Everything you read in this post is true. All of the hacking, all of the abuse of high school computer systems, everything. It all went down a long time ago in a galaxy not-so-far away during the early years of the PC revolution and the dawn of the internet.
In the Beginning
It was 7:15 a.m. We were both nervous as hell. Would it work? Glancing at the clock again, I began to have my doubts. We had set the timer for things to start right around the time people would arrive at the school’s computer lab. But so far, nothing. Sweat appeared on our foreheads while I took another chance look across the hall at the entrance to the lab. Again, nothing. It was past the time we had set, and if we stayed any longer, we would be late for our first class. Silently admitting defeat, we started to walk away.
The tortured sound of over 25 Apple IIe computers all beeping loudly at the same time echoed down the hall. Trying as hard as we could to not break out in laughter, we beat a hasty retreat to the nearest stairwell to make our escape. Just before the stairwell door closed, I spotted one of the computer teachers bolting out of the lab, arms waving, yelling for someone to help stop all the racket.
We were evil. We were hackers. At least in our own minds.
We learned early that the best vulnerabilities could be found in the laziness of humans. The day before our auditory assault on the computer lab, we carefully hatched our master plan. It was simple. We wrote a small program that did two things: created the loudest beep possible from the tiny speaker of an Apple IIe computer while displaying images on the screen that we’d lifted from a crappy strip poker game. Both actions were set to trigger after a timer for 11 hours.
With the best hacks, you sometimes don’t even have to touch the keyboard yourself.
The challenge was getting our “hack” installed on each of the computers unnoticed while also preventing the machines from being shut down at the end of the day per the computer lab protocol. The solution for installing our software was easy — nobody ever asked what we were doing, so we just did it — but the shutdown fix was pure genius. You could tell when an Apple IIe computer was powered on by a small green light next to the keyboard. We simply placed a small square of beige paper over the power indicators. From a short distance, it perfectly hid that the machine was still on. We figured the teachers wouldn’t bother to inspect each machine beyond looking for the green light.
Other than our math for the timer being an hour off, the hack worked perfectly. We learned later that the chaos resulted in the lab being closed for an entire day, one teacher being completely traumatized, and a school-wide witch hunt for the perpetrators that lasted more than a week.
The Cat’s Paw
There is something supremely satisfying when chaos ensues from the actions of unwitting people. And with the best hacks, you sometimes don’t even have to touch the keyboard yourself.
I hated Pascal. The only reason I even took the class for it was because it was the most “advanced” programming class I could get into. Toward the end of it, we were allowed to write programs on the school’s mainframe system, in a restricted way, as a means to expose us to the world of Unix operating systems. To say this was a very bad idea would be a gross understatement.
The afternoon was dragging. A friend, let’s call him Bob, and I had already completed our assignments for the day and were messing around on the mainframe system. Bob was randomly looking through directories that we had read access to in a futile effort to make the clock go faster. Being new to Unix, we were still getting used to the idea that large portions of the system were visible to us although we had no permission to actually execute, delete, or otherwise modify anything we saw. Secure in the knowledge that we couldn’t really harm the system, we browsed the exposed directory structure with confidence.
At some point, Bob ran across a directory called “GRC.”
“Hey, what’s that?” I asked. I knew full well that GRC stood for Guidance Resource Center, but I had learned that Bob got skittish when presented with something that might actually be important, so I was playing dumb.
“Dunno, let’s check it out,” replied Bob.
Bob got into the directory and proceeded to list the contents. We both spotted a massive file called “GRCD.db.”
“Wow, that’s huge. Wonder what that is,” Bob said, leaning closer to the screen. With a devilish grin, I said, “I dare you to delete it.”
As we both realized what we had done, Bob’s face slowly drained of color. He kept re-listing the directory contents as if it might somehow bring it all back.
This was the usual game we played; we knew full well we didn’t have the permission to delete anything. Bob quickly typed the command, and with a dramatic pause he pressed the “enter” key.
It was the result we had expected, and Bob was already moving on to something else when I had an idea: “What if we copy something over it with the same name?”
Before I could say anything more, Bob rapidly typed the command to copy one of the other files in the directory using the same name, GRCD.db. This time, there was no dramatic pause over the “enter” key as he smoothly executed the command. The ever-blinking cursor paused for about half a second and then nothing. No error message, nothing. Bob stared at the screen for what seemed like several minutes before he spoke.
“Oh shit. What just happened? Did we…” he sputtered.
He listed the contents of the directory. GRCD.db was still there, but it was no longer a huge file. As we both realized what we had done, Bob’s face slowly drained of color. He kept re-listing the directory contents as if it might somehow bring it all back.
We later learned that GRCD.db was the Guidance Resource Center database that contained all of the information that seniors were using to research potential colleges. It took the school over two weeks and god only knows how many hours of consulting time to restore the system to a usable state. Hopefully they learned something from that event; I know Bob did because he was found throwing up from nerves a few hours later. He never ratted, so I guess there’s that.
The File Server Is Full (of Porn)
Macs during the ’90s were awesome. So easy to use, so graphical, so insecure. When my high school spent some real money to install a new lab full of Macintosh Plus computers, I was in heaven. These machines were a whole new world to explore, complete with something called a “file server.”
Back then, networking was a new concept, one that the majority of the school’s computer teachers and staff knew absolutely nothing about. They did what any large organization does; they farmed out the management of the new Mac lab to a consultant that visited rarely.
Several other students and I quickly realized we were able to save files on the server in various directories set up by the consultant. Never wanting to waste computing resources, we set about playing a game of who can contribute the most “material” to a carefully named folder buried several levels deep in the directory structure of the file server.
Bandwidth slowed to a crawl, making an already painful experience worse. Lucky for me, I had a solution.
This continued for several months until a message one day informed us the disk was full, preventing us from copying files to the folder, and we quickly lost interest in the game.
However, we neglected to remove the “material,” and it wasn’t long before the consultant was back to fix the “problem” plaguing the file server. It might have ended very badly because the Macs were much better at showing file and folder ownership than other systems in the lab. As it turned out, though, the consultant was a collector of fine “material.” Several people noticed him copying a large number of files onto an external drive before declaring that the “problem” had been solved.
All Your Dial-Up Are Belong to Me
Dial-up internet ruled during the ’90s. That metallic screech dominated my life as I spent hours online exploring and interacting with this amazing new resource. My first ISP was Delphi, a major step up from the Bulletin Board Systems (BBS) I had been using before then. Years later, better options came in the form of dial-up internet access provided through a then-local company called Cape Internet.
One of the downsides to dial-up internet, though, was how access was provided through points of presence (POPs), which were basically banks of modems connected to individual phone lines. Users would often dial into a local POP or be hit with long-distance phone charges, but the real hang-up (pun intended) was when the POPs filled up with connected users. Bandwidth slowed to a crawl, making an already painful experience worse. Lucky for me, I had a solution.
Hacking in the ’90s was fun in ways that just are not practical or safe today.
The Ping of Death was an ICMP ping that was larger than the standard 65,535 bytes. Using it against Windows computers of the time would cleanly knock out their TCP/IP software stack, with the effect of disconnecting users from the internet while not actually hanging up their modem. After a small amount of programming, I had a tool that would automatically grab the subnet and mask of my internet connection and then use the Ping of Death across the entire subnet. I even made it my dial-up login script, executing as soon as the connection was up and knocking everyone else connected to that POP offline but me.
It took Cape Internet several months to finally block ICMP on the POPs, and even after they did, it caused other issues, so I often found it re-enabled. It wasn’t until people started patching their Windows machines that my little trick finally became ineffective.