Thursday 15 December 2011

Electronic Passive Computing

I don't like to use the term, but active computer hacking can be thought of as a "sport," or a game that is to be won by the hacker. That's the way many hackers view this activity of hacking - as an intellectual exercise in which the hacker tries to out-think either the computer, the user, the Goliath corporation, or the computer
designer.

Passive computing, or "lounging," is like watching a sporting event on television, rather than going out to the field and playing the game your-self. Passive computing is the act of eavesdropping - monitoring computer usage and surreptitiously collecting the information that is transferred.

In seventh grade I was amazed, the first day of my intro to computers class, when the teacher told us that each of our Apple computers were con-nected to his. Thus, by a flick of a switch he could send any of our screens to his computer monitor, to make sure we did the work we were assigned and didn't goof off. He was screening our screens! Some paranoid bosses do just that to their employees to-day, to make sure they do the work they're as-signed.

Actually, it's no great technological feat to con-nect two or more monitors to the same computer and switch between them. If you have access to the computer your target will be using, you can attach an RF adapter to the back and secretly run the cable to another monitor or television set. Then sit back and watch as what occurs on your target's screen unfurls on yours. You won't get to see your target's password, since it will be covered by asterisks, dots or spaces as it is typed - but you can get other in-formation this way. This is a good technique if your target has a lot of encrypted files for which you don't have the key. Monitoring your target like this will let you read whatever he reads; and if he de-crypts his files, you get to read them, too.

It may not be possible to sit down close to the target at your own monitor and watch. You may have to attach a broadcaster to the RF connector, and listen from outside the building with a re-ceiver, which in turn is connected to a viewing screen.

If you hook up a VCR to your monitor, you'll get a hard copy of your target's activities. It may even be possible to directly connect the VCR to the computer your target will be using. If you do so, it is best to have a remote way of turning the VCR on and off, so you don't record while the computer is idle. If the target has
a regular schedule you can simply program the VCR to tape at a certain time.

There's no law saying all screen output has to go to a screen - if for some reason you can't use any of the above techniques. An alternative is to have information sent to a printer buffer. Make sure that either the printer is fast or the buffer is large. Otherwise the target's computer will slow down tremendously and he won't know why. Also, of course, the printer has to be located far away from the target, preferably in another room or an-other building entirely.

As an example of one limited way in which this can be accomplished, consider the "print from key-board" option found on many word processors. "Print from keyboard" causes that several thousand dollar machine to act like any old junky typewriter, printing characters directly as they are typed on the keyboard. While your target slips away from his word processor for a coffee break, you can slip over and activate the "print from keyboard" feature. From then on, anything further he types within the pro-gram will be sent to the printer. As I said, this is of limited use, but it shows one more way that even impromptu situations can be exploited by the cornputer-knowledgeable investigator.

By printing "Shift-PrintScreen" on any DOS computer, the "print from keyboard" mode will be activated. However, if the printer is not ready, the system may hang up.

As an example of passive computing which is really very active, in that hacking is required, it might be reasonable to log on to a network and use programming to direct the target's output to your own terminal. If you have the target's password, the host computer would have to be tricked into allowing the same user to be
logged on twice si-multaneously. Additional programming might be required if the computer refuses to send the target's output to your screen, or if the target is getting your output.

If you have a password other than the target's, some programming could send the target's screen to yours, or yours to the target's (if you want to get into simulation). On UNIX systems, you would be thinking in terms of altering already existing pro-grams such as TALK or WRITE to get the job done. These two programs induce a link between two separate accounts. Any time two accounts are joined, there is a potential for misuse of that link-age. But these programs are written with security in mind; the hacker's job is to rewrite the programs, eliminating the security measures.

Another option is to make use of monitoring software which is commercially available - or write some yourself, to satisfy your own personal needs. Managers of offices routinely spy on their secretaries, data entry clerks and other computer operators through the use of software which stores key presses. Other monitoring
software keeps track of which programs are being used and how, often timestamping such information as well. Doing this form of research does not, as you might at first think, necessitate going back to your target's com-puter to see what keystrokes have been recorded. I hot-wired one such keystroke-capturing program
to print a weekly report to a hidden directory. When secretly installing the program (visiting the site, posing as a confused user who had a vi-rus-attacked disk that needed repairs), I also al-tered the computer's startup file which executes upon login. I altered it to look for that hidden re-port on certain days and e-mail it to me
through an unknowing third party. Now I get weekly reports on this one poor system manager's every last key-stroke!

I didn't think of it at the time, but it would've been a good idea to add a few lines to the startup batch to look for the existence of a piece of mail from me containing a few key words which would signal the program to remove all incriminating files and program lines from the computer.

You might ask, "Why would you need such a thing - don't you have the guy's password and everything from reading those weekly lists of his keystrokes? You can delete the evidence yourself." Good question, and actually I do have his password, but it took a long time to get it.

You see, the keystroke-capturer can only go into effect once the user has logged in and the startup file is executed - by then there is no need to enter one's password. (You can tell that even though I put a lot of thought into this hack, there were a lot of things which I didn't ever consider be-fore the actual results starting coming in. Hacking often involves making assumptions and then see-ing how one's assumptions were wrong.) It took awhile, but eventually I did get the password, when the system manager invoked a second sub-shell within his logon. Tapping the phone line or intercepting micro-wave transmissions are always open options, or bugging the phone if the modem is coupled to it. Then you get the added bonus of hearing the tar-get's  voice-phone conversations as well. Printer, modem, monitor, and other computer cables can also be tapped to good effect. One nice method is to tap the modem line, making a recording of any modem calls that take place. You go home, call the number that the tapped computer called, and play back the recording for the remote computer to hear.

Remember, the high-pitched squeals and cries in the recording you made will include that lawful user's access codes. Your goal will be to synchro-nize the playing of the recording with the remote computer's prompting. If you can get it right, you get yourself in.

You know, once someone gets their computer all plugged in and set up, it is only on very rare oc-casions that they ever look at the backside or un-derneath it again, especially since they probably have a messy tangle of cords running out the back, an office cleaning staff to keep it dusted, and the back of the computer pushed
against a wall. That RF adapter or extra wire coming out will surely go unnoticed for a long while.