Rising From The Underground

By Damien Thorn.  Originally appeared in Nuts & Volts Magazine, March 1994.

    This is HoHoCon '93.  A meeting of minds sponsored by hackers, believe it or not.  Since many of the attendees are people sometimes viewed as the digital delinquents of the electronic frontier, it seems rather odd that they would be involved in a conference, but it's actually not as unthinkable as it first sounds.

    So what exactly is HoHoCon?  According to the press release, it is "the largest annual gathering of those in, related to, or wishing to know more about the computer underground.  Attendees generally include some of the most notable members of the 'hacking' and 'telecom' community, journalists, authors, security professionals, lawyers, and a host of others."  And that's pretty much what it is, along with a small measure of adolescent misbehavior, dumpster diving at the local telco, and generally driving the staff crazy at the hotel hosting the event.

    Since the coverage in the computer trade magazines tends to be very brief and sensationalistic, this article aims to provide more of a blow-by-blow description of the events constituting HoHoCon '93.  Both the positive and negative occurances are described, and some people will no doubt find the whole scenario disturbing.  If you can suspend your natural tendency to make value judgements, you might just discover that you can learn something from a conference like this.

Background & Perspective

    Since many people have little understanding of cyberspace or the computer underground, a bit of background is probably in order.  Cyberspace basically consists of the sum of all the computers and networks that are interconnected and intertwined throughout the world.  The activity occurring on these nets between the thousands of host systems is happening in what is referred to as "cyberspace."  Your connection to a local bulletin board system or host computer connects you to cyberspace.  Electronic mail travels through cyberspace to get from the point of origin to its destination, and may pass through many systems in the process.  When you teleconference with other users or participate in a forum on systems such as CompuServe, you've interacted with other people in cyberspace.

    Traversing this electronic land and going from place to place to "meet" people or interact with them through electronic messages has become rather commonplace.  Cyberspace is a term that still conjures up fanciful mental imagery, but you've no doubt been there and thought little of it.  Even packet radio networks are a part of cyberspace, creating virtual communities over the airwaves.

    In general, entering this mysterious sounding virtual world is accomplished with a simple local phone call to a node on a network.  Your modem-equipped personal computer makes a connection and there you are!  Your monitor becomes your portal.  The words and images on the screen are as close as you can get to actually being there.  The only physical existence in this virtual world are the electrons zipping through the telephone company cables and satellite links that tie all the machines together.

    The Internet is currently considered the mother of all networks and the favorite domain of anyone seriously involved in the computer underground.  This mammoth network links almost all government and university computers, as well as organizations and corporations involved in research for the National Science Foundation or Department of Defense.  On any given evening, hundreds of people meet electronically on this net, splintered into small groups discussing any given topic.

    Defining a "hacker" is a difficult task, and tends to further stereotypes.  It's probably safe to say that most are addicted to technology.  Some ignore the boundaries of the law, and crave the adrenaline rush that comes from beating the system.  A few take this heady power over computer hardware to the extreme and wreak havoc and cause damage.  Others are at the opposite end of the spectrum and are involved in the security end of computer systems.

    Interests and activities run the gamut.  While some are certainly involved in illegal activities, many more are gratified by simply exploring technology.  A large number of us fall into this category, and can easily express how things work.  Marketing directors and public relations staff only show us one side of products and technology.  But there is always much more beyond the surface.  Plenty of nooks and crannies to explore.  Untapped potential to discover.  Absorbing aspects that can only be seen when you look underneath or around the side of some particular technology.

    Cellular communications is an excellent example.  If we took the cellular industry's word a few years back, we'd believe that fraud can't happen.  That our calls are private and can't be monitored.  All they wanted us to comprehend was how to dial a number, press send, and pay the bill.  But now we know better.  We know about fraud, cloning, and monitoring calls.  We know how cellular phones are programmed and how many phones have an integrated diagnostic mode that allows you to do interesting things.

    These explorations of technology are neutral, in my opinion.  The positive or negative end result occurs with the specific application of the information.  One parallel is to look at a drug like morphine.  Derived from the naturally occuring opium in the poppy plant, it is simply a substance - a particular arrangement of molecules.  In the hands of a physician, the chemical provides many clinical benefits.  The same substance in the hands of a drug abuser becomes a tool for self-destruction.  Such pros and cons are not inherent, but lie with the given use.

    The road to discovery is what I think hacking is really all about.  Pushing technology a little beyond the limit to see what happens.  Unfortunately, some of the people who explore are malicious people, and there are a few technologically sophisticated criminals within the ranks.  The results are sometimes exploited.  The point is to understand that the "dangerous hacker" who crashes systems is an exception, and not the rule.

    As for those who disregard the law, the most common offense is the unauthorized access and use of remote computer systems.  Pretty common among teenagers who are rebellious and still testing limits during the natural struggle that results in adulthood, most mean no intentional harm.  Over the years, these attempts to break (or "hack") into a system have become the standard definition of the term hacker - much to the dismay of the computer pioneers who wore the label with pride.

  While ackknowledging that these types of hacks cause problems and a great deal of anguish for the victims, Judas Gerard, a hacker from California questions the perception that these young people are as ill-intentioned as the government portrays them to be in the media.  Judas believes that governmental agencies are embarrassed and feel threatened by the fact children can access their computers.

    "When you have kids romping through your computers, how do you think they feel?  For every publicly exposed incident like the German kids seriously compromising the internal network of NASA, there have been hundreds of other explorations of systems.  If such relatively unsophisticated people can get in, what do you think foreign intelligence agents can do?" asks Judas rhetorically.

    "Disinformation and unconstitutional raids like 'Operation Sundevil' are the result of governmental frustration," claims Judas.  "Some young man reads an unclassified online document and is charged with treason, much to the delight of the news media.  A bunch of laptop computers get stolen from a military base by a government employee and sold on the open market.  It is discovered that these computers contain classified Desert Storm battle plans.  What happens?  A two paragraph mention on a newswire, and we never hear about it again.  Truth and justice?  Not by a long shot."

    While Judas' views certainly don't tow the party line, it is apparent that he believes most of the illegal hacking taking place is akin to graffiti spray painted on buildings by less technically sophisticated teens.  He relates that these occurrences are more adolescent pranks than nefarious plots as often reported in the press, explaining, "It's a challenge for them.  They just don't consider how the system operator is going to feel about the situation at the other end of the connection.  Those administrators get seriously unhappy about things like that, and can't tell a kid from an industrial spy over a network connection."

    Moving on to HoHoCon itself, you'll see some examples of this delinquent behavior and disregard for the rights of others, but this is not the focus of the conference.  This is really a forum where hackers, security people, law enforcement, and attorneys can interact; exchange information, and ideas.  This is where members of the computer underground can air their collective views on a variety of subjects ranging from President Clinton's controversial "Clipper Chip" encryption technology (complete with built-in back door), to the ramifications of computer viruses.  HoHoCon is not a "how-to-back" seminar.

Friday - The Prelude to a 'Con

    HoHoCon '93 officially ran from Friday, December 17th through Sunday the 20th at the Austin North Towers Hilton in Texas.  The actual formal conference was scheduled to last most of the day on Saturday.  The rest of the weekend consisted of small, informal meetings and socializing throughout the hotel.

    These small group discussions are an important part of the conference, as this is where most of the interaction between participants took place.  The hotel lobby contained at least one knot of constantly changing faces almost 24-hours per day.  This informal sub-conference was dubbed "LobbyCon" by many of the attendees.

    Although the Hilton staff were obviously unsure what to make of this motley assortment of people, they encouraged the non-stop use of the lobby in the hopes that people would quit running around the hotel.  As you'll soon understand, these conferences generally have to find a home at a different hotel each year.  The misconduct of some attendees leaves the management with the feeling that their establishment is under siege.

    The problems began Friday afternoon when stickers bearing the likeness of the pipe-smoking "Bob" (of the Church of the Subgenius) began appearing, stuck to various surfaces in the hotel common areas.  Later in the evening, hotel security discovered a phone line running down the hall between two rooms at the associated Super-8 motel complex next door.

    The security guard entered the room and found two teens sitting in front of laptop computers.  One of the young men was the occupant of the room next door, and he had run the long cord from his room into this room so that he could sit with his friend and compute.  Noticing that both laptops were connected to some remote system via modem, the guard became convinced that all manner of nefarious virus-spreading, system-crashing activity must be taking place, in addition to the obvious toll fraud.

    The manager quickly summoned the Austin police and had the hotel telephone operator print the phone bills for the two rooms, anticipating that the records would be necessary evidence for the Grand Jury indictment he was envisioning.

    One of the boy's phone bills was eight pages long, but almost all the calls were local.  The total amount owed to the hotel was less than three dollars, and the officers determined that the computer account being accessed was legitimately assigned to one of the teens.  A big production had been made out of nothing, fueled by the fear of the "evil hacker" stereotype.  That these were high school freshmen at best was of no mitigation to the hotel management, who summarily evicted the youths.

    Meanwhile, back in the lobby of the Hilton several people were monitoring the police communications on their scanners.  Being a resourceful journalist, I had brought my portable scanner and OptoElectronics 3000A frequency counter as well, and had long since determined that the radios used by the Hilton were transmitting on 466.010 MHz.

    As night was falling, a group of us walked across the street to the mall to have some dinner.  Accompanying me were Net Distortion, Excaliber and Legacy Irreverent, sysop of the "CyberPunk System" - an underground BBS in Wichita, Kansas.  Having communicated with Legacy online and accessed his system for almost two years, it was great to finally meet the man behind the computer screen.

    Since most people use an alias when riding the networks (as you may have noticed by the handles used herein), all you ever really get to know is the persona presented on your monitor.  The opportunity to finally meet people in person with whom you've communicated over time is one of the definite personal benefits of gatherings such as HoHoCon.  It was refreshing, and many false assumptions about people were destroyed throughout the weekend.

    After dinner, we returned to the Hilton to find a gentlemen engaged in animated conversation with a hacker known as Citizen Fish.  This was Michel E. Kabay, Ph.D., president of the Jinbu Corporation of Montreal.  In addition to his information management company, Dr. Kabay serves as director of education for the National Computer Security Association.

    Feverishly taking notes on his laptop computer, Dr. Kabay probed deeply into the motivations behind various activities ranging from the writing of computer viruses to illegally accessing mainframe systems.  Spending over an hour involved in this round-robin discussion, I couldn't help but note Dr. Kabay's astonishment at some of the things he was learning.  Having flown in from Canada, Dr. Kabay realized he was receiving as education he couldn't have purchased elsewhere at any price.

    Computers, being the machines that they are, tend to depersonalize interactions between people.  As one of the more progressive people in the security field, it was no wonder that Dr. Kabay spent most of his time exploring the human issues such as motivation and attitude.  No seminar on computer security can effectively capture those elements.  In return, the hackers participating in the discussion were exposed to the attitudes and personal concerns of information services managers.

    Dr. Kabay enlightened us by explaining that even the most non-destructive penetration of a computer system can cost a company large amounts of money, untold man-hours, and possibly the loss of data.  While the hacker may have relatively innocent motives, and just take an apparently harmless look around the files on the machine, a proper security response can be mammoth.  The crux of the issue is not that someone managed to breach the system security, but rather that the company management no longer can be absolutely sure of the integrity of the data on the system.

    Destroyed was the assumption that someone could "innocently" hack at someone's system for the challenge without causing problems.  The computer industry openly admits that the overwhelming majority of theft and tampering occurs at the hands of the corporations' own employees, and the bulk of the computer security policy and procedures are designed to protect systems from their own workers, not malicious outsiders.  But any compromise of a system is taken seriously, prank or not.

Saturday - The Conference

    At about 10:00 Saturday morning, attendees began lining up outside the ballroom where the conference itself was to be held.  Manning the registration table were 'dFx' and his associate from the text file writing group Cult of the Dead Cow ('cDc').  On a side note, we'll be referring to dFx by his first name - Jesse - from here on with his permission.

    Registration fees were only $5.00 per individual, or $25.00 for a corporate representative.  Raffle tickets were also being sold, and approximately 350 people registered for the conference.  As people were filing into the ballroom, Bernie R. Milligan, President of Communications & Toll Fraud Specialists in Houston, was busy taking picture after picture of the attendees.  This disturbed some of the hackers, and many seemed amused when Mr. Milligan's camera finally jammed and he left the area.

    The conference eventually got underway, and after an introduction by Jesse, the first speaker approached the podium.  This was Bruce Sterling, author of The Hacker Crackdown: Law and Disorder on the Electronic Frontier.  Mr. Sterling's book is perhaps one of the best works describing the sociological aspects of the goings on in cyberspace.  Unlike other authors, he paints a compelling picture of the human side of the computer underground.

    During his speech, Mr. Sterling said that he had decided to give away his book in electronic form via the Internet, much to his publisher's horror and his personal financial ruin.  This was his way of "giving back" some of what he had received from the computer underground.  Sterling then moved onto his major theme, a call to action regarding viruses.

    "You shouldn't be spreading viruses that only [mess] with grandmothers who have PCs.  There is no freedom in writing and spreading viruses.  It does not increase anybody's options, it does not empower people in any way, it does not make communication more fluid, it does not increase the speed of transmission of ideas," he said exhorted the audience.

    "People who write viruses may pretend to be rebels of some kind, but those people are lick-spittles," exclaimed Sterling.  Continuing, he said, "Corporate security people go to expensive corporate security meetings that cost fifteen hundred bucks to get in, not five dollars [like HoHoCon].  They learn how to defeat viruses, and they can keep viruses at bay from their own little, tight grey-suited [systems].  Meanwhile, all these viruses made up by these creepy Iron Maiden-listening little dork kids from Bulgaria go off and screw up the machines of hippies, grandmothers, school teachers and other helpless human beings ... information wants to be free, okay?  It doesn't want to be infected!"

    After Sterling's impassioned speech, next up was Ray Kaplan, an industry security consultant from Arizona.  In his opening remarks, Kaplan said, "People want to know which side Kaplan is on.  I'm here because I love the technology, I love to meet people, share things, and figure stuff out.  I'm not a criminal, I don't bust people - I'm not a Fed on the other side - I'm just here because I'm a lot like most of you.  I hope you'll use that to temper your view of my remarks."

    Kaplan went on to suggest that HoHoCon be teleconferenced or videoconferenced rather than limiting it to a fixed number of people in a room.  After introducing a young lady described as a "struggling independent video producer" who was video taping the conference, he launched into the main subject of his talk.

    He believes that it is time for the underground community to pull together and collect, verify, and widely distribute vulnerability information about various computer security problems.  "My idea is that we need ... an intrusion reporting and vulnerability tracking database."  He also indicated that he was aware of the existence of a "gaping hole" in the VMS operating system, and requested anyone with information about this security problem to talk to him after the conference.  Kaplan related that "DEC [Digital Equipment Corporation] and the incident response community is not being very kind to us [about providing details regardless the bug]."

    In an earnest discussion about hacker ethics, Kaplan states, "Do illegal things and the cops will be on you.  I know that, because I know Feds [federal agents].  If you have visibility, they'll come after you.  Do immoral things ... and your future prospects for employment will be diminished.  Nothing breaks my heart worse than to see a talented [hacker] get chased away from gainful employment where he could do the world some good because of some indiscretion committed when he or she was too young to understand the violent rebellious nature of society toward anybody who steps out of line with the status quo."

    Next up was the two-man cryptography panel comprised of Douglas Barnes and Jim McCoy, members of Austin's chapter of the Electronic Frontier Foundation.  Barnes began, "I have a public service announcement here as a result of the things that happened last night [at the hotel].  It's very important for people to practice this.  I want everyone to repeat after me: 'I want to talk to my lawyer.'  After the crowd repeated the phrase several times, Barnes concluded, "This PSA has been brought to you by the Austin Cryptographers' Workshop."

    The basic content of this self-described cipherpunk's presentation was to advocate the use of encryption for files and mail being sent across networks, whether or not the information was sensitive.  The most difficult hurdle to overcome is the attitude that people who use encryption must have something to hide.  Barnes explained that this is not really a valid assumption, especially based on the number of machines a message must pass through to get from point A to point B.

    Barnes feels as more people begin using encryption on an everyday basis, encryption will no longer be viewed as a technology used only by people with something to hide.  Additionally, the use of encryption often reduces liability since the operators of various systems are unable to read these packets of e-mail and files.  No system administrator can be held accountable for, or blamed for, the release of information of which they have no knowledge.

    After the cryptography panel, Jesse displayed the official HoHoCon '93 T-shirts which were on sale at the event.  The word NARC is emblazoned across the front, and the "top-ten narc list" printed on the back.

    The next speaker was Netta Gilboa, the publisher and editor of a new quarterly magazine known as Gray Areas.  The magazine's slogan is "In life, there is no black and white, only Gray Areas," which is exactly what the magazine covers.  Recent issues have covered topics ranging from bootleg audio cassettes to computer viruses.  Look for the 'zine at your local Barnes and Noble bookstore.

    Continuing with the magazine theme, your truly spoke next, somewhat nerviously providing an overview of Nuts & Volts.  About twenty-five percent of the attendees were familiar with the magazine, and seemed relieved to discover who I was, based on my omnipresent tape recorder and Nikon.  Moving to firmer ground, I spent about ten minutes fielding questions related to cellular technology.

    After I thankfully sat down, John Draper, known as "Captain Crunch" gave his talk.  Draper is probably one of the oldest phone phreaks who still participates in "the scene" - as it is called.  Gaining notoriety years ago for his development and experimentation with the toll-fraud device known as a "blue box," Draper's handle originated when he discovered that the toy whistle included in a box of a Captain Crunch cereal happened to emit a frequency of 2600 Hz when blown.  This particular frequency was of significance because it was used to blow off a toll trunk prior to sending multi-frequency (MF) routing signals down the trunk with the blue box to establish a connection anywhere in the world.

    Today most of the network is digital and an MF generating device such as the blue box is all but useless due to the lack of inband signalling in most areas.  The device is not completely dead in the water though, because blue boxing does continue today, using several little-known methods of accessing international trunks.

    Draper began his speech by disparaging any law enforcement officials in attendance, and explained how he had hacked the in-flight phone service on his way to the conference.  "They still have a few bugs to work out in the 'airphone' system," he joked, moving on to discuss his involvement in the Rave scene (much to the disbelief of the audience) where he encourageds the use of free encryption programs such as Pretty Good Privacy (PGP).  After declining a few cat-calls asking him to demonstrate his dancing style, the venerable phreak discussed his experiences exploring the phone system in the former Soviet Union.  This led rather naturally to a talk by a software developer from Russia.

    Just before introducing the men comprising Legion of Doom Communications, Jesse thanked the various media representatives who had attended to provide coverage of the event.  Aside from those of us who had spoken, presonnel from the Los Angeles Times, Vibe Magazine, and a crew from a Japanese television network were some of the others present.

    As the group from LOD Communications approached the podium, a barrage of camera flashes erupted to capture the moment on film.  Other than perhaps New York's Phiber Optik, no group of hackers in the United States has received as much media coverage in recent years as the infamous Legion of Doom.

    With the allegedly illegal activities behind them, LOD Communications was formed to preserve the history of the computer underground and make it available to others.  The participants in this endeavor attending the conference included Lex Luthor, Phantom Phreaker, Erik Bloodaxe, Professor Falken, and Mark Tabas.

    Lex Luthor, as founder of the Legion of Doom, explained the "Digital Archaeology" project LOD Communications initially conceived in 1986.  Taking turns at the podium, members described their work at collecting and compiling message bases and files from many of the classic underground bulletin board systems from the eary 1980s.

    "I think that our project is really positive for a lot of reasons.  One, the historical perspective.  You can look back and see what was going on at the time.  Two, a lot of the theoretical background you can still apply to today's underground," relates Phantom Phreaker.  "Three, I think the social scene was different then.  This was before [magazines like] Wired, Mondo 2000.  This was when TAP and 2600 were around.  It's a whole different ball game today, but to understand what happened in the past and the history of this contributed to the underground as it exists today."

    They are also looking for messages and text files from BBS systems of this era, regardless of the type of computer or size of the disk.  Hard copy is also appreciated.

    Luthor then introduced Frosty from SotMESC, an abbreviation for Spur of the Moment Elite Social Club, and made a $50.00 donation to his scholarship fund.  Frosty described their intention of funding scholarships for young people in the hacker community.

    Erik Bloodaxe, editor of Phrack Magazine, remained at the podium and exhibited he "Hacker Wars" T-shirts that were available in the rear of the conference room.  He also mentioned that he was going to produce a second run of the coveted "Legion of Doom - Internet World Tour" T-shirts from 1991.  He then demonstrated equipment that is part of an emerging technology.

    "Those of you who are ham enthusiasts are very familiar with the concept of packet radio.  It seems that a lot of companies have decided that, 'Gee that's a pretty good idea.'  At the present, there are two commercial packet radio services that are in operation in America.  One is run by a company called Ardis that is a joint venture between IBM and Motorola.  If you see IBM service reps or other people walking around with a little white keyboard-like thing ... they are communicating back and forth over this Ardis network."

    Pulling several devices from their protective cases, Bloodaxe showed the crowd several wireless modems that use both the Aris and RAM data networks.  He went on to describe the RadioMail service that allows Internet e-mail to be exchanged over these networks.

    His presentation wound down after a discussion of advances in paging networks and some of the packet protocols used by these commercial service providers.  The subject of intercepting the packets being transmitted over these wireless mediums was brought up by an audience member.

    A rather odd talk then ensued regarding a group of hackers who alledgedly found evidence of alien life forms within government documents stored on systems that were accessed via dialups hidden within an unassigned telephone prefix in Virginia.  Being a very convoluted and controversial topic, you'll have to get the full details from a back issue of Phrack if you have an interest in extraterrestrials and the apparent cover-up.

    The raffle was held next, and a ton of stuff was given away.  The best prize was a complete multimedia PC.

    The second to last speakers were Count Zero and Kingpin from Restricted Data Transmission (RDT) of Boston.  Count Zero discussed hundreds of government bulletin boards that are publicly accessible, and arranged to have a point-to-point demonstration of packet radio after the conference.  Several handouts were distributed, including a two-page summary of reprogramming access codes for various cellular telephones.

    Kingpin described a device the group was working on that generates a variety of communication signalling tones, as well as several pieces of cellular test equipment they hoped to design and produce at an affordable price.

    The final speaker of the conference was a relatively famous computer-savvy attorney practicing in the Texas area.

    "To give an idea of where [lawyers] are at right now, I was talking to the head computer lawyer in Houston - the guy who appoints people to committees.  He asked me what I had been doing, and I told him I had been defending some people charged with misconduct on the Internet and things like that.  He listened to me talk for awhile and then says, 'What's the Internet?'"  He concludes, "We [the legal profession] have a long way to go."

PartyCon '93

    A party atmosphere pretty much enveloped the conference-goers Saturday night.  Most people rejoined their clique-like small groups in various rooms of the hotel, but everyone seemed more relaxed and congenial.  On Friday night people had tended to be a bit snobbish and self-absorbed, which is not unusual behavior for some in the hacker scene.

  The creme de la creme of the hacker computer underground were gathered here, and the social pecking order is an important formality to many.  In a world where people come to know you by little more than words on a screen and a pseudonymous handle, quite a bit of knowledge and effort is required to "hack" yourself a rung on the social ladder.  A great number of text files and other tutorials are not really written for altruistic sharing of knowledge, but rather to establish the author's credentials and gain the associated respect and recognition from the underground community.

    While some might view this as petty or counterproductive, it's just the way it is in cyberspace where many people pretend to be something (or someone) that they are not.  An explanation of how one becomes a member of the 'elite' ranks is the subject of an article unto itself.  The end result is that a certain amount of social order is present in what might otherwise be chaos.

    Since I'm discussing the subject, it is worth mentioning that several of the men whom I consider part of the elite cadre turned out to be quite different than I anticipated.  Erik Bloodaxe, editor of the online magazine Phrack, is an excellent example.  He was friendly and a far more down-to-earth guy than expected, and didn't fit the egomaniacal image I had erroneously managed to form of him.

    I personally believe that Phrack contains more informative and insightful information than any other source.  Since he's taken over publication, it now runs 300-400 pages per issue when printed out.  Best of all, it's free to individuals not involved in the computer or security industry.

    In a second floor room of the adjacent motel, an impromptu local area network (LAN) had been set up by a group of university students and had mysteriously become a host on the Internet named "hohocon.com" thanks to a little hacker magic.  With at least seven nodes running on the net at any given time, this room was in full swing during the entire three-day conference.  Continuous activity included various forms of "net surfing" like Internet relay chat (IRC), or coding new software for the Unix operating system.

    Meanwhile, back at LobbyCon in the Hilton, the great paranoia race was on.  A recurring pass-time was playing "spot the fed" - trying to guess who in attendance might be with the FBI or Secret Service.  Bernie Milligan had returned and been noted in the parking lot writing down license plate numbers and was now wandering the hotel.

    Shortly after that bulletin, a few people were speculating about an elderly woman who had been sitting alone on the couch for over an hour, occasionally muttering to herself.  Suddenly one of the 'con attendees walked into the lobby and swore that this same lady had been hanging out in the lobby of a Las Vegas hotel eariler in the year during a similar hacker conference known as Def Con.

    A plan was quickly formulated after the OptoElectronics frequency counter failed to detect any RF emanating from her general area.  Armed with the knowledge that she must be with the Secret Service, I accompanied a few hackers to the hotel restaurant and picked up several pots of coffee and a tray full of cups.  Offering this woman a cup of coffee and pouring it for her was to be the subterfuge allowing us to get close enough to take very "near field" readings of any radio activity that might be taking place under her overcoat.

    Upon returning to LobbyCon the woman had mysteriously vanished - just like the man wearing a beer cap that had been spotted hanging out suspiciously near the payphones.

    Many of the tired hackers were ecstatic to note the appearance of the coffee, so it didn't go to waste.  Food was a little less plentiful, and it didn't take long for a story to circulate about the two guys who risked federal prison by trying to have pizza delivered, charged to a stolen credit card number.  Fortunately for the pair (and the local Domino's Pizza), the plot failed.  Turns out the young man on the phone couldn't read the number written down by his partner in crime.  Based on the invalid card number, Domino's declined to deliver, and I resolved to stay as far away from the bank of payphones as possible.

    On another front, some resourceful person had discovered that dialing extension 5199 connected you to the maintenance dialup port for the hotel's PBX system.  The operator had to keep a watchful eye on her terminal all night to prevent anyone from logging in.  Apparently she later gave some of the guys home-baked cookies to spread the word that she didn't care what anyone did as long as they stayed out of the innards of her telephone system.

    Saturday was a long day for everyone involved.

Sunday - Conference Closing

  Being the last day of the conference and devoid of any planned activity, Sunday was pretty relaxing.  Other than the theft of a telephone receiver from a lobby phone and a smoke bomb in the Super-8 Motel causing a fire alarm and evacuation at 2:00 AM, it was also fairly calm.  The Austin police declined to come out and investigate the case of the missing receiver, and the hotel staff did not discover that one of the elevator control panels had been unscrewed to gain access to the "private" top floors of the hotel (which require a special card key).  Some suspected that these inaccessible concierge floors had been converted to a command post by federal agents.

    All in all, the day consisted of farewells, "quality" conversation, and plans being made for future conferences, none of which will be held at the Austin North Hilton Towers and Super-8 Motel for obvious reasons.  Although the income generated by the conference was substantial and the damage minimal, hotels tend to frown on hosting a three-day technological frat party ... and that's pretty much the atmosphere once the day-long conference itself is over.

    While my observations and opinions of HoHoCon '93 as described are no doubt colored by my perceptions and beliefs, I hope that enough groundwork was laid so that the non-hacker can appreciate the significance of this event.  Many people, myself included, learned a great deal and benefitted from the opportunity to meet some of the major players in the computer underground, despite all the shenanigans.

    I feel the lesson to be learned about hackers, even if one is unable to comprehend anything else, is that these people come from all walks of life and are pretty decent people.  They run the occupational gamut from the unemployed to engineers at government think-tanks.  The common denominations are an above-average intelligence and a fascination with computers and technology.


Photo 1 - Michel E. Kabay, Ph.D. interviews Citizen Fish


Photo 2 - Jesse Dryden displays the official "Top Ten NARC List" HoHoCon '93 T-shirt.


Photo 3 - John Draper (Captain Crunch)


Photo 4 - Steve Ryan


Photo 5 - LOD Communications