!?!

Cops bust through the doors, comedy ensues.

Re:How about....

He prob. had to do the same that everyone else is doing each time they are back from vaccation:-->
Delete spam. Tons of spam.

No Offense meant, but..

No offense meant,but

he has a book to sell and a consulting business to build. (Don't forget: Kevin hasn't been able to make much money for a number of years, and has a lot of lost time to make up for.)

Knowing all this as the result of your choice, would you choose this path again? If so, why?

Re:No Offense meant, but..

I don't think he chose to be kept in Federal prison without a trial for more than 4 years. I don't think he chose to have the software he downloaded (and did not distribute) valued at an amount way beyond reality because the Feds said to. I don't think he chose to have terms of his probation which kept him from using his First Amendment rights or being able to make a meaningful use of his technologic abilities.

Did he choose to be the poster-boy of government corruption when it comes to prosecution of technology-related case? I don't think so.

You're the type of person who would ask Skylarov why he chose to come to the U.S. to speak at a technology conference.

What Really Happened

The government had access to all the records that Mitnick could have used for his defense, but they arbitrarily withheld the records indefinitely. Each six months Mitnick was given the choice of going to trial with an unprepared defense and some crappy government lawyer with no access to the records necessary to prove his innoccence, or to sign a waiver allowing the government to delay the trial for another 6 months while he stayed in jail. In other words, they were just trying to fuck with him untile he broke, gave in, and pleaded guilty. They never had any intention of giving him a fair trial. It was a total mockery of the legal system and a travesty of justice.

Re:No Offense meant, but..

You're the type of person who would ask Skylarov why he chose to come to the U.S. to speak at a technology conference.

On the contrary, I applaud Dimitri Sklyarov and feel his work was construct, in the face of unjust legislation the USA exports and tries to exert on other peoples. It should be the choice of each sovereign nation to determine the extent of copyright/patent protection to inventors. One country, such as the USA, may attempt to hold all others in thrall as long as the life of intellectual property protection.

Besides, Kevin didn't attempt to bypass electronic IP safeguards, except as the DMCA may regard hacking. He revealed the swisscheese security of information systems in their infancy. He made people afraid, powerful people. We already, well most of us, are aware what sort of democracy-for-sale the Congress and Administration are, when their friends sneeze, they catch cold, and act within or without the law. It's a matter for the defendant to pry him/herself out of such a mess. As often as such examples play it's remarkable anyone wants to open themselves to such harrassment, particularly without alerting the ACLU or some group ahead of time that they intend to demonstrate how unjust the system is, in whole or part.

Anyone remember the 414's? A group of young men in the Milwaukee area who, when caught breaking into DEC systems wanted to sell movie rights? It wasn't too hard to figure how they did it, hell, I was admin on a DEC system and there were default passwords and field service passwords easy enough to guess. You just had to be bored and stupid enough to go trespassing.

I have plenty of sympathy for those treated unjustly, but those who go alone to spread fear among powerful interests are no more clever than a swimmer dogpaddling around in a shark tank.

Re:No Offense meant, but..

I don't think he chose to be kept in Federal prison without a trial for more than 4 years.

Actually (a little googleing reveals that) in many instances he DID - or rather his lawyers did. The trial kept getting delayed due to it's complexity - often at the request of HIS lawyers. Hiring and firing three different lawyers doesn't usually speed things up any either (though I'll grant you it is possible they were incompetant - but the real possiblity exists their client was part of their problem). As for being denied bail that whole time - well that is sort of a natural penalty for running & continuing to commit the same crimes while on the run - for some reason people just don't trust you not to it again. Wasting time in useless appeals to GET bail when no sane judge would give it to you is just another thing that drags out the time you spend waiting for trial.

I don't think he chose to have the software he downloaded (and did not distribute) valued at an amount way beyond reality because the Feds said to.

And they should have been valued at less because he & his lawyers said so? I have no idea what the real value of the damage he caused to various systems was or the value of the information he stole. I doubt HE knows it's value. I am sure his victims and the prosecution exagerated it's value. On the other hand it is not difficult at ALL to assume that the value was quite significant. Big companies worth many billions of dollars keep stuff on their computers that really do have multi-million dollar values to those companies. Those where the kinds of companies he liked to hack and the kind of information he liked to steal BECAUSE he wanted to be a big deal and make a big splash. Well he did.

I don't think he chose to have terms of his probation which kept him from using his First Amendment rights

While convicts have rights the whole point of being a convict is having certain rights taken away. As for his specifically first amendment rights - I don't know of any instance during his sentence when the government established a religion for him, forbade him to excersise his own, forbade him to speak, talk to the (or even run a) press, assemble peacably or petition the government to redress his greavances (this last I think he excersiced far more than most of us) Being forbidden to use a computer after being convicted 4 or 5 times (on multiple counts each time) of computer fraud & abuse is not much different from being forbidden to own a gun after being convicted of a gun crime. Being forbidden to use a tool that you only seem adept at using criminally seems appropriate and fitting not cruel nor unusual. Having himself argued in court before that he was compulsive and unable to control himself probably didn't help his case any on this point.

Did he choose to be the poster-boy of government corruption when it comes to prosecution of technology-related case

After being caught and convicted on numerous prior occasions and being dealt with fairly leniently by the courts at first - then doing the same thing again *while on probabation* - then running when a warrant is issued - then continuing to commit the same high profile crimes while on the run IS asking for it.

Yes, there are murderers that have been dealt with less harshly. That's a GREAT argument for harsher treatment of murderers IMO than for more lenient treatment of multiple offense fraud artist fugitives. All the time I hear on /. that online crimes should be dealt with the same as offline - well his punishment doesn't seem so out of whack for a string of multiple breakings & enterings, thefts, & frauds while on the run from the law.

What do you say?

I've heard that you've expressed regret over the actions that landed you in jail and I think I even heard you say that you think you were in the wrong. So how do you respond to the hundreds of wannabes who hacked sites "in your honor" and wore "Free Kevin" shirts at the risk of repelling girls? Do you owe them anything, even a little guidance towards the straight and narrow?

Priorities

Actually, I think Kevin's time is better first spent on a law change so that hacking is never punished in the same way as violent crimes. And that writting programs to use things you legally bought - like a DVD player for Linux or a program to print your ebooks - is legal. Excesses of the government is a much bigger concern than small infractions of individuals.

Anyone here who wouldn't be in trouble if every one of their computer and copyright related "offenses" came to light can throw the first stone. Ever downloaded an unlicensed MP3 plugin for Redhat 8? Ever renamed irc to emacs to violate a school policy on computer use?

Thoughts

At any point did you consider leaving the computer world behind to search out other means of makeing a living such as teaching, history, construction...?

Or is is the old, I just gotta do this feeling?

Re:Thoughts

Kevin is embarking on a project to leverage his social engineering skills. Look here:

http://www.defensivethinking.com/ [defensivethinking.com]

He's going to be spending some time explaining his methods -- as opposed to using them.

Life Without the Internet

In Cuckoo's Egg, Cliff Stoll siad that in some cases life is better without the internet. Did you find any advantages to life without it?

Re:Life Without the Internet

He answered the question on the radio show Off The Hook [2600.com] (see the 10/16/02 show.)

Although he cannot use the internet himself, he is allowed to observe other people who are using it, and talk about the webpage as they view it. Technically he has not been allowed to direct the persone browsing the web, but they sort of work around that via a series of "yes-no" questions.

Re:Life Without the Internet - similar...

I've seen many intelligent people get enraptured in computers, and eventually come off of the high. I am one of those people too, and despite the fact that I've made a career out of it, I've had days where I cought glimpses of another life in which I would only have the crudest computer access, and manage to be happy.

Did spending an extensive period of time away from computers make you realize that you might just move away one day? or are you still fascinated like the first geek was?

What's Different?

I wonder what the largest single difference between going in and coming out will be for KM. What kind of access to infotech did he have while inside? Was he at least able to keep abreast of current trends?

-theGreater Ponderer.

Your finest moment in court

What would you say was your finest moment in court? While you seem to have been pretty much beat up by the court system I'm quite sure you must have had a shining moment or 2, either as a defendant, or perhaps an expert witness?

Re:Your finest moment in court

And along the same lines, what are some of the more enjoyable things you've accomplished outside of court.

When you had your weekend radio show on KFI in Los Angeles, you had many stories that brought about changes in your tone, such as experiments with "drive thru"s involving intercepting and overriding the employees such that you could speak directly with the customer from a distance away. While many would argue (and I would certainly agree) that this isn't a technical marvel, it is pretty damn funny.

So, my question is: everyone knows the big things you've done that you've been punished for, what about the little things you've done that you look back on and smile about?

Yes?

How do you think that your sentence has changed you, and the way you view your society?

Do you feel...

... that current laws against technology abuse are adaquete and what kind of changes do you feel should be made if not?

Skill sets?

How have you been able to maintain current skill sets while you were in the clink and after you got out? Is there any one skill set (programming, etc) that you plan to get current on?

Re:Skill sets?

further - what skill would you say you have increased or bettered while you were away - and what skill(s) would you say have atrophied the most?

(these skill having to do with computers - even though you have not had access to computers during this time)

Re:Skill sets?

IIRC, mitnick did not program. His skill was entirely in social engineering, and phone technology (which I presume meant he had a good amount of electronics knowledge). Buffer overflows and computer exploits as we know them today were not his thing. While he may have understood how OS's like Unix work, on a very detailed level, he did not code in C/C++.

Re:Can't earn money?

Good at? You've got to be kidding!

I suppose the Rosenberg's were good spys and Dahmer was a good serial killer too huh?

In Mitnick's "line of work" as it were, being good means NOT getting caught.

I honestly don't see why so many people like us lift Mitnick up to some hero-like status. He was dumb. He wasn't a good hacker, and what he did hack he handled really stupidly. And that's what got him caught, plain and simple. He's now going to make a living on his name.

Re:Can't earn money?

You should upgrade to the latest version of Linux ported to fountain pens. I reccomend using Bic pens, as they come in 12 packs and are really easy to cluster.

How do you find it?

So now that you've been back online for what's probably a few days by the time you read this:

What do you think of todays internet?

Re:How do you find it?

He loves ... San Dimas!!

Re:How do you find it?

Welcome back. Things have changed a lot in the last 8 years. People with your kind of skills are becoming rarer while the number of people that commit on line "crimes" has increased.

The hot issue for many of us concerns the idea of Fair Use, copyright, and copyright enforcment. Government regulations have been changed and are changing in favor of the same kinds of large corporations that claimed huge damages against you during your less than ideal experiance with the Judidical System.

My question is this. What are your thoughts on the continued expansion of corporate copyright enforcement rights, including the legalization of some of the techniques you were convicted of using?

Do you trust corporate america to weild the tools you've used and helped pioneer and what if any regulation do you consider both accecptable and feasable?

Which OS?

Are you using WindowsXP, MacOS 10.2, (insert Distribution here)Linux, or your old personal favorite... Sun?
Hmmm, maybe you will try them all? You are a sneaky one.

So...

...where's the best place to get some sweet WaR3Z, d00d???//

Honestly, though. Do you think your return to the internet should be a 'celebration'? You -did- break the law, why should we be happy you are back on the saddle again?

Scapegoat Sweepstakes?

Kevin, you've said and many of us feel that you had the book thrown at you to try to deterr other wouldbe hackers and crackers from plying their craft.

How many of the charges brought against you were unfair? What do you feel would have been a fair set of charges to levy against you?

Re:Scapegoat Sweepstakes?

...and do you think the charges were unfair even though you're a multiple repeat offender?

Do you hold ill will towards the friend you had in the early days that you bullied into giving you mainframe access at his work? I read in the book Hackers that you not only bullied him into letting you into his workplace after-hours, but you would make him drive you around and buy you Fatburgers. How much of this account is true?

The more things change...

Looking abck at the last 8 years that has left you unable to use the Internet, do you feel that this deprevation has had any positive benefits on you? Did you have to find other hobbies that you now enjoy to while away the hours you used to spend hacking?

Re:The more things change...

Has it been 8 years, man that makes me feel old
Q:

• A
• lot has changed online in the last 8 years, do you think that you will have any difficulty geting back into online culture, or do you intend to keep a healthy distance from it?

The slammer

Is the pen as bad as it is made out to be? Did you ever run in to trouble or not get along with the other inmates? Is there any advice that you can offer to any slashdotters that have to serve some time that you wish you had known?

Welcome back.

Re:The slammer

Yeah, did you ever lie about your crimes to the inmates to gain respect with them? I understand inmates generally don't like pedophiles and that "the system" punishes them pretty harshly. How do they like super elite hackers? You ever claim you killed a man?

Re:The slammer

Best he could claim is that he rooted somebody's system and killed "man"

Advice

Show some inmates with lots of power how to make free phone calls, and perform some favors for them. When you get out, they will take you into an elite crime syndicate as their technology head. Then wait for a secret box that decrypts everything to come along, and hire your former best friend to steal it for you.
Simple as that

Your wrongs...

2600 and others (even you) often say that it is true that you did some things that were wrong, but nothing anywhere near as bad as what you were accused of and nothing warranting the treatmeant you got. But from a self-critical point of view: what was it that you did that was "wrong" and what punishment would have been fair?

Free Kevin!

Question: Do you feel, not being able to use the internet and generally spending so much time incarcerated, set you back on your knowledge? Case in point, 5-6 years ago Linux was still in its infancy. Do you ever get amazed how much OSS community has accomplished in such a short period of time?

Was Your Penalty Fair and Will It Deter?

Seeing that you have taken some responsibility for your actions, do you think your penalty was fair and will a penalty like you received, fair or not, deter others from following in your footsteps?

Future vs Past

I'm curious to know, do you believe your whole case would have been held differently had the crimes been committed in the year 2000 under newer laws rather than the ones of your time?

How do you see yourself?

There has been alot of press, and over the years you have been a hero, and a Martyr to thousands of geeks and hackers, in addition to phone phreaks and anti establishment movements.

In what light and or combination of these types do you see yourself now, is that different from how you were 20 years ago, and do you see yourself as a champion of these things in the future or do you intend to just mix back into society and get a "normal" life back (after your book of course)?

The speed of change

Although social engineering has changed very little since before your unfortunate experience (perhaps only slightly in awareness of the value of the information), the state-of-the-art in hacking (in the more technical, not criminal sense) and even general-purpose programming has changed significantly. Do you feel as though you are at a disadvantage compared to those who have made every attempt (though truly impossible) to keep up? If so, what's your strategy for regaining your edge?

As a side note, if you're interested in game programming, let me know!! :)

Trepidation

Do you feel any trepidation about returning to the online world at this point? With such a lengthy absence there have been numerous technological and paradigm changes. Do you feel you've been able to keep up to date (more or less) with current trends or is there a sense of "catch up" that you feel?

Prison Life

This is really a barrage of questions. What did the other prisoners think when they learned the nature of your detainment? Did you tell them you were in for armed robbery to toughen your rep? How would you rate Hollywood's penchant for prison portrayal, accurate, or way off the mark? Also, were you able to follow developments in computing through books; were you granted such a right?

still possible

given the state of technology today, and some of the recent new laws passed, do you think that the path that you took would still be possible today?

clueful authorities?

Several months ago we had a warez guy in (Chris Tresco) for a /. interview [slashdot.org], and I'd like to ask the same question I did he:

>How clueful are they?
>In your opinion, how did the each party (prosecution, your lawyer, and most
>important - the judge) look when it came to their understanding of
>technology? Did they know every nook and cranny, or seem lost in a maze of
>confusion? Do you think an understanding of the issues in question was a
>significant factor in court proceedings?

I know you spoke of this briefly in that lost chapter of your book, in that the companies who said they were victimized significantly overstated their losses (and admitted to it), and the judge went beyond prosecution's suggestion for punishment. But I'm curious to know how competent you think the feds are in these types of legal matters.

For better or worse...

For better or worse, what is the most important thing that you have learned that applies to us all?

Hacker Icon

Given that you have been quoted as saying your 'hacking' was wrong to do. How do you feel about being perhaps the most notable icon of the hacking community?

Philosophical changes

Have your recent law-related experiences (for lack of a more elegant term) brought about any major philosophical changes in your life ? By this, I mean not necessarily computer related changes, but in all aspects of your perception of the world.

Did you know you'd get caught?

My question, in a nutshell: Did you know that you were going to get caught?

I guess what I'm most curious about is whether you knew the risks and took them anyway, or whether you thought you were covering your tracks and that the risks were minimal. It would be interesting to know if you knew you'd eventually get busted or whether you thought you were relatively "safe" from discovery.

question

Do you think you made a deffinitive impact on security policies today, or do you think that most companies still have a lot to learn about security?

The Most Important Question of All

What are your thoughts about TCPA Initiative / Palladium? Do you see it as a destructive force in the computing industry?

Seeing..

As how you have spent 8 years involved in a situation that seems by all accounts to have been an overblown kangaroo court, do you feel the government needs a specific branch specifically to deal with "cybercrime", and if so, how would you see it laid out, ideally, and why?

Maeryk

Was signing away your rights vs early trial

Kevin,

I enjoyed your bio, it's a pitty it was cut from your book.

Can you tell me why it was better to stay in prison and sign away your rights, than to go to trial early with a less prepared lawyer?

Weren't you just keeping yourself in prison longer that you should have been?

Do you really think that you would have got an even worse treatment if you went to trial earlier?

Question about Trust

I realize that you may have put your cracking days behind you but can you really address the question of trust in the computer security industry.

How has your move into the security industry been recieved by the establishment, and how have you been dealing with the obvious question of you being trusted in the very area you manipulated.

Re:What are the ten worst Windows vulnerabilities?

Since this is slashdot and since Open Source and Linux are more our concern here, shouldn't the question be:

"What are the ten worst Linux vulnerabilities to hacking, how would you attack such systems, and what has to be done with Linux to prevent such vulnerabilities?"

Surely you don't actually believe that Linux is unhackable? Wouldn't finding out what Linux's weakest areas are and fixing them before Linux becomes widspread enough on "Dumb User" hardware that it becomes the next great hacking target?

Poor guy

...he agrees that a Slashdot interview is a fine way to help celebrate his return to the Internet

I guess he'd know better if he'd actually read any Slashdot interviews lately.

How have things changed?

You have a unique perspective on the world of technology, and especially the world of information security. As someone who has been removed from the world for quite some time, what has changed the most about the world (esp. with respect to technology and security) since the time you were first incarcerated? What were the biggest culture shocks to you when you were released from prison? Were you able to keep current on the world of technology while in prison? If so, how was what you read in prison different from what you actually saw?

Social Engineering

I know that many of your exploits were due to social engineering as well as exploiting known holes in hardware/software. You write heavily about s.e. in your book as well.

Do you think that social engineering still plays as big a part now as it did in your heyday? Moreso maybe?

So how has it all changed?

Back when you were on last, Hotmail was an independent company, no one knew what the GO network was, NetNanny was just an idea, .coms could go no where but up, p2p was underground, everything was free, and no one had pened the term 'cyber terrorism'.

How is the 'net different now from the last time and are you going to miss it?

Do you think this will affect your job potential?

You've been prohibited from using computers for some time. This has, obviously, prevented you from gaining experience with new technologies. Couple this with the fact that your name is fairly well-known, how difficult do you think it will be for you to find employment in the computer industry? Will you be trying to do so, or will you try to stay away from technology? And, if you feel it will be difficult for technology reasons, how long do you think it will take you to catch up?

Yes, I know it's only supposed to be one question per post, but I think these are pretty well related.

Re-Educating yourself for today's tech world.

What has been the biggest stumbling block or surprise, if any, in attempting to re-educate yourself into today's tech world.

Now can we settle it once and for all?

Is it "cracker" or "hacker"?

Published Stories vs. Reality

I've read a number of editorial writers that have stated that the outright menacing portrayal of you in writings such as Hafner's Cyberpunk is twisted fiction at best. To the thousands of people who've derived opinions of you based on these works, what would you say in response?

What's it like?

Slashdot has no shortage of technological "Rock Stars" (Linus, ESR, RMS, Bruce Perins, etc), but most of them didn't attain their fame as a result of being prosecuted to the fullest extent allowable by law...

You are a notable exception. What's it like being a rock star, and how great is it that you'll now be able to fully capitalize on your fame in the financial sense? Would you be in as promising a position today had you not run afoul of the law?

Why are we helping him build his business?

Kevin is famous for breaking into systems. In point of fact, he broke the law breaking into systems.

When I was 13 I thought that cracking into systems was "kool." Now that I am an adult, I see that once a system has been compromised - even if it's just so that a smart kid can look around - it costs a fortune to be sure that a) the holes are closed, and b) the kid didn't do any damage.

He broke the law. Should we help him "make up for lost time" by helping him profit on his life experiences? I don't think so.

Let me give an example. Let's say that I am pro legalization of prostitution. (I'm not)

Before the legislators became "enlightened" on this issue (while it is still illegal) someone is convicted of being a pimp - should I make that person a poster-boy? Should I work to build a "how to be a pimp" consulting business, or promote a "pimping for dummies" book?

Kevin broke the law, and did his time. Can't he just get a straight job like the rest of us and move on? Why must he be a hero? Why must /. get behind him?

I don't get it. Let it go. Kevin, please get a regular job and live like an ordinary citizen.

Respectfully,
Anomaly

Making that a question

Mr. Mitnick:

There are some people who feel that it is unfair for you to use your reputation as an infamous cracker to sell books and build your new consulting business. They argue that you are being given a level of free publicity and exposure that other law-abiding citizens simply would not receive. How would you respond to these accusations? Do they concern you at all? Deep in your heart do you feel that it's unfair you are getting all this extra-special treatment but are willing to accept it anyhow because you need whatever help you can get? Do you feel that it's acceptable to accept some unusual help building your business because you were subject to equally unusual/extreme punishment?

Moderators: this is not a troll. I think this is a legitimate question that many people here would like answered.

GMD

When given lemons make lemonade

I don't think that Mitnick has ever suggested that he didn't deserve to be punished or that he didn't break the law in some way. The issue is with the way he was handled by the justice system and those companies. Both wanting to make an example out of him, the handling was disproportionate to the crime.

Mitnick has knowledge and skills that will make him a productive part of society. The area he's promoting himself in is a legitimate legal business so why shouldn't we get behind him and support him. This would constitute a "regular job" - unless you mean flipping burgers or selling clothes at the gap, or maybe insurance salesperson. There are plenty of former criminals in areas of expertise that relate directly to their original crimes. Their knowledge is often very helpful in stopping future crimes and in showing how people can reform and rebuild their lives after having made mistakes.

Mitnick served out the punishment given by the state and now he should be allowed to live his life unencumbered by that "criminal" title. This includes seeking ANY gainful employment he can find.

I feel that society does have an obligation to help people who we've allowed to be mistreated.

The problem with the justice system today is:

1. They bend a little too much to the corporate will.

2. Punishment is never really centered around "correction" even though people are remanded to the "Department of Corrections".

3. There's no procedure for quick and fair correction of mistakes (i.e. false imprisonment, misshandling, etc.) Most compensation has to be gained via lawsuit. False judgements can stay with a person for life, damaging not only their mental health but their future job prospects and personal relationships.

4. Too much stock is put into conviction rates and not enough in to quality of prosecution and/or honesty in prosecution.

5. Justices allow stretching the word and spirit of the law in order to help prosecutions of people not exactly covered under existing laws. I.E. Some people get prosecuted under RICO when their crime has nothing to do with it.

6. Prosecutors withholding charges in order to pursue additional charges should they lose in the first round - an attempt to circumvent double jeopardy rules. (i.e. I murder someone during a robbery - the evidence is fairly thin, so I'm prosecuted for Murder (alone). When I'm acquitted the prosecution charges on attempted robbery, weapons charges or one of the many other charges that they can dig out that might have stronger evidence. The possibility of prosecution might loom for years, along with the stigma of "suspect".)

7. The ability to punish/pursue a suspect through (ab)use of the media. ("person of interest"). Placing pressure on a subject via media "leaks" or press releases that lead the public to believe certain things about a person. While not exactly lies we all know that it's the prosecution using the media to manipulate the public against a SUSPECTED criminal. (defense and prosecution should be barred (ethics) from using the media as a tool against the other side.) Remember INNOCENT UNTIL PROVEN GUILTY.

Out of the Loop

Kevin, you've been seperated from computers by law, yet now you are running a consulting business. This would suggest that you have some level of expertise with computer technologies that did not exist or existed in fairly immature version of their current incarnations.

How did you/do you stay current on technologies without actual experience, and was it difficult without having an opportunity to put theory into practice?

Security Precautions

What security precautions are you going to use to prevent bad people from hacking into your company's systems?

Big question

What is the password to my PayPal account? I forgot it a while back.

Thanks in advance!

Re:Big question

> What is the password to my PayPal account? I forgot it a while back.

ROFLMAO.

A half-serious question: "If the statute of limitations has expired, and/or your lawyers think you're safe from double jeopardy... What was the passphrase to all those files the DoJ couldn't (or wouldn't admit to being able to) decrypt after all these years?"

Social Engineering

I read your book and attended H2K2 last summer (I look forward to seeing you speak at the next one). I meant to ask this question to the Social Engineering panel:

Do you have any stories about Social Engineering gone awry? That is, a situation where the mark saw right through your ruse and you just couldn't pull it off.

Welcome back Kevin

There was a very interesting (and well balanced) program about you I saw in England a while ago, and in it it mentioned that you were put into solitary confinement (AFAIK) for 6 months, and weren't allowed to use (let alone go near) a telephone under the misaligned fear that you could "blow up the country with one call".

My question is: How does it make you feel when there are such ignorant and misinformed people who are in a position of authority (i.e. judges, police, government) and are there any ways in which you can use your experience to change these attitudes/problems for the good?

Did rehabilitation work?

Having read numerous accounts of your activities, both favorable and not, my impression is that your punishment was well deserved.

My question is therefore, "Did you learn that it is wrong to intentionally destroy others' work for your own amusement? If so, what part of the punishment was most effective? And, if not, what additional punishment might have changed your mind?"

This is a serious question. I'm not just trolling.

Do u have a keygen for Wind0zes xp?

From what I have read, it seems that you did more with social engineering than you did with actual hacking. What would you say your greatest strength is with regards to using hardware/software? Your greatest weakness?

How Do You Plan on Getting Up to Speed?

If have read a bit about you, so I know that you were no slouch back in the days prior to your incarceration and release...but if you have actually stuck with the limits of your probation how are you planning to jump into consulting again?

Don't get me wrong, but you can only advise people on social engineering and easy passwords for so long...what kind of knowledge did you already have on PKI, VPNs, Firewalls, IDSes? There seems to be so much that has changed that just a cursory understanding of the principles behind these technologies does not seem sufficient to serve as a consultant (or at least one I would pay for)

Since so much has changed radically in the last few years, how have you kept up or do you plan to keep up at the moment? I can't see just reading a book on the latest OS specs and administrative tasks and being able to consult on them without hands on experience, and in your case you have quite a few years of language, os, security, and other operational technology advances to get up to speed with, etc.

So basically....what's you game plan to get back to a modern day equivalent of the proficiency you had several years ago?

Time Flies

Time flies and the pace of change is ever increasing in this industry. Certainly the landscape of the computer world has changed dramatically since you were last able to lay your hands on a keyboard.
Yours is a unique perspective - almost like a kid that has had full run of the candy store and was taken outside and forced to watch (face pressed to the glass). Now you're allowed back in to a drastically changed candy landscape. (Pardon the candy analogy, but I'm fond of sugary things).

In your opinion, what technology has changed the greatest since you were actively involved in the scene?

What will be your primary technology focus when you get back online - in terms of getting back up to speed?

Do you feel intimidated at the prospect of catching up on so many things? Are there areas that you will simply ignore out of necessity but would like to learn more about if you had the time?

Do you have any desire to hack just for the joy of hacking/discovery or have you been turned off of that in light of the consequences?

Thank you for your answers and welcome back!

public opinion

you have done an amazing job at garnering support and sympathy from the public, but how will we ever know if you deserve it? the only person that knows your true motives is you. with your social engineering skills and drive to see how far you can push things, wouldn't changing an entire public's opinion be the ultimate social hack?

Addiction

Commonly, high-risk activities are found to be addictive. Would you say that you were addicted to 'hacking' and social engineering? If so, did your lengthy sentence give you enough time to get over that addiction, or do you still feel the pangs of desire?

crime or condition

Your history as a reapeat offender has led some to label you as having an computer crime addiction that led you to your last sentence. How do you respond to such a characterization and do you feel that if an addiction was/is present that you will take measures to recover from it so to speak ?

What kind of computer will you be using?

Apple? x86? Linux? Windows?

Unauthorized?

While you were incarcerated - were there any attempts at unauthorized access to your ports? How did you manage to secure these ports from would be DoS attacks? Did you have to do a lot of social engineering to keep them safe?

F*ck all these questions

How are you going to get even?

or if I was a lawyer:
"Imagine a person in your situation. How would they get even?"

What we're all dying to know ;-)

So, Kev... how do you feel about the 1995 movie

• Hackers

, which I was written with some interestingly similar parallels to your own life...

Las Vegas and the PBX

I read a story where you were an expert witness for a trial in Las Vegas over redirected telephone calls. The defense called in to question if you really had hacked into the phone system. On a break, you ran to some old 'storage' locker and retrieved a printout of accounts and passwords or something.

What was the story behind your part that trial? (And how much stuff do you have in storage?)

Do you still have skills?

Despite your legendary status as a cult hero within the geek community, we all know that to remain viable, we must all remain up to date on latest/greatest trends, tools, skills, terminology, etc. Let's be honest, we gain skill and knowledge re: computers by using/interfacing/reading about them. After your long absence from the computer world, how viable do you imagine yourself being? Admittedly, your name alone will open a lot of doors, but if your skills don't keep the door open, you may find yourself back outside. How have you kept current, and how do you plan to get yourself back up to speed with changes that have occured since you were forced offline?

a question for Kevin

whiel your computer skills could be put to very usefull legal computer uses in the next deaced or so I am sure you meet with peole who are leary given your past convictions..

What have you learned about selling yourself in this environment to overcome the objectections about your criminal convictions that might be of use to other slashdotters?

Side Note: some of us slashdotters have minor run ins with law in our past that coudl obviously if they are using computer kislls within the law make use of what you have learned in this area, Kevin..

What were you thinking?

Kevin,

During your escapades which eventually landed you in hot water, you used the EFF account at The WELL to hide the files you stole from T. Shimomura. I'm still trying to figure out why the heck you did that. A simple "last" would have shown you that that was an active account, and you could have guessed that the user was probably technically savvy enough to notice the sudden spike in disk usage. Was that just an act of hacker hubris, or were you just not paying attention? Ultimately, it's what led to your downfall (FBI monitoring your keystrokes, live tracing of IP's) so I am well and truly curious.

-jim

Are you proud of what you did back then?

Would you want kids growing up to want to emulate you? (I don't mean in software)

What do you say to kids who think you're cool?

If the law were different many years ago...

You've mentioned in many capacities (your book, interviews on TV) that the law changed during your "big run," outlawing your activities. Yet, you continued to do what you did, and you were aware of the newer laws. If the law had outlawed what you were up to before you started, would you have gone through with what you've done?

The scene

It's been a few years since you were exposed to the IT scene in general and the security scene in particular.

You are now in a sense our Rip van Winkle in this regard, and I'd like to know what your initial impressions are about the status quo regarding attitudes towards security (now and then), and changes you've perceived in levels of implemented security (gained, of course, from reading, not practising:-) ), etc.

Describe our world for us as seen by someone who only knew it 8 years ago. Has the baby matured into something to be proud of?

Technological Rip Van Winkle

Essentially, you have been in limbo in terms of technology for the past 8 years, having missed the biggest revolution of computing since it's inception (ie. the Internet).

I've been a hardcore programmer for the past 10 years, and even I find it difficult to keep up with all these new technologies, terms, etc, and I spend around 3 hours a night after work just dedicated to investigating new technologies.

Where you able to keep up with technology during your incarceration and probation period by just reading books, or were you even allowed to read books? How soon do you think it will take you to re-absorb enough knowledge and, more importantly, experience to make yourself useful in today's world?

Is a Consulting Business Really a Good Idea (TM)

As we all know, you've been away from the technology scene (by court order) for quite a long time now. A lot of things have changed. I understand that you are likely trying to use this unfortunate situation to your advantage but in all reality, are you really the person who is best suited for the job?

To be quite blunt, why would a corporation hire someone with a criminal history who hasn't touched a computer in 8 years?

With all that said, I do wish you the best of luck.

Setting an example

As a convicted Felon, how do you feel about exploiting your criminal activity for personal gain and, in essence, setting the example that it's not only okay to commit these types of crimes, but that profit can be derived from it?

In general, can you comment on the recent trends of "I just broke into your computer and stole all of your proprietary information, now hire me as a security consultant and pay me big bucks."

Should not the well-paying jobs in computer security be left to law-abiding citizens and not to this class of criminal?

Cracking for the government

Hi Kevin, Two questions: 1. Have you been approached by any government agencies to deploy your cracking/hacking skills "in the service of the country" and what do you feel about these recruitment drives? 2. How would you hack the court systems to improve it?

John Markoff

Kevin: Since 1995, we've been subjected to numerous articles, three books, and (for those who have managed to download a copy) a movie mostly based on information written about you by John Markoff. I've heard you rant about his demonizing writings, the damage they did to your reputation (particularly the '95 NYT article), and your inability to refute his assertions at the time since you were trying to avoid arrest. What are the pieces of misinformation that you'd most like to refute, and how much damage do you think the actions of this one reporter has done to your life?

Prison

I know this probably isn't the happest topic to discuss, but most of us here probably feel that you really didn't do anything wrong. With that notion, do you think prison actually helps "rehab" people, or do you think it just makes them bitter and hateful towards society and the government? I know you saw people who committed all kinds of crimes, and I was curious if the vast majority of them are sorry for their crimes, or are they just more pissed off.

How about your personal life?

OK, how about a little balance in this interview. Tell us something about you that's not computer-related. What's your favorite type of music, fave movie, tv show? Are you involved with anyone? Do you have any non-tech hobbies? What do you drive? Do you think you are cool enough to hang with the Icy Hot Stuntaz? (What? You don't know the Icy Hot Stuntaz? You will soon, whether you want to or not. You've missed out on so much culture...)