Telenet The 1983 Hacking Incidents and The Construction of Network Security in The United States

This article has been accepted for publication in IEEE Annals of the History of Computing.
This is the author's version which has not been fully edited and
content may change prior to final publication. Citation information: DOI 10.1109/MAHC.2023.3347632
Telenet, the 1983 Hacking Incidents, and the Construction of Network Security in the United States
Brian K. Vagts
Annals-2023-09-0030.R1_Vagts
Author Bio: Brian Vagts is an Associate Professor of History at Northern Virginia Community College in
Alexandria, Virginia, USA. His research interests include the development of behavior on early digital
networks and the Northern Virginia technology industry. Vagts has a M.A. in History from George
Mason University and is currently enrolled in the Science and Technology Studies program at Virginia
Tech. Contact him at [email protected].
Keywords: social construction, hacking, network security, Telenet
Authorized licensed use limited to: UNIVERSIDAD DE SALAMANCA. Downloaded on January 29,2024 at 21:33:17 UTC from IEEE Xplore. Restrictions apply.
© 2023 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.See https://www.ieee.org/publications/rights/index.html for more information.
This article has been accepted for publication in IEEE Annals of the History of Computing. This is the author's version which has not been fully edited and
Abstract
1983 marked an important point in the development of how people behaved regarding security on
data networks in the United States. The confluence of the movie WarGames with a series of high-profile
network breaches of Telenet, one of the biggest commercial data networking providers at the time,
created a great deal of popular media attention. This public attention exposed how multiple social groups
approached security in the formative period of data networking. As seen through these hacking incidents,
persistent problems in network security such as the use of insecure passwords were well established and
understood in the 1980s, and led to shifts in social behavior and expectations rather than a change in the
technology.
Introduction
The behavior of people on networked computer systems developed over the decades into its own
distinct set of cultural practices, including attitudes and actions related to network security. A series of
events in 1983 contributed to the social construction of network security that had lasting impacts in the
United States. At the time the Internet as currently known did not exist, and its most direct precursor, the
ARPANET, was still limited to a relatively small group of specialists. Most users of data networking at
the time used discrete networks that, while large, were usually not interconnected. These data networks
were commercial entities rather than governmental or academic organizations such as ARPANET. Their
large user-base and commercial orientation provides an important historical input to the construction of
networked security. ARPANET provided the technological basis for the modern Internet, but Telenet and
other commercial data networks provided much of the social basis. The less commercialized BBS
systems, as documented by Kevin Driscoll, also made significant contributions, creating “norms and
practices that continue to shape the social media systems we rely on today.”1 These different systems
1
Driscoll, The Modem World, 27.
made up a “paleo-Internet” that helped to shape networked human behavior that later became embedded
into the Internet as it started to consolidate as an idea and technology.
1983 saw multiple instances where the Telenet commercial data network was used to access
computer systems without authorization, a practice popularly known as hacking. The conjunction of these
events as well as the release of the movie WarGames allowed computer hacking and security to enter
mainstream consciousness in a new way. The interactions between the different user groups of Telenet
reveal how the construction of network security prioritized the interests of data communication providers
and large enterprises while simultaneously failing to address the resistance towards effective security
practices by end users. Long-term impacts of this approach include a particular division of responsibility
for security between the different agents engaged in networked computing, a focus on securing host
computers rather than the network itself, and an over-reliance on a socially flawed authentication system
based on passwords.
The paper looks at the events of 1983 based on the published material from the period including
newspapers, the movie WarGames, hacker accounts, contemporary academic articles, and congressional
testimony. The first parts establish the context of data networking in the United States at the time,
including a look at Telenet and the events of 1983 itself. It then proceeds to look at network security as a
social construction. The social construction of technology (SCOT) framework is used to examine how
different social groups built conceptions of network security. Finally, it looks at what alternatives existed
in 1983 as well as the opinions of social groups who were reflecting on the events.
The History of Telenet
Telenet is just as much a child of ARPANET as the modern Internet. Telenet was established in
1972 as a subsidiary of Bolt Beranek and Newman, Inc. (BBN), an important provider of much of the
early underlying technology of ARPANET.2 In 1973, Larry Roberts, director of the Information
Processing Techniques Office (IPTO) at Advanced Research Projects Agency (ARPA), left government
2
Mathison, “The History of Telenet,” pp. 32.
service and joined Telenet as its president. In the process the company relocated from Cambridge,
Massachusetts, USA to the Northern Virginia suburbs of Washington, DC, USA.3 Telenet began
operations as the “first public packet-switched data communications service in the United States” in
1975.4 In 1976 Telenet, along with multiple international partners, played an important role in developing
the basis for what would become the X.25 standard, which was important in early networking.5 X.25 was
a substantial competitor with TCP/IP for much of the 1980s and Telenet’s role is an indicator of its
influence at the time.6
Being the first commercial packet-switched network in the United States was a point of pride for
Telenet, but it was only true with a substantial caveat. TYMNET, a service provided by Tymshare, Inc.,
had started operations in 1971 and also offered data networking services as an adjacent service to its
primary computer time-sharing business.7 However, the early TYMNET was offered on an unregulated
basis, and was spun off as a regulated communication service in 1976 after a regulatory complaint by
Telenet.8 The two companies competed for the same customers and were the predominant data
communications providers at the time. Telenet was acquired by GTE in 1979 and TYMNET by
McDonnell Douglass in 1984.
In 1983 Telenet was formally known as GTE Telenet and was an operating unit in GTE’s
Communication Services group and reported providing service in 325 cities in fifty-one countries.9 While
Telenet did have an international presence, the events documented here appear to be limited to the United
3
4
Mathison, “Telenet Inaugurates Service.”
5
Rybczynski, “A New Communication Protocol for Accessing Data Networks,” pp. 477.
6
Abbate, Inventing the Internet, pp. 154-155.
7
Tymes, “Routing and Flow Control in TYMNET,” pp. 392.
8
9
“GTE 1983 Annual Report,” pp. 25, 33. It is not clear when this was published but the CEO’s “To Our
Shareholders” introduction is dated February 29, 1984.
States. Telenet first became profitable in 1983, and the division of GTE that it was a part of reported
revenue of $578 million, though Telenet’s share of that was not broken out separately.10
Network Security and Hacking in 1983
Security on ARPANET was a concern from the beginning. A basic form of access control had
been provided by attempting to limit access to the ARPANET to those who had contractual relationships
with the Department of Defense. Quinn DuPont and Bradley Fidler showed how experiments with
encryption was an important, if mostly experimental, part of ARPANET from an early date.11 This
restriction created an opening for commercial vendors like Telenet, and while ARPANET continued to
create the technologies that resulted in the modern Internet like TCP/IP in the 1970s and 1980s, the
commercial services like Telenet and TYMNET likely had more users. In 1983 Telenet was estimated to
have 2,000 customers and about 200,000 users.12 In contrast, in 1983 before the ARPANET/MILNET
split there were a total of 113 nodes in the ARPANET.13 Each customer of Telenet was roughly
equivalent to a node on the ARPANET, representing an enterprise computer or system of computers.
However, some of those Telenet users and customers may have only used the Telemail email service
provided directly by Telenet without having their own systems connected as a node, and likewise each
computer would have had varying numbers of users. As such it is difficult to establish a direct
comparison between the two systems in terms of users and numbers of computers connected, but Telenet
appears to be vastly larger than the ARPANET of the time. The users of Telenet would more resemble the
populations using the Internet in the following decades as most were non-computer specialists using the
network as part of their routine duties.
While there were examples of hacking and phone phreaking prior to 1983, the release of the
movie WarGames played an important role in making the public aware of it. The movie revolves around
10
“GTE 1983 Annual Report,” pp. 32-33.
11
DuPont, “Edge Cryptography.”
12
Ackland, “Lawmakers Hear Tales of Computerized Capones,” pp. 3.
13
Hafner, Where Wizards Stay Up Late, pp. 249.
the idea of a hacker innocently accessing a Department of Defense computer to play games. The game in
this case happened to almost trigger a nuclear exchange between the United States and the Soviet Union.
WarGames was fictional, but it did create public interest in the issue. The movie shows that the stereotype
of the teenage male hacker was already established. It also proved concerning to officials in the military.
The Los Angeles Times in July ran a long article where the North American Aerospace Defense
Command (NORAD) disputed the possibilities shown in the movie. The article asserts that the movie was
marketed as “a motion picture based on what could really happen.”14 It goes on to interview Lieutenant
Colonel Al Alderfer, a US Air Force public affairs officer:
“’WarGames’ is highly entertaining, but a complete fantasy.”

But could a high school student like the one in the movie tap into our missile-warning
system? Said Alderfer, “Hell, no!” Are human beings left out of the decision-making process as
they are in the movie? Said Alderfer, “Hell, no!” Could the United States ever be plunged
accidentally into a thermonuclear war? Again, “Hell, no!”15
While Alderfer’s assessment of the security of the nuclear systems was likely accurate, events later in the
year would not be reassuring.
In August 1983 a group of teenaged and young adult hackers, called the “414s” after the
Wisconsin area code where they lived, managed to gain access to the computer systems of different
organizations. One of these was at the Los Alamos National Laboratory.16 This computer only contained
“unclassified correspondence and unclassified abstracts of scientific papers” and was not directly
connected to any weapons systems.17 Nevertheless the unauthorized access of a computer at one of the
laboratories responsible for the production of nuclear weapons did little to address concerns that were
raised by WarGames. Reporters make a point of mentioning that the NORAD computers were isolated
14
Lee, “Wargames Playground,” pp.1.
15
Lee, “Wargames Playground,” pp.14.
16
Fritsch, “Young Computer Buffs Rocked the System,” pp. 19.
17
Burnham, “Computer Security Raises Questions,” pp. 7.
and unable to be accessed via a network.18 This same group of hackers also breached a computer involved
with cancer care at the Sloan-Kettering Memorial Cancer Center.19
An incident in October of that year continued the trend. In this case, a Telenet Telemail server,
which provided email service, was hacked by a group called the “Inner Circle,” putting the
communications of those who used the service at risk. Initial reports regarding the incident were dramatic.
Four teenaged boys “had linked up with the huge system at the invitation of “The Cracker,” a mysterious
computer wizard from the San Diego area who they had never met.”20 Up to 17,000 mailboxes were at
risk of compromise.21 The reality was that “The Cracker” was another teen, Bill Landreth, who was
convicted of wire-fraud in 1984.22 The example of the 414s and the Inner Circle would be important for
reinforcing the notion of the curious but not ill-intentioned teenaged hacker that was prevalent prior to
this time. It is unclear if these boys were simply curious, or if this much publicized naivety and curiosity
was created as a means of legal defense. Regardless, this notion of the innocent, young, male hacker had
legal and strategic implications.
Telenet’s Response
Telenet’s unintentional involvement with these incidents was impossible to avoid. A Chicago
Tribune article stated that “many of the recent hacker intrusions have been done through the public data
network run by GTE Telenet.”23 Telenet was both an attack vector and an attack victim: the 414s hackers
used Telenet to access their targets while the Inner Circle targeted Telenet itself.24 Responding to these
well-publicized incidents would involve balancing several competing factors. Moving too aggressively
could undermine user confidence in the system, but likewise having no response could also do the same.
18
Burnham, “Computer Security Raises Questions,” pp. 7.
19
20
Emmons, “GTE May Prosecute,” pp.1.
21
Emmons, “GTE May Prosecute,” pp. 3.
22
Halvorson, Code Nation, pp. 208.
23
Ackland, “Lawmakers Hear Tales of Computerized Capones,” pp. 3.
24
Fritsch, “Young Computer Buffs Rocked the System,” pp.19.
Responding by increasing network security would also increase the difficulty of accessing the service,
which was already regarded by many users as difficult.
Telenet’s response to the 414s’ hacks of their customer computers was restrained. Telenet was
used as a communications medium in this incident and its own systems were not breached. Telenet
attempted to strike a balance here, emphasizing the responsibility of the customer’s host computer for
security, while at the same time not alienating its customer. Telenet defended its access controls in place,
and the overall ease of access, saying:
“Security is entirely dependent on the host computer,” Floyd Trogdon, head of network services
at Telenet, said in a telephone interview. “We have a public network; it needs to be user-
friendly,” he said, meaning understandable by the layman. “Would we consider making it harder
to penetrate? We might. But you have to recognize that we provide a service and that the general
customer wants easy access.”25
Telenet, unlike the commercialized data services of the 1990s and later, was classified as a common
carrier. It was the mission of the common carrier to provide communications services to any member of
the public. It was on the customers to implement security. TYMNET, by 1983 also a common carrier,
appeared to agree:
“Unfortunately, we have found that companies are not particularly tight in the way they protect
access to these networks,” said Alan P. Zucchino, a vice president of Tymshare in Cupertino,
Calif. “The reality is that companies are issued passwords and hand them out freely to many
employees—and then there is nothing we can do.”26
Outside of the data networking industry few voices were interested in the lack of network security.
Observers made a parallel to irresponsibility with valuable, easily stolen property such as cars:
“It’s terribly unethical for computer centers and networks to have the low level of security that
they do,” said Dr. Martin E. Hellman, a computer scientist at Stanford University who advises the
Federal Government on the subject of cryptography. “It’s like leaving the keys in the ignition of
an unlocked car.”27
This criticism, however, was seldom mentioned in the press. Telenet’s response and the media coverage
of the 414s’ hacks seem to be heavily informed by their status as a common carrier of communication
25
Broad, “Rising Use of Computer Networks Raises Issues of Security and Law,” pp. A15.
26
Sanger, “Computer Security Methods Weighed,” pp. D4.
27
services. As a common carrier, responsibility resides outside of the company for the issue of security on
customers’ systems. The issue changed a few months later when Telenet’s Telemail service itself was
hacked.
Telenet’s strategy regarding the Telemail hack focused on the agency of the hacker as a criminal
rather than issues of network security. While the Telemail hack was being investigated Telenet
spokesperson Claudia Houston said that “It is GTE Telenet’s intent, following the identification of
individual suspects, to pursue all available legal recourse, including criminal prosecution.”28 She declined
to comment on any security changes Telenet made, stating that it was against company policy. That might
have been a new policy, as two months earlier Telenet indicated that it was studying a way to provide
greater security via call screening, which would limit access to specific phone-numbers with a correct
password.29 Indeed, there do not seem to be any external communications regarding security at Telenet.
GTE’s 1983 annual report does not mention the incidents at all when discussing its Telenet subsidiary.30
A review of employment ads for Telenet does not show a specific interest in hiring security specialists.
While Telenet was ambiguous about what security implementations they were adding, hackers
were convinced that the company had done nothing. The January 1984 edition of 2600 had an article
called “The Trouble With Telemail” that asserted that it was “still just as easy to access as it was last year,
prior to the October raids on computer owners who had allegedly broken into the system.”31 It concluded
that “Telemail, it seems, practically bends backwards to accommodate hackers.”32
Telenet sought to place most of the responsibility for security breaches with that of the parties
who committed the breach, the hacker. There was a risk of an overreaction given that most of the hackers
involved were teenagers. News coverage of the breaches often emphasized the young age of the hackers.
The headlines include “Young Computer Buffs Rocked the System,” “‘Hackers’ Ignore Consequences of
28
Sugawara, “Va. Firm Calls in FBI: Computer Invaders Sought.”
29
30
“GTE 1983 Annual Report,” pp. 25.
31
Corley, “The Trouble with Telemail.”
32
Corley, “The Trouble with Telemail.”
their High-Tech Joy Rides” and “Young Computer Bandits Byte Off More Than They Could Chew.”33
An article stressed how the teens were influenced by WarGames, and how they were “average-to-good
students.”34 Against this backdrop of sympathetic coverage, Telenet must not have been particularly
happy to see the headline “GTE May Prosecute: Irvine Boys Say Computer Break-In Not Intentional.”35
Faced with the breach of its own systems, Telenet attempted to emphasize the responsibility of the hacker
while also accommodating the generally sympathetic portrayal of the hackers.
Telenet launched an advertising campaign in December 1983 to emphasize the role of the hacker.
The ad appeared in at least the Chicago Tribune, Los Angeles Times, New York Times, Wall Street
Journal, and Washington Post.36 It displays a photo of four criminals including Al Capone, Bonnie
Parker, John Dillinger, and a fourth, unidentified individual above the line “What makes the computer
trespasser our newest public enemy?” The ad is straightforward:
In the old days criminals looked like criminals. And they toted submachine guns to prove it.
Today, there’s a new breed of criminal. His weapon is the personal computer. His target: the
corporate computer. Unfortunately, this criminal is unwittingly assisted by hackers who make
computer trespassing seem innocent. It is not. Computer crime is costing businesses millions of
dollars a year. And the problem is growing.37
Telenet here linked the famous violent criminals of the past with the modern issue of improper access to
computer systems. The youth and “innocence” of the hackers was dealt with by stating that they were
unwitting assistants, as directly attacking them would have put Telenet at odds with the sympathetic
media portrayals of teenage hackers. Telenet skirted this by implying that organized crime lurks behind
these innocent kids. The advertisement then discusses the limited nature of state and federal laws against
computer crime, provided a toll-free number for more information, and encourages readers to write to
their legislators. The problem of applying telecommunications law to data services was long known.
33
Fritsch, “Young Computer Buffs Rocked the System.”; Thornton, “’Hackers’ Ignore Consequences of
their High-Tech Joy Rides.”; Gellman, “Young Computer Bandits Byte Off More Than They Could
Chew,” pp. A2.
34
Treaster, “Trial and Error by Intruders Led to Entry into Computers,” pp. A14.
35
Emmons, “GTE May Prosecute.”
36
“Display Ad 25 -- No Title,” pp. A28. This is the version from the Washington Post, but the ads are
identical, and all are available ProQuest.
37
“Display Ad 25 -- No Title,” pp. A28.
10
Mathison and Walker had discussed the limits of the law for security back in 1970, stating that federal
law only addressed the security of “transmission rather than…the storage and processing of
information.”38 The situation had not changed much thirteen years later, as one of the articles said:
“We need a better definition of property,” said Tony Adamski, chief of the F.B.I’s financial
crimes unit, which handles many of the bureau’s computer cases. “Another thing is the notion of
trespass. The idea under common law is that going into someone else’s home is trespass, but
that’s not the case with a computer, at least from a criminal point of view.”39
In short, contemporary laws gave the government limited jurisdiction to intervene unless the data was
intercepted during transmission, which was not the case with the hacking incidents of 1983.
Other factors helped reinforce the idea of the hacker as criminal. In the case of the Telemail
breach, the first people identified as being part of it were four high-school students in California. They
engaged in a very public campaign to present themselves as innocent dupes of a master criminal:
“We know now ‘The Cracker’ is a high-level computer criminal,” said 17-year-old Wayne
Correia. “We had no intention of ripping off any company,” Knutson said. “…I definitely believe
‘The Cracker’ wanted to get us in trouble.” If so, “The Cracker” succeeded.40
These statements were provided in a press conference held in their high school theater. Emmons’ reported
that the press conference had been arranged by school officials, but given the potential of criminal
charges it is likely, though unstated, that lawyers were working with the families of the students to craft a
narrative. “The Cracker” appeared in multiple accounts as a shadowy agent manipulating others, and all
responsibility was transferred onto him. This public strategy appeared to have worked. When “The
Cracker” was identified as Bill Landreth, he was charged with and subsequently pled guilty to wire
fraud.41 Some of the earlier 414s hackers had pled guilty to misdemeanor charges.42 While Landreth
appears to have been more deeply involved in the actual breach of Telemail, with the others in the Inner
Circle simply enjoying the access he provided, there was a significant difference in treatment. Like the
38
Mathison, “Computers and Telecommunications.” pp. 214.
39
Broad, “Rising use of Computer Networks Raises Issues of Security and Law,” pp. A15.
40
Emmons, “S.D. ‘Wizard’ Involved,” pp. 1.
41
Landreth, Out of the Inner Circle, pp. 212.
42
Corley, “414s Plead Guilty.”
11
others, he was a teenaged high-school student in California, just one for whom a media narrative had been
created prior to arrest.
Accordingly, Telenet chose to focus on the actions of individual criminals, rather than the security
of the network itself, while creating an exception for those individuals that might be sympathetic. It was a
sensible decision that was in line with its business interests, absent a security-based backlash which didn’t
occur. The opportunity to address a problem that has haunted the security of data networks to this day was
lost: that there are few network-based means of securing who can access the network or can access data.
Likewise, the concept of multi-party responsibility for security was minimized. When a comprehensive
law addressing computer security was passed in 1986, it focused on criminalizing the external intruders
rather than the responsibility for security of the systems involved.43
The Problem with Passwords
The use of passwords for most security systems are at the root of the problems of 1980s network
security, not the ambiguity of the legal code. Passwords are an ancient technology and have long been
used in computing. Mathison lists passwords as the first means of controlling access to a computer system
well before the incorporation of Telenet.44 The security limitations of passwords were well known in
1983, with one article including the following:
“The real weak link isn’t machines, it’s people” said Mr. Borden of the Yankee Group. “If
somebody tells you a password, it’s all over.”45
According to Bill Landreth, “The Cracker,” the initial penetration of Telemail came from when a default
password for a user account was leaked. Using the unprivileged user account, the Inner Circle determined
the names of users with “admin” access, which were then attacked. Landreth reported that using the first
name of a user with an admin account as a password worked “in a few cases.”46 In a later account
43
Slayton, “Framing Computer Security and Privacy, 1967-1992,” pp. 323.
44
Mathison, Computers and Telecommunications, pp. 210-211.
45
Broad, “Rising Use of Computer Networks Raises Issue of Security and Law,” pp. A15.
46
12
Landreth said that some of the passwords consisted of the users last name with a capital-A appended.47
Compromise of a password goes much beyond the act of one person leaking a password. Due to the need
for a user to remember a password, they are often simple, which makes them easy to guess. The
protagonist in WarGames penetrated the school computer after finding the password “Pencil” written
down on a piece of paper.48 This fictional password appears more secure than other passwords used in the
real world. Some of the passwords documented to have been used by the 414s includes “SYSTEM”,
“TEST”, “MAINTENANCE” and “DEMO”.49 These easily guessed passwords made it quite easy for
unauthorized users to access a system. Once in, the passwords were shared, allowing for one person’s
discovery to spread to the wider hacking community.
Network Security as a Social Construction
Given the weakness of passwords as an authentication system for networked communications, it
is an open question why they are such an important part of networked security. Alternative methods of
security exist but are cumbersome for administrators and users, and so the use of passwords continues in a
way that is little changed from the 1980s. The technological means of security continues to depend on the
low cost and complexity of passwords, while the changes resulting from network security breaches are
accommodated by social constructions regarding responsibility.
The Social Construction of Technology (SCOT) model proposed by Trevor Pinch and Wiebe
Bijker provides the best theoretical framework for understanding the development of passwords and other
elements of networked computing in the 1970s and 1980s.50 SCOT holds that technology is created by an
iterative process where different social groups engaged in development of a technology influence that
development. Technology itself is not a fixed entity, but rather a construction shaped by the competing
interests of different groups of people. Obvious examples of the social groups engaged in the construction
of network security in 1983 include the data networking providers and three groups within a business
47
Novak, “The Untold Story of the Teen Hackers Who Transformed the Early Internet.”
48
Badham, WarGames, “David is sent to principal’s office, high school.”
49
Gellman, “Young Computer Bandits Byte Off More Than They Could Chew,” pp. A2.
50
Pinch “The Social Construction of Facts and Artifacts,” pp. 28.
13
organization: ownership and management, systems administrators, and end users within the businesses.
The interests of these different social groups had an important impact on the development of networked
security technology and behavior in the 1980s.
Ronald Kline and Trevor Pinch’s examination of user resistance provides a useful addition to this
model. They expanded the SCOT framework by including power relations into the feedback process.51
Users have their own idea about how to use technology that can be interpreted as resistance based on the
power differential between the users and the providers of technology. Data networking provides a third
party between the networking providers and the day-to-day user in the form of the business organizations
that subscribe to the data networking service, but the basic model holds as the different social groups have
different degrees of power and interests in this system.
Bruce Schneier’s discussion of the economic factors behind computer security is very reminiscent
of the factors that were present in the 1980s as surely as they are present in the 21st century. Schneier says
that most organizations ignore security because:
The costs are significant: time, expense, reduced functionality, frustrated end users. On the other
hand, the costs of ignoring security and getting hacked are small: the possibility of bad press and
angry customers, maybe some network downtime, none of which is permanent. And there’s some
regulatory pressure, from audits or lawsuits, that add additional costs. The result: a smart
organization does what everyone else does, and no more.52
Data communication providers have little incentive to implement strong security, it represents cost and
complexity that is magnified by the potential loss of customers due to that complexity. Business
organizations do have an incentive to protect security, but that is balanced by the need to keep business
operations smooth and by the cost of the security. System administrators are caught between security
mandates and the realities of managing complex systems and user interactions. End users have an
incentive to reduce complexity of the passwords, and they may not care about security if their own
personal data is not at risk. Even if there are consequences from a data breach the risks are hypothetical
51
Kline, “Resisting Consumer Technology in Rural America,” pp. 53.
52
Schneier, “Computer Security: It’s the Economics, Stupid.”
14
and not certain, and the benefits from ease of use immediate and clear. As such, there is no significant
cost incentive to provide effective proactive security.
The Social Construction of Passwords and Network Security
Although using passwords to access computer systems is an old technique, Telenet was operating
on a vastly larger scale than previous systems and had some of the largest user bases until the Internet
started to go mainstream in the 1990s. As such, understanding the social groups involved can provide
insight into the social construction of network security in a historical context. The interests of these social
groups is inferred from the published record, and refining their understanding of these events would be a
valuable area of additional research. The events of 1983 did not end up prompting much change to the
technology of data networking itself, but it did have an impact on how society regarded responsibility for
actions taken on the network.
Telenet, as the data communication provider, was one of the most important of these social
groups as it built and deployed the core data networking technology. Being a part of GTE meant that it
was part of the telecommunication companies that were contesting the domination of AT&T. Smaller
companies like GTE were substantially threatened by a more aggressive entry into the data networking
space by established commercial entities like AT&T or IBM. Accordingly, Telenet had to expand as fast
as it could to fortify itself against challengers. Unlike government-backed ARPANET, Telenet had to
make a profit and as such had to make sure its network was both easy to use and had a wide reach.
Telenet’s strong public response to the Telemail breach made sense to bolster confidence in the service,
but it is unclear if there was much done behind the scenes to increase security. Growing the business was
the primary interest, and security remained a secondary issue unless the intrusions became a threat to the
business model.
The businesses that subscribed to Telenet would be the social groups that were most interested in
security, as they would be the ones most impacted by security breaches. However, businesses had to also
consider multiple other considerations such as costs. As the benign nature of the hackers in 1983 did not
act to impose substantial costs to security breaches, both Telenet and business management seemed
15
content to continue to rely on the use of passwords to determine access. Schneier’s assertion that cost
concerns override security concerns seems as valid in 1983 as they do in the 21st century.
End users and system administrators provided most of the resistance to effective password use.
Poor password security among end users created avenues for executing attacks against the more powerful
system administrator account.53 System administrators seem to have been just as reluctant as other users
to follow strong password use, as some of the released passwords seemed oriented towards operations.54
These passwords are especially weak given the attractiveness of administrative accounts for the high level
of access they allow.
Both system administrators and end users can be seen as engaging in resistance to the intent of
password use. A strong password provides a good level of security when effectively used. However, a
strong password is complex and increases the complexity of any transaction that uses it. As such
individuals in both groups resisted the proper use of passwords, creating substantial opportunity for
security breaches.
Several secondary social groups played minor roles in these incidents. Computer and software
manufacturers influenced the social construction of any technology involved in computing, but they did
not play an obvious role in these events. The absence of involvement by regulatory bodies indicated that
regulation would not play a major role in the social construction of this technology, which is important as
regulation is one of the primary ways that security can be imposed in the absence of market forces.
Competitors like TYMNET could have provided these market forces, but their public response indicated
that they took a position like Telenet’s. Some unidentified customers discussed moving their business off
public data networks based on security concerns, but there is no evidence of competitive pressure on
Telenet from these incidents.55
53
54
Gellman, “Young Computer Bandits Byte Off More Than They Could Chew,” pp. A2.
55
16
WarGames was involved in the events of 1983 by increasing public interest and concern, but it
played only a limited role in the hacking events. Landreth stated he had penetrated Telenet the previous
year, and the short time between the release of the movie and the discovery of the hacking incidents make
it probable that the others were engaged prior to the movie.56 But the movie’s popularity did factor into
the public understanding of the events, and many of the hackers admitted to seeing it.
The news media played an important role in shaping the public's response. Overwhelmingly, the
newspapers minimized the criminal intent or repercussions of the hacker’s activity on the targeted
systems. The male hacker’s young age, good grades, and intelligence was usually emphasized. Although
these hackers were mostly benign, the issues they unintentionally exposed were quite dangerous. The
characteristics of the hackers created a perception that minimized the risk and limited the incorporation of
the feedback that the hackers provided to the social construction of networked security.
Hackers make up an odd subgroup of users as they are participating in the social construction of
the technology while being actively, if ineffectively, excluded. Unlike social groups such as the media,
hackers are directly using the systems in question. Nonetheless they provided critical feedback that
demonstrated that the resistance to strong password use created significant vulnerabilities. While at the
time hackers represented a small group of people, their involvement is an early indicator of what was to
come as computing became more diffused throughout society. Once the domain of computer science, big
business, and government, hackers were among the vanguard of those spreading this technology into a
wider social role.
The social feedback was not effectively incorporated into the technological systems of network
security in 1983. The permissive media coverage of the network breaches did not reinforce the public
perception of risk created by WarGames, and the disconnect between the non-fictional and the fictional
may have dissuaded people from appreciating the importance of this feedback. In contrast, Telenet’s
response contributed to the perception that responsibility for security breaches was held by the hackers,
56
17
not the system. Instead of changes to technology, these events instead contribute to shifts in how society
viewed network security.
Alternatives to Passwords
While issues of cost and complexity consistently are the most influential factor in shaping the
social groups’ considerations towards networks security, there were tools available that could have
supplemented passwords to provide increased security. Understanding these alternatives demonstrates the
constraints and choices that social groups operated in as network security was constructed. Increased
security of the network itself regarding access control would have been a valuable addition, as the
password-based vulnerability of the host systems was magnified by the fact that hackers could access the
network without authentication. The use of callback units could have improved network level security.
Upon accessing the network, a user would enter an ID code and hang up.57 The network would cross
reference the ID code with a list of authorized users, and if valid, call back the user at a pre-arranged
telephone number. While the ID code could be compromised, it would be difficult to exploit this without
also gaining control of the telephone number it was associated with. These callback units are likely the
“call screening” that Telenet indicated it was looking at.58 These systems do not appear to have ever been
deployed widely, but they would have been a useful non-password-based tool to increase security.
Encryption of stored data would have eased the vulnerability of data on hosts in the event of a
security breach. When the Telemail servers were compromised, the hackers were able to access user data
as it was not encrypted in storage. Encryption in the 1980s was computationally expensive and subject to
export controls that could complicate business plans. It was also complex, requiring key management,
creating issues for data recoverability, and generally increased the complexity of the user experience.
DuPont and Fidler stated that public-key based cryptography was gaining in popularity in the 1980s, but
this was not usually discussed in public accounts of the breaches.59 Callback units and encryption were
57
58
59
DuPont, “Edge Cryptography,” pp. 68.
18
certainly not flawless, but they were available measures that could have been taken to create a more
secure networking environment regarding the feedback from user password resistance and hackers.
The Social Landscape of Network Security in 1983
Multiple entities such as the major telecommunications companies, time-sharing computing, and
the academic world did not directly participate in the events of 1983, but very much shaped and reflected
the social landscape those events operated in. The centrality of network access as a first step in breaching
computer systems raises the question of what the social expectations regarding network access were. The
mere proximity and power of AT&T in the period prior to 1983 must be considered. While AT&T in
1983 was in the late stages of being broken up, this had not yet been completed. Early in 1983 AT&T had
released the Net 1000 services, which was a direct competitor with Telenet.60 AT&T was also an
important provider of the leased lines that formed much of the basis for the physical infrastructure of data
networking. They also provided an immediately relevant counterpoint to how security was being
constructed. AT&T was known for maintaining an iron grip on access to its network. The primary
concern, at least in a regulatory sense, was the possibility of creating interference on the network due to
improper “attachments.” This, in theory, can be regarded as a form of network security as telephone
interference would cause conditions similar to the denial-of-service concerns seen with hacking
incidences such as the one at Sloan-Kettering Memorial Cancer Center, which interrupted computer
service.61 Interference might have been the concern that justified AT&T’s wishes, but the control being
exerted over network access well exceeded that concern. The Carterfone decision was critical for Telenet
in that it opened the telephone lines to acoustically coupled modems that Telenet users and hackers relied
on. AT&T’s position here is summarized as:
A.T.&T. has urged that since the telephone companies have the responsibility to establish, operate
and improve the telephone system, they must have absolute control over the quality, installation,
and maintenance of all parts of the system in order effectively to carry out that responsibility.
Installation of unauthorized equipment, according to the telephone companies, would have at least
two negative results. First, it would divide the responsibility for assuring that each part of the
60
61
19
system is able to function effectively and, second, it would retard development of the system
since the independent equipment supplier would tend to resist changes which would render his
equipment obsolete.62
This broad ranging network access control even in cases where interference was not an issue such as
Carterfone indicates that security itself was not the primary goal of AT&T regarding access to its
network. There appears to be little impact on the security landscape by this usage of network level
control. Notably, AT&T lacked the ability to proactively block access to the network of unauthorized
devices. Much like how other companies dealt with hacking, unauthorized use of the network was legally
or administratively dealt with when breaches were detected.
1983 is a transitional period between earlier time-sharing and the later dominance of personal
computers. Most of the users of Telenet at this point were operating in a manner similar to that of time-
sharing in that they were accessing larger, multi-user systems. Telenet’s competitor TYMNET in fact
developed out of providing remote users access to Tymshare’s time-shared computing resources. The
security expectations and concerns of time-shared systems would have been quite relevant to users in the
mid-1980s. Tung-Hui Hu’s discussion of “digital hygiene” (a term he attributes to Jussi Parikka) in the
context of time-shared systems provides a good model for the social connotations of network security at
the time. Hu describes digital hygiene as “the idea that a user is responsible for keeping her data from
mixing with others, for avoiding infection with computer viruses, and so forth.”63 Digital hygiene serves
as a powerful metaphor by equating privacy, and hence security in general, with the social mandate to
remain clean.
Opinions regarding the criminality of unauthorized access to remote systems were mixed and
contested in 1983. Some reacted with alarm over the implications of unauthorized access to various
computing resources; others didn’t see substantial problems and ascribed the hackers’ actions to youthful
curiosity. The hackers of 1983 were relatively benign, but it didn’t take much imagination to recognize
this could change. Donn Parker’s congressional testimony in September 1983 critiqued both the popular
62
“In the Matter of USE OF THE CARTERFONE DEVICE.”
63
Hu, A Prehistory of the Cloud, pp. 57.
20
celebration of the 414s as well as pointing out then recent examples of monetary fraud that were
facilitated by electronic access to banking records.64 Parker linked those crimes to “amateur white collar
perpetrators in positions of trust” but mentioned that it was moving over to organized crime and the
attacking of computer systems.65 Linking electronic crime with remote access presented a frightening
view of the future. This tension between those who saw unauthorized remote access as an imminent threat
and those who saw it as technological pranks informed most of the responses in 1983.
It is interesting that unauthorized access to computer systems in 1983 was often conflated with
the issue of software piracy. An article about hacking from 1984 interviews Richard Stallman, who
discussed the “immorality” of copyrighted computer code.66 Parker’s 1983 congressional testimony also
discussed the problems with software piracy in the same paragraph as hostile computer access and
describes the issues as “closely associated.”67 In earlier congressional testimony in 1982, Parker and
Nycum presented a statement that included the following passage:
As computer technology advances, a new kind of computer criminal, the malicious system
hacker, has emerged…. A serious epidemic of system hacking and computer program piracy is
evident across the country as high school and college students learn computer methods and gain
access to telephone terminals and personal microcomputers.68
In WarGames the protagonist hacked enterprise systems of game developers to access unpublished
games.69 However, acquiring illegal software did not seem to be a significant motivation behind the 1983
hacking events. It is also unlikely that the large, multi-user enterprise systems that the hackers were
accessing would have much in the way of useful software to be pirated given the extremely different
software and computer architectures between those systems and the ones used by home users. It seems
likely that there was a conflation between the remote, unauthorized access of enterprise systems as seen
64
Parker, “Testimony,” pp. 12, 15.
65
Parker, “Testimony,” pp. 13.
66
Thornton, “’Hackers’ Ignore Consequences of Their High-Tech Joy Rides,” pp. A9.
67
Parker, “Testimony,” pp. 13.
68
Denning, “Computers, Crime and Privacy,” pp. 314.
69
Badham, WarGames, “David successfully hacks Protovision & sees a list of their games, David’s
Room.”
21
by the 1983 hackers and the remote, permitted access to BBS and other systems specifically for the
purposes of exchanging pirated software. Both involve the then new element of remote access, but the
transgressive behavior is entirely different. The fluidity of movement between these different forms of
unauthorized computer activity indicated a developing definition of what computer crime was. Teens
accessing computers without authorization and software piracy smoothly merged into discussions of
multi-million-dollar banking fraud. Despite the widespread accounts of hacker criminality in the media,
government, and business communities, there were individuals who pushed back against this narrative.
Bill Landreth’s book suggests multiple ways of dealing with computer intrusion, but one of the
more interesting is the notion of utilizing the hacker as a consultant. He stated that:
If the hacker got in, there is a security problem. Very likely, he could help you see just where
your security system needs work. Many companies find consulting a hacker in this way very
valuable.70
This is similar to “white hat” hacking, but with the substantial difference that there is no prearranged
agreement, making it more similar to a networked version of software “bug bounty” programs. No doubt
Landreth would have preferred to have been treated this way by Telenet, and there was some precedent
for it. The system administrator of the Sloan-Kettering computer system offered the unidentified intruder
an account on the system in order to minimize damage.71 This appears to have not worked, as the hacker
was reported to have not complied with the restrictions placed on his activity and was then referred to the
police.
Some pushed back against the very notion of hacking as a criminal activity. David Bellin, writing
slightly more than a year later in 1985, stated that hackers cited three elements as driving their hacking:
that it was exciting, a challenge, and a good way of learning how computers work.72 Parker regards such
explanations as an attempt to “rationalize” their behavior.73 Bellin also questioned whether criminal intent
70
Landreth, “Out of the Inner Circle,” pp. 203.
71
Fritsch, “Man Tied to Cancer Unit Computer Crash,” pp. 6.
72
Bellin, “High School Hackers: Heroes or Criminals?,” pp. 16.
73
Parker, “Testimony,” pp.14.
22
existed and stated that most damage was accidental. His critique of the opponents of hacking is sharp. He
claims that politicians were attempting to tighten access to information and that the “emotional issue of
high school kids intentionally sabotaging computer networks fits in very nicely with the Reagan policy of
tightening government controls.”74 Computer companies were criticized for marketing computers based
on connectivity without mention of ethics, while data centers were criticized for concealing poor
security.75 Bellin instead advanced the idea of criminalizing negligence on the part of computer operators.
This echoes Hellman’s critique, to the point that both used the same metaphor of leaving the keys in the
ignition of a car.76 Bellin’s suggestion to hold operators and companies responsible for the security of
their systems is reflective of later writers like Schneier. This concept of a multi-party liability for network
breaches, however, appeared to gain little ground at the time.
The social landscape of network security of the 1980s was a mess of competing visions. With one
foot remaining in the time-shared systems of the past and another foot in the highly networked systems of
the future, the 1983 hackers inhabited a landscape where their actions were simultaneously viewed as
illegal and harmless. The true harm inflicted by their actions was limited, while the potential harm the
public could imagine as seen in WarGames stoked fear. Multiple types of crimes regarding networked
computers were envisioned, but their borders were fluid and poorly defined. Almost all parties agreed that
the current legal framework was inadequate for the situation, and over time the perspective that hacking
was dangerous rather than harmless began to dominate. The development of the definitions, laws, and
expectations at this time provided the context for what would occur a decade later as the Internet proper
started to rapidly expand on the social framework that had been created by its predecessors in the paleo-
Internet.
74
Bellin, “High School Hackers,” pp. 17.
75
Bellin, “High School Hackers,” pp. 17.
76
23
Implications and Conclusion
Data communication services in the 1970s and 1980s provided an important formative phase for
networked computers before the development of the Internet. The number of users and, in turn, the stakes
involved in security breaches were much lower than they would be just a decade later, and there was a
window of time for a multi-directional feedback cycle to occur that could have resulted in a better match
between security and usage. The early security challengers such as the hackers of 1983 provoked concern
but little effective response in the technology itself. Instead, we see reactions, such as the Computer Fraud
and Abuse Act of 1986, which criminalized acts such as the unauthorized access of a computer or
trafficking in passwords. The change in legal responsibility reflects how social expectations regarding
network security were changing due to the events of the 1980s.
Telenet’s response to the hacking incidents was in line with the prevailing views of the time. As a
common carrier, the network operator was not responsible for a user abusing the service. But failing to
respond to the security feedback, for instance by providing a greater degree of security on the network
itself, helped ensure that the problems exposed in 1983 continued. It is a distinct possibility that the
feedback regarding passwords was not incorporated simply because the solutions were limited. Access
controls in general in the 1980s were inadequate. Like most telephone-based networking systems,
accessing Telenet required a connection to the network before authenticating oneself to the network.
Telenet’s authentication occurred when logging into a host computer, and there was no mechanism in
place to prevent unauthorized users from using the network and attempting to find weak passwords on
host systems. The mechanisms that existed to prevent this were expensive and cumbersome, and easily
could have complicated issues of user resistance.
While the social construction of most forms of technology involves many rounds of feedback
between the relevant social groups, this process does not seem to have been effective in the case of
passwords and other forms of technological security in data networking. There was resistance to the
reliance on passwords as a means of security, but the organizations did not respond to this. Iterative
processes and experimentation to resolve the resistance were limited. Security breaches resulted in
24
exhortations to practice better “digital hygiene” but no real change. Security and its associated costs were
left to the corporate or individual user, especially since security was focused on the side of the host
system versus other layers of the network stack. Interest in minimizing costs and maximizing ease-of-use
appears to have consistently superseded any other concern. The technology of security changed little, but
the social expectations of the responsibility for security did. Unauthorized computer access went from an
activity that was contested in terms of its illegality and social function to one that was clearly defined as
criminal. Poor security practices on the host side were discouraged but produced little in the way of
liability. The feedback provided by user resistance and hackers to the sociotechnical problem of network
security resulted in social, but not technological, changes that did not effectively address the problem at
hand. This represents a profound failure in the construction of an important technological system.
The paleo-Internet data communication systems such as Telenet provide an essential insight to
how human behavior on networks developed. While the Internet was celebrated as a buzzword in the
1990s, the factors that were engaged in its social construction had been operating for several decades.
ARPANET provided the technical basis for the packet-switched Internet, but prior to the 1990s the larger
number of people and commercial orientation of Telenet provides a better model for human behavior in
the social construction of networks. This social construction shows intermeshed relationships between the
different social groups engaged in the construction of network security. The events of 1983 expanded
social notions of responsibility for computer security by adding the criminal responsibility of
unauthorized network usage to already existing ideas regarding the responsibility of a host operator to
secure their systems. However, this only partially addressed the complexity of the social factors that
created network vulnerabilities in the first place. Most of the groups engaged in networked data services
shared an interest in ease-of-use, whereas security was seldom a primary concern. The failure to
effectively address the inadequacy of the social components of networked computer security is
transmitted to later data networks. The people engaged in these 1980s systems and their experiences
moved onto newer networks as they developed, including the modern Internet. Decades later, where
security presents a substantial cost and threat to the huge range of transactions carried out on the Internet,
25
this failure continues to fester. The momentum and social expectations established in the 1980s, however,
continue to shape perceptions and responses to network security.
26
Bibliography
[1] J. Abbate, Inventing the Internet. Cambridge, MA, USA: MIT Press, 2000.
[2] L. Ackland, “Lawmakers hear tales of computerized Capones,” Chicago Tribune (1963-1996),
Tribune Publishing Company, LLC, Chicago, IL., USA, Oct. 30, 1983, pp. 3. [Online]. Available:
https://www.proquest.com/docview/176065828/abstract/6107D7EE36474503PQ/1
[3] J. Badham, dir., WarGames, MGM, 1983, Streaming.
[4] D. Bellin, “High school hackers: heroes or criminals?,” SIGCAS Comput. Soc., vol. 14,15, no.
1,2,3,4, Jan., 1985, pp. 16–17, doi: 10.1145/379486.379507.
[5] W. J. Broad, “Rising Use of Computer Networks Raises Issues of Security and Law,” New York
Times, New York, NY, USA, Aug. 26, 1983, pp. A1. [Online]. Available:
https://www.proquest.com/docview/122303657/abstract/7BFF46205C4542B9PQ/1
[6] D. Burnham, “Computer Security Raises Questions,” New York Times, New York, NY, USA,
Aug. 13, 1983, pp. 7. [Online]. Available:
https://www.proquest.com/docview/122269908/abstract/58D20B8143604379PQ/1
[7] E. G. Corley, Ed., “414’s Plead Guilty,” 2600, vol. 1, Apr., 1984, Accessed: Apr. 23, 2023.
[Online]. Available: http://archive.org/details/the-hacker-digest-volume-01
[8] E. G. Corley, Ed., “The Trouble with Telemail,” 2600, vol. 1, Jan., 1984, Accessed: Apr.
23, 2023. [Online]. Available: http://archive.org/details/the-hacker-digest-volume-01
[9] P. J. Denning, “Computers, crime and privacy—a national dilemma: congressional testimony
from the industry,” Commun. ACM, vol. 27, no. 4, Apr., 1984, pp. 312–313,
doi: 10.1145/358027.358033.
[10] Display Ad 25 -- No Title, The Washington Post (1974-), WP Company LLC d/b/a The
Washington Post, Washington, D.C., USA, Dec. 19, 1983, pp. A28. [Online]. Available:
https://www.proquest.com/docview/147506031/citation/78576A92831B4ACBPQ/1
[11] K. Driscoll, The Modem World: A Prehistory of Social Media. New Haven, CT, USA: Yale
University Press, 2022. Accessed: Dec. 13, 2023. [Online]. Available:
https://www.proquest.com/docview/2634872703/3B7701A1D1A64678PQ/2?sourcetype=Books
[12] Q. DuPont and B. Fidler, “Edge Cryptography and the Codevelopment of Computer Networks
and Cybersecurity,” IEEE Annals Hist. Comput., vol. 38, no. 4, Oct., 2016, pp. 55–73,
doi:10.1109/MAHC.2016.49.
[13] S. Emmons, “GTE May Prosecute: Irvine Boys Say Computer Break-In Not Intentional,” Los
Angeles Times (1923-1995), Tribune Publishing Company, LLC, Los Angeles, CA, USA, Oct.
14, 1983, pp. oc1. [Online]. Available:
https://www.proquest.com/docview/153610253/abstract/C8D573B2818E4F28PQ/18
[14] S. Emmons, “S.D. ‘Wizard’ Involved: FBI Raids the Homes of 4 Youths in Computer Caper,”
Los Angeles Times (1923-1995), Tribune Publishing Company, LLC, Los Angeles, CA, USA,
Oct. 14, 1983, pp. sd1. [Online]. Available:
https://www.proquest.com/docview/153612241/abstract/E4D69C2090A84B15PQ/1
[15] J. Fritsch, “Man tied to cancer unit computer crash,” Chicago Tribune (1963-1996), Tribune
Publishing Company, LLC, Chicago, IL, USA, Aug. 18, 1983, pp. 1. [Online]. Available:
https://www.proquest.com/docview/176011962/abstract/4074DD0838C04591PQ/137
[16] J. Fritsch, “Young computer buffs rocked the system,” Chicago Tribune (1963-1996), Tribune
Publishing Company, LLC, Chicago, IL, USA, Aug. 21, 1983, pp. 19. [Online]. Available:
https://www.proquest.com/docview/176020705/abstract/4074DD0838C04591PQ/153
[17] B. Gellman, “Young Computer Bandits Byte Off More Than They Could Chew,” The
Washington Post (1974-), WP Company LLC d/b/a The Washington Post, Washington, D.C.,
USA, Aug. 30, 1983, pp. A2. [Online]. Available:
https://www.proquest.com/docview/147591146/abstract/2664A4C6F84D45E4PQ/1
[18] GTE 1983 Annual Report, 1984. Accessed: Mar. 31, 2023. [Online]. Available:
https://www.mergentarchives.com
27
[19] K. Hafner and M. Lyon, Where Wizards Stay Up Late: The Origins of the Internet. New York,
NY, USA: Simon & Schuster Paperbacks, 2006.
[20] M. J. Halvorson, Code Nation: Personal Computing and the Learn to Program Movement in
America, vol. 32. New York, NY, USA: Association for Computing Machinery, 2020,
doi: https://doi.org/10.1145/3368274.
[21] T.-H. Hu, A Prehistory of the Cloud. Cambridge, MA, USA: The MIT Press, 2015. [Online].
Available: https://ieeexplore.ieee.org/servlet/opac?bknumber=7288688
[22] “In the Matter of USE OF THE CARTERFONE DEVICE IN MESSAGE TOLL TELEPHONE
SERVICE, 13 F.C.C.2d 420, 1968. [Online]. Available:
https://web.archive.org/web/20150120021035/http://www.uiowa.edu/~cyberlaw/FCCOps/%0919
68/13F2-420.html
[23] R. Kline, “Resisting Consumer Technology in Rural America: The Telephone and
Electrification,” in How Users Matter: The Co-Construction of Users and Technology, N.
Oudshoorn and T. Pinch, Eds., Cambridge, MA, USA: MIT Press, 2003, pp. 51–66. Accessed:
Sep. 24, 2022. [Online]. Available: https://www.ebsco.com
[24] B. Landreth, Out of the Inner Circle: A Hacker’s Guide to Computer Security. Bellevue,
WA, USA: Microsoft Press, 1985.
[25] G. Lee, “Wargames Playground,” Los Angeles Times (1923-1995), Tribune Publishing Company,
LLC, Los Angeles, CA, USA, Jul. 03, 1983, pp. p1. [Online]. Available:
https://www.proquest.com/docview/153537640/abstract/BF474141F8E4931PQ/3
[26] S. L. Mathison, “Telenet inaugurates service,” SIGCOMM Comput. Commun. Rev., vol. 5, no. 4,
Oct., 1975, pp. 24–28, doi: 10.1145/1015671.1015674.
[27] S. L. Mathison, L. G. Roberts, and P. M. Walker, “The History of Telenet and the
Commercialization of Packet Switching in the U.S.,” IEEE Communications Magazine, vol. 50,
no. 5, May 2012, pp. 28–45, doi: 10.1109/MCOM.2012.6194380.
[28] S. L. Mathison and P. M. Walker, Computers and Telecommunications: Issues in Public Policy.
NJ, USA: Prentice-Hall, Inc., 1970.
[29] M. Novak, “The Untold Story of the Teen Hackers Who Transformed the Early Internet,”
Gizmodo. Accessed: Apr. 23, 2023. [Online]. Available: https://gizmodo.com/the-untold-story-
of-the-teen-hackers-who-transformed-th-1770977586
[30] D. B. Parker, “Testimony,” SIGSOFT Softw. Eng. Notes, vol. 8, no. 5, Oct., 1983, pp. 10–17,
doi:10.1145/1010914.1010915.
[31] T. Pinch and W. E. Bijker, “The Social Construction of Facts and Artifacts: Or How the
Sociology of Science and the Sociology of Technology Might Benefit Each Other,” in The Social
Construction of Technological Systems, W. E. Bijker, Ed., Cambridge, MA, USA: MIT Press,
2012.
[32] A. Rybczynski, B. Wessler, R. Despres, and J. Wedlake, “A new communication protocol for
accessing data networks: the international packet-mode interface,” in Proceedings of the June 7-
10, 1976, national computer conference and exposition, in AFIPS ’76. New York, NY, USA:
Association for Computing Machinery, Jun., 1976, pp. 477–482, doi: 10.1145/1499799.1499869.
[33] D. E. Sanger, “Computer Security Methods Weighed,” New York Times, New York, NY, USA,
pp. D4, Aug. 16, 1983. [Online]. Available:
https://www.proquest.com/docview/122257411/abstract/C8D573B2818E4F28PQ/3
[34] B. Schneier, “Computer Security: It’s the Economics, Stupid,” presented at the Economics and
Information Security Workshop, Berkeley, CA, USA, 2002.
[35] R. Slayton, “Framing Computer Security and Privacy, 1967-1992,” in Communities of
Computing: Computer Science and Society in the ACM, T. J. Misa, Ed., New York, NY, USA:
Association for Computing Machinery and Morgan & Claypool, 2017, doi:
10.1145/2973856.
28
[36] S. Sugawara, “Va. Firm Calls in FBI: Computer Invaders Sought,” The Washington Post (1974-),
WP Company LLC d/b/a The Washington Post, Washington, D.C., USA, Oct. 14, 1983. [Online].
Available: https://www.proquest.com/docview/147577472/abstract/C8D573B2818E4F28PQ/13
[37] M. Thornton, “‘Hackers’ Ignore Consequences of Their High-Tech Joy Rides,” The Washington
Post (1974-), WP Company LLC d/b/a The Washington Post, Washington, D.C., USA, May 21,
1984. [Online]. Available:
https://www.proquest.com/docview/138287707/abstract/2DFDC1719AD14992PQ/2
[38] J. B. Treaster, “Trial and Error by Intruders Led to Entry into Computers,” New York, NY, USA,
1983, pp. A1. [Online]. Available:
https://www.proquest.com/docview/122139031/abstract/714B98B796CB43EEPQ/1
[39] L. R. Tymes, “Routing and Flow Control in TYMNET,” IEEE Transactions on Communications,
vol. 29, no. 4, Apr., 1981, pp. 392–398, doi: 10.1109/TCOM.1981.1095020.

Telenet The 1983 Hacking Incidents and The Construction of Network Security in The United States

Uploaded by

Copyright:

Available Formats

Telenet The 1983 Hacking Incidents and The Construction of Network Security in The United States

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Telenet The 1983 Hacking Incidents and The Construction of Network Security in The United States

Uploaded by

Copyright:

Available Formats

This article has been accepted for publication in IEEE Annals of the History of Computing.

Tech. Contact him at [email protected].

Keywords: social construction, hacking, network security, Telenet

into the Internet as it started to consolidate as an idea and technology.

The History of Telenet

influence at the time.6

McDonnell Douglass in 1984.

Network Security and Hacking in 1983

equivalent to a node on the ARPANET, representing an enterprise computer or system of computers.

network as part of their routine duties.

Colonel Al Alderfer, a US Air Force public affairs officer:

“’WarGames’ is highly entertaining, but a complete fantasy.”

year would not be reassuring.

with cancer care at the Sloan-Kettering Memorial Cancer Center.19

legal and strategic implications.

which was already regarded by many users as difficult.

and the overall ease of access, saying:

that “Telemail, it seems, practically bends backwards to accommodate hackers.”32

while also accommodating the generally sympathetic portrayal of the hackers.

trespasser our newest public enemy?” The ad is straightforward:

created prior to arrest.

rather than the responsibility for security of the systems involved.43

The Problem with Passwords

1983, with one article including the following:

discovery to spread to the wider hacking community.

Network Security as a Social Construction

Given the weakness of passwords as an authentication system for networked communications, it

accommodated by social constructions regarding responsibility.

security technology and behavior in the 1980s.

different degrees of power and interests in this system.

that most organizations ignore security because:

cost incentive to provide effective proactive security.

The Social Construction of Passwords and Network Security

actions taken on the network.

of access they allow.

Telenet from these incidents.55

wider social role.

viewed network security.

The Social Landscape of Network Security in 1983

on. AT&T’s position here is summarized as:

or administratively dealt with when breaches were detected.

Nycum presented a statement that included the following passage:

breaches, however, appeared to gain little ground at the time.

Implications and Conclusion

network security were changing due to the events of the 1980s.

could have complicated issues of user resistance.

continue to shape perceptions and responses to network security.

You might also like