Watch the movie Hackers, it's basically a documentary. Roller blades, hacker dive bars, extreme fashion, custom boot screens, swirly 3D effects around you when you're typing fast. It was rad...
this post was submitted on 18 Oct 2025
66 points (97.1% liked)
Asklemmy
50932 readers
885 users here now
A loosely moderated place to ask open-ended questions
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 6 years ago
MODERATORS
Aaah, the good old times hacking into The Gibson…
Phone phreaking was where the fun was. Free phone calls, messing with other people’s boxes and stuff. When it was purely electric phone lines were easy to manipulate.
That and before PayPal credit card processing took weeks.
You could fake a credit card so easy and just get services until they tried to bill it.
The same techniques for social engineering are still the most effective ones.
Computers and systems get smarter.
People actually get dumber.
Not exactly hacking, but other people made me remember it...
If you ran early software like a forum, often passwords/DMs/etc. weren't encrypted in the database, so you could just look in your own database (or in the case of the perl-based forum I ran, the text files) and get people's passwords and private messages. I remember my shock at seeing that when I was poking around the back end of my own forum, lol. Luckily for my users, I'm not an asshat, so I never got up to mischief with that. But I absolutely could have, and I know plenty of dudebros in IT who would/did.
I still operate today on the idea that once you interact with an online system, the admins of that system basically have everything you give them and there's no privacy.
(Also, often if you, the user, "delete" something, usually what the system does is check a box for that data that is more or less a binary, "Is deleted? Y/N?", and then shows/hides the data based on that flag being set. This is due to corporate customers crying if they delete something by their own fat fingers, but it means if you do intend to delete something, you should assume it's not actually deleted, it's just hidden from the view you, the user, have permissions to view. Of course this all depends on the specifics of the system you are interacting with, but I still default to assuming the "delete" function is just a flag that alters the view you see, not a true delete feature.)
My ISP would give you like 10 MB to build a personal website. You'd log in to the FTP server, and it would take you to your personal directory. From there, you could "cd .." and end up in the parent directory and access everybody's data.
I wonder what the equivalent of this is today? Not meaning the same thing but what is incredibly insecure.
Probably cell phone interception and manipulation of cell service.
People. Social engineering is orders of magnitude easier than most default security configs.
That said, dumb security mistakes still happen regularly. Remember a few years ago when Missouri had a bunch of teachers' personal data just in the HTML sent to every person visiting their site? When a journalist notified them, the govt tried to say he was hacker.
In 1999+ you could sniff people's passwords in clear text right out of the air on public WiFi networks. tcpdump port 110 and just watch them roll in.
In the late 90's you could use a floppy disk to boot nt and dump the password hashes of anybody who had logged in, then run them through a dictionary attack which would take a matter of minutes before learning that your company's top employees used their favorite football team or cartoon character as their password without even appending some numbers to it. Dude with the football password even had the password emblazoned in his office wall.
One time in the 90's I got to a password prompt and just held enter, and eventually was just let past the password prompt.
In X windows if you managed to kill the screensaver password entry box you were dropped back to the desktop, and people found ways to crash the screensaver by overrunning the password input buffer by pasting input repeatedly using common keyboard shortcuts. (Pretty sure this same exact bug exited in early Mac osx versions.)
80s was all about the phones. And not much different than it is now.
If you want to know what hacking is like in the 80s watch Wargames and look up three dudes:
- Kevin Mitnick
- Mark Hess
- Katl Koch
If you want to know what hacking was like in the 90s watch Sneakers and look up
- Vladimir Levin
- Robert Tappan Morris
Phone phreaking, the 80's were so fun. Stolen AT&T calling card numbers enabled you to call long distance for free at a time when calling the next city over could cost 30 cents a minute or more (equivalent to over a buck now). Hacking people's answering machines was pretty easy. For youngsters, this was a device hooked up to your land line phone to give you voicemail. You could listen to your messages remotely by calling it and entering a password which was very short and limited to numbers. Some had to the capability to change the message that answered the phone. That made for lots of fun
30 cents per minute in the 80's is like a dollar per minute today, maybe more.
I dunno, having payphones on every other street corner in the 80's-90's can seem like a foreign concept today.
That would be because the notion of having a pay phone on every corner is.
That is beside the point. The phone is just a pathway, the hacking is the same. The phone gets the hacker to the end user. Today the cellphon/tablet/pc is just a pathway to the end user.
When it comes to tech as much as everyone thinks it changes the more it stays the same.
My dad and his buddy devised a plan to get unlimited calls from phone booths to abroad. They drilled a 2 Deutschmark coin and put a fishing line through it. They figured out that the coin only drops after the allotted time is up, allowing the machine for there to be credit registered. But there was nothing preventing the coin from going upwards again. So they just kept pulling it out and then inserting the coin again. And re-dialing the international number. Like some petty comic book villains.
Lack of knowledge was the big problem before the internet. Late 80s, early 90s.
Take Phreaking.
Dialup BBSs (1200/75, 2400 or 9600 baud) were the primary source of dodgy files that I knew of. Some would have a secret area with various texts about hacking and quasi-illegal behaviour, including pornography of all flavours and of course the anarchists' handbook. There were a few hacking and phreaking related stuff (getting free phone calls was huge then, given the cost of online activities - blackboxing, blueboxing, etc) and often required researching the types of PBX being used until you knew more than the people employed to run the things. To get access to this you'd need to suck up to the BBS owner, or prove your worth and "I'm not a law enforcement officer, honest" credits. Vouchsafing friends and others was another way, and there was cross-checking of you by sysops talking to each other.
The security on phone systems was laughable by modern standards, but at the time it was something very strongly guarded and if you found something, you made sure it stayed private. The phone companies helped by constantly denying anything was happening, but stakes were high. Legal consequences were high, but so were the rewards if you could get free calls.
Myself, I never did, but I always wanted to. Not having my monthly phone bills of hundreds of pounds would have been really nice...
When ADSL and always-on connections became available, phreaking stopped overnight.
A few things I remember.
Nobody sanitised their inputs.
You could get through logins by making a database query check whether 1 = 1 instead of a password. You could put JavaScript into guest book fields to redirect people to whatever crazy site you wanted.
My university lecturer told me about a well known supermarket that built a shop front. They made it in such a way that you could change the numbers before they were submitted and it wasn't validated on the back end. So free food.
Of course not speaking for experience. I’ve personally never broken the law.
But often when companies listed their contact information they’d have a phone line and a fax number. If those numbers were near each other, you could pretty much guarantee that there would be a phone number somewhere in that sequence, or just past it, that would let you dial into their network, often weakly guarded with default password on common user names.
While it could take a little while, I’m aware of people collecting company phone numbers and war dialling overnight to find the network service number. Once you spoke to a modem it would give you a telnet connection and there was hardly ever any form of rate control. The worst I’ve hear about was getting chucked off after three attempts. But you could just dial up again.
I’ve heard of many, many company secrets being found that way.
The temptation to say watch the documentary movie called Hackers but I can’t I good faith.
The connection between Cap’n Crunch, phone system hacking, and Apple is a pretty important part of early hacking history.
“Draper heard about the whistle from other phreakers. The whistle easily played at 2600Hz, the perfect tone to, in Apple Inc. [co-founder Steve Wozniak’s words], “seize a phone line.”
Huh, I had always wondered why the hacking magazine was called 2600. Guess that explains it, neat!
I met Captain Crunch around 2012, really nice and still insanely curious about phone systems.
load more comments
(1 replies)
Angelina jolie was involved
Money going online really changed the mood.
I recall a conference talk mentioning that the speaker (from a nordic country) told their friend to look at their online banking account, and then transferred them $-10. Either they were spotted or they disclosed it, I forget which, and luckily they were hired instead of jailed.
Money going online really changed the mood.
So true. Money spoils everything.
Damn
Not really hacking, but in the 90s you could usually just connect to a mail server and it would believe what you told it.
If you were careful you could just type an email directly: MAIL FROM, RCPT TO, etc.
I would write scripts at work to send spoof emails sometimes, you could put anything as the FROM address, like "info @ catfacts" or whatever.
Another "not really hacking" example is that when some companies first got an Internet connection, they would just allocate public IP addresses to everyone, no gateway or firewall. So you could browse any non-passworded smb shares just knowing the IP.
It's not hacking. Most languages have the ability to send mail from any mail address. Poweshell example -
Send-MailMessage -from bill.gates@microsoft.com -to you@yourmail.com -subject "fuck you" -body "no really fuck you"My point was really how there was little to no verification on SMTP servers back then and that you could send mail with a simple terminal program, or, more practically, a script.
Not hacking, but using knowledge of the insecurity of SMTP servers of the time, to allow spoofing easy spoofing.
Not so easy to find SMTP servers to do that with now.
Target sent credit card information to the back of the store unencrypted. Bluetooth didn’t need encryption because nobody can get that close. You could stop 50% of malware by changing the name of your windows directory. Security through obscurity was believed to work, every automated oil rig in the gulf was operating in the clear even into the 2000’s.
Wild times.
Late 80s early 90s I got into the database for our menus & recipes and changed 'hot dog' to 'tibe steak smothered in underwear' and then promptly forgot about it until one day months later with the storeroom clerk he was printing the monthly menus and inventory, lol and behold I laughed my ass off. He never even noticed because we just printed and filed the paperwork.
I also point around in areas that were 'resteicted' I found the 'star wars' game, and I would play it for hours on the midnight shift. Nothing like the old green screen games.
Insert Willem Dafoe meme Im something of a hacker myself
Was much easier as we all used password like 123456 or our first name.
That's amazing! I've got the same combination on my luggage!
My dad's go to from the 1980s all the way up to his death in the 2020s was "fuckme42069" . He was an OG Neckbeard.
load more comments
(1 replies)
In the 90’s, companies were super lax on data security, retention, and destruction. In my city we had major IT players like INTEL, HP, Motorola, etc. We would dumpster dive and find whole computers full of data and no passwords. We were after the hardware so all our friends could play Doom MP, Quake, or later Unreal Tournament… so we usually wiped them but who knows what was in those things. It was a lot of e-waste and because of divers with bad intentions, now there’s incredibly strict corporate rules about data security/destruction.
Different topic but ewaste today is absolutely insane. People throw out working post-2015 "gaming laptops" - maybe a dead battery or something equally simple to fix.
I cannot speak for other countries, but here in America, I blame the fact that once family and personal computers became a big thing they stopped teaching about them in schools.
I know I never had a single class or subject related to using a computer. They just expected us to know how to use them.
We had an “informatics” class for 2 years, and it was just really, really basic excel and mostly sitting around.
They just expected us to know how to use them.
And they still do. The "kids these days and their compyooturs" fallacy. Irks me to my core.
I was fortunate to have a middle school typing and graphic design class, and in highschool I learned hardware troubleshooting and stuff (A+ equivalent IT work)...but that "career path" of flipping computers that people downloaded the wrong screensaver on kinda died out.
Still learned a lot though! If the I.T field was still hanging out with buddies in some dungeon nobody visited, I might be in that field today lol.
load more comments
(1 replies)
It was extremely easy to send a trojan file to a friend and if they would open it and you happen to know its IP you could remote do things like open its CD drive and at the same time have tons of malware in your PC but it was all worth to see them in the next day saying that the PC went abducted by aliens
At my fist big boy job my dad sent me one that locked out my keyboard and mouse then cranked the volume to 100% as it yelled “hey everyone, I’m watching porno over here” followed by a super loud moan. It was a quiet call center too. That moment still haunts my dreams.
the phreaks will, they had tons of fun
captain crunch whistles and tape recorders were the golden keys and it was glorious lol
Back in these days you'd install your distribution and stay there until the next major release. There were no online software repositiories for updates.
And exploits were plentiful. It was an easier time if you were up for mischief.
It was exactly like the movie Hackers. 😅
Due to the nature of how the ARPAnet was born (lots of academic influence and the view of free sharing of information) outside the DOD infosec wasnt a thing, even then it was an after thought.
There was a healthy phone hacking community coming out of the 70s and into the 80s. Their techniques for getting free calls helped with exploiting the ARPAnet
There were pretty significant technology changes in the 90s with the WWW and the number of people and companies online leading to more opportunities and ways to exploit.
Wargames and Sneakers are pretty entertaining and while movies will give you a bit of a vibe.
If you can highly recommend you read
https://en.wikipedia.org/wiki/The_Cuckoo%27s_Egg_(book)
Really easy read and amazing true story
It wasn't like the military had that much better OPSEC. The code to launch American nuclear weapons for over, 15 years was 00000000.
load more comments
(1 replies)
You could use telnet as example of a "historic vulnerability" in your talk.
[removed my post: someone else already mentioned Captain Crunch]
Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World" by Joseph Menn
If just looking for a casual, non-technical read, this is a good one. It led me to a few rabbit holes to dive down deeper.
view more: next ›