We’ve all heard stories of various nasty things occurring to people online, from things such as having your email account hacked, through to things which get personal and even physical, to the point of a death.
So, my question is, how many of you reading this have been involved in the things mentioned above ?
Back in my Amiga days, the worst thing my friends and I generally got into, was software piracy.
Games were the primary thing being pirated, and distributed by “sneakernet” or even just the national post system. In New Zealand, there was no real policing of this going on, so it was rife and everyone who had an Amiga, had pirated material (aka “warez”) in their collection.
Moving onto the BBS scene, it was a little bit more serious as you were able to obtain material soon as it was released (or cracked) and share things a lot faster. As your name got around as a supplier of any sort though, whether as a BBS owner, or “courier/supplier”, you could sometimes expect a knock at the door from either the Police or BSA (Business Software Alliance) reps.
9/10 you’d be given a slap on the hand, go quiet for 6 months, then pop up again under a new handle and BBS name. Was very rare to hear of anyone being fined or losing equipment etc.
Then the internet appeared.
IRC (Internet Relay chat – real time chat) took over from the BBS scene, and being international, warez were being moved around at great speed.
Because of the speed and spread of warez, the slightly darker types decided it was a good way of causing a bit of mayhem among internet users.
Viruses/trojans etc would be injected into the warez, and obviously when you ran it, it spread or destroyed the source media.
This was occurring on all internet capable platforms, be it Amiga, Windows etc.
Eventually someone took it to the next level – welcome to “Back Orifice”.
BO was originally designed as a remote access tool, to help administrators connection to remote systems for various reasons. It was a powerful tool, allowing you to upload/download files, view password files, take pretty much total control of the system down to being able to open and close the CD tray.
Someone decided (whether innocently or not) that putting BO into a package that would spread around the internet was a good idea – with no security on it.
This meant ANYONE with the BO tool, could connect to any “infected” system and take it over for their own purpose.
Including us Amiga owners.
Being Amiga and “a games system”, it was not considered a worthy target of BO, so was never converted to run on AmigaOS – but someone thought going the other way was worth while, and soon a BO tool appeared on AmigaOS that allowed the Amiga user to scan an IP range, and if it found an infected system, would allow the Amiga user to take over.
My mates and I thought this was a hoot, and were soon obtaining porn website logins and passwords from infected systems. We’d occasionally screw around with the system where we’d open and close the CD tray non-stop, and run multiple copies of Quake/Doom until the system either crashed or the owner shutdown.
We never deleted files or spread BO.
Eventually we got bored with it, and any time we ran BO and connected to a system, we’d leave a message on the infected machines screen informing the owner that they were compromised.
One thing I did do at random, was check for IRC logs – usually boring as hell but occasionally you might find a password to a site you were interested in etc. One day however, I was scanning through someones logs, and reading them, I thought “this seems very familiar” – oh shit. It was a guy I chatted to regularly on IRC and by some luck/misfortune I ended up on his system. I left the usual compromised message, and bailed out.
Eventually AV software finally started finding BO sessions and removing them.
Only other thing we did once (and only once), was crash a well known NZ education providers web server via an exploit in IIS at the time. We honestly did not think it would work considering we were only on an Amiga, but within 30s of running the required commands to the web server, it was no longer responding and did not come back online for approximately 8 hours. The server itself could’ve been booted back up within minutes, but I don’t think anyone noticed or had access to start the server again, hence the long downtime.
Today, there are a LOT worse things that you can get involved with, which can have REAL repercussions in the real world, whether its you’re being arrested, or someone getting physically hurt.
So while things may appear “fun” to do online, be aware that the internet is responsible for a lot of peoples daily lives, financially and otherwise, so breaching systems to crash them, or hold people to ransom etc should be setting off your moral compass.
Would you like it if someone took out your online services you use every day ?
I’ll admit I still poke around on the darker side of the internet occasionally, but there’s nothing I would actually be involved with where someone would be affected in any way, shape or form. I’m just a curious geek looking to see what is going on out there……
As time has gone on, responsibilities etc change, and many users who have had a tech “darkside”, have mostly grown out of it. I’m one of those.
And no. I never got “busted” for anything. I was careful with what I did. and avoided anything that I suspected would hurt someone.