Kevin Mitnick

Kevin David Mitnick
Kevin David Mitnick
	Adrian Lamo, Kevin Mitnick and Kevin Poulsen
Born	August 6, 1963 (age 61); Los Angeles, California
Occupation(s)	Computer Consultant, Mitnick Security Consulting; author
Website	http://www.kevinmitnick.com

Kevin David Mitnick (born August 6, 1963) is a controversial computer hacker and convicted criminal in the United States.

Mitnick was convicted in the late 1990s of illegally gaining access to computer networks and stealing intellectual property. Though Mitnick has been convicted of computer related crimes and possession of several forged identification documents, his supporters argue that his punishment was excessive. In his 2002 book, The Art of Deception, Mitnick reveals that he compromised computers soley by using passwords and codes that he gained by social engineering. It is notable that Mitnick did not use software programs or hacking tools for cracking passwords or otherwise exploiting computer or phone security.

Mitnick served five years in prison, of which four and a half years were pre-trial, and eight months were in solitary confinement.^[1] He was released on January 21 2000. During his supervised release, which ended on January 21, 2003, he was initially restricted from using any communications technology other than a landline telephone. Mitnick fought this decision in court, and the judge ruled in his favor, allowing him to access the Internet.

Mitnick now runs Mitnick Security Consulting, a computer security consultancy.^[1]

Early life

Kevin Mitnick began social engineering or perhaps discovered his first engineerable situation at the age of 12. He realized he could bypass the punchcard system used for the Los Angeles bus system: by buying his own punch, he could get free bus rides anywhere in the greater LA area. Social engineering became his primary method of obtaining information, whether it be user names and passwords, modem phone numbers or any number of other pieces of data.

In high school, he was introduced to phone phreaking, the activity of manipulating telephones which was often used to evade long distance charges for his benefit.^[1] Mitnick also became handy with ham radios; using such equipment, Mitnick reportedly managed to gain unauthorised access to the speaker systems of nearby fast food restaurants, that way when drive-thru customers gave their orders, Mitnick would heap insults upon them.

Computer hacking

Mitnick gained unauthorised access to his first computer network in 1979, when a friend gave him the phone number for the Ark, the computer system at Digital Equipment Corporation (DEC) used for developing their RSTS/E operating system software. He broke into DEC's computer network and copied DEC's software, for which he was later convicted. This was the first of a series of run-ins with the law.

Acts by Kevin Mitnick

Using the Los Angeles bus transfer system to get free rides^[2]
Evading the FBI^[3]
Hacking into DEC system(s) to view VMS source code (DEC reportedly spent $160,000 in cleanup costs)^[3]^[2]
Gaining full admin privileges to an IBM minicomputer at the Computer Learning Center in LA^[2]
Hacking Motorola, NEC, Nokia, Sun Microsystems and Fujitsu Siemens systems^[3]

Alleged

Stole computer manuals from a Pacific Bell telephone switching center in Los Angeles^[4]
Read the e-mail of computer security officials at MCI Communications and Digital^[4]
Wiretapped the California DMV^[4]
Made free cell phone calls^[5]
Hacked SCO, PacBell, FBI, Pentagon, Novell, CA DMV, USC and Los Angeles Unified School District systems

Kevin Mitnick myths

Hacked into NORAD^[2]^[6]^[4]
"Theft of... at least 20,000 credit card numbers from computer systems around the nation"^[6]^[4]
Ability to launch nuclear weapons by whistling into a payphone^[3]^[6]
Issued a false press release for Security Pacific Bank causing a $400 million loss in market capitilization^[2]
Changed a judge's TRW credit report^[2]
Wiretapped FBI agents^[4]
Turned off the utilities of an FBI agent^[6]^[5]
Vandalized many government, corporate and university computer systems.^[3]^[4]
Hacked into Tsutomu Shimomura's home computer^[4]
Harassed actress Kristy McNichol^[6]

Controversy

Kevin Mitnick's criminal activities, arrest, and trial were controversial, as was the journalism surrounding his conviction.

The controversy is highlighted by the differing views offered in two books: John Markoff and Tsutomu Shimomura's Takedown, and Jonathan Littman The Fugitive Game. Littman made four notable allegations:

journalistic impropriety by Markoff, who had covered the case for the New York Times
overzealous prosecution of Mitnick by the government
mainstream media over-hyping Mitnick's actual crimes
Shimomura's involvement in the matter being unclear or of dubious legality

Further controversy came over the release of the movie Takedown, with Littman alleging that portions of the film were taken from his book without permission.

The case against Mitnick tested then-nascent laws that had been enacted for dealing with computer crime, and it raised public awareness of security issues involving networked computers. The controversy remains, however, as Mitnick is often used today as an example of the quintessential computer criminal although his exploits are less notable than his notoriety suggests.

Supporters of Mitnick have asserted that many of the charges against him were fraudulent^[7] and not based on actual losses.^[8]

Falsehoods have also surrounded Mitnick's exploits. For example, many mistakenly believe that Mitnick was once in the FBI's most wanted list. Federal prosecutor Kent Walker said in an interview with the New York Times that Mitnick "…was arguably the most wanted computer hacker in the world, he allegedly had access to corporate trade secrets worth millions of dollars. He was a very big threat".^[4] The headline of the resultant article, "A Most-Wanted Cyberthief Is Caught in His Own Web," was later picked up by Associated Press, Time Magazine and Reuters, thus perpetuating the myth.

While Mitnick's actual actions may not have justified the level of official concern they received, the fact that his activities were criminal is not disputed. Mitnick's first adult criminal sentence was considerably shorter than is the norm today.

The film Freedom Downtime, a documentary that centers on the topics of Kevin Mitnick's incarceration in a maximum security prison, Miramax's film's screen adaptation of Takedown, and the "FREE KEVIN" movement, was made in 2001 by Emmanuel Goldstein and produced by 2600 Films.

Attacks on Mitnick's sites

On August 20, 2006, Kevin Mitnick's site was defaced by Palestine PHP Emperor with offensive messages against him. The domain names defensivethinking.com, mitsec.com, kevinmitnick.com and mitnicksecurity.com displayed the vandalism for hours before the affected files were replaced.

Mitnick commented:

The Web hosting provider that hosts my sites was hacked, fortunately, I don't keep any confidential data on my Web site, so it wasn't that serious. Of course it is embarrassing to be defaced—nobody likes it.

As a notorious figure, Mitnick has been targeted by hackers who wish to bolster their status and for people seeking to prove their abilities.^[9]

Zone-H reports that on one occasion, there was a struggle between different black hat and white hat hackers when some defacers put their nicks on Mitnick's site and fans replaced the vandalized copy with an original unmodified one. This went on for a full day.^[10]

Recent activity

Kevin Mitnick is now a professional computer consultant (doing business as Mitnick Security Consulting, LLC), and has co-authored two books on computer security: The Art of Deception (2002) (Co-authors William L. Simon and Steve Wozniak), which focuses on social engineering, and The Art of Intrusion (2005) (Co-author William L. Simon), focusing on real stories of security exploits.
He co-authored (with Alexis Kasperavicius) a social engineering prevention training course and certification: CSEPS.
On August 20 2006, a Syrian editor, Nidal Maalouf, accused Mitnick of stealing his domain name (Syria-news.com). He falsely claimed that Mitnick is the FBI's No.1 wanted person for illegal acts against a number of internet sites. Maalouf was interviewed by the local newspaper "Bourses & Markets", and the interview was quoted by Al-Ayham Saleh on his personal website.^[11]
Mitnick occasionally appears on the late night radio show Coast to Coast AM. He has also hosted the show, interviewing Steve Wozniak (on April 30 2006) and others.
Mitnick has spoken at events: IAPP (International Association of Privacy Professionals) Privacy Academy in Las Vegas, October, 2005 (keynote speaker); National Youth Leadership Forum on Technology in San Jose, CA, in the summer of 2004; the Fifth H.O.P.E. in New York, NY, July, 2004 (keynote speaker); ITESM Monterrey Tec, in February 2003 (keynote speaker).
Kevin Mitnick was a "surprise guest" in the 40th TWiT podcast when he ran into Steve Wozniak by chance in Las Vegas. Wozniak was on the line with fellow TWiT hosts via Skype on his notebook computer, and Mitnick remained with Wozniak for much of the remainder of the show.
Kevin Mitnick appeared on "Thebroken", an online videozine marketing itself as 'borderline legal.' He appeared on the third episode of the show, but was given mention in the first.
Mitnick guest starred in a first season episode of Alias. The casting was an in-joke, since Mitnick played a CIA hacker. Due to the conditions of his parole, however, the computer he used in the scene was a prop.
Kevin Mitnick appeared on the South African actuality programme "Carte Blanche".
On 2 March, 2007, the WELL declined his application for admission, refunding his membership fee.^[12]^[13]
Mitnick teamed up with John Walsh on the November 10, 2007 episode of America's Most Wanted on a segment on Edward Pena, another computer hacker.

References

^ ^a ^b ^c Kevin Rose, Kevin Mitnick. thebroken (Video Podcast). the broken episode 3: Revision3. {{cite AV media}}: External link in |location= (help)CS1 maint: location (link)
^ ^a ^b ^c ^d ^e ^f The Art of Deception: Controlling the Human Element of Security, by Kevin Mitnick (2002, Hardback ISBN 0-471-23712-4, Paperback ISBN 0-7645-4280-X)
^ ^a ^b ^c ^d ^e 2600 Live Mitnick interview, 2600 Magazine, Released January 2003, Run time: 1 hr 18 min 5 sec
^ ^a ^b ^c ^d ^e ^f ^g ^h ⁱ A Most-Wanted Cyberthief Is Caught in His Own Web by John Markoff 1995 New York Times
^ ^a ^b Takedown (film) made in 2000 by Joe Chapelle and produced by Miramax
^ ^a ^b ^c ^d ^e Freedom Downtime made in 2001 by Emmanuel Goldstein and produced by 2600 Films
^ archived version of http://www.freekevin.com/about.html section II
^ archived version of http://www.freekevin.com/060799defmot.html section II - Statement of Facts
^ "Famous Hacker Gets Hacked". February 11, 2003. Associated press.
^ Preatoni, Roberto. "Kevin Mitnick creampied by Pakistani rage". Zone-H. 21 August 2006.
^ http://www.alayham.com/modules/news/article.php?storyid=563 Nidal Maalouf interview] with a Syrian newspaper accusing Mitnick of pirating his domain name. (Arabic)
^ http://blog.wired.com/27bstroke6/2007/03/kevin_mitnick_i.html
^ http://www.boingboing.net/2007/03/21/the_well_refuses_mem.html

Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw-By the Man Who Did It, by Tsutomu Shimomura (1996, ISBN 0-7868-8913-6)
The Fugitive Game: Online with Kevin Mitnick, by Jonathan Littman (1996, ISBN 0-316-52858-7)
Cyber Punk - Outlaws and Hackers On The Computer Frontier, by Katie Hafner & John Markoff (1995, Hardcover ISBN 1-872180-94-9, Paperback ISBN 0-684-81862-0)
The Art Of Intrusion: The Real Stories Behind The Exploits Of Hackers, Intruders, And Deceivers, by Kevin Mitnick (2005, Hardback ISBN 0-7645-6959-7, Paperback ISBN 0-471-78266-1)
Littman, Jonathan (June, 2007). "The Invisible Digital Man". Playboy. {{cite news}}: Check date values in: |date= (help)
Fost, Dan (May 4, 2000). "Movie About Notorious Hacker Inspires a Tangle of Suits and Subplots". San Francisco Chronicle. Retrieved 2007-04-24.

External links

2600 Live Mitnick interview, 2600 Magazine, Released January 2003, Run time: 1 hr 18 min 5 sec
Mitnick Security Consulting (formerly known as Defensive Thinking), Kevin Mitnick's new company.
TAKEDOWN, last accessed May 7, 2006
A CNN Interview with Kevin Mitnick, last accessed September 15, 2006
Freedom Downtime, the 2600 documentary.
The Kevin Mitnick/Tsutomu Shimomura affair - lots of information on the case.
The missing Chapter 1 of Mitnick's book (or from a site where it appeared earlier, but in Microsoft Word format only.)
Mitnick interview February 5, 2003
Kevin Mitnick Buys Hacker Stories for Upcoming Book Titled The Art of Hacking
Bio of Kevin Mitnick from the Rotten Library
A Joy of Tech comic strip on Kevin ref TWiT Episode-40
Mitnick interview on Norwegian broadcasting (2006).
The interview for HACK.pl

[broken-1] Kevin Rose, Kevin Mitnick. thebroken (Video Podcast). the broken episode 3: Revision3. {{cite AV media}}: External link in |location= (help)CS1 maint: location (link)

[AOD-2] ^ ^a ^b ^c ^d ^e ^f The Art of Deception: Controlling the Human Element of Security, by Kevin Mitnick (2002, Hardback ISBN 0-471-23712-4, Paperback ISBN 0-7645-4280-X)

[Live_2600-3] 2600 Live Mitnick interview, 2600 Magazine, Released January 2003, Run time: 1 hr 18 min 5 sec

[Markoff-4] ^ ^a ^b ^c ^d ^e ^f ^g ^h ⁱ A Most-Wanted Cyberthief Is Caught in His Own Web by John Markoff 1995 New York Times

[TD-5] Takedown (film) made in 2000 by Joe Chapelle and produced by Miramax

[FD-6] Freedom Downtime made in 2001 by Emmanuel Goldstein and produced by 2600 Films

[7] rchived version of http://www.freekevin.com/about.html section II

[8] rchived version of http://www.freekevin.com/060799defmot.html section II - Statement of Facts

[9] "Famous Hacker Gets Hacked". February 11, 2003. Associated press.

[10] Preatoni, Roberto. "Kevin Mitnick creampied by Pakistani rage". Zone-H. 21 August 2006.

[11] ttp://www.alayham.com/modules/news/article.php?storyid=563 Nidal Maalouf interview] with a Syrian newspaper accusing Mitnick of pirating his domain name. (Arabic)

[12] ttp://blog.wired.com/27bstroke6/2007/03/kevin_mitnick_i.html

[13] ttp://www.boingboing.net/2007/03/21/the_well_refuses_mem.html

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]