What's New!

Chat with

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 


Meet the 
Happy Hacksters 

Help for 



It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

So you want to be a computer criminal?

More what to do if you are busted...


Many hackers may remember the Craig Neidorf case over the famous 911 System Operation documents. Craig won his case when it was discovered that the manual in question, that he had published in Phrack magazine, was not proprietary as claimed but available publicly from AT&T. It was an egg in the face day for the Secret Service. 

Don't be misled by this. The government learned a lot from this fiasco and even with the laudable support from the EFF, Craig narrowly thwarted off a conviction. Regardless, it was a trying experience (no pun intended) for him and his attorneys. The point I'm trying to make is that it's tough to beat the Feds. They play dirty and will do just about anything, including lie, to win their case. If you want to really win you need to know how they build a case in the first place.


There is a document entitled "Federal Guidelines For Searching And Seizing Computers." It first came to my attention when it was published in the 12-21-94 edition of the Criminal Law Reporter by the Bureau of National Affairs (Cite as 56 CRL 2023 ) . It's an intriguing collection of tips, cases, mistakes and, in general, how to bust computer hackers. It's recommended reading. 

Search and seizure is an ever evolving jurisprudence. What's not permissible today may, through some convoluted Supreme Court logic, be permissible and legal tomorrow. Again, a complete treatment of this subject is beyond the scope of this paper. But suffice it to say if a Federal agent wants to walk right into your bedroom and seize all of your computer equipment without a warrant he could do it by simply saying he had probable cause (PC). PC is anything that gives him an inkling to believe you we re committing a crime. Police have been known to find PC to search a car when the trunk sat too low to the ground or the high beams were always on. 


Fortunately the Feds still have to show a little restraint when wielding their wiretaps. It requires a court order and they have to show that there is no other way to obtain the information they seek, a last resort if you will. Wiretaps are also expensive to operate. They have to lease lines from the phone company, pay agents to monitor it 24 hours a day and then transcribe it. If we are talking about a data tap, there are additional costs. Expensive interception/translation equipment must be in place to negotiate the various modem speeds. Then the data has to be stored, deciphered, decompressed, formatted, protocoled, etc. It's a daunting task and usually reserved for only the highest profile cases. If the Feds can seize the data from any other so urce, like the service provider or victim, they will take that route. I don't know what they hate worse though, asking for outside help or wasting valuable internal resources. 

The simplest method is to enlist the help of an informant who will testify "I saw him do it!," then obtain a search warrant to seize the evidence on your computer. Ba da boom, ba da busted. 

Other devices include a pen register which is a device that logs every digit you dial on your phone and the length of the calls, both incoming and outgoing. The phone companies keep racks of them at their security departments. They can place one on your line within a day if they feel you are defrauding them. They don't need a court order, but the Feds do. 

A trap, or trap and trace, is typically any method the phone company uses to log every number that calls a particular number. This can be done on the switching system level or via a billing database search. The Feds need a court order for this information too. However, I've heard stories of cooperative telco security investigations passing the information along to an agent. Naturally that would be a "harmless error while acting in good faith." (legal humor) 

I'd love to tell you more about FBI wiretaps but this is as far as I can go without pissing them off. Everything I've told you thus far is public knowledge. So I think I'll stop here. If you really want to know more, catch Kevin Poulsen (Dark Dante ) at a cocktail party, buy him a Coke and he'll give you an earful. (hacker humor) 

In closing this subpart I will say that most electronic surveillance is backed up with at least part-time physical surveillance. The Feds are often good at following people around. They like late model mid-sized American cars, very stock, with no decals or bumper stickers. If you really want to know if you're under surveillance, buy an Opto-electronics Scout or Xplorer frequency counter. Hide it on your person, stick an ear plug in your ear (for the Xplorer) and take it everywhere you go. If you he ar people talking about you, or you continue to hear intermittent static (encrypted speech), you probably have a problem. 


Carolyn's most
popular book,
in 4th edition now!

For advanced
hacker studies,
read Carolyn's

Google Groups
Subscribe to Happy Hacker
Visit this group