December 06, 2000, 11:34 AM — OVER THE LAST decade, Kevin Mitnick has worn many identities: cyberspace cult icon,
fugitive on the Federal Bureau of Investigation's Most Wanted list, former federal
prisoner, and now a man trying to reinsert himself into society.
Granted release last January after five years of time served at the Federal
Correctional Institute at Lompoc, Calif., Mitnick must wait at least two more years
before he can legally touch a computer keyboard, check e-mail, or surf the Internet.
That's part of the price Mitnick, one of the world's most legendary hackers, must pay
per his negotiated guilty plea on five felony counts. Mitnick had faced 25 counts on
federal charges that he committed wire fraud and illegally removed computer files from
Nokia and Sun Microsystems.
Turning his computer talents to the written and spoken word these days, Mitnick is
edging himself back into public view through speaking engagements and literary
critiques; he recently reviewed a how-to guide for personal identity theft called
Who Are You: The Encyclopedia of Personal Identification, by Scott French.
Mitnick recently spoke with InfoWorld reporter Brian Fonseca, sharing some
of his thoughts on the modern-day perception of hacking, how the Internet has changed
computing, and the state of online security risks and digital identity theft.
InfoWorld: Do you think that step-by-step instructions found online and in print
detailing methods of hacking or ways to commit identity theft belong in public hands?
Mitnick: I'm a proponent of free speech and the freedom of information, and that
kind of goes into why I got involved with hacking. Not on the freedom of software or
the information being proprietary -- I'm talking about how to do something. I believe
in the right to publish this. However, it's the same issue in the computer security
space with publishing vulnerabilities. The controversy is over publishing
vulnerabilities or not publishing them. They both have their pros and cons. Somebody
could read Scott [French's] book and take it step-by-step and create a new identity and
maybe clone someone's identity for identity theft and steal their money and property
InfoWorld: In Scott's book, he said it's up to the users to safeguard themselves
from computer and personal identification theft. Do you agree?