At Large: The Strange Case of the World's Biggest Internet Invasion
Just as your average criminal is a really lackwit lowlife stumbling and bumbling from one botched heist to the next, the typical computer hacker is nothing more than the modern equiv of a teenager joyriding the sleepy backroads in Pop's Buick. Most of the time, what the media calls a "cyber terrorist" is a pimply teenager with a modem, bored in the suburbs, venting his unanswered, boyish aggression by pissing on virtual private property.
In the case of the pseudonymous Matt Singer, however, our hapless, harmless teenage hacker actually wormed his way into enough so-thought "secure" systems and ruffled enough feathers to find himself under Federal investigation.
David Freedman and Charles Mann tell his story, which they bill as the "world's biggest Internet invasion," in At Large. For almost two years, the nineteen-year-old Singer drilled his way into the systems of Portland State University, MIT, NASA, the Laurence Livermore Research Center, and the Los Alamos Nuclear Research Plant -- to name a few. At first, the authorities feared a terrorist or spy; his intrusions coincided suspiciously with several hush-hush telco crashes. But Singer ultimately proved himself a true teenage computer misfit -- he suffered from viral hepatitis and learning disabilities which left him physically and mentally feeble. In short, he was as close one can come to literally having no life away from his computer.
Singer's was not a pursuit of wealth. Nor power. Nor even infamy. According to Freedman and Mann, Singer sought a personal Valhalla he simply branded "access." The content of the compromised network held no value to him -- he was playing an endless game of access leapfrog, using one system as a springboard to the next. The inconvenience to system administrators along the way was a pleasurable perk. But in spite of his hacking success, Singer was not a skilled hacker. Yes, he reportedly gained access to more systems than anyone else. (Ever.) And yes, he pushed his way past immeasurable security systems by sheer determination. But skilled? Not this 'tard. When one measures skill by grace and not by the scorecard, Singer becomes a successful hacker in only so much as his patience was immeasurable. His modus was not ground-breaking. His wit not unmatchable. His technique was common, even simple and age-old: methodically search for those locks left unlocked due to oversight, laziness or apathy. Eventually -- eventually -- you will find the way in.
Problem is -- eventually is slow. And slow, mechanical grunt work does not generally make for a zippy book. At Large succeeds nonetheless. Freedman and Mann have not written for the hacking community, yet they're also not trying to spin this rather dry topic into beach blanket reading. They have neither romanticized Singer's exploits nor portrayed the heat as heroes. This is a cautionary tale told with flair. Every system, they posit, is subject to compromise. And we can prove it by example. Now, deal with it.
The readability of the book is a credit to the authors' ability to offer sufficient technical explanations without belaboring the story. That's a tough trick. For instance: "Wherever [he] turned, [Singer] would be pinging for his attention." To "ping" is to send a query across the Internet and locate a user. (It is named for a submarine's sonar "ping.") There was no footnote accompanying "ping," as none was necessary -- -- even without an explicit explanation, the point was made. Singer was a pest.
Another gem: "Reformatting a drive was a digital version of breaking into someone's home, then writing on the walls and defecating on the floors." Here, they give the reader a perfect metaphor, one which carries enough imagery for the uninitiated, yet rings true to those whole already understand the behavior.
Freedman and Mann really excel when they examine the larger issues. In perhaps their most inpired passage, they make note: "[C]omputer networks are a combination of libertarian dreamworld (every byte privatized, every second of computer-processing time allocated and paid for) and Orwellian nightmare (every byte subject to recording, every second of computer-processing time held accountable)." They describe this conflict as raging in the heart of professional system administrators everywhere. To protect one's network with absolutely infallibility, one must disconnect the means of legit access, which ultimately renders the system useless. Yet to continue with open a policy of unrestricted (or, more realistically, a system of carefully monitored liberties) leaves a system too vulnerable to function. And there you have the subtext.
For everyone who dismisses computer privacy in the same family of non-thoughts as cancer and plane crashes, At Large proves a startling eye-opener. At its best, it accurately conveys the illogic and scattershot targeting employed by most hackers -- they generally have no covert motives, no political agendas -- and the authors squarely place the onus on the system administrators who are too lazy, ambivalent or ignorant to fully protect their networks. Ineptitude and inflexibility on the part of human system administrators has always been the most useful means of gaining covert access to even the most inhuman of networks.
In more grandiose terms, At Large is also the spiritual tale of a young man trying to transcend the boundaries put upon him in the physical world. His quest to become part of the greater whole is common. Unfortunately, his uncommon actions in this common quest had greater consequences.