Hackers still plaguing America Online
Jason Romney (jromney@werple.mira.net.au)
Mon, 16 Oct 1995 03:23:46 +1000 (EST)
Hackers still plaguing America Online
___________________________________________________________________________
(c) 1995 Copyright The News and Observer Publishing Co.
Hackers continue to bedevil America Online, whose high profile has
attracted a dedicated but unwelcome band of ill-wishers seemingly bent
on embarrassing the popular cyberspace business.
The latest incident involves assertions that more than 100 copies of a
powerful programming tool have fallen into the hands of hackers, who
have used this program, which AOL calls Rainman, to steal executive
e-mail and perhaps customer credit card numbers.
"AOL distributes Rainman to its employees so they can make changes to
AOL content areas from remote machines," said David Cassel, a San
Leandro, Calif., man who writes about AOL hackers in a forthcoming
issue of "The Net", a monthly magazine. "A teenager found that using
this utility file, he could break into AOL's systems," said Cassel.
AOL spokeswoman Pam McGraw said Rainman was a tool AOL has given to its
content producers -- companies like The New York Times and Scientific
American -- so they can make changes to their publishing areas on AOL.
"We have no reason to believe that Rainman is being used as a hacking
utility," McGraw said.
But Matthew Hawn, editor for San Francisco-based Macworld Online, which
has an AOL presence, said that AOL had distributed Rainman a little too
freely in the past and that in the wrong hands, it could be a powerful
hacking tool. "It allows you remote access to the AOL mainframe. And
whenever you have remote access to a mainframe, you have security
holes," Hawn said.
"Our own (publishing) area has been broken into," Hawn said. "AOL has
told us they're working very hard to remove all those (remote access)
tools and plug the holes, but it takes time."
In a gesture of contempt for AOL security, hackers recently seized an
e-mail memo that AOL senior manager Peter Hypolite wrote to other
security officers. The topic: How AOL was going to crack down on a
different hacking program called AOHell. It allows users to send
electronic "mail bombs" and otherwise annoy AOL users they don't like.
Hackers posted the memo on the Internet.
Behind the series of minor incidents that have plagued AOL is the fact
that some computer users dislike it so much they gather regularly to
share complaints on an Internet news group titled "alt.aol-sucks".
"Part of the price of success that AOL has to contend with is that they
make an inviting target," said Allen Weiner, on-line analyst for
Dataquest in San Jose. AOL, with its 3.5 million members, was the first
on-line service to bring large numbers of consumers onto the Internet,
where they violated the unwritten rules of "netiquette," Weiner said.
"Internet old-timers were like PBS viewers," he said. "AOL was not just
commercial television, it was the Fox Network, the lowest common
denominator."
One source, who asked to be identified only by his on-line name of
Asciirider, said AOL encourages boorish behavior in cyberspace because
it allows users to have as many as five on-line names, which they can
change at will.
"There is no social consequence on AOL, no stigma, no responsibility
for (sexual) propositioning," the source said. "You have a bunch of
people who are not accountable for their actions roaming around the
world's largest computer network."
McGraw said the ability to personalize and change screen names is a
privilege that AOL gives its members. "Unfortunately there are going to
be members who abuse the privilege from time to time," she said.
But maintaining user anonymity is also a business asset to AOL, said
Macworld's Hawn. "Anonymity makes their sex business sell, and that's
what keeps things going," Hawn said.
(Distributed by Scripps Howard News Service)
�