Hacker News new | comments | ask | show | jobs | submit login
Where the term "Zero Day" comes from (markmaunder.com)
127 points by mmaunder on June 17, 2014 | hide | past | web | favorite | 43 comments

And if you didn't have 16550AFN serial and a USR Courier HST your 0-day was likely to turn into a 3-day...

I remember taking advantage of call waiting tones to dump friends offline and steal their places on local multi-user BBS. Good days!

Which is why people bought the much cheaper USR Sportster and used the magic AT command!


I remember that! You're pure evil!

If they didn't use *70, they deserved it.

Oh man I've just remembered my big old mean USRobotics Courier. When I got that, I thought I'd hit the big time.

I love the fact that this is no news to me. It brings back fun memories of my warez trading by mail and later BBS.

Yeah I miss those times - especially the fact that hacking/phreaking was seen as just a little 'naughty' and not worthy of hard time in a federal prison. I edited and re-edited this short post to take out stuff because I ended up going on a very serious reminiscing tangent. I'll post some of my thoughts here just to get them out of my system. Tag this as #ramblingsAfterMidnight

Mostly I was active in the early to mid 90's as a phone phreak and low level hacker. One of my favorite exploits to get access to /etc/shadow was symlinking it to .forward in a ordinary user's home directory. Then getting sendmail which executed as root to dump it to port 25. Then I'd send it to a friend of a friend who allegedly had rooted a cray somewhere - Don't know if that was true but he would run crackerjack on the file on a very fast machine and I'd get back a ton of passwords.

Friends and I around the world would sometimes phone phreak into a 'bridge' used for teleconferencing and talk to each other using that. Then someone would three-way a pizza delivery place in New York into the conference and we'd try to get pizza delivered to Scotland. I remember a friend 'maelstrom' who's real first name was Ewan (I never knew his full name) was unfortunately arrested by Scotland yard because someone posted a bunch of valid credit card numbers and phone cards to his BBS. I heard it was Scotland Yard's first hacking related arrest - don't now if that's true. I've googled him a lot to try and find out what happened to him but no luck.

Another friend 'aphex' in South Africa was raided for hosting warez on his BBS. Apparently three people walked into his house - a guy from the phone company, a guy from interpol and a guy from the south african police. They took all his equipment but didn't arrest him when they realized he was 16 at the time.

These arrests were the beginning of the criminalization of hacking. The real watershed was Kevin Mitnick's arrest in 1995 which really spelled the end of the 'wargames' period of hacking - when everyone saw hackers as Matthew Broderick cute.

This is a video of another friend. Later on around 1996 he got a major interview with the South African equivalent (back in the day) of 60 minutes. It was a very popular TV show and this was a big deal for him. Only the first few seconds are in Afrikaans in case you don't speak that. You can see the attitudes changing in this video - he narrowly escaped getting prosecuted by Olivetti and the University of South Africa. https://www.youtube.com/watch?v=RzKHa3BYemI

So after my two friends got arrested, I got a warning letter from the phone company and stopped what I was doing - which wasn't anything malicious, just exploring.

Here are some screenshots of Bluebeep. I think it's a later version, we were using 0.9 or something: https://lh4.googleusercontent.com/-C6KLCsKy9_w/TpsOtXwPQhI/A... http://www.nerdnetworks.org/sarts/bluebeep.jpg

To make free international calls I would call a home country direct which is a toll free number locally in South Africa or another country and connects you directly with an AT&T or MCI or whatever operator in the USA. Then send a combination of 2600hz and 2400hz through the mouthpiece to put the trunk on the USA side into a kind of command mode. Then use the CCITT5 signaling system (which is basically DTMF but with different tones) to tell it to route a call for me. One of the tones - I think it was KP1 or KP2 could be used to tell the trunk to route the call via satellite or undersea cable (cable being the better quality because of no propagation delay).

Seizing trunks like this was similar to the cap'n crunch whistle which emmitted a 2600hz tone in the USA and in the 70's you could use that to seize a trunk in the USA. International trunks were different so we'd need a 2600/2400 tone. But the phone companies would put filters on the line, so you could do things like adding an additional frequency to the mix, or using 2600/2400 and sloooowly increasing the volume until you hear that wonderful 'KERCHUNK' sound and silence. Of course you're doing this as the phone's ringing and then an AT&T operator answers and is hearing giggling and these weird tones until his line just goes dead and we're routing the call.

I once routed a call through a few countries back into South Africa to my best friends house. The delay on the line was epic - like 10 seconds.

Recently I decided I miss the good old days of it being very hard to get international bandwidth, so I went out and got myself a ham license. (callsign WT1J) So now whenever I feel the need for it to be really hard to send data internationally, I jump on the HF bands and play around with digital modes, sending data to someone in australia using JT65 (designed for moonbounce) and only 5 watts on 14 megahertz. Makes bluebeep and CCITT5 seem like a breeze.

I remember using Toneloc during that time to wardial entire exchanges looking for dialup modems into servers. I wonder how many people I annoyed with getting phone calls in the middle of the night with my 14.4 modem screeching in their ear.

ToneLoc author here (mthreat), checking in, 20 years after the release of the last version. I didn't manage to avoid the federal prison part, but somehow ended up fine in the end. My path, roughly: BBSes -> saw WarGames -> wannabe hacker -> warez boards (Public Enemy) -> cracking games (learned x86 asm) -> hacking voicemail boxes -> wrote ToneLoc (learned C) -> real hacking -> COSMOS access -> physical hacking (burglary of Southwestern Bell, learned lock picking) -> federal prison -> back to college -> startups -> ... I wouldn't change any of it now.

Similar journey here but without the burglary or prison.

BBSes (300 baud modem on a C64 hooked up to an old 13 inch TV) -> warez -> learned 6510/6502 assembly and started cracking -> hacking/wardialing as a means to get access to computers where I could do C programming with 'real' C compilers -> found my way onto the Internet/ARPAnet in the mid-80s -> moved to Amiga (continued cracking on 68k) a reasonably 'real' computer with DICE C (Thanks Matt Dillon!), etc -> software developer.

Got away from the illegal "hacking" when it started becoming a serious thing with serious consequences and I was no longer a minor, and out of the cracking/piracy thing when I was earning good money and could afford to buy things.

There are a few people on HN with similar stories that I know of from back in the +hack/#hack/#Amiga! irc days (my handles there varied but were often some variant of my name: gfm, geo, etc).

Amiga. Respect! There was a time when it was clear that Amiga was going to win. And then it didn't.

I hung out on #phreak as pHaze.

I can't believe the author of ToneLoc posts here. This blows my mind! Brings up a lot of memories of great times, hanging out at the st. louis galleria food court for 2600 meetings.

I've even been banned here on HN :)

mthreat verified.

Heavy. Now that's a journey. I remember ToneLoc and I may have used it - although we envied you Americans at the time because local calls were not free for us.

I used your software many a times... and similar trajectory. so fun. should all meet in nyc at the citicorp (old 2600 meeting spot) one day.... and start a startup together.

This is great to see. I remember ToneLoc when it came out.

Looking back, it was still the wild west. I remember finding dial-ins that had no logins at all and just dumped you to a shell.

ToneLoc and BlueBeep were my introductions to computing. Thank you!

Bluebeep was written in pascal and IIRC it had a really impressive content management system in there.

I was inspired by it to write a UK-centric redboxing program on the Psion organiser. I can't remember what language psions used. It worked though, through a mix of tone generation and a little social engineering you could get free calls from payphones in the UK. I remember working really hard to figure out how to convert from the Mhz figure I needed to produce into whatever input the psion's sound API took. Fun times.

With the recent popularity of 20th-Century period dramas in the US, it seems like the market has never been more fertile for a film or series about the age of phreaking. It would be quite something to see a movie set around the time that Hackers came out that actually had well-researched, realistic hacking!

My agent's number is 1800...

I was going to say the market's too small, but based on defcon 2013's turnout it may actually not be that small.

If you factor out carding, it's likely that more people did more years in prison during the Sun-Devil era than do today.

You may be interested in http://flashtro.com

Quick book search on google gives lots of examples of "zero day" going back to the 19th century

Hilarious local TV footage from 1996 about what these "hacker kids" are getting up to at night: http://www.youtube.com/watch?v=RzKHa3BYemI

Yeah, I've been curious for a while as to how "zero day" morphed into its current, completely unrelated non-sequitur meaning. I'm guessing it's more or less the same way "hacker" came to mean "computer criminal"--buncha noobs parroting actual hackers' lingo without understanding, in hopes of seeming cool.

I wouldn't call the current usage a non-sequitur. Zero-day exploits being those in use before the vendor and general public have been made aware of them. Presumably, a 1 day exploit would be one published on the day the vulnerability was announced. It seems like a fairly natural application of what was, at the time, a pretty well understood terminology.

The problem is, current usage seems to be to use 'zero day' as a synonym for 'just released' when speaking about vulnerabilities, which I agree is wrong. A '0day' by definition will not be known about by the public, so cannot feature in a public announcement.

Zero day, today, means unpatched in latest version, at least when applied to vulnerabilities.

Nicely written - the last paragraph draws the whole arc...from C preprocessor directives to Twitter hashtags; brings it together.

0day always has meant one thing , release of software on the same release date i.e. 0 day.

That's empirically incorrect; 0day means more than just that nowadays.

oh memories... Some were a bit more lazy and used "trashed" credit card numbers to get free phone calls... They were looking in some restaurant's trash can to get them... Not exactly hi-tech but working nonetheless :-)

today drug dealers use leet speak over SMS to communicate about transactions without triggering local LE detection

I didn't know that. Do you have a source for this information?

I wonder if this is just a retelling of the myth(?) that leet speak originated in the practice of renaming files to avoid detection by sysadmins.

I seriously think it was all the crazy warez custom title screen that could be larger then the actual game. Back then you had to be "known" and go through the initiation of making sure you weren't someone that could harm them through intent or stupidity.

The only renaming to avoid detection I knew of was when fast modems were becoming a commoditized but FTP had started taking over as a transfer mechanism. Did you ever trawl through anonymous ftp servers looking for directories named ". ", ". .", "...", " ." etc.?

I just know my my children rebel by buying Apple products and have no technology skills. (Their rebellion choices could be way worse) They use "leet" speak on sms. I always hated it and didn't use it in my OLD warez days on the C64 NASA (North Atlantic Software Alliance) cool name huh? :)

who here was on lutzifer/qsd etc?

And who here was on Altos?

right-o and altos. geez.

What ever happened to those?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact