Landmark computer hacking archive deposited at TNMOC
Prince Philip Prestel hack preserved for posterity
An archive that tells the story of how the 1980s hack of Prince Philip’s mailbox led to UK anti-hacking legislation has been deposited at The National Museum of Computing (TNMOC).
Robert Schifreen, the "white hat" at the centre of the 1980s controversy, compiled the archive, which details Schifreen’s two-year-long legal travails following his open hack of Prestel, BT’s pre-web online service. Schifreen and the late Steve Gold managed to hack into BT's Prestel Viewdata service, famously accessing the personal message box of Prince Philip in the process.
The Prince Philip incident only happened following a number of attempts to shock BT into action after the telco showed no interest in bolstering the security of its system. Involving the Royals prompted BT into calling in the police, setting off a chain of events that led to the the arrest of Schifreen and Gold in March 1985 and the subsequent prosecution of the two tech enthusiast journalists.
With no anti-hacking law in existence at the time, the archive gives details of the passage of what turned out to be in effect a test case through three courts ending in the acquittal of Schifreen and Gold in the House of Lords (at that time the highest UK court) in 1987.
The archive includes Schifreen’s '80s-era hacking password book, transcripts of his interviews with police, legal correspondence, the jury bundle and a substantial number of press cuttings.
Evening white hats
In presenting the archive, Robert Schifreen explained the context of 1980s hacking to an audience at TNMOC. In 1985, the internet did not exist, home computing was beginning to take off, Prestel had recently become the first online service available to the UK public but there was no real awareness of the need for computing security and no law explicitly against computer hacking.
Schifreen, aged 22 at the time, collected user names and passwords and investigated computer databases not supposedly open to the public but accessible all the same.
In a statement, Schifreen explained: “Hackers in those days never started until 6pm because it was so expensive to go online with a dial-up connection before that. But 6pm was a significant start-time because the Prestel security staff had gone home and weren’t there to deal with automated messages telling them that there had been three unsuccessful attempts at a log-on to Prestel.
“I could read the messages, delete them to cover my tracks before security arrived for work next morning. In effect I was a Prestel System Manager. I even managed to hack Prince Philip’s Prestel Mailbox and was quite open about it,” he added.
Schifreen was surprised at how Prestel handled his reports of issues with its systems, which these days would have earned him a bug bounty payout. Thirty years ago he was treated to arrest and trial.
“I made no secret of what I was doing,” Schifreen explained. “It was 1985. The Computer Misuse Act came into existence in 1990. I was doing nothing illegal!
“I phoned Prestel and told them what I could do. I thought they might give me a job. They didn’t. They called Scotland Yard,” he added.
Initially charged and convicted of forgery at Southwark Crown Court, that decision was overturned on appeal by the Lord Chief Justice. After a further appeal by the prosecution, the Lord Chief Justice’s decision to acquit was upheld by the House of Lords.
Relic of an age when security wasn’t treated seriously
Schifreen, who has gone on to enjoy a successful career as a security journalist and later consultant, currently at SecuritySmart, an IT security awareness training company, concluded: “I think the police were quite happy that I was acquitted as it demonstrated the need for a computer hacking act of some sort. The Computer Misuse Act of 1990 resulted.”
Receiving the archive, TNMOC trustee Margaret Sale commented: “We are extremely grateful to Robert Schifreen for donating his fascinating archive to TNMOC and giving us an insight into what now seems a very strange world in which computer security was not treated very seriously.”
These days firms such as TalkTalk, in some ways a modern-day successor to Prestel, go to great lengths to tell everyone that they take security seriously. Well, they do after they’ve been breached, anyway.
But we digress.
The archive at TNMOC, which is located at Bletchley Park, is available to bona fide researchers. It is growing rapidly and already contains the entire 45-year print history (1966-2011) of Computer Weekly, the world's first weekly computer publication, 26 years of Personal Computer World, and many other magazines, the complete ICL manufacturing archive, the entire Digital Equipment Corporation microfiche and more.
Prestel started in the late '70s but was not commercially successful. Live systems were used for home banking, among other applications. ®
The Reg's take on how a hack on Prince Philip's Prestel account led to UK computer law - featuring interviews with Schifreen, former Detective Inspector John Austen, a senior investigating officer in the case, and Alistair Kelman, Gold's barrister throughout the case - can be found here.