Some people don’t seek trouble, but it finds them. That’s how I viewed fraud cases that came my way. Hired to hunt down computer anomalies, I didn’t enter a contract thinking criminal intent, but occasionally I stumbled upon crimes. This episode outlines my most challenging case, a battle of wits with a very smart adversary.
It started with a phone call.
In a cultured, south-of-Mason-Dixon accent, the man said, “Call me Chase; my daddy’s Mr. Franz. I’m marketing director of a software venture owned by a major Virginia bankshares concern. We own a product, a big one. We need a specialist to figure it out and support it.”
“A banking program?” Visions of Cobol or badly written C++ sprang to mind. “Sorry, I work with operating systems, not applications.”
“No, no, we’re talking systems software, not an app. The bank’s investment division floated the venture capital internally.”
“What’s the name of this product?”
“I can’t reveal that.”
“What does the software do?”
“I can’t tell you that either, not until we have your signature.”
“That’s all you can say? Why the secrecy?”
“Take a bank’s perspective of confidentiality, marketing paranoia, and a technical product we need to get a handle on, you get secrecy.”
“Who developed it? In fact, where is the developer in all this?”
“Well, that’s part of the problem. It was developed by a low-profile dude in North Carolina, really eccentric. He’s difficult to work with and we can’t seem to get his full attention. After selling us the package, he doesn’t want to be bothered with it.”
Only a few dozen independent software designers populated the top of the pyramid and we all knew each other, at least by name and reputation. I didn’t recall anyone in the Carolinas.
“You must not be paying much.”
“We bought the program dirt cheap, figuring he’d gouge us with ongoing support fees, but he’s not done that. He shows no interest in the product.”
“Your startup software group purchases an untried product from an unnamed author? How do you know the product is viable and isn’t trash?”
“Our bank’s systems run this software and no one, not even our lead systems programmer, can comprehend the program– it’s way too advanced. We sold copies to multiple Fortune 1000 companies, companies that use it and like it. But we found bugs. We desperately need enhancements and alterations as systems grow and evolve. We’ve got no one capable of maintaining it.”
“And your bank’s worried someone will wise up and expose your exposure.”
“That’s a huge concern. Spending venture capital is one thing, but discovering critical vulnerabilities implies liability. A number of jobs hang in the balance, mine included.”
“Written in C or what?”
“Assembler. 50,000 lines of machine code for the nucleus. With support utilities maybe hundred thousand lines for the old OS version and double that for the new, plus somewhat more for add-ons and extensions.”
“You’re saying a quarter million lines of code?”
“Uh, not exactly. The old and new versions cover a lot of duplication, so figure maybe one fifty to two hundred thousand unique lines.”
“That no one understands?”
“It’s costing us already. We need to put this right.”
The Plot Thickens
Locally, nothing exciting was happening with current clients. Steady income was nice, but I liked challenges.
Their tech division was named Data Corp. We exchanged non-disclosure agreements, eventually reaching an accord and a paranoia contract that required my cutting ties with other parties.
From Boston Logan, I flew a geriatric jet into Charlotte, Virginia, where I hired a car for a drive deep into the Shenandoah Valley. I passed beautiful horse farms and Mennonites in their buggies before I came to markers of American civilization – McDonald's, KFC, and WalMart.
The bank’s data center dominated a charming downtown in Harrisonburg, Virginia. I gave the receptionist my name and glanced around.
To the left of the lobby extended the glass room where the main computers lived, MICR check readers, networking and transmission units, 6000 square feet, perhaps 550 square metres, nicely laid out. It looked outwardly secure short of a terrorist attack.
From stairs at the right of the lobby descended a man about 5’5 of economical build. My salesman alert Early Warning System sounded. Scientists and engineers regard salesmen barely a step removed from slithering politicians. The two aren’t so much cats and dogs as cobras and mongooses. That mutual distaste would play a key part in the drama about to unfold.
Even so, Chase seemed a decent sort. He cultivated a brooding mien like a mantle of poetic melancholy, the kind that tenderizes feminine hearts and moistens girls’ eyes. Sporting a black, closely trimmed beard, he might have portrayed a weekend Civil War reenactor captain or river boat gambler.
He toured me around the complex, introducing me to bank presidents and vice presidents, those who plump out the top of the pyramid in financial institutions. He chatted up a half dozen girls who seemed in various stages of thrall. His magnetism short-circuited the female EWS.
“The product,” I said. “Let’s take a look.”
Chase offered me a seat in his office. He busied himself sipping coffee, winding his Swiss chronograph, twiddling a pen. I waited. Finally he said, “What we have here is a print spooling subsystem. A good one. Cool, huh!”
I understood why they wanted me. Not only did I work on operating systems, I had contributed code to two competing packages, a key operating system component in the evolution of computers.
Like a priest revealing the Dead Sea Scrolls, Chase reverently set a six-inch thick binder before me. He opened it. “This is our baby.”
My response came out less than reverential. It could be summed up as “WTF?”
No titles. No headings. No comments. No register notation. No meaningful labels. No reference points.
“I told you, Sandman, the developer, doesn’t need all that. He’s an amazing genius. He doesn’t document his work because his eidetic memory remembers everything.”
“Except for those who come after,” I said.
The lack of labels troubled me most of all. Normally programmers use real world identifiers such as Minutes, Seconds, Distance, Height, Weight, Brightness, etc. This had gobbledegook.
“Who does this?” I said.
“I told you, he’s a genius. They mean something to him, but he’s way above our level.”
“This is attempting ancient Egyptian without a Rosetta stone. This is insane,” I said.
Chase beamed. “You confirm what I’ve been saying. Sandman is genius above other geniuses; he’s beyond brilliant, absolutely off the scale. Our own people say his high-level abstract symbolism is far beyond their comprehension.”
“Even Einstein used standard identifiers, e = energy, m = mass. This has, for example, ‘rtgq233x.’”
“Sandman isn’t a merely an Einstein. Your challenge is, are you someone who can come to understand this or are you giving up?”
“Like hell.” Candidly, I wasn’t sure which part of the question I should answer.
Mystification
As a digital detective, I first confirmed the original assembly language matched the binary machine code in the executable module. I looked at a hundred different values scattered throughout the programs. They matched.
I profiled the program, I ran traces. I floated one other idea to Chase.
“Does Sandman speak Arabic or some language that omits vowels? Or Welsh? Polish? Russian? A language with unusual combinations of letters?”
“I imagine not,” said Chase. “He’s short, sandy hair, fair complexion. I doubt he’s visited out of the country. He’s barely travels outside of North Carolina. He’s so fearful of flying, he always takes a train.”
I had seen computer programs written in French and German. The mix of English and other languages looked a little unusual, but they ultimately made sense.
“Perhaps foreign abbreviations…”
“Look, stop going on about labels. Maybe they are in Klingon or Tolkien Elvish. Maybe they’re random or perhaps they’re nothing at all. With an impenetrable genius mind like Sandman’s, the labels themselves appear opaque to us and we simply don’t know.”
I didn’t accept that for a moment, but there was one other avenue to understanding the code– weeks of immersion in it. I packed the programs in my bag and headed back to Boston.
Over the next two weeks, I pored over 150,000 lines of assembly code. Some days I dissected routines line-by-line, noting, studying, analyzing. Other days I propped my feet up on the sofa and absorbed the gestalt.
Reading a program offers a unique peek into the author’s thought process. This mind meld can provide a strangely disquieting experience. A virtual voyeur can determine a precise mind opposed to a sloppy one, bold versus fearful, brilliant versus not so much, and lucid v losing it. This code contained all these elements and more. Although tightly written, it radiated a surreal aura and umbra, a sense of someone hiding in the shadows.
The Rosetta Stone
“The name of the song is called ’Haddocks’ Eyes.’”
“Oh, that’s the name of the song, is it?” Alice said, trying to feel interested.
“No, you don’t understand,” the Knight said, looking a little vexed. “That’s what the name is called. The name really is ‘The Aged Aged Man.’”
“Then I ought to have said ‘That’s what the song is called?’” Alice corrected herself.
“No, you oughtn’t: that’s quite another thing! The song is called ’Ways And Means’, but that’s only what it’s called, you know!”
“Well, what is the song, then?” said Alice, who was by this time completely bewildered.
“I was coming to that,” the Knight said. “The song really is ’A-sitting On A Gate’, and the tune’s my own invention.”
— Through the Looking-Glass (1871) chapter VIII, Lewis Carroll
I kept coming back to the labels. They held significance, I felt certain. I could sense a pattern as if glimpsing a phantasm from the corner of my eye. Sometimes, I almost grasped a meaning, only to lose it as I shifted to focus on it.
While analyzing the program line by line, I stumbled across the name of a known operating system routine declared in a constant. The name of the routine was $$BEOJ, which stood for ‘Broker End of Job’. Unnecessarily, the program invoked this routine directly. The author had allowed himself a moment of ego. Instead of the standard, run-of-the-mill method available to any programmer, the coder had showed off his knowledge of operating system internals and triggered this segment explicitly.
I understood the inner workings, but the label of the constant, $$XYAU, grabbed my attention. Could this, perhaps, be the name of the name? Could XYAU someway represent BEOJ?
I poked around, trying the David Edgerley Gates’ Sunday Jumble and Crypto-Quote letter swaps on other labels. Sometimes it seemed to work, more often it didn’t. I combed the program in earnest, searching for obvious constants that might zero me in.
The hunt suffered from a paucity of information, but slowly clues accumulated as I harvested two more paired constants and labels, four, and then six out of three thousand six hundred. Patterns, it was all about patterns. I glimpsed the edges of a picture. No label contained more than eight characters, and something peculiar happened to the letters in each label.
Oddly, B often meant X but it also appeared to be F at times. In rare cases, it didn’t seem to be either. I ripped another sheet off a legal pad and tried again.
I phoned and left a message for Chase. He hadn’t called in days. I sensed his dismay.
I sat up that night, the next two nights, devouring Chinese food for nourishment and Coca-Cola caffeine to feed my notorious ADD. I clocked six hours sleep out of seventy-two. My hair matted, my smelly T-shirt could startle bad-tempered water buffalo.
Everything changed. Like a submerged enemy submarine hiding in deep waters, computerdom’s trickiest puzzle broke the surface. I faced the most fascinating computer game of my career.
On the fourth day, I messaged Chase a couple of times in the morning. I made a few more notes, then toppled over and slept until mid-afternoon.
Demystification
“What?” I barked into the phone a bit too sharply. My eyes seemed glued shut.
“Hey, it’s me, Chase. I got your messages. Whatcha got?”
“How much did you pay for this program?”
“Well…” He hesitated.
“You either paid way too much or way too little. Either way, you got screwed.”
Defiance mixed with defensiveness, he mentioned a figure barely larger than a month’s salary, paid for a program that took someone a year or two of 60-90 hour weeks pouring out one’s soul.
“Why do you ask?”
“Like I said, you got screwed. Sabotaged. Someone has encrypted the labels and stripped the meaningful information out of this program.”
“Bullshit. I don’t believe it.”
“Embrace it. You think it’s a coincidence comments are missing? There’s no register notation? Not a single artifact of meaningful evidence?”
“My people asked him about that. He’s one of those super smart guys who never comments his code.”
I grimaced. For that alone, the program should never have been accepted. I no longer believed the legend.
“Look,” I said. “Labels have been encrypted. I’ve got examples of equates in which one is assigned to 5 and five is assigned to 10.”
“It’s his genius level of abstraction. And what do you mean encrypted?”
“’His genius level of abstraction nonsense’ is getting old. I mean encrypted like the cryptogram puzzles in the newspaper, A equals S and B equals M and so on. A substitution cipher they call it, like Sherlock Holmes’ Dancing Men, only a factor far, far more complex. I’m still working it out, extrapolating clue by clue; it appears the bastard’s used at least two translation tables I'm sure of plus a couple of other frills, kind of a mental oubliette.”
“I don’t believe it. Look, we better rethink this contract. This can go one of two ways. Option one, we terminate our relationship. Option two, other than these conspiracy theory labels you go on about, the positive side is you now know more about the software than anyone other than the author. Come on down here, show us what you’ve got, and we’ll move forward.”
Enter Sandman
From DC, again I boarded another deafening jet into Charlotte. Where did USAir salvage these museum pieces? Maybe they explained why Sandman refused to fly.
The girls at the banking complex greeted my return engagement warmly, speculatively. The town librarian had mentioned the region suffered a serious shortage of males.
Chase, a bit aloof, escorted me into his office.
“I phoned Sandman,” he said coolly.
“And?”
“Says your theory– your accusation– is nonsense. Says he never ever uses comments, can’t afford time for them. Says those equates you mentioned, one equates to 5 and so on, just a coding convenience when in a hurry. Told me if we want to make insinuations, his lawyer can tell us to get stuffed. We can’t afford to get on his bad side.”
I snorted. “Coding convenience? How did you approach him? Did you ask if he sabotaged the code?”
“Of course I asked him. What was I supposed to say?”
“When you asked rather than told, he knew he’d bluffed you. I know he sabotaged the code, so I don’t need to ask.”
“He denies your allegations. Look, you’re a guy I hardly know. You make unbelievable accusations about a fellow I’ve known for years who says your notion is ludicrous. You tell me; how am I supposed to believe you?”
“I’ll show you proof.”
At the end of an hour, I’d further confused Chase rather than convinced him. He still believed Sandman. My stacks of tables and colored diagrams decorated with fine-tipped arrows left him unmoved. He couldn’t entertain the slightest possibility he’d been fooled or the other guy committed malfeasance.
I said, “I want to talk to Sandman myself, geek to geek.”
“That’s unwise. If he breaks off contact, we’re done for. He might even sue our asses.”
“You’re already done for– that’s why you hired me. Anyway, I’m not going to ask him if he encrypted the program, I know he did. That gives me an advantage.”
He reluctantly agreed to my calling with the condition he silently listen in. Like me, Sandman worked nights, so Chase and I grabbed dinner at a great restaurant as we waited for Sandman to come alive in the night.
One lichee duck later, we strolled back to the data center. I sat in his office while Chase lounged outside at the secretary’s desk listening in on her phone. He promised not to interrupt no matter what– I made him swear to stay quiet.
I dialed the Greensboro number he gave me. The call connected. Dan Sandman’s voice at the other end sounded pleasantly curious.
He said, “So you’re the guy they hired to develop the app.”
“Yep, I’m the sucker. Brilliant program, by the way.” I kept my voice light, pleasant.
“Thanks. I’ve heard of you by reputation. Boston, right? So how are you making out?”
I chuckled. “Dan, you left me one tricky puzzle. I’m still working it out, but your encryption scheme is brilliant, harder than hell to break.” I shook my head admiringly, not that he could see it. “Thus far I’ve identified two different translation tables. That’s ingenious.”
No hesitation, no prevarication, he broke into laughter. “Three actually.”
Through the window, Chase blanched, then darkened. I put my finger to my lips in case he felt like an outburst.
Danny continued. “You haven’t been working on it long. I’m astounded you got that far.”
“Three translation tables explain why I still have a thousand or so labels to crack.”
He chortled. “God damn, you smart dog. I used the first character of each label as a selector, picking the cryptographic table based upon which third of the alphabet the first character fell in.”
Outside the office, a purplish Chase was working on a serious case of TMJ.
I complimented Sandman. “I’ve never come across that idea before. Man, figuring out those tables can give one fits.”
“I didn’t want anyone to break it. Can’t believe you’re two-thirds of the way there. How did you figure it out?”
“$$BEOJ.”
“What? Oh, yes. I’d debated making a special case for it, but didn’t imagine anyone would ever get that far. What did you think of my equates?”
“Annoying.”
He laughed. “I trust that’s mildly put.”
“Right you are. There’s the obvious question, of course.”
“You mean why? Why screw up my own program?”
“You weren’t seeking job security.”
“I did it because I can’t stand that salesman, Chase. He’s such a bullshitter, all monies for himself, benefit the investors and screw the inventors. Flying around the country like an exec, trying to hustle the package, spending other people’s money, hogging the biggest slice off the top– I got fed up.”
Chase’s blood vessels looked ready to burst in an apoplectic fit. When he opened his mouth, I frantically waved him to silence. I tried to remember what Chase had told me.
Into the phone, I said, “You worked with him before?”
“Yeah, he found out about my package and begged to sell it. He couldn’t bother working the phones, doing sales fundamentals. Figured he was a Steve Jobs executive, jumping on a plane just to give a demo. I sold more copies than he did and I never left Greensboro, never tried to promote it, only word of mouth. Know what Chase did? He took the salesman cut anyway. He spelled that out in the agreement he wrote. Now ask me again why I’m pissed at him.”
Outside the door, Chase turned magenta. He could barely refrain from screaming into the phone.
Sandman continued. “So anyway, Chase was burning through money when he approached that bank in Virginia. He convinced them he had a hot product and urged them to buy out his contract. Chase wouldn’t change his ways, though. He wasn’t going to pay me what it was worth and I knew I’d never see royalties. My girlfriend, she said screw him. So I got this idea and I did. It wasn’t ransom, it was revenge. Sold it for almost nothing, figured he’d do himself in.”
“How much did he pay?”
“I bet you already know that. And he was gleeful at the fire sale price, ecstatic. The greedy bastard couldn’t believe the advantage he’d seized over his so-called partner. The slime-ball acted right proud of himself.”
“Dan, it’s affected other people. Plus other companies depend on the product.”
Sandman sounded almost regretful. “Yeah, I know. That’s why I agreed to partially support it until they found a replacement for me. I didn’t figure they’d bring in you.”
“Thanks, I think.”
He giggled dryly. “It’s tough maintaining it. I made the source code such an abortion, I find it nearly impossible to debug. They send me a trace or a dump and I spend a couple of days pulling my hair out. I provide just the minimum, which hasn’t been good enough, certainly insufficient to support new equipment coming out.”
The full significance of that statement wouldn’t register until much later: By implication, he’d orphaned this program and was developing a parallel version with enhancements.
“Dan, you know I have to tell the investment bank about this.”
“Figured you had already. Did Chase convince them otherwise? I successfully put him off when he called, but I gathered you were on to me. Yeah, talk to them. Maybe we can work something out, something fair and equitable. I’d like that.”
Witness to the Ascension
If Chase wasn’t pleased, the bankers were apoplectic. The vice president called the president. The president called the chairman. The chairman called the board. The board called the holding company and they called a meeting. In the meantime, the president asked me to stand by. “Don’t leave town,” he said.
Chase departed on a trip. He begged me to stay at his house and care for his dog, one with a bad case of separation anxiety. Shenandoah Valley girls were very hospitable. Over the next few days, I accepted kind invitations to luncheons, dinners, a bluegrass festival, a Mennonite market, and a community fair.
On Monday, the chairman called the president who called the vice president who called me. “Go home for a few days while we sort out what to do.”
I departed almost regretfully.
A few days became two weeks. I spent the time picking at the listings, painstakingly peeling the masks off characters in this exquisite puzzle. That’s what I liked best about programming, me against the machine, taking its rules and making it do what I wished, bending the beast to my will, solving abstract puzzles others couldn’t see. Usually it was me versus the computer; now I faced a clever human adversary.
Sandman called once to ask what the bank decided. My guess was gnashing their teeth, but I confessed I didn’t know.
People found it easy to talk to me, sometimes revealing personal things that seemed surprising later. He opened up.
We ended up chatting about nothing but learning about each other. Topics included girls, cars, his fear of flying and his enthusiasm for roller skating. We discussed fueling software with good Asian food. Our liquid Ritalin was cola, Coke for me, Pepsi and Moon Pies for him. He revealed a passion for Shostakovich. In the wee hours of the morning, he confessed frustration at his girlfriend’s lack of libido. He hesitantly admitted she was married.
On Friday, the VP called from his scratchy speaker phone. “Leigh, I got Chase and the president here. We want you to hop down to Greensboro and negotiate for the source code. Just you and Sandman– you’re the only one he has rapport with, the only one he respects.”
“What are the guidelines of the negotiations?”
“Obviously try to ransom our source, pay as little as practical for it, low five digits if possible.”
“Cap it at one-twenty, maybe twenty-five,” someone in the background said, probably the bank president.
“If things turn too unreasonable,” continued the vice president, “just walk out and we’ll haul his tail into court.”
“D’accord,” I said. “Shoot me a letter defining the limits.”
The VP said, “Do you anticipate a need to involve the police? Should we hire a private detective, perhaps a non-threatening girl his age?”
Chase spoke up in derision. “He just a little squirt, a pussy, a…”
The VP must have waved him to silence. “Okay. Buy it if you can, walk out if you can’t.”
No one had any notion of the unreal turn negotiations would take.
Next week: Part II, Skating Follies