💾 Archived View for aphrack.org › issues › phrack29 › 12.gmi captured on 2021-12-03 at 14:04:38. Gemini links have been rewritten to link to archived content

View Raw

More Information

-=-=-=-=-=-=-

                                ==Phrack Inc.==

                    Volume Three, Issue 29, File #12 of 12

            PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
            PWN                                                 PWN
            PWN        P h r a c k   W o r l d   N e w s        PWN
            PWN        ~~~~~~~~~~~   ~~~~~~~~~   ~~~~~~~        PWN
            PWN                Issue XXIX/Part 3                PWN
            PWN                                                 PWN
            PWN                November 17, 1989                PWN
            PWN                                                 PWN
            PWN          Created, Written, and Edited           PWN
            PWN               by Knight Lightning               PWN
            PWN                                                 PWN
            PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN


The Cuckoo's Egg                                               October 18, 1989
~~~~~~~~~~~~~~~~
by By Christopher Lehmann-Haupt (New York Times)

            "Tracking a Spy Through the Maze of Computer Espionage"

It all begins with a 75-cent discrepancy in the computer complex's accounting
system.  Clifford Stoll, the new man in the office, is assigned to reconcile
the shortfall.

Although an astronomer by training, Stoll has recently seen his grant money run
dry and so has been transferred from the Keck Observatory at the Lawrence
Berkeley Lab down to the computer center in the basement of the same building.
No wizard at computers, he thinks he can pick things up fast enough to get by.
So he sets out to look for the 75 cents.

He quickly discovers that no glitch in the accounting programs has occurred.
No, what seems to have happened is that an unfamiliar user named Hunter briefly
logged on to the system, burning up 75-cents worth of time.  Since there is no
account record for Hunter, Stoll erases him from the system.  The problem is
solved, or so it seems.

But almost immediately, an operator from Maryland on the same network that the
Lawrence Berkeley Lab uses complains that someone from Stoll's lab is trying to
break into his computer.  When Stoll checks the time of the attempt, he
discovers that the account of someone named Joe Sventek, who is known to be in
England for the year, has been used.  So he guesses that the user calling
himself Hunter has somehow activated Sventek's account.  But who is this hacker
(as Stoll begins to refer to him), where is he operating from and how is he
getting into the system?

Next Stoll sets up systems to alert him every time the hacker comes on line and
monitor his activities without his being aware of it.  He watches as the hacker
tries to lay cuckoo's eggs in the system's nest, by which of course he means
programs for other users to feed -- for instance, a program that could decoy
other users into giving the hacker their secret passwords.  He watches as the
hacker invades other computer systems on the networks the Lawrence Berkeley Lab
employs, some of them belonging to military installations and contractors.

The mystery grows.  Telephone traces gradually establish that the hacker is not
a local operator, is not on the West Coast and may not even be in North
America.  But of the various three-letter organizations that Stoll appeals to
for help -- among them the FBI, the CIA and even the National Security Agency
-- none will investigate, at least in an official capacity.

By now a reader is so wrapped up in Stoll's breezily written account of his
true adventure in "The Cuckoo's Egg:  Tracking a Spy Through the Maze of
Computer Espionage" that he is happy to overlook certain drawbacks in the
narrative -- most conspicuously the lack of consistently lucid technical talk
and the author's dithering over whether appealing for help to the likes of the
FBI and CIA is selling out to the enemy, a qualm left over from the 1960s
mentality that still afflicts him and his friends.

The only truly annoying aspect of the book is that an endpaper diagram gives
away the location of the computer spy.  Readers are advised not to look at the
endpapers, which do little but spoil the suspense.

Unfortunately, the narrative, too, eventually helps dissipate the story's
tension.  The officials who finally take over the hunt from Stoll are so
reluctant to tell him what is happening that all the suspense he has created
simply evaporates.  Even Stoll seems to lose interest in the identity of his
mysterious antagonist, judging by the limp and haphazard way he finally does
give us the news.

Instead of building his story, he allows himself to be distracted by a banal
domestic drama centering on his decision to stop being afraid of emotional
commitment and marry the woman he has been living with for seven years.  And he
continues limply to debate the need of the state to defend the security of
communications networks against wanton vandalism, as if there were room for
serious discussion of the question.

Still, nothing can expunge the excitement of the first two-thirds of "The
Cuckoo's Egg," particularly those moments when the author hears his portable
beeper going off and bicycles to his lab to read the latest printout of the
hacker's activities.

Nothing can relieve our discouragement at the bureaucratic runaround that Stoll
got.  Had a million dollars worth of damage occurred? the FBI kept asking him.

"Well, not exactly," he would reply.  Then there was nothing the FBI could do.

And so it dishearteningly went, although some points should be conceded.
Certain individuals in government agencies were extremely helpful to Stoll.

The entire issue of computer-network security was after all a new and
unexplored field.  And the agencies that the author was asking for help
probably knew more about the security threat than they were willing to tell
him.

Finally, nothing can diminish the sense of the strange new world Stoll has
evoked in "The Cuckoo's Egg" -- a world in which trust and open communication
will determine the quality of the future.  Whether such values will prevail
will prove a drama of momentous significance.  Even if this book finally
dissipates that drama, its very presence makes these pages worth dipping into.
_______________________________________________________________________________

Digital's Hip To The Standards Thing                           October 10, 1989
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NEW YORK -- During a creative session at a major public relations firm to
formulate a new corporate message for Digital Equipment Corporation that
reflects the company's new direction promoting and supporting computing
industry standards, the shopworn phrase "Digital has it now" was replaced by a
new tag line that is more contemporary and tied to DEC's adherence to
standards.

                            DECrap by Rapmaster Ken
                    "Digital's Hip to the Standards Thing"


                     I heard some news just the other day
                It sounded kinda strange and I said, "No way!"
                   But I heard it again from another source
                 It mighta made sense and I said, "Of course!"

                    Now computer biz has a lotta confusion
                 'Cause operating systems abound in profusion.
                But there's a whole new wave in data processing
                Now that Digital's hip to the standards thing.

                                   (chorus)
                     Digital's hip to the standards thing!
                     Digital's hip to the standards thing!

                         Way back when a long time ago
                           IBM owned the whole show.
                   But other dudes saw this proprietary mess
                And formed committees to find out what's best.

             Some went their own way and built their own software
         But users were perturbed, "It's just a different nightmare."
                  So they got together to look over the picks
                     Put down their money on good 'ol UNIX

                                   (chorus)
                     Digital's hip to the standards thing!
                     Digital's hip to the standards thing!

                  Now Digital always kept their users in mind
                    And pushed VMS as the best of the kind.
                   A lotta folks agreed but kept askin' for
                      UNIX support, "We gotta have more!"

                  Soon DEC saw the light and decided to give
                UNIX to the masses, (sorta live and let live).
                  So DEC's ridin' the wave ahead of the rest
               On a backplane boogie board on top of the crest.

                  No doubt about it DEC's sprouted its wings
                 'Cause Digital's hip to the standards thing.

                                   (chorus)
                     Digital's hip to the standards thing!
                     Digital's hip to the standards thing!
_______________________________________________________________________________

Hacker Publications                                           November 12, 1989
~~~~~~~~~~~~~~~~~~~
Here is a general overview of a pair of the more popular hardcopy hacker
magazines.

2600 Magazine:  The Hacker Quarterly
Volume Six, Number Three
Autumn, 1989

The cover on this issue features a scene from the Galactic Hackers Convention
that took place in Amsterdam, Switzerland, last August.  Although it is not
explicitly stated or implied, it would appear that the comic illustration
portrays the hacker "Shatter" being run over by a bus bearing the label "2600
XPRESS."

The articles featured in this issue include:

The Nynex Strike
Grade "A" Hacking:  What Is UAPC? by The Plague
Galactic Hacker Party (GHP)
British Telecom's Guilty Conscience
The Death Of COSMOS?
What's Going On
     -  Technological Marvels
             o  U.S. Sprint Billing Problems
             o  U.S. Sprint Voicecards
             o  Other Voiceprints
             o  Surveillance
     -  Hacker Spies (Chaos Computer Club, KGB Hackers discussed)
     -  Nynex Bigotry (Gay And Lesbian Organizations)
     -  Dial-It News (Pacific Bell 900 Services)
     -  Payphone Choices (AT&T, Sprint, MCI, AOS)
     -  Overseas Access (AT&T Calls To Vietnam)
     -  News From The U.K.
             o  Directory Assistance Operators
             o  British Telecom To Buy Tymnet From McDonnel Douglas
             o  Chat Lines Banned
     -  One Less Choice (The Source and Compuserve)
     -  Privacy?  What's That?
             o  Bulletin Board User Information
             o  Illegal Aliens Database
             o  Scotland Yard Database
             o  Wiretapping
             o  Bell of Pennsylvania (giving out confidential information)
             o  Personal Smart Card
     -  Hackers In Trouble
             o  Kevin Mitnick
             o  Robert Morris
     -  Hacker Fun
             o  Friday The 13th Virus
             o  Speed Limit Alterations
             o  Delray Beach Probation Office
     -  Telco Literature (FON Line Newsletter)
     -  Calling Card Tutorials
     -  Another Telco Ripoff (C&P Telephone)
     -  Technology Marches Back
             o  French Computer Mixup
             o  New York Telephone Repairman Sent On Wild Goose Chases
     -  And Finally (Bejing Phone Calls)
The Secrets of 4TEL
Letters
     -  Moblie Telephone Info
     -  A Southern ANI
     -  ROLM Horrors
     -  A Nagging Question (by The Apple Worm)
     -  A Request
     -  Another Request (by THOR <claims the Disk Jockey story was a lie>)
     -  The Call-Waiting Phone Tap (Alternative Inphormation)
     -  Interesting Numbers (1-800-EAT-SHIT, 800, 900 numbers)
     -  UNIX Hacking (Unix security, hacking, TCP/IP)
     -  Intelligent Payphones
     -  Retarded Payphones
REMOBS by The Infidel
Gee... GTE Telcos by Silent Switchman and Mr. Ed
Voice Mail Hacking... by Aristotle
Punching Pay Phones by Micro Surgeon/West Coast Phreaks
Touch-Tone Frequencies
2600 Marketplace
Carrier Access Codes
Lair of the INTERNET Worm by Dark OverLord
Timely Telephone Tips (from a Defense Department Phone Book)

There were also plenty of other interesting small articles, pictures, and
stories about hackers, telephones, computers and much more.  All in all, this
is the best issue of 2600 Magazine I have read in several issues (despite the
fact that some of the material had appeared in Phrack Inc., LOD/H TJs, and/or
Telecom Digest previously).  Let's hope they continue to be as good.

Are you interested in 2600 Magazine?

2600 (ISSN 0749-3851) is published quarterly by 2600 Enterprises Inc.,
7 Strong's Lane, NY 11733.  Second class postage permit paid at Setauket, New
York.

Copyright (c) 1989, 2600 Enterprises, Inc.
Yearly subscriptions:  U.S. and Canada -- $18 individual, $45 corporate.
Overseas -- $30 individual, $65 corporate.
Back issues available for 1984, 1985, 1986, 1987, 1988 at $25 per year, $30 per
year overseas.

Address all subscription correspondence to:

                         2600 Subscription Department
                                 P.O. Box 752
                      Middle Island, New York  11953-0752

                        2600 Office Line:  516-751-2600
                        2600 FAX Line:     516-751-2608

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

TAP Magazine
Issue 94
1989

The new TAP Magazine is a smaller publication in comparison to 2600.  The
"outer" cover of this newsletter was a "warning" from The Predat0r concerning
the nature of the material inside.  The true or "inner" cover of the newsletter
had the following:

          The Information You've Requested Of TAP Publishing Society
                 A Unit Of The Technological Advancement Party

                                  Presents...

"...a family of people dedicated to the advancement of home computer systems
and electronic technology, the study and duplication of related communication
networks and the subsequent utilization of one's own ingenuity in today's
fast-paced world of creative logic."

The articles in this issue of TAP included:

TAP RAP:  News From The TAP Staff by Aristotle
Small Tags Protect Big Stores (continued from TAP 93)
Ozone (concerning American Telephone & Telegraph's plans for 1994)
Telephone Wires In New York In 1890
Mercury Fulminate by Dark OverLord
How To Hack Stamps
Hoffman Worked To Help All Of Mankind
Police Raid 3 Jefferson Homes In Search For Computer Hackers by Calvin Miller
SummerCon '89 by Aristotle (includes a copy of the official SummerCon '89
              poster and button, although an error stating that the poster was
              shown at 1/2 size when in reality, the original was 8 1/2" by
              14").

There were a few other interesting "tid bits" of information scattered
throughout the four loose pages including the new TAP logo (that was made to
resemble CompuTel) and other pictures.

The staff at TAP also included a postcard that contained a reader's survey.  It
asked all sorts of questions about how the reader liked certain aspects of the
publication... I found the idea to be potentially productive in improving the
quality of the newsletter all around.

The cost of TAP is rather cheap... it is free.  For an issue send a self
addressed stamped envelope to:

                                    T.A.P.
                                P.O. Box 20264
                       Louisville, Kentucky  40220-0264


:Knight Lightning
_______________________________________________________________________________

Phrack World News QuickNotes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1.  911 Improvement Surcharge in Chicago (October 16, 1989) -- Monday morning,
    October 16, Chicago Mayor Richard M. Daley announced that he would submit
    to the city council a plan to increase city telephone taxes by 95 cents per
    line per month, earmarked for improvements to 911 service.  Currently there
    is no such flat charge, simply a percentage tax rate on local telephone
    service.

    Daley's spokespeople commented that 911 service here has been a mess for
    years, and that many of the suburbs charge $1.00 per line per month, so 95
    cents should not be unreasonable.  There were no details about what is
    currently wrong or about what specific improvements Daley has in mind.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2.  Hacker Caught by Caller-ID (October 9, 1989) -- MIS Week reported the
    apprehension of a 15-year old hacker who used his Amiga personal computer
    to tap into two minicomputers at Grumman.  The youngster was from
    Levittown, Long Island and stumbled into the computer by using a random
    dialing device attached to his computer.  Grumman security was able to
    detect the intrusions, and the computer's recording of the boy's telephone
    number led police to his home.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
3.  14-Year-Old Cracks TRW Credit For Major Fraud (October 18, 1989) -- A
    14-year-old Fresno, California boy obtained secret "access codes" to the
    files of TRW Credit from a bboard and used them to pose as a company or
    employer seeking a credit history on an individual whose name he picked
    randomly from the phone book.  From the histories, he obtained credit card
    numbers which he then used to charge at least $11,000 in mail-order
    merchandise (shipped to a rented storeroom) and make false applications for
    additional cards.  He also shared his findings on computer bulletin boards.

    Police began investigating when TRW noticed an unusual number of credit
    check requests coming from a single source, later found to be the youth's
    home telephone number.  The high school freshman, whose name was not
    released, was arrested at his home last week and later released to his
    parents.  His computer was confiscated and he faces felony charges that
    amount to theft through the fraudulent use of a computer.

    "Here is a 14-year-old boy with a $200 computer in his bedroom and now he
    has shared his data with countless other hackers all over the nation," said
    Fresno Detective Frank Clark, who investigated the case.  "The potential
    (for abuse of the information) is incredible."  Excerpts provided by
    Jennifer Warren (Los Angeles Times)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4.  Computer Virus Countermeasures Article (October 25, 1989) -- Readers of
    Phrack Inc. might be interested in an interesting article in the October
    1989 issue of DEFENSE ELECTRONICS, page 75, entitled "Computer Virus
    Countermeasures -- A New Type Of Electronic Warfare," by Dr. Myron L.
    Cramer and Stephen R. Pratt.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
5.  Computer Viruses Attack China (November 6, 1989) -- The Ministry of Public
    Safety of People's Republic of China found this summer that one tenth of
    the computers in China had been contaminated by three types of computer
    virus:  "Small Ball," "Marijuana," and "Shell."  The most serious damage
    was found in the National Statistical System, in which "Small Ball" spread
    in 21 provinces.  In Wuhan University, viruses were found in *ALL* personal
    computers.

    In China, three hundred thousand computers (including personal computers)
    are in operation.  Due to a premature law system the reproduction of
    software is not regulated, so that computer viruses can easily be
    propagated.  Ministry of Public Safety now provides "vaccines" against
    them.  Fortunately, those viruses did not give fatal damage to data.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6.  More Phone-Card Fraud (October 31, 1989) -- Two men were convicted by Tokyo
    District Court on Monday, October 30, for tampering with Nippon Telephone
    and Telegraph calling cards to increase the number of calls they could
    make.  The court ruled that they violated the Securities Transaction Law.

    One man, Kawai, was sentenced to 30 months in prison, and another, Sakaki,
    was given an 18-month suspended sentence.

    Two presiding judges ruled that using falsified telephone cards in pay
    phones is tantamount to using securities.

    However, another judge ruled in a separate case last September that
    tampering with a telephone card does not constitute use of a security, so
    legal observers say it will be up to the Supreme Court.

    According to this most recent s ruling, Kawai changed about 1,600 telephone
    cards, each good for 500-yen worth of telephone calls, into cards worth
    20,000 yen.  He sold the altered cards to acquaintances for as much as
    3,500 yen.

    Sakaki also sold about 320 tampered cards for about 2 million yen.

    One of the presiding judges ruled that using tampered telephone cards on
    public telephones is the same as misleading Nippon Telegraph and
    Telephone Corporation into believing the cards -- false securities -- were
    genuine.  Taken from The Japan Times
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
7.  Computer Virus Hits Japanese Quake Data (October 30, 1989) -- Tokyo; A
    computer virus has destroyed information at the University of Tokyo's
    seismological and ocean research institutes, a university official and
    local reports said yesterday.

    An official of the university's Ocean Reasearch Institute said the virus
    was detected earlier this month in five of the center's 100 computers,
    but was believed to have first infected the computers in September.

    The virus was found only in personal computers being used by researchers
    and not major computer systems, the official said, requesting anonymity.
    He said the damage was not serious.

    He declined to discuss further details, but a report by the Japan
    Broadcasting Corporation said a virus had also been found in the computers
    at the university's Earthquake Research Institute.  Thanks to Associated
    Press news services.  (Related article follows)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
8.  First Virus Attack On Macintoshes In Japan (November 7, 1989) -- Six Macs
    in University of Tokyo, Japan, were found to have caught viruses.  Since
    Since this September, Professor K. Tamaki, Ocean Research Institute,
    University of Tokyo, has noticed malfunctions on the screen.  In October,
    he applied vaccines "Interferon" and "Virus Clinic" to find his four
    Macintoshes were contaminated by computer viruses, "N Virus" type A and
    type B.  He then found ten softwares were also infected by viruses.  A
    Macintosh of J. Kasahara, Earthquake Research Institute, University of
    Tokyo, was also found to be contaminated by N Virus and Score Virus.  These
    are the first reports of real viruses in Japan.

    Later it was reported that four Macintoshes in Geological Survey of Japan,
    in Tsukuba, were infected by N Virus Type A.  This virus was sent from
    United States together with an editor.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
9.  Hackers Can Tap Into Free Trip (October 1989) -- Attention Hackers:  Here
    is your chance to break into a computer system and walk away with a grand
    prize.  The "hacker challenge" dares any hacker to retrieve a secret
    message stored in a KPMG Peat Marwick computer in Atlanta.

    This challenge is being sponsored by LeeMah DataCom Security Corporation, a
    Hayward, California, consulting firm that helps companies boost computer
    security.  The winner gets an all-expense paid trip for two to either
    Tahiti or St. Moritz, Switzerland.

    Hackers with modems must dial 1-404-827-9584.  Then they must type this
    password: 5336241.

    From there, the hacker is on his own to figure out the various access codes
    and commands needed to retrieve the secret message.

    The winner was announced October 24, 1989 at the Federal Computer Show in
    Washington.  Taken from USA Today.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
10.  Groaning Phone Network Survives Millions Of Calls (October 18, 1989) --
     The nation's telecommunications network was flooded Tuesday (October 17)
     night by an estimated 20 million attempted telephone calls from people
     around the nation concerned about friends and family after the earthquake
     in the bay area.

     Except for brief failures, the system did not break down under the record
     load in the areas damaged by the earthquake.

     AT&T officials said that as many as 140 million long-distance phone calls
     were placed Wednesday (October 18), the highest number for a single day in
     history.  Excerpts thanks to John Markoff (New York Times)

                        >--------=====END=====--------<