The story I am going to tell you in the following pages may sound like gossip going around in hacker's groups or like the paranoid reality of a nerd - and to be honest: I don't know exactly what to believe or not either...

But since my person is part of this story, I am probably a bit more interested (and informed, I think) than a lot of other people, even those writing books about this topic. So I am going to tell the story mostly from my point of view: what actually happened and what I know for sure.

Although there are some "threads" of action that went on in parallel, I tried to make the story as easy to follow as possible.

It probably all started in Spring 1986 when I wrote my first computer virus - not as a harm to anyone's computer but as an intellectual exercise - inspired by books like "Shockwave rider" by John Brunner or articles on "worm" programs I read about in scientific magazines.

The 3. Chaos Communictation Congress in Hamburg (Dec.1986) was the first "public" event where we discussed the technology of computer viruses, their threat for any computer system and the possible protection mechanisms.

In these days I was travelling around for the Chaos Computer Club to give talks and interviews to the media about computer viruses. In one of these discussions an IBM manager declared that "Computer viruses for PC's do exist, but it is not possible to write a virus for an IBM mainframe.

Whenever I think something can be done and someone else is denying that - well, I certainly give that something a try. So I started to think about computer viruses on mainframe computers which means getting as much information on IBM mainframes as possible:

Of course I do not own a IBM mainframe; but I was studying at Heidelberg University which gave me access to an IBM/390 (a /370-based mainframe). At that time the Computer Center of the University got a new IBM mainframe system and was "depositing" all mainframe manuals right in front of their building in a huge paper recycle bin. So I ended up with about 3 meters of documentation.

But in the end I needed the actual mainframe just for "testing" purposes. When I started programming the mainframe I stumbled across "THE PC-SIG LIBRARY, 4TH EDITION", a IBM-PC shareware collection published in 1986. The disk set #402, "Cross Assembler for the IBM 370 Version R1.1" was exactly what I was looking for: a PC-based /370 cross assembler environment. A wonderfull piece of software that even swallows original IBM mainframe macros and the like!

So it took me about two weeks to finish on the code in two steps: the first was a destructive virus (damaging the files it was infecting) while the second was a non-destructive virus. I know that not so many people still know /370 assembler language, but if you like you can have a look at the source.

An interesting footnote: The IBM/370 architecture was "cloned" by the Russian computer industry and was "the" mainframe system in the eastern countries for years. The virus would be able to spread on these computers as well as on Siemens mainframes (which are also /370-compatible) without modifications (or just slight ones).

Whenever I did virus programming or net travelling, I thought it to be an intellectual challange without limits other than imagination and knowledge, but I soon had to realized that it's not fun to all the other people. I immediately realized how malicious such an mainframe virus could be in the hands of the wrong people - and made a naive and therefore wrong decision: I decided to tell only very good friends about the mainframe virus and to keep it generally a secret within this group. What a fool I was.

At the same time I was "testing" the virus on the actual mainframe (Believe me or not: I took all precautions to make sure the virus could not escape from my "playground") I was also working in a civil right movement group opposing the German Census in 1986. I was writing articles for the media - but in lack of an own laser printer I used the mainframe printer to get a hard copy of my "pamphlet".

Guess what happened? The operator at the Computer Center who was responsible for the paper output had a look at my texts and he obviously didn't agree with them - he informed the security stuff of a "misuse" of my account. These security guys where browsing my libs for more politically motivated textes and found: A mainframe computer virus!

I know that these guys passed the virus to IBM for analysis. One of them acknowledged that IBM has proven that the virus was fully functioning. So the virus was out of my hands - and I had a lot of trouble to deal with...

I spare you all the disgusting details of what followed - they tried to expell me from University - but in the end I probably convinced them that I didn't plan to do sabotage on the Computer Center of the University and they let me finish my studies.

Since 1989 - the time of the KGB hack done by other hackers - I spent less and less time with the Chaos Computer Club and lost touch with issues of computer security and virus programming. I concentrated on more "interesting stuff" and I wasn't eager to be related to information warfare at all.

So I never heard of my computer virus again, until 1996...

One day I got a phone call from a TV journalist who asked for an interview on a computer security issue. While we had a talk, he asked me if I am "the Bernd Fix" mentioned in a book written by American author Peter Schweizer.

Since I had never read the mentioned book (Peter Schweizer, Friendly Spies: How America's Allies are Using Economic Espionage to Steal Our Secrets, New York: The Atlantic Monthly Press, 1993) he sent me a photocopy of some of pages from the book:

You can read an english or german version of the text.

I was quite surprised when I read the text above for the first time - and my first question was if all this can be true - and if it is true, what does that mean for me?

Is Peter Schweizer a reliable source for this kind of information? Officially he is a Visiting Scholar at the Hoover Institution on War, Revolution and Peace, at Stanford University. British and German journalists I talked to said that he is not a good author but nevertheless has to be taken serious. At least he has a chance to know about such things for he has working relationship with people like Casper Weinberger.

But what if he is not that reliable and the whole story is just fiction? He possibly read about my mainframe virus in the "International Business Week" from August 1988 or talked to someone how told him that fact. It is something anyone can find out.

The SWIFT story is probably related to my talk at SIBOS'89 in Stockholm. SIBOS is the annual meeting of all these bankers worldwide that are responsible for the electronic fund transfer between banks and nations based on SWIFT. I was invited and gave a talk about computer security, especially the security holes in the VAX operating system that made the NASA hack (and others) possible. Did Peter Schweizer used just too much imagination and this SWIFT hack is fiction?

What about the other persons mentioned in the book. Do they really exist? Do they work for the BND. Will they ever tell?

So the chances to find out what really happened are rather small. In Germany nothing like the "Freedom Of Information Act" exists, so there are no legal means to get access to BND files, even if your own person is involved.

If the BND had actually used my computer virus without any permissions from my side as a kind of weapon against foreign computer systems, I would be more than upset.

Their operation, code-named project RAHAB, he wrote, involves gaining systematic entry into computer databases and accessing computer systems throughout the United States, targeting electronics, optics, avionics, chemistry, computers and telecommunications.

At least on the internet I have found nearly nothing worth to mention for it's content, except the following two pages:

While browsing the web for more information I found the following in the Los Angeles Times from January 1998, although this may be taken from Schweizer's book published five years earlier.

Anyway, do you believe that the number "23" is there by chance?

[1] Samuel D. Porteous, "Economic Espionage: Issues Arising from Increased Government Involvement with the Private Sector," Intelligence and National Security, 9:4, October 1994, pp. 735-752.
[2]Wayne Madsen, "Intelligence Agency Threats to Computer Security," International Journal of Intelligence and Counterintelligence, 6:4, Winter 1993. pp. 413-488.]

It seems to me that some people are telling "wild" stories about the "Operation Rahab". So here are two examples of especially silly content, something you encounter quite often when it comes to hackers and the secret services. They may sound funny to you, but I was asked a lot of stupid questions because of them...

By the way, Schweizer never claimed such a thing, so the people from the CRYPT NEWSLETTER even cited the original source incorrectly.

[1] Peter Schweizer, Friendly Spies: How America's Allies are Using Economic Espionage to Steal Our Secrets, New York: The Atlantic Monthly Press, 1993

You can quote me on this.

This one is really disgusting - no further comment on it.

This is more or less all I knew about the whole case. Of course there are much more details but that's nothing for a web page.

If you have some more information on the topic or any comment, feel free to contact me via email.