Mitnick to speak on Internet security

Dubbed "The World's Most Famous Hacker," Kevin Mitnick is to geeks what Britney Spears is to teenie boppers. As such, he will likely draw masses of raving fans when he appears at CMU this week.

This Tuesday at 8 pm, Mitnick will speak in Rangos Ballroom in the University Center.

His lecture will have be introduced by Steve Wozniak, the well-known cofounder of Apple Computer who spoke at CMU last spring (The Tartan, April 22, 2002).

Mitnick has a long and interesting history in the computer world. He began his self-education as a teenager - he spent his time using store displays and modems in RadioShack because he couldn't afford a computer.

In 1989, Mitnick was convicted of stealing software from Digital Equipment Corporation and long-distance codes from MCI. After serving a one-year prison term for that offense, he was again arrested in 1995 for allegedly breaking into computers at the San Diego Supercomputer Center. He was charged with breaking into a number of computer networks, stealing 20,000 credit card numbers, and copying software. He was held in jail until his trial in March 1999, when he pleaded guilty to seven felonies.

Much of the frenzy over Mitnick occurred before and during his trial. An Internet movement took place with computer enthusiasts rallying to the call "Free Mitnick." They protested against government prosecution tactics they claimed were unfair and designed to make an example out of Mitnick's case.

After his trial, Mitnick spent ten months in a federal correctional institute and was released in January 2000, but without permission to use computers. In 2003, he was restored that privilege.

One of Mitnick's distinguishing characteristics was that he used techniques other than standard computer-based attacks in his activities. He is recognized as one of the best social engineers in hacking history.

Social engineering is the use of deception to trick a company employee into giving away privileged information. Social engineers can pose as employees in a company's IT department or use other stories to try to gain sensitive information.

He is now working on establishing his own computer security business, named Defensive Thinking. He plans to take his extensive knowledge of computer systems and apply it to protecting systems from attacks.

Mitnick's entrance into the computer security world has caused some controversy. Earlier this year, Mitnick attended meetings of the Los Angeles Information Systems Security Association. According to The Register, security experts in the organization were divided over his presence, some saying that his presence was ethically reproachful, and others thinking it was pretty cool.

Mitnick later applied for membership in the group and was granted a password, but it was revoked after only a few days. He was sent a letter saying that his behavior did not conform to their code of ethics.

Mitnick acknowledges that his history may influence some people's opinions of him, but according to the Defensive Thinking website, his experience provides a unique knowledge of how best to defend systems from both a technical and human engineering perspective. Nevertheless, it is still hard for a lot of people to accept a former enemy as a friend.

Tickets to Mitnick's lecture are available in advance for $1 at the UC Info Desk, and some may be available at the door for $1 with CMU ID and $3 without.