Steve Gold, like many others, had become an enthusiastic phreaker after learning the Captain's techniques. But like everyone else around the table at the restaurant, his interest had eventually turned to hacking as soon as personal computers became generally available. The group was part of the first generation to take advantage of the technological revolution that took place in the 1960S and 1970S: they had all learned about computers in school, having benefited from a sudden awareness that computer literacy was important, not merely an arcane specialty reserved for hobbyists and engineers. The science fiction of the 1960S had become a reality, and though it had been less than eight years since Jobs and Wozniak began assembling Apples in a California garage, and less than a decade since the Altair had been introduced, computers were no longer frightening or mysterious to the new generation. Mainframes had been supplanted by small, compact PCs that were increasingly user-friendly, thus allowing even the least technically-minded access to computing power.
Also among the group in the Chinese restaurant that night was a twenty-year-old hacker known as Triludan the Warrior, a close friend of Steve Gold's. Triludan had discovered Prestel, a data and information service established by British Telecom (the successor to the GPO) in the early 1980S that contained thousands of pages of news on finance, business, travel, and sport as well as company reports. The information, updated regularly, was often supplied by outside contractors including publishing houses and newspapers. The pages were read like an electronic news bulletin on the subscriber's computer screen and were accessed with the help of the system's first page, which indexed the information available. Prestel was also supposed to provide other services, such as on-line telephone directories and home shopping, but there was never sufficient demand.
A Prestel subscriber dialed into the service via a normal phone line connected to his PC by a modem. At Prestel, another modem linked the PC to the system's own computer. This arrangement allowed the user to manipulate Prestel's computer from his home.
Like all public-access computer systems, Prestel required users to key in their ID (sometimes called a log-in or a user-name) and their password. These are personal and known only to the individual subscribers. On Prestel, the ID was a ten-character string of letters and numbers, and the password was a four-character string. Prestel also provided subscribers with their own "elec- tronic mailboxes," or MBXs, in which messages from other subscribers could be received. The system also included an index of all subscribers and their MBX addresses, so users could communicate with each other.
Triludan's penetration of the Prestel system was a lucky fluke. In February 1984 he had dialed up Prestel from his home computer at 2:30 A.M. For no obvious reason, he entered ten 2'S. To his surprise, a message came back saying, CORRECT. He assumed that if the ID was that simple, then the four-character password must be equally obvious. He tried 1234, and WELCOME TO THE PRESTEL TEST came up on the screen. So this is hacking, he thought to himself.
The service Triludan had accessed was only the test system, set up for Prestel engineers to verify that their computers were operating correctly. Prestel subscribers dialed into any one of ten mainframes scattered around the country; the test system was confined to four other computers that simply monitored the mainframes, and because they were isolated from the actual Prestel service, it afforded few opportunities for exploration. Nonetheless, Triludan continued to access the test system once a week to see if he could make any progress. One day in October 1984 he dialed up as usual and found an ID and password on the front page, just below the WELCOME TO THE PRESTEL TEST message. He then redialed the test service and entered the new ID. It turned out to be that of the system manager.
Hacking, Triludan decided, was stumbling across other people's mistakes.
The ID and password had been listed on the front page for the convenience of Prestel's engineers, who would need to know them to roam through the system. The test service, after all, was itself supposedly secured by a ten-digit ID and a four-digit password. Prestel had no idea that the test service's security had already been blown. Now it was doubly blown, because the system manager's codes would allow Triludan to explore anywhere he wanted throughout the entire Prestel network.
