Kevin David Mitnick (August 6, 1963 – July 16, 2023), The Dark Knight of Internet
Dad’s writer may be the first 100 users of Microsoft Windows in Indonesia circa 1985-1986. The writer never obtained Computer Science. Writer was prevented a massive bug for some Fortune 500 companies
3.22am Van Nuys California / 11.22am London / 3.57pm Bengaluru India
I’m really waiting until 108 hours before writing it, and global media such as The Guardian, Der Spiegel, ‘duo” NYTIMES - WaPo even have not yet posted an obituary about Kevin David Mitnick. Around 15 hours ago (5pm California) Associated Press posted about his death. 13 Hours ago (around 7pm California) posted by the BBC. 2 of my close friends in Czech and of course (both) hear immediately about the passing of Milan Kundera. With utmost respect, another profile “less popular” than Milan Kundera and Kevin Mitnick abruptly got coverage by “duo” NYT and WaPo, and Kevin David Mitnick at least until 108 hours not yet a special feature by the duo.
The more and more angry: WIRED, THE VERGE, and also “THE PLATFORMERS”, arguably (currently) the best IT issue coverage on universe, not yet posted obituary about him.
Kevin David Mitnick passed away July 16th. If using “superlative” moment: he’s really Dark Knight, when 15 years ago (July 18th, not July 16th) Batman’s Dark Knight was released.
If a crime-hack by Kevin David Mitnick never happens, maybe the universe of the internet will never be the same as it is today. We've lost a true pioneer of the digital world, Kevin David Mitnick. His ingenuity challenged systems, incited dialogues, and pushed boundaries in cybersecurity. He will remain a testament to the uncharted power of curiosity. Imagine today with access to AI (artificial intelligence) what he wouldn't do or maybe they aren't doing.
After a well-publicized pursuit, the FBI arrested Kevin David Mitnick on February 15, 1995, at his apartment in Raleigh, North Carolina, on federal offenses related to a two-and-a-half-year period of computer hacking which included computer and wire fraud. He was found with cloned cellular phones, more than 100 cloned cellular phone codes, and multiple pieces of false identification.
In December 1997, the Yahoo! website was hacked, displaying a message calling for Mitnick's release. According to the message, all recent visitors of Yahoo!'s website had been infected with a computer worm that would wreak havoc on Christmas Day unless Mitnick was released. Yahoo! dismissed the claims as a hoax and said that the worm was nonexistent.
Mitnick was charged with wire fraud (14 counts), possession of unauthorized access devices (8 counts), interception of wire or electronic communications, unauthorized access to a federal computer, and causing damage to a computer.
Mitnick was diagnosed with Asperger syndrome, but it was not used as evidence at his trial. In 1999, Mitnick pleaded guilty to four counts of wire fraud, two counts of computer fraud, and one count of illegally intercepting a wire communication, as part of a plea agreement before the United States District Court for the Central District of California in Los Angeles. He was sentenced to 46 months in prison plus 22 months for violating the terms of his 1989 supervised release sentence for computer fraud. He admitted to violating the terms of supervised release by hacking into Pacific Bell voicemail and other systems and to associating with known computer hackers, in this case co-defendant Lewis De Payne.
Mitnick served five years in prison—four-and-a-half years' pre-trial and eight months in solitary confinement—because, according to Mitnick, law enforcement officials convinced a judge that he had the ability to "start a nuclear war by whistling into a pay phone", implying that law enforcement told the judge that he could somehow dial into the NORAD modem via a payphone from prison and communicate with the modem by whistling to launch nuclear missiles. In addition, a number of media outlets reported on the unavailability of kosher meals at the prison where he was incarcerated.
Mitnick was released on January 21, 2000. During his supervised release, which ended on January 21, 2003, he was initially forbidden to use any communications technology other than a landline telephone. Under the plea deal, Mitnick was also prohibited from profiting from films or books based on his criminal activity for seven years, under a special judicial Son of Sam law variation act.
In December 2001, a Federal Communications Commission (FCC) judge ruled that Mitnick was sufficiently rehabilitated to possess a federally issued amateur radio license.
Mitnick, 59, died peacefully on Sunday, July 16, 2023, after valiantly battling pancreatic cancer for more than a year. Kevin is survived by his beloved wife, Kimberley Mitnick, who remained by his side throughout their 14-month ordeal. Kimberley is pregnant with their first child. Kevin was ecstatic about this new chapter in his and Kimberley's life together, which has now been sadly cut short.
Kevin was preceded in death by his devoted mother, Shelly Jaffe, and his loving grandmother, Reba Vartanian, his father, Alan Mitnick, and his half-brother, Adam Mitnick.
He is survived by his brother-in-law, Ricky Barry and his wife Roxy, and their three children: Millie, Winston, and George, his mother-in-law and father-in-law, Daisy and Andrew Tibbs, his stepmother Nanci King, his great aunt Sophie "Chickie" Leventhal and her longtime partner, Dr. Bob Berkowitz, Kevin's cousins Mitch Leventhal, Karen van den Berg, Jolie Mitnick, Mark Mitnick and Wendy Cohen.
Kevin would also want to acknowledge the tremendous love and support over the years of his dear long-time friends: Michael Morris who showed tremendous dedication to Kevin over many decades, Paul Dryman, Roy Eskapa, Shawn Nunley, Darci, and Brianna Wood, Amy Gray, Alex Kasper (Kasperavicius), David Kennedy, David Fugate, Dr. Nick Spirtos, Stu Sjouwerman, and Apollo Robbins. It is impossible to list all of Kevin’s close friends, — and also IT experts who praise him. He was blessed to have so many. You know who you are. Your impact on Kevin was profound. Kevin was also very grateful for the legions of fans who in the mid-to-late 1990’s fueled the global “FREE KEVIN” movement.
Kevin was an original; much of his life reads like a fiction story. The word that most of us who knew him would use – magnificent.
He grew up brilliant and restless in the San Fernando Valley in California, an only child with a penchant for mischief, a defiant attitude toward authority, and a love for magic. Kevin's intelligence and delight in holding the rapt attention of audiences revealed themselves early in his childhood and continued throughout his life. In time, he transitioned from pranks and learning magic tricks to phone phreaking, social engineering, and computer hacking.
Mitnick became the world's most notorious black hat hacker, breaking into the networks of companies like IBM, Nokia, Motorola, and other targets. After a stint in prison, he reinvented himself as a white hat hacker, selling his skills as a penetration tester and security consultant.
With his latest business venture, Mitnick has switched hats again: This time to an ambiguous shade of gray.
Mitnick revealed a new branch of his security consultancy business he calls Mitnick's Absolute Zero Day Exploit Exchange. Since its quiet inception six months ago, he says the service has offered to sell corporate and government clients high-end "zero-day" exploits, hacking tools that take advantage of secret bugs in software for which no patch yet exists. Mitnick says he's offering exploits developed both by his own in-house researchers and by outside hackers, guaranteed to be exclusive and priced at no less than $100,000 each, including his own fee.
And what will his clients do with those exploits? "When we have a client that wants a zero-day vulnerability for whatever reason, we don’t ask, and in fact they wouldn’t tell us," Mitnick explained.
As the zero day market has come to light over the last several years, freelance hackers' sale of potential surveillance tools to government agencies has become a hotly debated ethical quandary in the security community. The notion of Kevin Mitnick selling those tools could be particularly eyebrow-raising; After all, Mitnick became a symbol of government oppression in the late 1990s, when he spent four and a half years in prison and eight months in solitary confinement before his trial on hacking charges. The outcry generated a miniature industry in "Free Kevin" T-shirts and bumper stickers.
Enabling targeted surveillance also clashes with Mitnick's new image as a privacy advocate; His book titled "The Art of Invisibility" promises to teach readers "cloaking and countermeasures" against "Big Brother and big data."
>"It's like an Amazon wish list of exploits."
He says his intended customers aren't necessarily governments. Instead, he points to penetration testers and antivirus firms as potential exploit buyers, and even suggests that companies might pay him for vulnerabilities in their own products. "I’m not interested in helping government agencies spy on people," he says. "I have a unique history with the government. These are the same people who locked me in solitary because they thought I could whistle nuclear launch codes."
Still, the six-figure fees Mitnick names on his site are far more than most buyers would pay for mere defensive purposes. (Though his website names a minimum price of $200,000, Mitnick says that's an error, and that he's willing to deal in exploits worth half that much.) Companies like Facebook and Paypal generally pay tens of thousands of dollars at most for information about bugs in their products, though Google occasionally pays as much as $150,000 in hacking contest prizes.
Mitnick's exploit exchange seems designed to cater particularly to high-end buyers. It lists two options: Absolute X, which lets clients pay for exclusive use of whatever hacking exploits Mitnick's researchers dig up, and Absolute Z, a more premium service that seeks to find new zero-days that target whatever software the client chooses. "We have some clients that give us a menu of what they’re looking for, like 'We’re looking for an exploit in this version of Chrome,'" he says. "It's like an Amazon wish list of exploits."
Mitnick is far from the only hacker to see an opportunity in the growing grey market for zero days. Other firms like Vupen, Netragard, Exodus Intelligence, and Endgame Systems have all sold or brokered secret hacking techniques. While the trade is legal, critics have argued that the services' lax customer policies make it possible for repressive regimes or even criminals to gain access to dangerous hacking tools.
But Mitnick counters that he'll carefully screen his buyers. "I would’t consider in a million years selling to a government like Syria or to a criminal organization," he says. "Customers want to buy this information, and they’ll pay a certain price. If they pass our screening process, we’ll work with them."
As an ex-convict, Mitnick's entrance into the zero-day market may mean he'll face extra scrutiny himself. From his teens to his early 30s, after all, Mitnick went on an epic intrusion spree through the networks of practically every major tech firm of the day, including Digital Equipment, Sun Microsystems, Silicon Graphics, and many more. For two and a half years, he led the FBI on a manhunt that made him the most wanted hacker in the world at the time of his arrest in 1995.
Prosecutors had mythologized him. They even claimed he was so dangerous, he could launch nukes just by speaking into a telephone. That landed him in solitary.
*epilogue*
Dad’s writer may be the first 100 users of Microsoft Windows in Indonesia circa 1985-1986. The Indonesian population in 1986 was 156 million. Current Indonesia population (2023) 282 million.
The writer never obtained Computer Science (he chose IR/International Relation). Writer was prevented a massive bug for some Fortune 500 companies.
Writer actually facing 12 years attack-simultaneously (physically terror, cyberattack terror) by his (ex) friend in IR UGM / HI UGM (all of them actually indebted to me, at least get a very cheap book). 2 times, my mom nearly got assassinated by my friend with “komplotan” / weird syndicate. I push myself to be (keep) dovish, pacifist, and you can read my pacifist tone in every note I write. A framing that myself propagated for years. ****
==========END————
Thank you, as always, for reading. If you have anything like a spark file, or master thought list (spark file sounds so much cooler), let me know how you use it in the comments below.
If you enjoyed this post, please share it.
If a friend sent this to you, you could subscribe here 👇. All content is free, and paid subscriptions are voluntary.
————
-prada- Adi Mulia Pradana is a Helper. Former adviser (President Indonesia) Jokowi for mapping 2-times election. I used to get paid to catch all these blunders—now I do it for free. Trying to work out what's going on, what happens next. Arch enemies of the tobacco industry, (still) survive after getting doxed. Now figure out, or, prevent catastrophic situations in the Indonesian administration from outside the government. After his mom was nearly killed by a syndicate, now I do it (catch all these blunders, especially blunders by an asshole syndicates) for free.
(Very rare compliment and initiative pledge. Thank you. Yes, even a lot of people associated me PRAVDA, not part of MIUCCIA PRADA. I’m literally asshole on debate, since in college). Especially after heated between Putin and Prigozhin. My note-live blog about Russia - Ukraine already click-read 4 millions.
=======
Thanks for reading Prada’s Newsletter. I was lured, inspired by someone writer, his post in LinkedIn months ago, “Currently after a routine daily writing newsletter in the last 10 years, my subscriber reaches 100,000. Maybe one of my subscribers is your boss.” After I get followed / subscribed by (literally) prominent AI and prominent Chief Product and Technology of mammoth global media (both: Sir, thank you so much), I try crafting more / better writing.
To get the ones who really appreciate your writing, and now prominent people appreciate my writing, priceless feeling. Prada ungated/no paywall every notes-but thank you for anyone open initiative pledge to me.
(Promoting to more engage in Substack) Seamless to listen to your favorite podcasts on Substack. You can buy a better headset to listen to a podcast here (GST DE352306207).
Listeners on Apple Podcasts, Spotify, Overcast, or Pocket Casts simultaneously. podcasting can transform more of a conversation. Invite listeners to weigh in on episodes directly with you and with each other through discussion threads. At Substack, the process is to build with writers. Podcasts are an amazing feature of the Substack. I wish it had a feature to read the words we have written down without us having to do the speaking. Thanks for reading Prada’s Newsletter.
Headset and Mic can buy in here, but not including this cat, laptop, and couch / sofa.
Damn! Pancreatic cancer. Sucks.
Wow! Let me guess? Drug overdose? <googles