Kevin Mitnick has proven that the weakest link in any security system is the person holding the information.
Kevin Mitnick takes the stage.
(Credit: Elinor Mills)
As a young fugitive hacker, he went to jail for breaking into computer networks, mostly by using his cunning and persuasion than his tech skills. He was an early master of the science of social engineering — manipulating people into doing what you want, such as giving out passwords and other information that unlocks sensitive information on networks.
Mitnick and a panel of other hackers discussed their social engineering pranks and gave live demonstrations at the Live HOPE (Hackers on Planet Earth) conference late on Saturday.
"Everything happened more than five years ago" and the statute of limitations has passed, he said. "I never said I didn't deserve to be punished, but it really went overboard putting me in solitary confinement" for eight months.
Mitnick regales fellow hackers with stories of his exploits that landed him in jail for five years.
(Credit: Elinor Mills)
Mitnick, who was released in 2001 after serving five years in jail, announced that he has a contract to write his life story and showed a preview for a reality-based TV series in development in which he would test corporate networks by trying to break into them. As part of his plea agreement, he was banned from writing a tell-all until 2007. He also runs a security consulting firm and lectures.
Dubbed the "most dangerous hacker in the world," Mitnick was put in solitary confinement and prevented from using a phone after law enforcement officials convinced a judge that he had the ability to start a nuclear war by whistling into a pay phone, he said.
Mitnick didn't do any whistling on Saturday, but in his keynote following the panel he talked about how he listened in on FBI phone calls during the three years he evaded the FBI, left them doughnuts when he narrowly escaped raids and was chased down by a helicopter. He also demonstrated how to be able to see the phone numbers of callers on caller ID even when they have their number set to be blocked.
Below are some videos taken during the panel:
Mitnick and HOPE organiser Emmanuel Goldstein swap stories about using social engineering to get IDs and directories out of workers at telephone central offices.
Mitnick tells attendees at the Last HOPE conference about how he used social engineering on workers at a Hollywood telephone company central office in the middle of the night.
Goldstein does a live phone prank on a Starbucks employee offering aid for laid off employees from the fictional "Last HOPE Foundation" during a social-engineering panel at Last HOPE.
Mitnick is just soooo 90's....
C4r3 F4ct07 Z3r0 !
(see how leet I am?)