Hackers Claim to have Infiltrated AOL

 
 
By Brett Glass  |  Posted 2003-02-27 Print this article Print
 
 
 
 
 
 
 

According to Wired News, teenage hackers claim to have used "social engineering" -- i.e. fast talk and subterfuge -- to compromise security at America Online.

According to Wired News, teenage hackers claim to have used "social engineering" -- i.e. fast talk and subterfuge -- to compromise security at America Online. The Wired article says that the youths have discovered ruses that allow them to convince AOLs support staff to reset passwords on accounts. The crackers also claim to have gained access to AOLs "Merlin" network management system, which is supposedly unavailable from outside the company and protected by passwords and hardware "tokens."
Another article by The Register points out that some of the youths claims are likely to be bogus. For example, the companys SecurID "tokens," which use rolling codes that change every minute, would likely be impossible to forge.
Nonetheless, because AOLs support is outsourced to the lowest bidder (the company recently ended contracts with firms that hired starving American college students and moved support to India, where labor could be had for still less), it is certainly possible that gullible, poorly trained, or demoralized employees could easily be tricked or nagged into compromising security. See the articles linked above for more details.
 
 
 
 
Brett Glass has more than 20 years of experience designing, building,writing about, and crash-testing computer hardware and software. (A born'power user,' he often stresses products beyond their limits simply bytrying to use them.) A consultant, author, and programmer based inLaramie, Wyoming, Brett obtained his Bachelor of Science degree inElectrical Engineering from the Case Institute of Technology and his MSEEfrom Stanford. He plans networks, builds and configures servers, outlinestechnical strategies, designs embedded systems, hacks UNIX, and writeshighly optimized assembly language.

During his rather eclectic career, Brett has written portions of the codeand/or documentation for such widely varied products as Borland's Pascal'toolboxes' and compilers, Living Videotext's ThinkTank, Cisco Systemsrouters and terminal servers, Earthstation diskless workstations, andTexas Instruments' TMS380 Token Ring networking chipset. His articleshave appeared in nearly every major computer industry publication.

When he's not writing, consulting, speaking, or cruising the Web insearch of adventure, he may be playing the Ashbory bass, teachingInternet courses for LARIAT (Laramie's community network and Internetusers' group), cooking up a storm, or enjoying 'extreme'-ly spicy ethnicfood.

To mail Brett, visit his Web form.

 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel